refactor: access core (#11930)

server/src/services/stack.service.ts

@@ -1,5 +1,4 @@
 import { BadRequestException, Inject, Injectable } from '@nestjs/common';
-import { AccessCore } from 'src/cores/access.core';
 import { BulkIdsDto } from 'src/dtos/asset-ids.response.dto';
 import { AuthDto } from 'src/dtos/auth.dto';
 import { StackCreateDto, StackResponseDto, StackSearchDto, StackUpdateDto, mapStack } from 'src/dtos/stack.dto';
@@ -7,18 +6,15 @@ import { Permission } from 'src/enum';
 import { IAccessRepository } from 'src/interfaces/access.interface';
 import { ClientEvent, IEventRepository } from 'src/interfaces/event.interface';
 import { IStackRepository } from 'src/interfaces/stack.interface';
+import { requireAccess } from 'src/utils/access';
 
 @Injectable()
 export class StackService {
-  private access: AccessCore;
-
   constructor(
-    @Inject(IAccessRepository) accessRepository: IAccessRepository,
+    @Inject(IAccessRepository) private access: IAccessRepository,
     @Inject(IEventRepository) private eventRepository: IEventRepository,
     @Inject(IStackRepository) private stackRepository: IStackRepository,
-  ) {
-    this.access = AccessCore.create(accessRepository);
-  }
+  ) {}
 
   async search(auth: AuthDto, dto: StackSearchDto): Promise<StackResponseDto[]> {
     const stacks = await this.stackRepository.search({
@@ -30,7 +26,7 @@ export class StackService {
   }
 
   async create(auth: AuthDto, dto: StackCreateDto): Promise<StackResponseDto> {
-    await this.access.requirePermission(auth, Permission.ASSET_UPDATE, dto.assetIds);
+    await requireAccess(this.access, { auth, permission: Permission.ASSET_UPDATE, ids: dto.assetIds });
 
     const stack = await this.stackRepository.create({ ownerId: auth.user.id, assetIds: dto.assetIds });
 
@@ -40,13 +36,13 @@ export class StackService {
   }
 
   async get(auth: AuthDto, id: string): Promise<StackResponseDto> {
-    await this.access.requirePermission(auth, Permission.STACK_READ, id);
+    await requireAccess(this.access, { auth, permission: Permission.STACK_READ, ids: [id] });
     const stack = await this.findOrFail(id);
     return mapStack(stack, { auth });
   }
 
   async update(auth: AuthDto, id: string, dto: StackUpdateDto): Promise<StackResponseDto> {
-    await this.access.requirePermission(auth, Permission.STACK_UPDATE, id);
+    await requireAccess(this.access, { auth, permission: Permission.STACK_UPDATE, ids: [id] });
     const stack = await this.findOrFail(id);
     if (dto.primaryAssetId && !stack.assets.some(({ id }) => id === dto.primaryAssetId)) {
       throw new BadRequestException('Primary asset must be in the stack');
@@ -60,14 +56,14 @@ export class StackService {
   }
 
   async delete(auth: AuthDto, id: string): Promise<void> {
-    await this.access.requirePermission(auth, Permission.STACK_DELETE, id);
+    await requireAccess(this.access, { auth, permission: Permission.STACK_DELETE, ids: [id] });
     await this.stackRepository.delete(id);
 
     this.eventRepository.clientSend(ClientEvent.ASSET_STACK_UPDATE, auth.user.id, []);
   }
 
   async deleteAll(auth: AuthDto, dto: BulkIdsDto): Promise<void> {
-    await this.access.requirePermission(auth, Permission.STACK_DELETE, dto.ids);
+    await requireAccess(this.access, { auth, permission: Permission.STACK_DELETE, ids: dto.ids });
     await this.stackRepository.deleteAll(dto.ids);
 
     this.eventRepository.clientSend(ClientEvent.ASSET_STACK_UPDATE, auth.user.id, []);