admin/zapishis-client
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
zapishis-client/packages/graphql/api/base.ts
vchikalkin 7c1f79db2a feat(ban-system): implement multi-level user ban checks across services 
- Added a comprehensive ban checking system to prevent access for banned users at multiple levels, including database, API, and client-side.
- Introduced `bannedUntil` field in the customer model to manage temporary and permanent bans effectively.
- Enhanced `BaseService` and various service classes to include ban checks, ensuring that banned users cannot perform actions or access data.
- Updated error handling to provide consistent feedback for banned users across the application.
- Improved user experience with a dedicated ban check component and a user-friendly ban notification page.
2025-08-26 12:32:22 +03:00

67 lines
1.5 KiB
TypeScript
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/* eslint-disable canonical/id-match */
import { getClientWithToken } from '../apollo/client';
import { ERRORS } from '../constants/errors';
import * as GQL from '../types';
import { isCustomerBanned } from '@repo/utils/customer';
const BASE_ERRORS = {
MISSING_TELEGRAM_ID: 'Не указан Telegram ID',
NOT_FOUND_CUSTOMER: 'Пользователь не найден',
} as const;
type UserProfile = {
telegramId: number;
};
export class BaseService {
protected _user: UserProfile;
constructor(user: UserProfile) {
if (!user?.telegramId) {
throw new Error(BASE_ERRORS.MISSING_TELEGRAM_ID);
}
this._user = user;
}
protected async _getUser() {
const { query } = await getClientWithToken();
const result = await query({
query: GQL.GetCustomerDocument,
variables: this._user,
});
const customer = result.data.customers.at(0);
if (!customer) throw new Error(BASE_ERRORS.NOT_FOUND_CUSTOMER);
if (isCustomerBanned(customer)) {
throw new Error(ERRORS.NO_PERMISSION);
}
return { customer };
}
protected async checkIsBanned() {
const { query } = await getClientWithToken();
const result = await query({
query: GQL.GetCustomerDocument,
variables: this._user,
});
const customer = result.data.customers.at(0);
if (!customer) {
throw new Error(BASE_ERRORS.NOT_FOUND_CUSTOMER);
}
if (isCustomerBanned(customer)) {
throw new Error(ERRORS.NO_PERMISSION);
}
return { customer };
}
}
Reference in New Issue View Git Blame Copy Permalink