m/umami
1
0
Fork 0
mirror of https://github.com/kremalicious/umami.git synced 2024-11-15 17:55:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix permissions.

Browse Source
This commit is contained in:
Brian Cao 2023-05-22 15:38:03 -07:00
parent 40f53e8856
commit 1f799f17e9
2 changed files with 20 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pages/api/me/websites.ts
View File

@ -4,16 +4,7 @@ import { NextApiResponse } from 'next';
import { methodNotAllowed, ok } from 'next-basics'; import { methodNotAllowed, ok } from 'next-basics';
import { getUserWebsites } from 'queries'; import { getUserWebsites } from 'queries';
export interface WebsitesRequestBody { export default async (req: NextApiRequestQueryBody, res: NextApiResponse) => {
name: string;
domain: string;
shareId: string;
}
export default async (
req: NextApiRequestQueryBody<any, WebsitesRequestBody>,
res: NextApiResponse,
) => {
await useCors(req, res); await useCors(req, res);
await useAuth(req, res); await useAuth(req, res);

24
pages/api/realtime/[id].ts
View File

@ -1,22 +1,36 @@
import { subMinutes } from 'date-fns'; import { subMinutes } from 'date-fns';
import { RealtimeInit, NextApiRequestAuth } from 'lib/types'; import { canViewWebsite } from 'lib/auth';
import { useAuth } from 'lib/middleware'; import { useAuth } from 'lib/middleware';
import { NextApiRequestQueryBody, RealtimeInit } from 'lib/types';
import { NextApiResponse } from 'next'; import { NextApiResponse } from 'next';
import { methodNotAllowed, ok } from 'next-basics'; import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getRealtimeData } from 'queries'; import { getRealtimeData } from 'queries';
export default async (req: NextApiRequestAuth, res: NextApiResponse<RealtimeInit>) => { export interface RealtimeRequestQuery {
id: string;
startAt: number;
}
export default async (
req: NextApiRequestQueryBody<RealtimeRequestQuery>,
res: NextApiResponse<RealtimeInit>,
) => {
await useAuth(req, res); await useAuth(req, res);
if (req.method === 'GET') { if (req.method === 'GET') {
const { id, startAt } = req.query; const { id: websiteId, startAt } = req.query;
if (!(await canViewWebsite(req.auth, websiteId))) {
return unauthorized(res);
}
let startTime = subMinutes(new Date(), 30); let startTime = subMinutes(new Date(), 30);
if (+startAt > startTime.getTime()) { if (+startAt > startTime.getTime()) {
startTime = new Date(+startAt); startTime = new Date(+startAt);
} }
const data = await getRealtimeData(id, startTime); const data = await getRealtimeData(websiteId, startTime);
return ok(res, data); return ok(res, data);
} }