(role: Role, handler: (arg0: NextApiRequest, arg1: NextApiResponse, arg2: JWT) => void)
| 7 | * specified role. Returns a 403 if they do, otherwise runs the handler. |
| 8 | */ |
| 9 | const withoutRole = (role: Role, handler: (arg0: NextApiRequest, arg1: NextApiResponse, arg2: JWT) => void) => { |
| 10 | return async (req: NextApiRequest, res: NextApiResponse) => { |
| 11 | const token = await getToken({ req }); |
| 12 | if (!token || token.role === role) { |
| 13 | res.status(403).end(); |
| 14 | return; |
| 15 | } |
| 16 | return handler(req, res, token); |
| 17 | }; |
| 18 | }; |
| 19 | |
| 20 | /** |
| 21 | * Wraps any API Route handler and verifies that the user has the appropriate |
no test coverage detected