umami/pages/api/websites/[id]/index.js

import { allowQuery } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { getRandomChars, methodNotAllowed, ok, serverError, unauthorized } from 'next-basics';
import { deleteWebsite, getAccount, getWebsite, updateWebsite } from 'queries';
import { TYPE_WEBSITE } from 'lib/constants';

export default async (req, res) => {
  await useCors(req, res);
  await useAuth(req, res);

  const { id: websiteUuid } = req.query;

  if (req.method === 'GET') {
    if (!(await allowQuery(req, TYPE_WEBSITE))) {
      return unauthorized(res);
    }

    const website = await getWebsite({ websiteUuid });

    return ok(res, website);
  }

  if (req.method === 'POST') {
    if (!(await allowQuery(req, TYPE_WEBSITE, false))) {
      return unauthorized(res);
    }

    const { name, domain, owner, enableShareUrl, shareId } = req.body;
    const { accountUuid } = req.auth;

    let account;

    if (accountUuid) {
      account = await getAccount({ accountUuid });

      if (!account) {
        return serverError(res, 'Account does not exist.');
      }
    }

    const website = await getWebsite({ websiteUuid });

    const newShareId = enableShareUrl ? website.shareId || getRandomChars(8) : null;

    try {
      await updateWebsite(
        {
          name,
          domain,
          shareId: shareId ? shareId : newShareId,
          userId: +owner || account.id,
        },
        { websiteUuid },
      );
    } catch (e) {
      if (e.message.includes('Unique constraint') && e.message.includes('share_id')) {
        return serverError(res, 'That share ID is already taken.');
      }
    }

    return ok(res);
  }

  if (req.method === 'DELETE') {
    if (!(await allowQuery(req, TYPE_WEBSITE, false))) {
      return unauthorized(res);
    }

    await deleteWebsite(websiteUuid);

    return ok(res);
  }

  return methodNotAllowed(res);
};
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00			`import { allowQuery } from 'lib/auth';`
			`import { useAuth, useCors } from 'lib/middleware';`
Added error conditions for website updates. 2022-10-13 00:52:31 +02:00			`import { getRandomChars, methodNotAllowed, ok, serverError, unauthorized } from 'next-basics';`
Refactor API authentication. 2022-10-12 22:11:44 +02:00			`import { deleteWebsite, getAccount, getWebsite, updateWebsite } from 'queries';`
Fixed change password issue. API refactoring. Closes #1592. 2022-10-25 19:45:56 +02:00			`import { TYPE_WEBSITE } from 'lib/constants';`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
			`export default async (req, res) => {`
Refactor API authentication. 2022-10-12 22:11:44 +02:00			`await useCors(req, res);`
			`await useAuth(req, res);`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
Fixed change password issue. API refactoring. Closes #1592. 2022-10-25 19:45:56 +02:00			`const { id: websiteUuid } = req.query;`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
Refactor API authentication. 2022-10-12 22:11:44 +02:00			`if (req.method === 'GET') {`
Fix share URL permissions. (#1745) * Fix share URL permissions. * Add sql param logic. * Add permissions to edit website. * Update permissions. * Move parameters to param injection. * Sanitize eventdata. * Remove caret. * Fix avg. 2023-01-19 00:09:49 +01:00			`if (!(await allowQuery(req, TYPE_WEBSITE))) {`
			`return unauthorized(res);`
			`}`

Fixed change password issue. API refactoring. Closes #1592. 2022-10-25 19:45:56 +02:00			`const website = await getWebsite({ websiteUuid });`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
			`return ok(res, website);`
			`}`

			`if (req.method === 'POST') {`
Fix share URL permissions. (#1745) * Fix share URL permissions. * Add sql param logic. * Add permissions to edit website. * Update permissions. * Move parameters to param injection. * Sanitize eventdata. * Remove caret. * Fix avg. 2023-01-19 00:09:49 +01:00			`if (!(await allowQuery(req, TYPE_WEBSITE, false))) {`
			`return unauthorized(res);`
			`}`

Refactor API authentication. 2022-10-12 22:11:44 +02:00			`const { name, domain, owner, enableShareUrl, shareId } = req.body;`
			`const { accountUuid } = req.auth;`
change owner by id 2022-10-30 00:50:29 +02:00
Updated save method for websites. 2022-10-08 02:13:03 +02:00			`let account;`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
Feat/um 62 prisma property names (#1562) * checkpoint * fix pg schema * fix mysql schema * change property names 2022-10-10 22:42:18 +02:00			`if (accountUuid) {`
			`account = await getAccount({ accountUuid });`
Added error conditions for website updates. 2022-10-13 00:52:31 +02:00
			`if (!account) {`
			`return serverError(res, 'Account does not exist.');`
			`}`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00			`}`

Fixed change password issue. API refactoring. Closes #1592. 2022-10-25 19:45:56 +02:00			`const website = await getWebsite({ websiteUuid });`
Feat/um 62 prisma property names (#1562) * checkpoint * fix pg schema * fix mysql schema * change property names 2022-10-10 22:42:18 +02:00
Refactor API authentication. 2022-10-12 22:11:44 +02:00			`const newShareId = enableShareUrl ? website.shareId \|\| getRandomChars(8) : null;`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
Added error conditions for website updates. 2022-10-13 00:52:31 +02:00			`try {`
			`await updateWebsite(`
			`{`
			`name,`
			`domain,`
			`shareId: shareId ? shareId : newShareId,`
assign backup 2022-10-31 18:38:37 +01:00			`userId: +owner \|\| account.id,`
Added error conditions for website updates. 2022-10-13 00:52:31 +02:00			`},`
Fixed change password issue. API refactoring. Closes #1592. 2022-10-25 19:45:56 +02:00			`{ websiteUuid },`
Added error conditions for website updates. 2022-10-13 00:52:31 +02:00			`);`
			`} catch (e) {`
			`if (e.message.includes('Unique constraint') && e.message.includes('share_id')) {`
			`return serverError(res, 'That share ID is already taken.');`
			`}`
			`}`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
			`return ok(res);`
			`}`

			`if (req.method === 'DELETE') {`
Fix share URL permissions. (#1745) * Fix share URL permissions. * Add sql param logic. * Add permissions to edit website. * Update permissions. * Move parameters to param injection. * Sanitize eventdata. * Remove caret. * Fix avg. 2023-01-19 00:09:49 +01:00			`if (!(await allowQuery(req, TYPE_WEBSITE, false))) {`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00			`return unauthorized(res);`
			`}`

Fixed change password issue. API refactoring. Closes #1592. 2022-10-25 19:45:56 +02:00			`await deleteWebsite(websiteUuid);`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
			`return ok(res);`
			`}`

			`return methodNotAllowed(res);`
			`};`