mirror of
https://github.com/kremalicious/umami.git
synced 2025-02-14 21:10:34 +01:00
Update website fetch and update.
This commit is contained in:
Mike Cao
parent
05245ca316
commit
1075325ec5
@ -43,7 +43,7 @@ export function isValidToken(token, validation) {
|
||||
export async function allowQuery(req, type) {
|
||||
const { id } = req.query;
|
||||
|
||||
const { userId, isAdmin, shareToken } = req.auth ?? {};
|
||||
const { id: userId, isAdmin, shareToken } = req.auth ?? {};
|
||||
|
||||
if (isAdmin) {
|
||||
return true;
|
||||
|
||||
@ -1,52 +1,34 @@
|
||||
import { allowQuery } from 'lib/auth';
|
||||
import { useAuth, useCors } from 'lib/middleware';
|
||||
import { getRandomChars, methodNotAllowed, ok, serverError, unauthorized } from 'next-basics';
|
||||
import { deleteWebsite, getUser, getWebsite, updateWebsite } from 'queries';
|
||||
import { methodNotAllowed, ok, serverError, unauthorized } from 'next-basics';
|
||||
import { deleteWebsite, getWebsite, updateWebsite } from 'queries';
|
||||
import { TYPE_WEBSITE } from 'lib/constants';
|
||||
|
||||
export default async (req, res) => {
|
||||
await useCors(req, res);
|
||||
await useAuth(req, res);
|
||||
|
||||
const { id } = req.query;
|
||||
const { id: websiteId } = req.query;
|
||||
|
||||
if (!(await allowQuery(req, TYPE_WEBSITE))) {
|
||||
return unauthorized(res);
|
||||
}
|
||||
|
||||
if (req.method === 'GET') {
|
||||
const website = await getWebsite({ id });
|
||||
const website = await getWebsite({ id: websiteId });
|
||||
|
||||
return ok(res, website);
|
||||
}
|
||||
|
||||
if (req.method === 'POST') {
|
||||
const { name, domain, owner, enableShareUrl, shareId } = req.body;
|
||||
const { userId } = req.auth;
|
||||
let user;
|
||||
|
||||
if (userId) {
|
||||
user = await getUser({ id: userId });
|
||||
|
||||
if (!user) {
|
||||
return serverError(res, 'User does not exist.');
|
||||
}
|
||||
}
|
||||
|
||||
const website = await getWebsite({ id });
|
||||
|
||||
const newShareId = enableShareUrl ? website.shareId || getRandomChars(8) : null;
|
||||
const { name, domain, shareId } = req.body;
|
||||
|
||||
try {
|
||||
await updateWebsite(
|
||||
{
|
||||
name,
|
||||
domain,
|
||||
shareId: shareId ? shareId : newShareId,
|
||||
userId: +owner || user.id,
|
||||
},
|
||||
{ id },
|
||||
);
|
||||
await updateWebsite(websiteId, {
|
||||
name,
|
||||
domain,
|
||||
shareId,
|
||||
});
|
||||
} catch (e) {
|
||||
if (e.message.includes('Unique constraint') && e.message.includes('share_id')) {
|
||||
return serverError(res, 'That share ID is already taken.');
|
||||
@ -61,7 +43,7 @@ export default async (req, res) => {
|
||||
return unauthorized(res);
|
||||
}
|
||||
|
||||
await deleteWebsite(id);
|
||||
await deleteWebsite(websiteId);
|
||||
|
||||
return ok(res);
|
||||
}
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
import { createWebsite, getUser, getAllWebsites, getUserWebsites } from 'queries';
|
||||
import { ok, methodNotAllowed, unauthorized, getRandomChars } from 'next-basics';
|
||||
import { createWebsite, getAllWebsites, getUserWebsites } from 'queries';
|
||||
import { ok, methodNotAllowed, getRandomChars } from 'next-basics';
|
||||
import { useAuth, useCors } from 'lib/middleware';
|
||||
import { uuid } from 'lib/crypto';
|
||||
|
||||
@ -7,39 +7,21 @@ export default async (req, res) => {
|
||||
await useCors(req, res);
|
||||
await useAuth(req, res);
|
||||
|
||||
const { user_id, include_all } = req.query;
|
||||
const { userId: currentUserId, isAdmin } = req.auth;
|
||||
const id = user_id || currentUserId;
|
||||
let user;
|
||||
|
||||
if (id) {
|
||||
user = await getUser({ id });
|
||||
}
|
||||
|
||||
const userId = user ? user.id : user_id;
|
||||
const { id, isAdmin } = req.auth;
|
||||
|
||||
if (req.method === 'GET') {
|
||||
if (userId && userId !== currentUserId && !isAdmin) {
|
||||
return unauthorized(res);
|
||||
}
|
||||
const { include_all } = req.query;
|
||||
|
||||
const websites =
|
||||
isAdmin && include_all ? await getAllWebsites() : await getUserWebsites({ userId });
|
||||
const websites = isAdmin && include_all ? await getAllWebsites() : await getUserWebsites(id);
|
||||
|
||||
return ok(res, websites);
|
||||
}
|
||||
|
||||
if (req.method === 'POST') {
|
||||
const { name, domain, owner, enableShareUrl } = req.body;
|
||||
|
||||
const website_owner = user ? userId : +owner;
|
||||
|
||||
if (website_owner !== currentUserId && !isAdmin) {
|
||||
return unauthorized(res);
|
||||
}
|
||||
const { name, domain, enableShareUrl } = req.body;
|
||||
|
||||
const shareId = enableShareUrl ? getRandomChars(8) : null;
|
||||
const website = await createWebsite(website_owner, { id: uuid(), name, domain, shareId });
|
||||
const website = await createWebsite(id, { id: uuid(), name, domain, shareId });
|
||||
|
||||
return ok(res, website);
|
||||
}
|
||||
|
||||
@ -1,8 +1,10 @@
|
||||
import prisma from 'lib/prisma';
|
||||
|
||||
export async function getUserWebsites(where) {
|
||||
export async function getUserWebsites(userId) {
|
||||
return prisma.client.website.findMany({
|
||||
where,
|
||||
where: {
|
||||
userId,
|
||||
},
|
||||
orderBy: {
|
||||
name: 'asc',
|
||||
},
|
||||
|
||||
@ -1,8 +1,10 @@
|
||||
import prisma from 'lib/prisma';
|
||||
|
||||
export async function updateWebsite(data, where) {
|
||||
export async function updateWebsite(id, data) {
|
||||
return prisma.client.website.update({
|
||||
where,
|
||||
where: {
|
||||
id,
|
||||
},
|
||||
data,
|
||||
});
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user