Delete Note
π¨βπΌ Let's start with something simple: deleting notes.
We need to adjust our code to support owners deleting their own notes if they
have permission, and also allow admins to delete any note.
Here's an example of how to query the database to see whether a user has a
specific permission:
const permission = await prisma.permission.findFirst({
select: { id: true },
where: {
roles: { some: { users: { some: { id: userId } } } },
entity: 'user',
action: 'update',
access: 'own',
// or access: 'any',
},
})
if (permission) {
// user has permission to update their own user record
} else {
// user does not have permission to update their own user record
}