functions/src/utils/permissions.js
const admin = require("firebase-admin");
const { HttpsError } = require("firebase-functions/lib/providers/https");
const checkIsAdmin = async (uid) => {
try {
const adminDoc = await admin
.firestore()
.collection("roles")
.doc("admin")
.get();
if (!adminDoc.exists) {
throw new HttpsError("not-found", `'admin' doc doesn't exist.`);
}
const admins = adminDoc.data();
if (admins.users && admins.users.includes(uid)) {
return;
}
throw new HttpsError("permission-denied", `User is not an admin`);
} catch (error) {
throw new HttpsError(
"internal",
`Error occurred obtaining world ${worldId}: ${error.toString()}`
);
}
};
exports.checkIsAdmin = checkIsAdmin;