hounam-submit-form-backend/src/core/middleware/require-role.middleware.ts

import { NextFunction } from "express";
import { ServerResponse } from "../types";

export function requireRole(...roles: string[]) {
  return (req: Request, res: ServerResponse, next: NextFunction) => {
    const user = (req as any).user;
    if (!user)
      return res
        .status(401)
        .json({ status: 401, data: {}, message: "احراز هویت انجام نشده است." });

    const userRole = user.Role?.name;
    if (!userRole || !roles.includes(userRole)) {
      return res
        .status(403)
        .json({
          status: 403,
          data: {},
          message: "شما دسترسی لازم برای این عملیات را ندارید.",
        });
    }

    next();
  };
}