dashboard: restrict access to organization users

packages/db/src/services/project.service.ts

@@ -1,3 +1,6 @@
+import { auth } from '@clerk/nextjs';
+import { project } from 'ramda';
+
 import type { Project } from '../prisma-client';
 import { db } from '../prisma-client';
 
@@ -33,3 +36,31 @@ export async function getProjectsByOrganizationSlug(slug: string) {
 
   return res.map(transformProject);
 }
+
+export async function getCurrentProjects(slug: string) {
+  const session = auth();
+  if (!session.userId) {
+    return [];
+  }
+
+  const access = await db.projectAccess.findMany({
+    where: {
+      organization_slug: slug,
+      user_id: session.userId,
+    },
+  });
+
+  const res = await db.project.findMany({
+    where: {
+      organization_slug: slug,
+    },
+  });
+
+  if (access.length === 0) {
+    return res.map(transformProject);
+  }
+
+  return res
+    .filter((project) => access.some((a) => a.project_id === project.id))
+    .map(transformProject);
+}