feat(acls): added backend acls

server/api/v1/admin/import/version/index.get.ts

@@ -1,8 +1,11 @@
+import aclManager from "~/server/internal/acls";
 import libraryManager from "~/server/internal/library";
 
 export default defineEventHandler(async (h3) => {
-  const user = await h3.context.session.getAdminUser(h3);
-  if (!user) throw createError({ statusCode: 403 });
+  const allowed = await aclManager.allowSystemACL(h3, [
+    "import:version:read",
+  ]);
+  if (!allowed) throw createError({ statusCode: 403 });
 
   const query = await getQuery(h3);
   const gameId = query.id?.toString();

server/api/v1/admin/import/version/index.post.ts

@@ -1,10 +1,13 @@
+import aclManager from "~/server/internal/acls";
 import prisma from "~/server/internal/db/database";
 import libraryManager from "~/server/internal/library";
 import { parsePlatform } from "~/server/internal/utils/parseplatform";
 
 export default defineEventHandler(async (h3) => {
-  const user = await h3.context.session.getAdminUser(h3);
-  if (!user) throw createError({ statusCode: 403 });
+  const allowed = await aclManager.allowSystemACL(h3, [
+    "import:version:new",
+  ]);
+  if (!allowed) throw createError({ statusCode: 403 });
 
   const body = await readBody(h3);
   const gameId = body.id;

server/api/v1/admin/import/version/preload.get.ts

@@ -1,8 +1,11 @@
+import aclManager from "~/server/internal/acls";
 import libraryManager from "~/server/internal/library";
 
 export default defineEventHandler(async (h3) => {
-  const user = await h3.context.session.getAdminUser(h3);
-  if (!user) throw createError({ statusCode: 403 });
+  const allowed = await aclManager.allowSystemACL(h3, [
+    "import:version:read",
+  ]);
+  if (!allowed) throw createError({ statusCode: 403 });
 
   const query = await getQuery(h3);
   const gameId = query.id?.toString();