umami/pages/api/websites/[id]/index.ts

import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, serverError, unauthorized } from 'next-basics';
import { Website, NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite, canUpdateWebsite, canDeleteWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { deleteWebsite, getWebsite, updateWebsite } from 'queries';

export interface WebsiteRequestQuery {
  id: string;
}

export interface WebsiteRequestBody {
  name: string;
  domain: string;
  shareId: string;
}

export default async (
  req: NextApiRequestQueryBody<WebsiteRequestQuery, WebsiteRequestBody>,
  res: NextApiResponse<Website>,
) => {
  await useCors(req, res);
  await useAuth(req, res);

  const { id: websiteId } = req.query;

  if (req.method === 'GET') {
    if (!(await canViewWebsite(req.auth, websiteId))) {
      return unauthorized(res);
    }

    const website = await getWebsite({ id: websiteId });

    return ok(res, website);
  }

  if (req.method === 'POST') {
    if (!(await canUpdateWebsite(req.auth, websiteId))) {
      return unauthorized(res);
    }

    const { name, domain, shareId } = req.body;

    let website;

    try {
      website = await updateWebsite(websiteId, { name, domain, shareId });
    } catch (e: any) {
      if (e.message.includes('Unique constraint') && e.message.includes('share_id')) {
        return serverError(res, 'That share ID is already taken.');
      }
    }

    return ok(res, website);
  }

  if (req.method === 'DELETE') {
    if (!(await canDeleteWebsite(req.auth, websiteId))) {
      return unauthorized(res);
    }

    await deleteWebsite(websiteId);

    return ok(res);
  }

  return methodNotAllowed(res);
};
Updated redis client. Soft deletes reset username. 2023-05-06 06:16:13 +02:00			`import { NextApiResponse } from 'next';`
			`import { methodNotAllowed, ok, serverError, unauthorized } from 'next-basics';`
Implement react-basics styles. Fix queries. 2022-12-09 08:43:43 +01:00			`import { Website, NextApiRequestQueryBody } from 'lib/types';`
Feat/um 114 roles and permissions (#1683) * Auth checkpoint. * Merge branch 'dev' into feat/um-114-roles-and-permissions 2022-12-02 05:53:37 +01:00			`import { canViewWebsite, canUpdateWebsite, canDeleteWebsite } from 'lib/auth';`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00			`import { useAuth, useCors } from 'lib/middleware';`
Update website fetch and update. 2022-11-02 23:45:47 +01:00			`import { deleteWebsite, getWebsite, updateWebsite } from 'queries';`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
Fix Typo. 2022-11-18 07:46:05 +01:00			`export interface WebsiteRequestQuery {`
Initial Typescript models. 2022-11-15 22:21:14 +01:00			`id: string;`
			`}`

Fix Typo. 2022-11-18 07:46:05 +01:00			`export interface WebsiteRequestBody {`
Initial Typescript models. 2022-11-15 22:21:14 +01:00			`name: string;`
			`domain: string;`
			`shareId: string;`
			`}`

			`export default async (`
Fix Typo. 2022-11-18 07:46:05 +01:00			`req: NextApiRequestQueryBody<WebsiteRequestQuery, WebsiteRequestBody>,`
Add event type to event. 2022-11-23 00:06:52 +01:00			`res: NextApiResponse<Website>,`
Initial Typescript models. 2022-11-15 22:21:14 +01:00			`) => {`
Refactor API authentication. 2022-10-12 22:11:44 +02:00			`await useCors(req, res);`
			`await useAuth(req, res);`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
Update website fetch and update. 2022-11-02 23:45:47 +01:00			`const { id: websiteId } = req.query;`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
Refactor API authentication. 2022-10-12 22:11:44 +02:00			`if (req.method === 'GET') {`
Add admin check. (#1716) * Add admin check. * Fix teamId check. 2022-12-28 00:18:58 +01:00			`if (!(await canViewWebsite(req.auth, websiteId))) {`
Refactored permissions check. Updated redis lib. 2022-12-01 19:58:50 +01:00			`return unauthorized(res);`
			`}`

Update website fetch and update. 2022-11-02 23:45:47 +01:00			`const website = await getWebsite({ id: websiteId });`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
			`return ok(res, website);`
			`}`

			`if (req.method === 'POST') {`
Add admin check. (#1716) * Add admin check. * Fix teamId check. 2022-12-28 00:18:58 +01:00			`if (!(await canUpdateWebsite(req.auth, websiteId))) {`
Refactored permissions check. Updated redis lib. 2022-12-01 19:58:50 +01:00			`return unauthorized(res);`
			`}`

Remove user/team transfer from website update. 2022-11-22 07:32:59 +01:00			`const { name, domain, shareId } = req.body;`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
Remove webisite.teamId related code. Clean up queries. 2023-04-14 05:57:22 +02:00			`let website;`

Added error conditions for website updates. 2022-10-13 00:52:31 +02:00			`try {`
Remove webisite.teamId related code. Clean up queries. 2023-04-14 05:57:22 +02:00			`website = await updateWebsite(websiteId, { name, domain, shareId });`
Fix Website auth. 2022-11-19 03:49:58 +01:00			`} catch (e: any) {`
Added error conditions for website updates. 2022-10-13 00:52:31 +02:00			`if (e.message.includes('Unique constraint') && e.message.includes('share_id')) {`
			`return serverError(res, 'That share ID is already taken.');`
			`}`
			`}`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
Remove webisite.teamId related code. Clean up queries. 2023-04-14 05:57:22 +02:00			`return ok(res, website);`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00			`}`

			`if (req.method === 'DELETE') {`
Add admin check. (#1716) * Add admin check. * Fix teamId check. 2022-12-28 00:18:58 +01:00			`if (!(await canDeleteWebsite(req.auth, websiteId))) {`
Feat/um 114 roles and permissions (#1683) * Auth checkpoint. * Merge branch 'dev' into feat/um-114-roles-and-permissions 2022-12-02 05:53:37 +01:00			`return unauthorized(res);`
			`}`

Update website fetch and update. 2022-11-02 23:45:47 +01:00			`await deleteWebsite(websiteId);`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
			`return ok(res);`
			`}`

			`return methodNotAllowed(res);`
			`};`