Merge branch 'dev' of https://github.com/umami-software/umami into bug/um-191-fix-redis-auth-misc-bug

2024-06-28 08:47:50 +02:00 · 2023-03-03 10:38:34 -08:00 · 2023-03-03 10:38:34 -08:00 · 3325df0d84
commit 3325df0d84
parent 65691f5912 8684781624
8 changed files with 90 additions and 14 deletions
--- a/lib/types.ts
+++ b/lib/types.ts
@ -1,4 +1,9 @@
 import { NextApiRequest } from 'next';
+import { ROLES } from './constants';
+
+type ObjectValues<T> = T[keyof T];
+
+export type Roles = ObjectValues<typeof ROLES>;

 export interface Auth {
  user?: {
--- a/pages/api/users/[id]/index.ts
+++ b/pages/api/users/[id]/index.ts
@ -1,9 +1,9 @@
-import { NextApiRequestQueryBody } from 'lib/types';
+import { NextApiRequestQueryBody, User } from 'lib/types';
 import { canDeleteUser, canUpdateUser, canViewUser } from 'lib/auth';
 import { useAuth } from 'lib/middleware';
 import { NextApiResponse } from 'next';
 import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics';
-import { deleteUser, getUser, updateUser, User } from 'queries';
+import { deleteUser, getUser, updateUser } from 'queries';

 export interface UserRequestQuery {
  id: string;
--- a/pages/api/users/index.ts
+++ b/pages/api/users/index.ts
@ -2,7 +2,7 @@ import { canCreateUser, canViewUsers } from 'lib/auth';
 import { ROLES } from 'lib/constants';
 import { uuid } from 'lib/crypto';
 import { useAuth } from 'lib/middleware';
-import { NextApiRequestQueryBody, User } from 'lib/types';
+import { NextApiRequestQueryBody, Roles, User } from 'lib/types';
 import { NextApiResponse } from 'next';
 import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics';
 import { createUser, getUser, getUsers } from 'queries';
@ -11,6 +11,7 @@ export interface UsersRequestBody {
  username: string;
  password: string;
  id: string;
+  role?: Roles;
 }

 export default async (
@ -34,7 +35,7 @@ export default async (
      return unauthorized(res);
    }

-    const { username, password, id } = req.body;
+    const { username, password, role, id } = req.body;

    const existingUser = await getUser({ username }, { showDeleted: true });

@ -46,7 +47,7 @@ export default async (
      id: id || uuid(),
      username,
      password: hashPassword(password),
-      role: ROLES.user,
+      role: role ?? ROLES.user,
    });

    return ok(res, created);
--- a/queries/admin/team.ts
+++ b/queries/admin/team.ts
@ -67,10 +67,26 @@ export async function updateTeam(
  });
 }

-export async function deleteTeam(teamId: string): Promise<Team> {
-  return prisma.client.team.delete({
-    where: {
-      id: teamId,
-    },
-  });
+export async function deleteTeam(
+  teamId: string,
+): Promise<Promise<[Prisma.BatchPayload, Prisma.BatchPayload, Team]>> {
+  const { client } = prisma;
+
+  return prisma.transaction([
+    client.teamWebsite.deleteMany({
+      where: {
+        id: teamId,
+      },
+    }),
+    client.teamUser.deleteMany({
+      where: {
+        id: teamId,
+      },
+    }),
+    client.team.delete({
+      where: {
+        id: teamId,
+      },
+    }),
+  ]);
 }
--- a/queries/admin/teamUser.ts
+++ b/queries/admin/teamUser.ts
@ -54,3 +54,15 @@ export async function deleteTeamUser(teamUserId: string): Promise<TeamUser> {
    },
  });
 }
+
+export async function deleteTeamUserByUserId(
+  userId: string,
+  teamId: string,
+): Promise<Prisma.BatchPayload> {
+  return prisma.client.teamUser.deleteMany({
+    where: {
+      userId,
+      teamId,
+    },
+  });
+}
--- a/queries/admin/teamWebsite.ts
+++ b/queries/admin/teamWebsite.ts
@ -37,3 +37,11 @@ export async function createTeamWebsite(
    },
  });
 }
+
+export async function deleteTeamWebsite(teamWebsiteId: string): Promise<TeamWebsite> {
+  return prisma.client.teamWebsite.delete({
+    where: {
+      id: teamWebsiteId,
+    },
+  });
+}
--- a/queries/admin/user.ts
+++ b/queries/admin/user.ts
@ -1,7 +1,7 @@
 import { Prisma, Team } from '@prisma/client';
 import cache from 'lib/cache';
 import prisma from 'lib/prisma';
-import { Website, User } from 'lib/types';
+import { Website, User, Roles } from 'lib/types';

 export async function getUser(
  where: Prisma.UserWhereInput | Prisma.UserWhereUniqueInput,
@ -76,7 +76,7 @@ export async function createUser(data: {
  id: string;
  username: string;
  password: string;
-  role: string;
+  role: Roles;
 }): Promise<{
  id: string;
  username: string;
@ -110,7 +110,17 @@ export async function updateUser(

 export async function deleteUser(
  userId: string,
-): Promise<[Prisma.BatchPayload, Prisma.BatchPayload, Prisma.BatchPayload, User]> {
+): Promise<
+  [
+    Prisma.BatchPayload,
+    Prisma.BatchPayload,
+    Prisma.BatchPayload,
+    Prisma.BatchPayload,
+    Prisma.BatchPayload,
+    Prisma.BatchPayload,
+    User,
+  ]
+> {
  const { client } = prisma;
  const cloudMode = process.env.CLOUD_MODE;

@ -132,6 +142,25 @@ export async function deleteUser(
      client.session.deleteMany({
        where: { websiteId: { in: websiteIds } },
      }),
+      client.teamWebsite.deleteMany({
+        where: {
+          website: {
+            userId,
+          },
+        },
+      }),
+      client.teamUser.deleteMany({
+        where: {
+          team: {
+            userId,
+          },
+        },
+      }),
+      client.team.deleteMany({
+        where: {
+          userId,
+        },
+      }),
      cloudMode
        ? client.website.updateMany({
            data: {
--- a/queries/admin/website.ts
+++ b/queries/admin/website.ts
@ -81,6 +81,11 @@ export async function deleteWebsite(
    client.session.deleteMany({
      where: { websiteId },
    }),
+    client.teamWebsite.deleteMany({
+      where: {
+        websiteId,
+      },
+    }),
    cloudMode
      ? prisma.client.website.update({
          data: {