umami/pages/api/websites/index.ts

import { Prisma } from '@prisma/client';
import { NextApiRequestQueryBody } from 'interface/api/nextApi';
import { uuid } from 'lib/crypto';
import { useAuth, useCors } from 'lib/middleware';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok } from 'next-basics';
import { createWebsite, getAllWebsites, getWebsitesByUserId } from 'queries';
import { checkPermission } from 'lib/auth';
import { UmamiApi } from 'lib/constants';

export interface WebsitesRequestQuery {
  include_all?: boolean;
}

export interface WebsitesRequestBody {
  name: string;
  domain: string;
  shareId: string;
  teamId?: string;
}

export default async (
  req: NextApiRequestQueryBody<WebsitesRequestQuery, WebsitesRequestBody>,
  res: NextApiResponse,
) => {
  await useCors(req, res);
  await useAuth(req, res);

  const {
    user: { id: userId },
  } = req.auth;

  if (req.method === 'GET') {
    const { include_all } = req.query;

    const isAdmin = await checkPermission(req, UmamiApi.Permission.Admin);

    const websites =
      isAdmin && include_all ? await getAllWebsites() : await getWebsitesByUserId(userId);

    return ok(res, websites);
  }

  if (req.method === 'POST') {
    const { name, domain, shareId, teamId } = req.body;

    const data: Prisma.WebsiteCreateInput = {
      id: uuid(),
      name,
      domain,
      shareId,
    };

    if (teamId) {
      data.teamId = teamId;
    } else {
      data.userId = userId;
    }

    const website = await createWebsite(data);

    return ok(res, website);
  }

  return methodNotAllowed(res);
};
Add permission checks. 2022-11-20 09:48:13 +01:00			`import { Prisma } from '@prisma/client';`
Initial Typescript models. 2022-11-15 22:21:14 +01:00			`import { NextApiRequestQueryBody } from 'interface/api/nextApi';`
Add queries for new schema. 2022-11-18 07:27:33 +01:00			`import { uuid } from 'lib/crypto';`
			`import { useAuth, useCors } from 'lib/middleware';`
Initial Typescript models. 2022-11-15 22:21:14 +01:00			`import { NextApiResponse } from 'next';`
Add permission checks. 2022-11-20 09:48:13 +01:00			`import { methodNotAllowed, ok } from 'next-basics';`
			`import { createWebsite, getAllWebsites, getWebsitesByUserId } from 'queries';`
Fix isAdmin check. Fix Schema. 2022-11-22 01:44:42 +01:00			`import { checkPermission } from 'lib/auth';`
			`import { UmamiApi } from 'lib/constants';`
Initial Typescript models. 2022-11-15 22:21:14 +01:00
Fix Typo. 2022-11-18 07:46:05 +01:00			`export interface WebsitesRequestQuery {`
Initial Typescript models. 2022-11-15 22:21:14 +01:00			`include_all?: boolean;`
			`}`

Fix Typo. 2022-11-18 07:46:05 +01:00			`export interface WebsitesRequestBody {`
Initial Typescript models. 2022-11-15 22:21:14 +01:00			`name: string;`
			`domain: string;`
Add permission checks. 2022-11-20 09:48:13 +01:00			`shareId: string;`
			`teamId?: string;`
Initial Typescript models. 2022-11-15 22:21:14 +01:00			`}`

			`export default async (`
Fix Typo. 2022-11-18 07:46:05 +01:00			`req: NextApiRequestQueryBody<WebsitesRequestQuery, WebsitesRequestBody>,`
Initial Typescript models. 2022-11-15 22:21:14 +01:00			`res: NextApiResponse,`
			`) => {`
Use shallow routing for website details. 2022-11-02 16:57:52 +01:00			`await useCors(req, res);`
Refactor database queries. 2020-08-12 07:24:41 +02:00			`await useAuth(req, res);`

Fixed website create. 2022-11-09 16:40:17 +01:00			`const {`
Fix isAdmin check. Fix Schema. 2022-11-22 01:44:42 +01:00			`user: { id: userId },`
Fixed website create. 2022-11-09 16:40:17 +01:00			`} = req.auth;`
Refactor database queries. 2020-08-12 07:24:41 +02:00
			`if (req.method === 'GET') {`
Update website fetch and update. 2022-11-02 23:45:47 +01:00			`const { include_all } = req.query;`
Allow admins to view account websites. 2020-09-11 08:55:29 +02:00
Fix isAdmin check. Fix Schema. 2022-11-22 01:44:42 +01:00			`const isAdmin = await checkPermission(req, UmamiApi.Permission.Admin);`

api and lib fixes (#1643) 2022-11-08 20:55:02 +01:00			`const websites =`
Add queries for new schema. 2022-11-18 07:27:33 +01:00			`isAdmin && include_all ? await getAllWebsites() : await getWebsitesByUserId(userId);`
Refactor database queries. 2020-08-12 07:24:41 +02:00
			`return ok(res, websites);`
			`}`

Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00			`if (req.method === 'POST') {`
Add permission checks. 2022-11-20 09:48:13 +01:00			`const { name, domain, shareId, teamId } = req.body;`

			`const data: Prisma.WebsiteCreateInput = {`
			`id: uuid(),`
			`name,`
			`domain,`
			`shareId,`
			`};`

			`if (teamId) {`
			`data.teamId = teamId;`
			`} else {`
			`data.userId = userId;`
			`}`

			`const website = await createWebsite(data);`
Merge branch 'dev' of https://github.com/umami-software/umami into dev # Conflicts: # pages/api/account/index.js 2022-10-04 02:17:53 +02:00
			`return ok(res, website);`
			`}`

Refactor database queries. 2020-08-12 07:24:41 +02:00			`return methodNotAllowed(res);`
			`};`