import { AuthenticationError } from 'apollo-server-express';
import { ProductList, User } from '@/entities';

export const checkEditListPermission = async (
  list: ProductList,
  user: User
): Promise<void> => {
  if (
    list.createdBy.id !== user.id &&
    !(await list.collaborators).find((c) => c.id === user.id)
  ) {
    throw new AuthenticationError(
      'You must be a collaborator to update this product list.'
    );
  }
};