forked from baron/baron-sso
49 lines
1007 B
TypeScript
49 lines
1007 B
TypeScript
import type { DeveloperRequestStatus } from "../../lib/devApi";
|
|
|
|
export type ClientCreateAccessState =
|
|
| "can_create"
|
|
| "pending"
|
|
| "request_required"
|
|
| "forbidden";
|
|
|
|
type ResolveClientCreateAccessParams = {
|
|
role: string;
|
|
requestStatus?: DeveloperRequestStatus;
|
|
};
|
|
|
|
function canSelfRequestDeveloperAccess(role: string) {
|
|
return role === "user" || role === "tenant_member";
|
|
}
|
|
|
|
export function resolveClientCreateAccess({
|
|
role,
|
|
requestStatus,
|
|
}: ResolveClientCreateAccessParams): ClientCreateAccessState {
|
|
if (!role.trim()) {
|
|
return "request_required";
|
|
}
|
|
|
|
if (!canSelfRequestDeveloperAccess(role)) {
|
|
return "can_create";
|
|
}
|
|
|
|
if (requestStatus === "approved") {
|
|
return "can_create";
|
|
}
|
|
|
|
if (requestStatus === "pending") {
|
|
return "pending";
|
|
}
|
|
|
|
if (
|
|
requestStatus === "none" ||
|
|
requestStatus === "rejected" ||
|
|
requestStatus === "cancelled" ||
|
|
typeof requestStatus === "undefined"
|
|
) {
|
|
return "request_required";
|
|
}
|
|
|
|
return "forbidden";
|
|
}
|