From 396acf3bbbe00a192cb0ea0a9ccf91b1d8d2850b Mon Sep 17 00:00:00 2001
From: Fuwn <50817549+Fuwn@users.noreply.github.com>
Date: Sat, 24 Jan 2026 13:09:50 +0000
Subject: Initial commit

Created from https://vercel.com/new
---
 src/permissions/link.ts | 64 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)
 create mode 100644 src/permissions/link.ts

(limited to 'src/permissions/link.ts')

diff --git a/src/permissions/link.ts b/src/permissions/link.ts
new file mode 100644
index 0000000..c027a0b
--- /dev/null
+++ b/src/permissions/link.ts
@@ -0,0 +1,64 @@
+import { hasPermission } from '@/lib/auth';
+import { PERMISSIONS } from '@/lib/constants';
+import type { Auth } from '@/lib/types';
+import { getLink, getTeamUser } from '@/queries/prisma';
+
+export async function canViewLink({ user }: Auth, linkId: string) {
+  if (user?.isAdmin) {
+    return true;
+  }
+
+  const link = await getLink(linkId);
+
+  if (link.userId) {
+    return user.id === link.userId;
+  }
+
+  if (link.teamId) {
+    const teamUser = await getTeamUser(link.teamId, user.id);
+
+    return !!teamUser;
+  }
+
+  return false;
+}
+
+export async function canUpdateLink({ user }: Auth, linkId: string) {
+  if (user.isAdmin) {
+    return true;
+  }
+
+  const link = await getLink(linkId);
+
+  if (link.userId) {
+    return user.id === link.userId;
+  }
+
+  if (link.teamId) {
+    const teamUser = await getTeamUser(link.teamId, user.id);
+
+    return teamUser && hasPermission(teamUser.role, PERMISSIONS.websiteUpdate);
+  }
+
+  return false;
+}
+
+export async function canDeleteLink({ user }: Auth, linkId: string) {
+  if (user.isAdmin) {
+    return true;
+  }
+
+  const link = await getLink(linkId);
+
+  if (link.userId) {
+    return user.id === link.userId;
+  }
+
+  if (link.teamId) {
+    const teamUser = await getTeamUser(link.teamId, user.id);
+
+    return teamUser && hasPermission(teamUser.role, PERMISSIONS.websiteDelete);
+  }
+
+  return false;
+}
-- 
cgit v1.2.3