import { AuthenticationError } from 'apollo-server-express';
import { AggregateProductVariantSavesList, User } from '@/entities';

export const checkEditListPermission = async ({
  list,
  user,
  collaborators,
}: {
  list: AggregateProductVariantSavesList;
  user: User;
  collaborators: User[];
}): Promise<void> => {
  if (
    list.createdById !== user.id &&
    !collaborators.find(({ id }) => id === user.id)
  ) {
    throw new AuthenticationError(
      'You must be a collaborator to update this product list.'
    );
  }
};