Merge branch 'dev' of https://github.com/umami-software/umami into dev

db/postgresql/schema.prisma

@@ -17,9 +17,9 @@ model User {
   groupRole GroupRole[]
   groupUser GroupUser[]
   userRole  UserRole[]
-  teamWebsite TeamWebsite[]
   teamUser  TeamUser[]
-  userWebsite UserWebsite[]
+  Website   Website?    @relation(fields: [websiteId], references: [id])
+  websiteId String?     @db.Uuid
 
   @@map("user")
 }
@@ -47,11 +47,13 @@ model Website {
   domain    String?   @db.VarChar(500)
   shareId   String?   @unique @map("share_id") @db.VarChar(64)
   revId     Int       @default(0) @map("rev_id") @db.Integer
+  userId    String?   @map("user_id") @db.Uuid
+  teamId    String?   @map("team_id") @db.Uuid
   createdAt DateTime? @default(now()) @map("created_at") @db.Timestamptz(6)
   isDeleted Boolean   @default(false) @map("is_deleted")
 
-  teamWebsite TeamWebsite[]
+  team Team[]
-  userWebsite UserWebsite[]
+  user User[]
 
   @@index([createdAt])
   @@index([shareId])
@@ -153,6 +155,7 @@ model RolePermission {
   role       Role       @relation(fields: [roleId], references: [id])
   permission Permission @relation(fields: [permissionId], references: [id])
 
+  @@unique([roleId, permissionId])
   @@map("role_permission")
 }
 
@@ -168,6 +171,7 @@ model UserRole {
   user User  @relation(fields: [userId], references: [id])
   team Team? @relation(fields: [teamId], references: [id])
 
+  @@unique([roleId, userId, teamId])
   @@map("user_role")
 }
 
@@ -177,28 +181,14 @@ model Team {
   createdAt DateTime? @default(now()) @map("created_at") @db.Timestamptz(6)
   isDeleted Boolean   @default(false) @map("is_deleted")
 
-  teamWebsites TeamWebsite[]
   teamUsers TeamUser[]
   UserRole  UserRole[]
+  Website   Website?   @relation(fields: [websiteId], references: [id])
+  websiteId String?    @db.Uuid
 
   @@map("team")
 }
 
-model TeamWebsite {
-  id        String    @id() @unique() @map("team_website_id") @db.Uuid
-  teamId    String    @map("team_id") @db.Uuid
-  websiteId String    @map("website_id") @db.Uuid
-  createdAt DateTime? @default(now()) @map("created_at") @db.Timestamptz(6)
-  isDeleted Boolean   @default(false) @map("is_deleted")
-
-  website Website @relation(fields: [websiteId], references: [id])
-  team    Team    @relation(fields: [teamId], references: [id])
-  user    User?   @relation(fields: [userId], references: [id])
-  userId  String? @db.Uuid
-
-  @@map("team_website")
-}
-
 model TeamUser {
   id        String    @id() @unique() @map("team_user_id") @db.Uuid
   teamId    String    @map("team_id") @db.Uuid
@@ -212,16 +202,3 @@ model TeamUser {
 
   @@map("team_user")
 }
-
-model UserWebsite {
-  id        String    @id() @unique() @map("user_website_id") @db.Uuid
-  userId    String    @map("user_id") @db.Uuid
-  websiteId String    @map("website_id") @db.Uuid
-  createdAt DateTime? @default(now()) @map("created_at") @db.Timestamptz(6)
-  isDeleted Boolean   @default(false) @map("is_deleted")
-
-  website Website @relation(fields: [websiteId], references: [id])
-  user    User    @relation(fields: [userId], references: [id])
-
-  @@map("user_website")
-}

lib/auth.ts

@@ -1,9 +1,10 @@
 import debug from 'debug';
 import { NextApiRequestAuth } from 'interface/api/nextApi';
+import cache from 'lib/cache';
 import { SHARE_TOKEN_HEADER, UmamiApi } from 'lib/constants';
 import { secret } from 'lib/crypto';
 import { parseSecureToken, parseToken } from 'next-basics';
-import { getUser, getUserWebsite } from 'queries';
+import { getPermissionsByUserId, getTeamUser, getUser } from 'queries';
 
 const log = debug('umami:auth');
 
@@ -63,23 +64,51 @@ export async function allowQuery(
 
   if (user?.id) {
     if (type === UmamiApi.AuthType.Website) {
-      const userWebsite = await getUserWebsite({
+      const website = await cache.fetchWebsite(typeId ?? id);
-        userId: user.id,
-        websiteId: typeId ?? id,
-        isDeleted: false,
-      });
 
-      return userWebsite;
+      if (website && website.userId === user.id) {
+        return true;
+      }
+
+      if (website.teamId) {
+        const teamUser = getTeamUser({ userId: user.id, teamId: website.teamId, isDeleted: false });
+
+        return teamUser;
+      }
+
+      return false;
     } else if (type === UmamiApi.AuthType.User) {
       const user = await getUser({ id });
 
       return user && user.id === id;
-    }
+    } else if (type === UmamiApi.AuthType.Team) {
-  }
+      const teamUser = await getTeamUser({
+        userId: user.id,
+        teamId: typeId ?? id,
+        isDeleted: false,
+      });
 
-  if (user?.isAdmin) {
+      return teamUser;
-    return true;
+    } else if (type === UmamiApi.AuthType.TeamOwner) {
+      const teamUser = await getTeamUser({
+        userId: user.id,
+        teamId: typeId ?? id,
+        isDeleted: false,
+      });
+
+      return teamUser && teamUser.isOwner;
+    }
   }
 
   return false;
 }
+
+export async function checkPermission(req: NextApiRequestAuth, type: UmamiApi.Permission) {
+  const {
+    user: { id: userId },
+  } = req.auth;
+
+  const userRole = await getPermissionsByUserId(userId, type);
+
+  return userRole.length > 0;
+}

lib/cache.ts

@@ -1,6 +1,6 @@
-import { getWebsite, getUser, getSession } from '../queries';
+import { User, Website } from '@prisma/client';
 import redis, { DELETED } from 'lib/redis';
-import { Role, Team, TeamUser, User, UserRole, UserWebsite, Website } from '@prisma/client';
+import { getSession, getUser, getWebsite } from '../queries';
 
 async function fetchObject(key, query) {
   const obj = await redis.get(key);
@@ -26,7 +26,7 @@ async function deleteObject(key) {
   return redis.set(key, DELETED);
 }
 
-async function fetchWebsite(id) {
+async function fetchWebsite(id): Promise<Website> {
   return fetchObject(`website:${id}`, () => getWebsite({ id }));
 }
 
@@ -41,13 +41,7 @@ async function deleteWebsite(id) {
   return deleteObject(`website:${id}`);
 }
 
-async function fetchUser(id): Promise<
+async function fetchUser(id): Promise<User> {
-  User & {
-    userRole?: (UserRole & { role: Role })[];
-    teamUser?: (TeamUser & { team: Team })[];
-    userWebsite?: (UserWebsite & { website: Website })[];
-  }
-> {
   return fetchObject(`user:${id}`, () => getUser({ id }, true));
 }
 

lib/constants.ts

@@ -8,6 +8,16 @@ export namespace UmamiApi {
   export enum AuthType {
     Website,
     User,
+    Team,
+    TeamOwner,
+  }
+
+  export enum Permission {
+    Admin = 'Admin',
+  }
+
+  export enum Role {
+    Admin = 'Admin',
   }
 }
 export const CURRENT_VERSION = process.env.currentVersion;

pages/api/teams/[id]/index.ts

@@ -1,8 +1,10 @@
 import { Team } from '@prisma/client';
 import { NextApiRequestQueryBody } from 'interface/api/nextApi';
+import { allowQuery } from 'lib/auth';
+import { UmamiApi } from 'lib/constants';
 import { useAuth } from 'lib/middleware';
 import { NextApiResponse } from 'next';
-import { badRequest, methodNotAllowed, ok, unauthorized } from 'next-basics';
+import { methodNotAllowed, ok, unauthorized } from 'next-basics';
 import { deleteTeam, getTeam, updateTeam } from 'queries';
 
 export interface TeamRequestQuery {
@@ -10,8 +12,7 @@ export interface TeamRequestQuery {
 }
 
 export interface TeamRequestBody {
-  name?: string;
+  name: string;
-  is_deleted?: boolean;
 }
 
 export default async (
@@ -20,43 +21,35 @@ export default async (
 ) => {
   await useAuth(req, res);
 
-  const {
+  const { id: teamId } = req.query;
-    user: { id: userId, isAdmin },
-  } = req.auth;
-  const { id } = req.query;
 
   if (req.method === 'GET') {
-    if (id !== userId && !isAdmin) {
+    if (!(await allowQuery(req, UmamiApi.AuthType.Team))) {
       return unauthorized(res);
     }
-
+    const user = await getTeam({ id: teamId });
-    const user = await getTeam({ id });
 
     return ok(res, user);
   }
 
   if (req.method === 'POST') {
-    const { name, is_deleted: isDeleted } = req.body;
+    const { name } = req.body;
 
-    if (id !== userId && !isAdmin) {
+    if (!(await allowQuery(req, UmamiApi.AuthType.TeamOwner))) {
-      return unauthorized(res);
+      return unauthorized(res, 'You must be the owner of this team.');
     }
 
-    const updated = await updateTeam({ name, isDeleted }, { id });
+    const updated = await updateTeam({ name }, { id: teamId });
 
     return ok(res, updated);
   }
 
   if (req.method === 'DELETE') {
-    if (id === userId) {
+    if (!(await allowQuery(req, UmamiApi.AuthType.TeamOwner))) {
-      return badRequest(res, 'You cannot delete your own user.');
+      return unauthorized(res, 'You must be the owner of this team.');
     }
 
-    if (!isAdmin) {
+    await deleteTeam(teamId);
-      return unauthorized(res);
-    }
-
-    await deleteTeam(id);
 
     return ok(res);
   }

pages/api/teams/[id]/user.ts

@@ -1,8 +1,10 @@
 import { NextApiRequestQueryBody } from 'interface/api/nextApi';
+import { allowQuery } from 'lib/auth';
+import { UmamiApi } from 'lib/constants';
 import { uuid } from 'lib/crypto';
 import { useAuth } from 'lib/middleware';
 import { NextApiResponse } from 'next';
-import { methodNotAllowed, ok } from 'next-basics';
+import { methodNotAllowed, ok, unauthorized } from 'next-basics';
 import { createTeamUser, deleteTeamUser, getUsersByTeamId } from 'queries';
 
 export interface TeamUserRequestQuery {
@@ -23,12 +25,20 @@ export default async (
   const { id: teamId } = req.query;
 
   if (req.method === 'GET') {
+    if (!(await allowQuery(req, UmamiApi.AuthType.Team))) {
+      return unauthorized(res);
+    }
+
     const user = await getUsersByTeamId({ teamId });
 
     return ok(res, user);
   }
 
   if (req.method === 'POST') {
+    if (!(await allowQuery(req, UmamiApi.AuthType.TeamOwner))) {
+      return unauthorized(res, 'You must be the owner of this team.');
+    }
+
     const { user_id: userId } = req.body;
 
     const updated = await createTeamUser({ id: uuid(), userId, teamId });
@@ -37,6 +47,10 @@ export default async (
   }
 
   if (req.method === 'DELETE') {
+    if (!(await allowQuery(req, UmamiApi.AuthType.TeamOwner))) {
+      return unauthorized(res, 'You must be the owner of this team.');
+    }
+
     const { team_user_id } = req.body;
 
     await deleteTeamUser(team_user_id);

pages/api/teams/[id]/website.ts

@@ -1,9 +1,10 @@
 import { NextApiRequestQueryBody } from 'interface/api/nextApi';
-import { uuid } from 'lib/crypto';
+import { allowQuery } from 'lib/auth';
+import { UmamiApi } from 'lib/constants';
 import { useAuth } from 'lib/middleware';
 import { NextApiResponse } from 'next';
-import { methodNotAllowed, ok } from 'next-basics';
+import { methodNotAllowed, ok, unauthorized } from 'next-basics';
-import { createTeamWebsite, deleteTeamWebsite, getWebsitesByTeamId } from 'queries';
+import { getWebsitesByTeamId } from 'queries';
 
 export interface TeamWebsiteRequestQuery {
   id: string;
@@ -23,26 +24,14 @@ export default async (
   const { id: teamId } = req.query;
 
   if (req.method === 'GET') {
+    if (!(await allowQuery(req, UmamiApi.AuthType.Team))) {
+      return unauthorized(res);
+    }
+
     const website = await getWebsitesByTeamId({ teamId });
 
     return ok(res, website);
   }
 
-  if (req.method === 'POST') {
-    const { website_id: websiteId } = req.body;
-
-    const updated = await createTeamWebsite({ id: uuid(), websiteId, teamId });
-
-    return ok(res, updated);
-  }
-
-  if (req.method === 'DELETE') {
-    const { team_website_id } = req.body;
-
-    await deleteTeamWebsite(team_website_id);
-
-    return ok(res);
-  }
-
   return methodNotAllowed(res);
 };

pages/api/teams/index.ts

@@ -21,17 +21,17 @@ export default async (
   } = req.auth;
 
   if (req.method === 'GET') {
-    const users = await getTeamsByUserId(id);
+    const teams = await getTeamsByUserId(id);
 
-    return ok(res, users);
+    return ok(res, teams);
   }
 
   if (req.method === 'POST') {
     const { name } = req.body;
 
-    const user = await getTeam({ name });
+    const team = await getTeam({ name });
 
-    if (user) {
+    if (team) {
       return badRequest(res, 'Team already exists');
     }
 

pages/api/users/[id]/index.ts

@@ -1,9 +1,10 @@
-import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics';
+import { NextApiRequestQueryBody } from 'interface/api/nextApi';
-import { getUser, deleteUser, updateUser } from 'queries';
+import { checkPermission } from 'lib/auth';
+import { UmamiApi } from 'lib/constants';
 import { useAuth } from 'lib/middleware';
 import { NextApiResponse } from 'next';
-import { NextApiRequestQueryBody } from 'interface/api/nextApi';
+import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics';
-import { User } from 'interface/api/models';
+import { deleteUser, getUser, updateUser, User } from 'queries';
 
 export interface UserRequestQuery {
   id: string;
@@ -21,12 +22,12 @@ export default async (
   await useAuth(req, res);
 
   const {
-    user: { id: userId, isAdmin },
+    user: { id: userId },
   } = req.auth;
   const { id } = req.query;
 
   if (req.method === 'GET') {
-    if (id !== userId && !isAdmin) {
+    if (id !== userId) {
       return unauthorized(res);
     }
 
@@ -38,7 +39,7 @@ export default async (
   if (req.method === 'POST') {
     const { username, password } = req.body;
 
-    if (id !== userId && !isAdmin) {
+    if (id !== userId) {
       return unauthorized(res);
     }
 
@@ -51,7 +52,7 @@ export default async (
     }
 
     // Only admin can change these fields
-    if (isAdmin) {
+    if (!(await checkPermission(req, UmamiApi.Permission.Admin))) {
       data.username = username;
     }
 
@@ -74,7 +75,7 @@ export default async (
       return badRequest(res, 'You cannot delete your own user.');
     }
 
-    if (!isAdmin) {
+    if (!(await checkPermission(req, UmamiApi.Permission.Admin))) {
       return unauthorized(res);
     }
 

pages/api/users/index.ts

@@ -1,10 +1,11 @@
-import { ok, unauthorized, methodNotAllowed, badRequest, hashPassword } from 'next-basics';
-import { useAuth } from 'lib/middleware';
-import { uuid } from 'lib/crypto';
-import { createUser, getUser, getUsers } from 'queries';
 import { NextApiRequestQueryBody } from 'interface/api/nextApi';
+import { checkPermission } from 'lib/auth';
+import { UmamiApi } from 'lib/constants';
+import { uuid } from 'lib/crypto';
+import { useAuth } from 'lib/middleware';
 import { NextApiResponse } from 'next';
-import { User } from 'interface/api/models';
+import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics';
+import { createUser, getUser, getUsers, User } from 'queries';
 
 export interface UsersRequestBody {
   username: string;
@@ -18,11 +19,7 @@ export default async (
 ) => {
   await useAuth(req, res);
 
-  const {
+  if (!(await checkPermission(req, UmamiApi.Permission.Admin))) {
-    user: { isAdmin },
-  } = req.auth;
-
-  if (!isAdmin) {
     return unauthorized(res);
   }
 

pages/api/websites/[id]/index.ts

@@ -4,7 +4,7 @@ import { allowQuery } from 'lib/auth';
 import { UmamiApi } from 'lib/constants';
 import { useAuth, useCors } from 'lib/middleware';
 import { NextApiResponse } from 'next';
-import { methodNotAllowed, ok, serverError, unauthorized } from 'next-basics';
+import { methodNotAllowed, ok, serverError, unauthorized, badRequest } from 'next-basics';
 import { deleteWebsite, getWebsite, updateWebsite } from 'queries';
 
 export interface WebsiteRequestQuery {
@@ -15,6 +15,8 @@ export interface WebsiteRequestBody {
   name: string;
   domain: string;
   shareId: string;
+  userId?: string;
+  teamId?: string;
 }
 
 export default async (
@@ -37,14 +39,14 @@ export default async (
   }
 
   if (req.method === 'POST') {
-    const { name, domain, shareId } = req.body;
+    const { ...data } = req.body;
+
+    if (!data.userId && !data.teamId) {
+      badRequest(res, 'A website must be assigned to a User or Team.');
+    }
 
     try {
-      await updateWebsite(websiteId, {
+      await updateWebsite(websiteId, data);
-        name,
-        domain,
-        shareId,
-      });
     } catch (e: any) {
       if (e.message.includes('Unique constraint') && e.message.includes('share_id')) {
         return serverError(res, 'That share ID is already taken.');
@@ -55,10 +57,6 @@ export default async (
   }
 
   if (req.method === 'DELETE') {
-    if (!(await allowQuery(req, UmamiApi.AuthType.Website))) {
-      return unauthorized(res);
-    }
-
     await deleteWebsite(websiteId);
 
     return ok(res);

pages/api/websites/index.ts

@@ -1,9 +1,10 @@
+import { Prisma } from '@prisma/client';
 import { NextApiRequestQueryBody } from 'interface/api/nextApi';
 import { uuid } from 'lib/crypto';
 import { useAuth, useCors } from 'lib/middleware';
 import { NextApiResponse } from 'next';
-import { getRandomChars, methodNotAllowed, ok } from 'next-basics';
+import { methodNotAllowed, ok } from 'next-basics';
-import { createWebsiteByUser, getAllWebsites, getWebsitesByUserId } from 'queries';
+import { createWebsite, getAllWebsites, getWebsitesByUserId } from 'queries';
 
 export interface WebsitesRequestQuery {
   include_all?: boolean;
@@ -12,7 +13,8 @@ export interface WebsitesRequestQuery {
 export interface WebsitesRequestBody {
   name: string;
   domain: string;
-  enableShareUrl: boolean;
+  shareId: string;
+  teamId?: string;
 }
 
 export default async (
@@ -36,10 +38,22 @@ export default async (
   }
 
   if (req.method === 'POST') {
-    const { name, domain, enableShareUrl } = req.body;
+    const { name, domain, shareId, teamId } = req.body;
 
-    const shareId = enableShareUrl ? getRandomChars(8) : null;
+    const data: Prisma.WebsiteCreateInput = {
-    const website = await createWebsiteByUser(userId, { id: uuid(), name, domain, shareId });
+      id: uuid(),
+      name,
+      domain,
+      shareId,
+    };
+
+    if (teamId) {
+      data.teamId = teamId;
+    } else {
+      data.userId = userId;
+    }
+
+    const website = await createWebsite(data);
 
     return ok(res, website);
   }

queries/admin/permission.ts

@@ -19,6 +19,27 @@ export async function getPermissions(where: Prisma.PermissionWhereInput): Promis
   });
 }
 
+export async function getPermissionsByUserId(userId, name?: string): Promise<Permission[]> {
+  return prisma.client.permission.findMany({
+    where: {
+      ...(name ? { name } : {}),
+      RolePermission: {
+        every: {
+          role: {
+            is: {
+              userRoles: {
+                every: {
+                  userId,
+                },
+              },
+            },
+          },
+        },
+      },
+    },
+  });
+}
+
 export async function updatePermission(
   data: Prisma.PermissionUpdateInput,
   where: Prisma.PermissionWhereUniqueInput,

queries/admin/team.ts

@@ -1,36 +1,39 @@
-import { Prisma, Team, TeamUser } from '@prisma/client';
+import { Prisma, Team } from '@prisma/client';
 import prisma from 'lib/prisma';
 
-export async function createTeam(data: Prisma.TeamCreateInput): Promise<Team> {
+export async function createTeam(
-  return prisma.client.role.create({
+  data: Prisma.TeamCreateInput,
-    data,
+  searchDeleted = false,
+): Promise<Team> {
+  return prisma.client.team.create({
+    data: { ...data, isDeleted: searchDeleted ? null : false },
   });
 }
 
-export async function getTeam(where: Prisma.TeamWhereUniqueInput): Promise<Team> {
+export async function getTeam(where: Prisma.TeamWhereInput): Promise<Team> {
-  return prisma.client.role.findUnique({
+  return prisma.client.team.findFirst({
     where,
   });
 }
 
 export async function getTeams(where: Prisma.TeamWhereInput): Promise<Team[]> {
-  return prisma.client.role.findMany({
+  return prisma.client.team.findMany({
     where,
   });
 }
 
-export async function getTeamsByUserId(userId: string): Promise<
+export async function getTeamsByUserId(userId: string): Promise<Team[]> {
-  (TeamUser & {
+  return prisma.client.teamUser
-    team: Team;
+    .findMany({
-  })[]
-> {
-  return prisma.client.teamUser.findMany({
       where: {
         userId,
       },
       include: {
         team: true,
       },
+    })
+    .then(data => {
+      return data.map(a => a.team);
     });
 }
 
@@ -38,14 +41,14 @@ export async function updateTeam(
   data: Prisma.TeamUpdateInput,
   where: Prisma.TeamWhereUniqueInput,
 ): Promise<Team> {
-  return prisma.client.role.update({
+  return prisma.client.team.update({
     data,
     where,
   });
 }
 
 export async function deleteTeam(teamId: string): Promise<Team> {
-  return prisma.client.role.update({
+  return prisma.client.team.update({
     data: {
       isDeleted: true,
     },

queries/admin/teamUser.ts

@@ -9,8 +9,8 @@ export async function createTeamUser(
   });
 }
 
-export async function getTeamUser(where: Prisma.TeamUserWhereUniqueInput): Promise<TeamUser> {
+export async function getTeamUser(where: Prisma.TeamUserWhereInput): Promise<TeamUser> {
-  return prisma.client.teamUser.findUnique({
+  return prisma.client.teamUser.findFirst({
     where,
   });
 }

queries/admin/teamWebsite.ts

@@ -1,45 +0,0 @@
-import { Prisma, TeamWebsite } from '@prisma/client';
-import prisma from 'lib/prisma';
-
-export async function createTeamWebsite(
-  data: Prisma.TeamWebsiteCreateInput | Prisma.TeamWebsiteUncheckedCreateInput,
-): Promise<TeamWebsite> {
-  return prisma.client.teamWebsite.create({
-    data,
-  });
-}
-
-export async function getTeamWebsite(
-  where: Prisma.TeamWebsiteWhereUniqueInput,
-): Promise<TeamWebsite> {
-  return prisma.client.teamWebsite.findUnique({
-    where,
-  });
-}
-
-export async function getTeamWebsites(where: Prisma.TeamWebsiteWhereInput): Promise<TeamWebsite[]> {
-  return prisma.client.teamWebsite.findMany({
-    where,
-  });
-}
-
-export async function updateTeamWebsite(
-  data: Prisma.TeamWebsiteUpdateInput,
-  where: Prisma.TeamWebsiteWhereUniqueInput,
-): Promise<TeamWebsite> {
-  return prisma.client.teamWebsite.update({
-    data,
-    where,
-  });
-}
-
-export async function deleteTeamWebsite(teamWebsiteId: string): Promise<TeamWebsite> {
-  return prisma.client.teamWebsite.update({
-    data: {
-      isDeleted: true,
-    },
-    where: {
-      id: teamWebsiteId,
-    },
-  });
-}

queries/admin/user.ts

@@ -1,5 +1,4 @@
 import { Prisma } from '@prisma/client';
-import { UmamiApi } from 'lib/constants';
 import cache from 'lib/cache';
 import prisma from 'lib/prisma';
 
@@ -99,14 +98,14 @@ export async function deleteUser(
 ): Promise<[Prisma.BatchPayload, Prisma.BatchPayload, Prisma.BatchPayload, User]> {
   const { client } = prisma;
 
-  const websites = await client.userWebsite.findMany({
+  const websites = await client.website.findMany({
     where: { userId },
   });
 
   let websiteIds = [];
 
   if (websites.length > 0) {
-    websiteIds = websites.map(a => a.websiteId);
+    websiteIds = websites.map(a => a.id);
   }
 
   return client

queries/admin/userRole.ts

@@ -9,8 +9,8 @@ export async function createUserRole(
   });
 }
 
-export async function getUserRole(where: Prisma.UserRoleWhereUniqueInput): Promise<UserRole> {
+export async function getUserRole(where: Prisma.UserRoleWhereInput): Promise<UserRole> {
-  return prisma.client.userRole.findUnique({
+  return prisma.client.userRole.findFirst({
     where,
   });
 }

queries/admin/userWebsite.ts

@@ -1,43 +0,0 @@
-import { Prisma, UserWebsite } from '@prisma/client';
-import prisma from 'lib/prisma';
-
-export async function createUserWebsite(
-  data: Prisma.UserWebsiteCreateInput | Prisma.UserWebsiteUncheckedCreateInput,
-): Promise<UserWebsite> {
-  return prisma.client.userWebsite.create({
-    data,
-  });
-}
-
-export async function getUserWebsite(where: Prisma.UserWebsiteWhereInput): Promise<UserWebsite> {
-  return prisma.client.userWebsite.findFirst({
-    where,
-  });
-}
-
-export async function getUserWebsites(where: Prisma.UserWebsiteWhereInput): Promise<UserWebsite[]> {
-  return prisma.client.userWebsite.findMany({
-    where,
-  });
-}
-
-export async function updateUserWebsite(
-  data: Prisma.UserWebsiteUpdateInput,
-  where: Prisma.UserWebsiteWhereUniqueInput,
-): Promise<UserWebsite> {
-  return prisma.client.userWebsite.update({
-    data,
-    where,
-  });
-}
-
-export async function deleteUserWebsite(userWebsiteId: string): Promise<UserWebsite> {
-  return prisma.client.userWebsite.update({
-    data: {
-      isDeleted: true,
-    },
-    where: {
-      id: userWebsiteId,
-    },
-  });
-}

queries/admin/website.ts

@@ -3,54 +3,12 @@ import cache from 'lib/cache';
 import prisma from 'lib/prisma';
 import { runQuery, CLICKHOUSE, PRISMA } from 'lib/db';
 
-export async function createWebsiteByUser(
+export async function createWebsite(
-  userId: string,
+  data: Prisma.WebsiteCreateInput | Prisma.WebsiteUncheckedCreateInput,
-  data: {
-    id: string;
-    name: string;
-    domain: string;
-    shareId?: string;
-  },
 ): Promise<Website> {
   return prisma.client.website
     .create({
-      data: {
+      data,
-        userWebsite: {
-          connect: {
-            id: userId,
-          },
-        },
-        ...data,
-      },
-    })
-    .then(async data => {
-      if (cache.enabled) {
-        await cache.storeWebsite(data);
-      }
-
-      return data;
-    });
-}
-
-export async function createWebsiteByTeam(
-  teamId: string,
-  data: {
-    id: string;
-    name: string;
-    domain: string;
-    shareId?: string;
-  },
-): Promise<Website> {
-  return prisma.client.website
-    .create({
-      data: {
-        teamWebsite: {
-          connect: {
-            id: teamId,
-          },
-        },
-        ...data,
-      },
     })
     .then(async data => {
       if (cache.enabled) {
@@ -103,12 +61,8 @@ export async function getWebsite(where: Prisma.WebsiteWhereUniqueInput): Promise
 export async function getWebsitesByUserId(userId): Promise<Website[]> {
   return prisma.client.website.findMany({
     where: {
-      userWebsite: {
-        every: {
       userId,
     },
-      },
-    },
     orderBy: {
       name: 'asc',
     },
@@ -118,47 +72,34 @@ export async function getWebsitesByUserId(userId): Promise<Website[]> {
 export async function getWebsitesByTeamId(teamId): Promise<Website[]> {
   return prisma.client.website.findMany({
     where: {
-      teamWebsite: {
-        every: {
       teamId,
     },
-      },
-    },
     orderBy: {
       name: 'asc',
     },
   });
 }
 
-export async function getAllWebsites(): Promise<(Website & { user: string })[]> {
+export async function getAllWebsites(): Promise<Website[]> {
-  return await prisma.client.website
+  return await prisma.client.website.findMany({
-    .findMany({
     orderBy: [
       {
         name: 'asc',
       },
     ],
-      include: {
+  });
-        userWebsite: {
-          include: {
-            user: true,
-          },
-        },
-      },
-    })
-    .then(data => data.map(i => ({ ...i, user: i.userWebsite[0]?.userId })));
 }
 
-export async function deleteWebsite(
+export async function deleteWebsite(websiteId: string) {
-  websiteId: string,
-) {
   return runQuery({
     [PRISMA]: () => deleteWebsiteRelationalQuery(websiteId),
     [CLICKHOUSE]: () => deleteWebsiteClickhouseQuery(websiteId),
   });
 }
 
-async function deleteWebsiteRelationalQuery(websiteId): Promise<[Prisma.BatchPayload, Prisma.BatchPayload, Website]> {
+async function deleteWebsiteRelationalQuery(
+  websiteId,
+): Promise<[Prisma.BatchPayload, Prisma.BatchPayload, Website]> {
   const { client, transaction } = prisma;
 
   return transaction([