[feat] override inventory access in .env
This commit is contained in:
@@ -1,11 +1,21 @@
|
||||
import { clerkMiddleware, createRouteMatcher, clerkClient } from '@clerk/astro/server';
|
||||
import type { MiddlewareNext } from 'astro';
|
||||
import 'dotenv/config';
|
||||
|
||||
declare global {
|
||||
namespace App {
|
||||
interface Locals {
|
||||
canAddInventory: boolean;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
const isProtectedRoute = createRouteMatcher(['/pokemon']);
|
||||
const isAdminRoute = createRouteMatcher(['/admin']);
|
||||
|
||||
const TARGET_ORG_ID = "org_3Baav9czkRLLlC7g89oJWqRRulK";
|
||||
|
||||
export const onRequest = clerkMiddleware(async (auth, context) => {
|
||||
export const onRequest = clerkMiddleware(async (auth, context, next) => {
|
||||
const { isAuthenticated, userId, redirectToSignIn, has } = auth();
|
||||
|
||||
if (!isAuthenticated && isProtectedRoute(context.request)) {
|
||||
@@ -14,16 +24,18 @@ export const onRequest = clerkMiddleware(async (auth, context) => {
|
||||
|
||||
// ── Inventory visibility check ──────────────────────────────────────────────
|
||||
// Resolves to true if the user belongs to the target org OR has the feature
|
||||
const canAddInventory =
|
||||
isAuthenticated &&
|
||||
userId &&
|
||||
const canAddInventory = process.env.INVENTORY_ACCESS === 'true' ||
|
||||
(
|
||||
has({ permission: "org:feature:inventory_add" }) || // Clerk feature flag
|
||||
(await getUserOrgIds(context, userId)).includes(TARGET_ORG_ID)
|
||||
isAuthenticated &&
|
||||
userId &&
|
||||
(
|
||||
!!has({ permission: "org:feature:inventory_add" }) || // Clerk feature flag
|
||||
(await getUserOrgIds(context, userId)).includes(TARGET_ORG_ID)
|
||||
)
|
||||
);
|
||||
|
||||
// Expose the flag to your Astro pages via locals
|
||||
context.locals.canAddInventory = canAddInventory ?? false;
|
||||
context.locals.canAddInventory = Boolean(canAddInventory);
|
||||
|
||||
// ── Admin route guard (unchanged) ───────────────────────────────────────────
|
||||
if (isAdminRoute(context.request)) {
|
||||
@@ -49,6 +61,8 @@ export const onRequest = clerkMiddleware(async (auth, context) => {
|
||||
return context.redirect("/");
|
||||
}
|
||||
}
|
||||
|
||||
return next();
|
||||
});
|
||||
|
||||
// ── Helper: fetch all org IDs the current user belongs to ───────────────────
|
||||
|
||||
@@ -182,7 +182,7 @@ const facets = searchResults.results.slice(1).map((result: any) => {
|
||||
<button type="button" data-bs-dismiss="offcanvas" class="btn btn-danger me-2" id="clear-filters">Clear</button>
|
||||
<button type="submit" form="searchform" data-bs-dismiss="offcanvas" class="btn btn-success">Apply Filters</button>
|
||||
</div>
|
||||
{facets.map((facet) => (
|
||||
{facets.map((facet: any) => (
|
||||
<div class="mt-2 mb-4 facet-group row align-items-center justify-content-between">
|
||||
<div class="fs-5 m-0 col-auto pb-1 border-bottom border-light-subtle">{facetNames(facet.field_name)}</div>
|
||||
{(facet.counts.length > 20) &&
|
||||
|
||||
Reference in New Issue
Block a user