diff --git a/pages/api/teams/[id]/index.ts b/pages/api/teams/[id]/index.ts new file mode 100644 index 00000000..26440c8b --- /dev/null +++ b/pages/api/teams/[id]/index.ts @@ -0,0 +1,87 @@ +import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics'; +import { getTeam, deleteTeam, updateTeam } from 'queries'; +import { useAuth } from 'lib/middleware'; +import { NextApiResponse } from 'next'; +import { NextApiRequestQueryBody } from 'interface/api/nextApi'; +import { Team } from '@prisma/client'; + +export interface TeamRequestQuery { + id: string; +} + +export interface TeamRequestBody { + username: string; + password: string; +} + +export default async ( + req: NextApiRequestQueryBody, + res: NextApiResponse, +) => { + await useAuth(req, res); + + const { + user: { id: userId, isAdmin }, + } = req.auth; + const { id } = req.query; + + if (req.method === 'GET') { + if (id !== userId && !isAdmin) { + return unauthorized(res); + } + + const user = await getTeam({ id }); + + return ok(res, user); + } + + if (req.method === 'POST') { + const { username, password } = req.body; + + if (id !== userId && !isAdmin) { + return unauthorized(res); + } + + const user = await getTeam({ id }); + + const data: any = {}; + + if (password) { + data.password = hashPassword(password); + } + + // Only admin can change these fields + if (isAdmin) { + data.username = username; + } + + // Check when username changes + if (data.username && user.username !== data.username) { + const userByTeamname = await getTeam({ username }); + + if (userByTeamname) { + return badRequest(res, 'Team already exists'); + } + } + + const updated = await updateTeam(data, { id }); + + return ok(res, updated); + } + + if (req.method === 'DELETE') { + if (id === userId) { + return badRequest(res, 'You cannot delete your own user.'); + } + + if (!isAdmin) { + return unauthorized(res); + } + + await deleteTeam(id); + + return ok(res); + } + + return methodNotAllowed(res); +}; diff --git a/pages/api/teams/index.ts b/pages/api/teams/index.ts new file mode 100644 index 00000000..e69de29b diff --git a/pages/api/users/[id]/index.ts b/pages/api/users/[id]/index.ts index 870ff68a..80b6f8b2 100644 --- a/pages/api/users/[id]/index.ts +++ b/pages/api/users/[id]/index.ts @@ -5,17 +5,17 @@ import { NextApiResponse } from 'next'; import { NextApiRequestQueryBody } from 'interface/api/nextApi'; import { User } from 'interface/api/models'; -export interface UserReqeustQuery { +export interface UserRequestQuery { id: string; } -export interface UserReqeustBody { +export interface UserRequestBody { username: string; password: string; } export default async ( - req: NextApiRequestQueryBody, + req: NextApiRequestQueryBody, res: NextApiResponse, ) => { await useAuth(req, res); diff --git a/pages/api/websites/[id]/index.ts b/pages/api/websites/[id]/index.ts index 834b1732..2ec1ee14 100644 --- a/pages/api/websites/[id]/index.ts +++ b/pages/api/websites/[id]/index.ts @@ -7,18 +7,18 @@ import { NextApiRequestQueryBody } from 'interface/api/nextApi'; import { NextApiResponse } from 'next'; import { Website } from 'interface/api/models'; -export interface WebsiteReqeustQuery { +export interface WebsiteRequestQuery { id: string; } -export interface WebsiteReqeustBody { +export interface WebsiteRequestBody { name: string; domain: string; shareId: string; } export default async ( - req: NextApiRequestQueryBody, + req: NextApiRequestQueryBody, res: NextApiResponse, ) => { await useCors(req, res); diff --git a/pages/api/websites/[id]/metrics.ts b/pages/api/websites/[id]/metrics.ts index f3bf38aa..69c3c79d 100644 --- a/pages/api/websites/[id]/metrics.ts +++ b/pages/api/websites/[id]/metrics.ts @@ -36,7 +36,7 @@ function getColumn(type) { return type; } -export interface WebsiteMetricsReqeustQuery { +export interface WebsiteMetricsRequestQuery { id: string; type: string; start_at: number; @@ -50,7 +50,7 @@ export interface WebsiteMetricsReqeustQuery { } export default async ( - req: NextApiRequestQueryBody, + req: NextApiRequestQueryBody, res: NextApiResponse, ) => { await useCors(req, res); diff --git a/pages/api/websites/[id]/pageviews.ts b/pages/api/websites/[id]/pageviews.ts index c85a1a97..5bbf067b 100644 --- a/pages/api/websites/[id]/pageviews.ts +++ b/pages/api/websites/[id]/pageviews.ts @@ -10,7 +10,7 @@ import { getPageviewStats } from 'queries'; const unitTypes = ['year', 'month', 'hour', 'day']; -export interface WebsitePageviewReqeustQuery { +export interface WebsitePageviewRequestQuery { id: string; websiteId: string; start_at: number; @@ -26,7 +26,7 @@ export interface WebsitePageviewReqeustQuery { } export default async ( - req: NextApiRequestQueryBody, + req: NextApiRequestQueryBody, res: NextApiResponse, ) => { await useCors(req, res); diff --git a/pages/api/websites/[id]/reset.ts b/pages/api/websites/[id]/reset.ts index 6d2ffcea..ff141398 100644 --- a/pages/api/websites/[id]/reset.ts +++ b/pages/api/websites/[id]/reset.ts @@ -6,12 +6,12 @@ import { TYPE_WEBSITE } from 'lib/constants'; import { NextApiRequestQueryBody } from 'interface/api/nextApi'; import { NextApiResponse } from 'next'; -export interface WebsiteResetReqeustQuery { +export interface WebsiteResetRequestQuery { id: string; } export default async ( - req: NextApiRequestQueryBody, + req: NextApiRequestQueryBody, res: NextApiResponse, ) => { await useCors(req, res); diff --git a/pages/api/websites/[id]/stats.ts b/pages/api/websites/[id]/stats.ts index d9a581a9..497c3ff2 100644 --- a/pages/api/websites/[id]/stats.ts +++ b/pages/api/websites/[id]/stats.ts @@ -7,7 +7,7 @@ import { WebsiteStats } from 'interface/api/models'; import { NextApiRequestQueryBody } from 'interface/api/nextApi'; import { NextApiResponse } from 'next'; -export interface WebsiteStatsReqeustQuery { +export interface WebsiteStatsRequestQuery { id: string; type: string; start_at: number; @@ -21,7 +21,7 @@ export interface WebsiteStatsReqeustQuery { } export default async ( - req: NextApiRequestQueryBody, + req: NextApiRequestQueryBody, res: NextApiResponse, ) => { await useCors(req, res); diff --git a/pages/api/websites/index.ts b/pages/api/websites/index.ts index c4f2b3ea..4c5ad07c 100644 --- a/pages/api/websites/index.ts +++ b/pages/api/websites/index.ts @@ -5,18 +5,18 @@ import { NextApiResponse } from 'next'; import { getRandomChars, methodNotAllowed, ok } from 'next-basics'; import { createWebsiteByUser, getAllWebsites, getWebsitesByUserId } from 'queries'; -export interface WebsitesReqeustQuery { +export interface WebsitesRequestQuery { include_all?: boolean; } -export interface WebsitesReqeustBody { +export interface WebsitesRequestBody { name: string; domain: string; enableShareUrl: boolean; } export default async ( - req: NextApiRequestQueryBody, + req: NextApiRequestQueryBody, res: NextApiResponse, ) => { await useCors(req, res);