Delete Note

πŸ‘¨β€πŸ’Ό Let's start with something simple: deleting notes.
We need to adjust our code to support owners deleting their own notes if they have permission, and also allow admins to delete any note.
Here's an example of how to query the database to see whether a user has a specific permission:
const permission = await prisma.permission.findFirst({
	select: { id: true },
	where: {
		roles: { some: { users: { some: { id: userId } } } },
		entity: 'user',
		action: 'update',
		access: 'own',
		// or access: 'any',
	},
})

if (permission) {
	// user has permission to update their own user record
} else {
	// user does not have permission to update their own user record
}

Access Denied

You must login or register for the workshop to view and run the tests.

Check out this video to see how the test tab works.