TTC
Theo's Typesafe Cult16mo ago
Bozic0909

Where to check if user is owner

Hello, I have and app with three entities User, Deck and Card, and now for any operation on card/deck I need to check if user is owner of that deck I'm doing it like this: 
export const isUserDeckOwner = async (
  deckId: string,
  userId: string,
  prisma: PrismaClient
) => {
  const deck = await prisma.deck.findFirst({
    where: {
      id: deckId,
    },
  });

  if (deck?.userId != userId) {
    throw new TRPCError({
      code: "FORBIDDEN",
      message: "You don't have permission to access this deck",
    });
  }
};
export const isUserDeckOwner = async (
  deckId: string,
  userId: string,
  prisma: PrismaClient
) => {
  const deck = await prisma.deck.findFirst({
    where: {
      id: deckId,
    },
  });

  if (deck?.userId != userId) {
    throw new TRPCError({
      code: "FORBIDDEN",
      message: "You don't have permission to access this deck",
    });
  }
};
But I need to call this in each router method, now I wonder could I create a procedure for this? And if answer is yes how could I pass deckID variable to procedure? Thanks in advance
11 Replies
cje
cje16mo ago
don't create a procedure, create a function checkIfUserOwnsDeck(userId, deck) or actually in this specific case you can even do it in the prisma query where: { id: deckid, userId: userId } im on phone so syntax might be wrong
cje
cje16mo ago
https://www.youtube.com/watch?v=G2ZzmgShHgQ
Christopher Ehrlich
YouTube
Advanced tRPC - Callers, functions, and gSSP
Repo for this video: https://github.com/c-ehrlich/you-dont-need-callers If you want to use schema in the frontend, they cannot be imported from the same file as things that run specifically in the backend. One solution would be to put them into a procedureName.schema.ts or similar file. tRPC: https://trpc.io/docs Create T3 App: https://crea...
iDarkLightning
iDarkLightning16mo ago
Are you getting deckId from input?
Bozic0909
Bozic090916mo ago
yes @thanks you @cje should I call that inside every route method?? and for example in prisma query, I can do that for deck but not in card router for cards also thank you for video I will take a look!
cje
cje16mo ago
best thing to do depends on how often you are doing this basically you don't want to call procedures from other procedures a lot of unnecessary overhead we don't know enough about your app to tell you what the logic should be but a reusable function seems reasonable
Bozic0909
Bozic090916mo ago
well I have 2 routers and each has 3-4 methods, soo I guess calling function is fine in this situation, but I wonder what would be example if there is an app a lot larger?
iDarkLightning
iDarkLightning16mo ago
Why not make a procedure that wraps a middleware
Bozic0909
Bozic090916mo ago
input can be passed to middleware, or custom prop?
iDarkLightning
iDarkLightning16mo ago
inputs are merged if your initial procedure has a .input it will merge later
Bozic0909
Bozic090916mo ago
ouhh didn't know that, will try that in morning thank you people!
iDarkLightning
iDarkLightning16mo ago
yeah I believe it happened during one of the release canidates for v10? rather late into it but that should work fine
Want results from more Discord servers?
Add your server
More Posts
Does anyone know of a way to programmatically lift classNames into typescript intellisense?For example, if I import this component somewhere else, I'd like to be able to see the classNames thHow to make emit when some variable changes?I have a websockets server, in which i want to fire emit when there are n amount of users only ONCE.regex```\"/cdn-cgi/l/email-protection#1a726d2d2385a7f777570737e7b753475687d25696f78707f796e27577b68717f6eTypes have no overlap, but i have defined the type so that it does in fact have overlapThis is the error that i am getting `This comparison appears to be unintentional because the types Recommendations for auth setupI've been rolling Auth0 with the nextjs library for Auth0. Now I need to do a full re-write of the sE2E Tests t3-turbo stackHi guys I found out that in the community of the t3 stack, it’s common to use in the examples dirs tHow to set up a development and production database with PrismaI'm trying to set up two databases with prisma but there isn't much info available. I am trying to utRPC response time sometimes takes very longI'm noticing on my deployed next app that my trpc requests in the chrome browser takes up to 2 secon"Unsafe call of an `any` typed value." but everything is typedI'm using this exact same pattern in 10 other places in my app, but for some reason it is really madDebugging TRPC issues?Am I the only one having trouble debugging trpc code? I am talking specifically about endpoints. I