add me abac

src/server/api/me/index.post.ts

@@ -1,7 +1,8 @@
 import { UserUpdateSchema } from '#db/repositories/user/types';
 
 export default definePermissionEventHandler(
-  actions.CLIENT,
+  'me',
+  'update',
   async ({ event, user }) => {
     const { name, email } = await readValidatedBody(
       event,

src/server/api/me/password.post.ts

@@ -1,7 +1,8 @@
 import { UserUpdatePasswordSchema } from '#db/repositories/user/types';
 
 export default definePermissionEventHandler(
-  actions.CLIENT,
+  'me',
+  'update',
   async ({ event, user }) => {
     const { newPassword, currentPassword } = await readValidatedBody(
       event,

src/shared/utils/permissions.ts

@@ -47,6 +47,10 @@ export type Permissions = {
     dataType: never;
     action: 'any';
   };
+  me: {
+    dataType: UserType;
+    action: 'update';
+  };
 };
 
 export const ROLES = {
@@ -61,6 +65,9 @@ export const ROLES = {
     admin: {
       any: true,
     },
+    me: {
+      update: (loggedIn, toChange) => loggedIn.id === toChange.id,
+    },
   },
   CLIENT: {
     clients: {
@@ -73,6 +80,9 @@ export const ROLES = {
     admin: {
       any: false,
     },
+    me: {
+      update: (loggedIn, toChange) => loggedIn.id === toChange.id,
+    },
   },
 } as const satisfies RolesWithPermissions;