aboutsummaryrefslogtreecommitdiff
path: root/src/lib/Utility
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/Utility')
-rw-r--r--src/lib/Utility/authorisation.test.ts20
-rw-r--r--src/lib/Utility/authorisation.ts9
2 files changed, 29 insertions, 0 deletions
diff --git a/src/lib/Utility/authorisation.test.ts b/src/lib/Utility/authorisation.test.ts
new file mode 100644
index 00000000..0027782b
--- /dev/null
+++ b/src/lib/Utility/authorisation.test.ts
@@ -0,0 +1,20 @@
+import { describe, expect, it } from "vitest";
+import { isOwnerOrPrivileged } from "./authorisation";
+
+describe("isOwnerOrPrivileged", () => {
+ it("allows the owner to act on their own resources", () => {
+ expect(isOwnerOrPrivileged(7, 7, false)).toBe(true);
+ });
+
+ it("allows a privileged user to act on anyone", () => {
+ expect(isOwnerOrPrivileged(7, 999, true)).toBe(true);
+ });
+
+ it("blocks a non-privileged user acting on someone else (the IDOR case)", () => {
+ expect(isOwnerOrPrivileged(7, 999, false)).toBe(false);
+ });
+
+ it("allows a privileged owner (both conditions)", () => {
+ expect(isOwnerOrPrivileged(7, 7, true)).toBe(true);
+ });
+});
diff --git a/src/lib/Utility/authorisation.ts b/src/lib/Utility/authorisation.ts
new file mode 100644
index 00000000..c6b64414
--- /dev/null
+++ b/src/lib/Utility/authorisation.ts
@@ -0,0 +1,9 @@
+/**
+ * Whether a caller may act on resources belonging to `targetUserId`: either the
+ * caller owns them, or the caller is a privileged (allow-listed) user.
+ */
+export const isOwnerOrPrivileged = (
+ callerUserId: number,
+ targetUserId: number,
+ privileged: boolean,
+) => privileged || callerUserId === targetUserId;
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-02 08:20:37 +0000