From f794b5674b3b7d6124515fb4f5f090add29f30a2 Mon Sep 17 00:00:00 2001
From: Brian Cao <brian@umami.is>
Date: Wed, 23 Aug 2023 11:26:41 -0700
Subject: [PATCH] Update team/website permission check.

---
 src/lib/auth.ts              | 8 ++++----
 src/lib/{date.js => date.ts} | 0
 2 files changed, 4 insertions(+), 4 deletions(-)
 rename src/lib/{date.js => date.ts} (100%)

diff --git a/src/lib/auth.ts b/src/lib/auth.ts
index a93f89c7..4a42d85d 100644
--- a/src/lib/auth.ts
+++ b/src/lib/auth.ts
@@ -4,7 +4,7 @@ import debug from 'debug';
 import { PERMISSIONS, ROLE_PERMISSIONS, SHARE_TOKEN_HEADER } from 'lib/constants';
 import { secret } from 'lib/crypto';
 import { createSecureToken, ensureArray, getRandomChars, parseToken } from 'next-basics';
-import { findTeamWebsiteByUserId, getTeamUser, getTeamWebsite, getWebsitesByUserId } from 'queries';
+import { findTeamWebsiteByUserId, getTeamUser, getTeamWebsite } from 'queries';
 import { loadWebsite } from './load';
 import { Auth } from './types';
 
@@ -60,11 +60,11 @@ export async function canViewWebsite({ user, shareToken }: Auth, websiteId: stri
 
 export async function canCreateWebsite({ user, grant }: Auth) {
   if (cloudMode) {
-    if (grant.find(a => a === PERMISSIONS.websiteCreate)) {
+    if (grant?.find(a => a === PERMISSIONS.websiteCreate)) {
       return true;
     }
 
-    return (await getWebsitesByUserId(user.id)).count < Number(process.env.WEBSITE_LIMIT);
+    return false;
   }
 
   if (user.isAdmin) {
@@ -120,7 +120,7 @@ export async function canDeleteReport(auth: Auth, report: Report) {
 
 export async function canCreateTeam({ user, grant }: Auth) {
   if (cloudMode) {
-    if (grant.find(a => a === PERMISSIONS.teamCreate)) {
+    if (grant?.find(a => a === PERMISSIONS.teamCreate)) {
       return true;
     }
 
diff --git a/src/lib/date.js b/src/lib/date.ts
similarity index 100%
rename from src/lib/date.js
rename to src/lib/date.ts