Replace Privileges.forUser(session, context) -> forContext()

CarsonF · CarsonF · commit 90d7f19955a4 · 2025-05-15T16:02:54.000-05:00
diff --git a/src/components/prompts/prompt-variant-response.service.ts b/src/components/prompts/prompt-variant-response.service.ts
@@ -87,7 +87,7 @@ export const PromptVariantResponseListService = <
       session: Session,
     ): Promise<PromptVariantResponseList<TVariant>> {
       const context = parent as any;
-      const edge = this.repo.edge.forUser(session, context);
+      const edge = this.repo.edge.forContext(context);
       const canRead = edge.can('read');
       if (!canRead) {
         return {
@@ -97,7 +97,7 @@ export const PromptVariantResponseListService = <
       }
       const results = await this.repo.list(parent.id, session);
 
-      const privileges = this.resourcePrivileges.forUser(session, context);
+      const privileges = this.resourcePrivileges.forContext(context);
 
       const [secured, prompts, variants] = await Promise.all([
         mapListResults(results, async (dto) => await this.secure(dto, session)),
@@ -130,7 +130,7 @@ export const PromptVariantResponseListService = <
       session: Session,
     ): Promise<PromptVariantResponse<TVariant>> {
       const context = await this.getPrivilegeContext(dto);
-      const privileges = this.resourcePrivileges.forUser(session, context);
+      const privileges = this.resourcePrivileges.forContext(context);
       const responses = mapKeys.fromList(dto.responses, (r) => r.variant).asMap;
       const secured = privileges.secure(dto);
       return {
@@ -174,8 +174,7 @@ export const PromptVariantResponseListService = <
         edge.resource,
         input.resource,
       );
-      const privileges = edge.forUser(
-        session,
+      const privileges = edge.forContext(
         // @ts-expect-error yeah it's not unsecured, but none of our conditions actually needs that.
         parent,
       );
@@ -194,7 +193,7 @@ export const PromptVariantResponseListService = <
     ): Promise<PromptVariantResponse<TVariant>> {
       const response = await this.repo.readOne(input.id, session);
       const context = await this.getPrivilegeContext(response);
-      const privileges = this.resourcePrivileges.forUser(session, context);
+      const privileges = this.resourcePrivileges.forContext(context);
       privileges.verifyCan('edit', 'prompt');
 
       await this.getPromptById(input.prompt);
@@ -214,7 +213,7 @@ export const PromptVariantResponseListService = <
 
       const response = await this.repo.readOne(input.id, session);
       const context = await this.getPrivilegeContext(response);
-      const privileges = this.resourcePrivileges.forUser(session, context);
+      const privileges = this.resourcePrivileges.forContext(context);
 
       const perm = privileges
         .forContext(withVariant(privileges.context!, variant.key))
@@ -261,7 +260,7 @@ export const PromptVariantResponseListService = <
       const response = await this.repo.readOne(id, session);
 
       const context = await this.getPrivilegeContext(response);
-      const privileges = this.resourcePrivileges.forUser(session, context);
+      const privileges = this.resourcePrivileges.forContext(context);
       privileges.verifyCan('delete');
 
       await this.repo.deleteNode(id);
diff --git a/src/components/user/user.repository.ts b/src/components/user/user.repository.ts
@@ -216,7 +216,7 @@ export class UserRepository extends DtoRepository<typeof User, [Session | ID]>(
 
   async delete(id: ID, session: Session, object: User): Promise<void> {
     const user = await this.readOne(id, session);
-    this.privileges.forUser(session, user).verifyCan('delete');
+    this.privileges.forContext(user).verifyCan('delete');
     try {
       await this.db.deleteNode(object);
     } catch (exception) {
