sommeeeR•13mo ago

Check if Role is ADMIN

Hey guys I have a private procedure in T3 Stack. I need to check if the user thats doing the action is indeed admin. How can i implement that in this privateProcedure?

import { z } from "zod";

import { createTRPCRouter, protectedProcedure } from "~/server/api/trpc";
import { db } from "~/server/db";

export const userRouter = createTRPCRouter({
  delete: protectedProcedure.input(z.string()).mutation(async ({ input }) => {
    const msg = await db.user.findFirst({ where: { id: input } });
    if (!msg) {
      return { success: false, msg: "User not found" };
    }
    await db.user.delete({ where: { id: input } });
    return { success: true, msg };
  }),
});

import { z } from "zod";

import { createTRPCRouter, protectedProcedure } from "~/server/api/trpc";
import { db } from "~/server/db";

export const userRouter = createTRPCRouter({
  delete: protectedProcedure.input(z.string()).mutation(async ({ input }) => {
    const msg = await db.user.findFirst({ where: { id: input } });
    if (!msg) {
      return { success: false, msg: "User not found" };
    }
    await db.user.delete({ where: { id: input } });
    return { success: true, msg };
  }),
});

1 Reply

aryzing•13mo ago

https://trpc.io/docs/server/authorization

Authorization | tRPC

The createContext function is called for each incoming request, so here you can add contextual information about the calling user from the request object.