ambiser
/
umami
9
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update website fetch and update.

pull/1643/head
Mike Cao 2022-11-02 15:45:47 -07:00
parent 05245ca316
commit 1075325ec5
5 changed files with 27 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/auth.js
View File

@ -43,7 +43,7 @@ export function isValidToken(token, validation) {
export async function allowQuery(req, type) { export async function allowQuery(req, type) {
const { id } = req.query; const { id } = req.query;
const { userId, isAdmin, shareToken } = req.auth ?? {}; const { id: userId, isAdmin, shareToken } = req.auth ?? {};
if (isAdmin) { if (isAdmin) {
return true; return true;

40
pages/api/websites/[id]/index.js
View File

@ -1,52 +1,34 @@
import { allowQuery } from 'lib/auth'; import { allowQuery } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware'; import { useAuth, useCors } from 'lib/middleware';
import { getRandomChars, methodNotAllowed, ok, serverError, unauthorized } from 'next-basics'; import { methodNotAllowed, ok, serverError, unauthorized } from 'next-basics';
import { deleteWebsite, getUser, getWebsite, updateWebsite } from 'queries'; import { deleteWebsite, getWebsite, updateWebsite } from 'queries';
import { TYPE_WEBSITE } from 'lib/constants'; import { TYPE_WEBSITE } from 'lib/constants';
export default async (req, res) => { export default async (req, res) => {
await useCors(req, res); await useCors(req, res);
await useAuth(req, res); await useAuth(req, res);
const { id } = req.query; const { id: websiteId } = req.query;
if (!(await allowQuery(req, TYPE_WEBSITE))) { if (!(await allowQuery(req, TYPE_WEBSITE))) {
return unauthorized(res); return unauthorized(res);
} }
if (req.method === 'GET') { if (req.method === 'GET') {
const website = await getWebsite({ id }); const website = await getWebsite({ id: websiteId });
return ok(res, website); return ok(res, website);
} }
if (req.method === 'POST') { if (req.method === 'POST') {
const { name, domain, owner, enableShareUrl, shareId } = req.body; const { name, domain, shareId } = req.body;
const { userId } = req.auth;
let user;
if (userId) {
user = await getUser({ id: userId });
if (!user) {
return serverError(res, 'User does not exist.');
}
}
const website = await getWebsite({ id });
const newShareId = enableShareUrl ? website.shareId || getRandomChars(8) : null;
try { try {
await updateWebsite( await updateWebsite(websiteId, {
{ name,
name, domain,
domain, shareId,
shareId: shareId ? shareId : newShareId, });
userId: +owner || user.id,
},
{ id },
);
} catch (e) { } catch (e) {
if (e.message.includes('Unique constraint') && e.message.includes('share_id')) { if (e.message.includes('Unique constraint') && e.message.includes('share_id')) {
return serverError(res, 'That share ID is already taken.'); return serverError(res, 'That share ID is already taken.');
@ -61,7 +43,7 @@ export default async (req, res) => {
return unauthorized(res); return unauthorized(res);
} }
await deleteWebsite(id); await deleteWebsite(websiteId);
return ok(res); return ok(res);
} }

32
pages/api/websites/index.js
View File

@ -1,5 +1,5 @@
import { createWebsite, getUser, getAllWebsites, getUserWebsites } from 'queries'; import { createWebsite, getAllWebsites, getUserWebsites } from 'queries';
import { ok, methodNotAllowed, unauthorized, getRandomChars } from 'next-basics'; import { ok, methodNotAllowed, getRandomChars } from 'next-basics';
import { useAuth, useCors } from 'lib/middleware'; import { useAuth, useCors } from 'lib/middleware';
import { uuid } from 'lib/crypto'; import { uuid } from 'lib/crypto';
@ -7,39 +7,21 @@ export default async (req, res) => {
await useCors(req, res); await useCors(req, res);
await useAuth(req, res); await useAuth(req, res);
const { user_id, include_all } = req.query; const { id, isAdmin } = req.auth;
const { userId: currentUserId, isAdmin } = req.auth;
const id = user_id || currentUserId;
let user;
if (id) {
user = await getUser({ id });
}
const userId = user ? user.id : user_id;
if (req.method === 'GET') { if (req.method === 'GET') {
if (userId && userId !== currentUserId && !isAdmin) { const { include_all } = req.query;
return unauthorized(res);
}
const websites = const websites = isAdmin && include_all ? await getAllWebsites() : await getUserWebsites(id);
isAdmin && include_all ? await getAllWebsites() : await getUserWebsites({ userId });
return ok(res, websites); return ok(res, websites);
} }
if (req.method === 'POST') { if (req.method === 'POST') {
const { name, domain, owner, enableShareUrl } = req.body; const { name, domain, enableShareUrl } = req.body;
const website_owner = user ? userId : +owner;
if (website_owner !== currentUserId && !isAdmin) {
return unauthorized(res);
}
const shareId = enableShareUrl ? getRandomChars(8) : null; const shareId = enableShareUrl ? getRandomChars(8) : null;
const website = await createWebsite(website_owner, { id: uuid(), name, domain, shareId }); const website = await createWebsite(id, { id: uuid(), name, domain, shareId });
return ok(res, website); return ok(res, website);
} }

6
queries/admin/website/getUserWebsites.js
View File

@ -1,8 +1,10 @@
import prisma from 'lib/prisma'; import prisma from 'lib/prisma';
export async function getUserWebsites(where) { export async function getUserWebsites(userId) {
return prisma.client.website.findMany({ return prisma.client.website.findMany({
where, where: {
userId,
},
orderBy: { orderBy: {
name: 'asc', name: 'asc',
}, },

6
queries/admin/website/updateWebsite.js
View File

@ -1,8 +1,10 @@
import prisma from 'lib/prisma'; import prisma from 'lib/prisma';
export async function updateWebsite(data, where) { export async function updateWebsite(id, data) {
return prisma.client.website.update({ return prisma.client.website.update({
where, where: {
id,
},
data, data,
}); });
} }