archetecture security fix

This commit is contained in:
root
2026-06-11 03:22:12 -04:00
parent 6def9993da
commit 9483750161
3126 changed files with 177194 additions and 37211 deletions
@@ -0,0 +1,47 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.requireActiveSubscription = requireActiveSubscription;
exports.requireFullAccess = requireFullAccess;
const prisma_1 = require("../../lib/prisma");
const subscription_policy_1 = require("./subscription.policy");
async function requireActiveSubscription(req, res, next) {
const companyId = req.companyId;
if (!companyId)
return res.status(401).json({ error: 'unauthenticated' });
const sub = await prisma_1.prisma.subscription.findUnique({ where: { companyId } });
const status = sub?.status ?? 'EXPIRED';
const accessLevel = (0, subscription_policy_1.getAccessLevel)(status);
if (!(0, subscription_policy_1.hasAnyAccess)(status)) {
return res.status(403).json({
error: 'subscription_required',
message: 'Your subscription has ended. Please reactivate to continue.',
subscriptionStatus: status,
accessLevel,
});
}
;
req.subscriptionStatus = status;
req.accessLevel = accessLevel;
next();
}
async function requireFullAccess(req, res, next) {
const companyId = req.companyId;
if (!companyId)
return res.status(401).json({ error: 'unauthenticated' });
const sub = await prisma_1.prisma.subscription.findUnique({ where: { companyId } });
const status = sub?.status ?? 'EXPIRED';
const accessLevel = (0, subscription_policy_1.getAccessLevel)(status);
if (accessLevel !== 'full') {
return res.status(403).json({
error: 'insufficient_access',
message: 'This action requires an active subscription.',
subscriptionStatus: status,
accessLevel,
});
}
;
req.subscriptionStatus = status;
req.accessLevel = accessLevel;
next();
}
//# sourceMappingURL=subscription.entitlement.js.map