owltide/server/api/accounts/index.get.ts

import { readAccounts } from "~/server/database"

export default defineEventHandler(async (event) => {
	const session = await requireServerSession(event);
	const accounts = await readAccounts();
	const account = accounts.find(a => a.id === session.accountId);
	if (!account) {
		throw new Error("Account does not exist");
	}

	if (account.type === "admin") {
		return accounts;
	}
	if (account.type === "crew") {
		return accounts.filter(a => a.type === "crew" || a.type === "admin");
	}
	throw createError({
		status: 403,
		statusText: "Forbidden",
		message: "You do not have permission to list accounts",
	});
})
Add assigment of crew to events and shifts 2025-03-15 18:18:08 +01:00			`import { readAccounts } from "~/server/database"`

			`export default defineEventHandler(async (event) => {`
Rename AcountSession to ServerSession Start the work of clearly distingushing client side types, server side types and types shared over the API by renaming "AccountSession" and "Session" names used on the server to "ServerSession". 2025-06-09 16:51:05 +02:00			`const session = await requireServerSession(event);`
Add assigment of crew to events and shifts 2025-03-15 18:18:08 +01:00			`const accounts = await readAccounts();`
			`const account = accounts.find(a => a.id === session.accountId);`
			`if (!account) {`
			`throw new Error("Account does not exist");`
			`}`

			`if (account.type === "admin") {`
			`return accounts;`
			`}`
			`if (account.type === "crew") {`
			`return accounts.filter(a => a.type === "crew" \|\| a.type === "admin");`
			`}`
			`throw createError({`
			`status: 403,`
			`statusText: "Forbidden",`
			`message: "You do not have permission to list accounts",`
			`});`
			`})`