diff --git a/functions/api/appeals/[id]/_middleware.ts b/functions/api/appeals/[id]/_middleware.ts new file mode 100644 index 0000000..98a6df2 --- /dev/null +++ b/functions/api/appeals/[id]/_middleware.ts @@ -0,0 +1,32 @@ +export async function onRequestPost(context: RequestContext) { + const { permissions } = context.data.current_user; + + if (!(permissions & (1 << 0)) || !(permissions & (1 << 11))) + return new Response('{"error":"Forbidden"}', { + headers: { + "content-type": "application/json", + }, + status: 403, + }); + + const { body } = context.data; + + if (typeof body.accept !== "boolean") + return new Response('{"error":"Invalid acceptance status"}', { + headers: { + "content-type": "application/json", + }, + status: 400, + }); + + if ( + body.feedback && + (typeof body.feedback !== "string" || body.feedback.length > 512) + ) + return new Response('{"error":"Invalid feedback"}', { + headers: { + "content-type": "application/json", + }, + status: 400, + }); +}