mirror of
https://github.com/kremalicious/umami.git
synced 2024-12-24 18:26:20 +01:00
Merge branch 'dev' of https://github.com/umami-software/umami into bug/um-191-fix-redis-auth-misc-bug
This commit is contained in:
commit
3325df0d84
@ -1,4 +1,9 @@
|
|||||||
import { NextApiRequest } from 'next';
|
import { NextApiRequest } from 'next';
|
||||||
|
import { ROLES } from './constants';
|
||||||
|
|
||||||
|
type ObjectValues<T> = T[keyof T];
|
||||||
|
|
||||||
|
export type Roles = ObjectValues<typeof ROLES>;
|
||||||
|
|
||||||
export interface Auth {
|
export interface Auth {
|
||||||
user?: {
|
user?: {
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
import { NextApiRequestQueryBody } from 'lib/types';
|
import { NextApiRequestQueryBody, User } from 'lib/types';
|
||||||
import { canDeleteUser, canUpdateUser, canViewUser } from 'lib/auth';
|
import { canDeleteUser, canUpdateUser, canViewUser } from 'lib/auth';
|
||||||
import { useAuth } from 'lib/middleware';
|
import { useAuth } from 'lib/middleware';
|
||||||
import { NextApiResponse } from 'next';
|
import { NextApiResponse } from 'next';
|
||||||
import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics';
|
import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics';
|
||||||
import { deleteUser, getUser, updateUser, User } from 'queries';
|
import { deleteUser, getUser, updateUser } from 'queries';
|
||||||
|
|
||||||
export interface UserRequestQuery {
|
export interface UserRequestQuery {
|
||||||
id: string;
|
id: string;
|
||||||
|
@ -2,7 +2,7 @@ import { canCreateUser, canViewUsers } from 'lib/auth';
|
|||||||
import { ROLES } from 'lib/constants';
|
import { ROLES } from 'lib/constants';
|
||||||
import { uuid } from 'lib/crypto';
|
import { uuid } from 'lib/crypto';
|
||||||
import { useAuth } from 'lib/middleware';
|
import { useAuth } from 'lib/middleware';
|
||||||
import { NextApiRequestQueryBody, User } from 'lib/types';
|
import { NextApiRequestQueryBody, Roles, User } from 'lib/types';
|
||||||
import { NextApiResponse } from 'next';
|
import { NextApiResponse } from 'next';
|
||||||
import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics';
|
import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics';
|
||||||
import { createUser, getUser, getUsers } from 'queries';
|
import { createUser, getUser, getUsers } from 'queries';
|
||||||
@ -11,6 +11,7 @@ export interface UsersRequestBody {
|
|||||||
username: string;
|
username: string;
|
||||||
password: string;
|
password: string;
|
||||||
id: string;
|
id: string;
|
||||||
|
role?: Roles;
|
||||||
}
|
}
|
||||||
|
|
||||||
export default async (
|
export default async (
|
||||||
@ -34,7 +35,7 @@ export default async (
|
|||||||
return unauthorized(res);
|
return unauthorized(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
const { username, password, id } = req.body;
|
const { username, password, role, id } = req.body;
|
||||||
|
|
||||||
const existingUser = await getUser({ username }, { showDeleted: true });
|
const existingUser = await getUser({ username }, { showDeleted: true });
|
||||||
|
|
||||||
@ -46,7 +47,7 @@ export default async (
|
|||||||
id: id || uuid(),
|
id: id || uuid(),
|
||||||
username,
|
username,
|
||||||
password: hashPassword(password),
|
password: hashPassword(password),
|
||||||
role: ROLES.user,
|
role: role ?? ROLES.user,
|
||||||
});
|
});
|
||||||
|
|
||||||
return ok(res, created);
|
return ok(res, created);
|
||||||
|
@ -67,10 +67,26 @@ export async function updateTeam(
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function deleteTeam(teamId: string): Promise<Team> {
|
export async function deleteTeam(
|
||||||
return prisma.client.team.delete({
|
teamId: string,
|
||||||
where: {
|
): Promise<Promise<[Prisma.BatchPayload, Prisma.BatchPayload, Team]>> {
|
||||||
id: teamId,
|
const { client } = prisma;
|
||||||
},
|
|
||||||
});
|
return prisma.transaction([
|
||||||
|
client.teamWebsite.deleteMany({
|
||||||
|
where: {
|
||||||
|
id: teamId,
|
||||||
|
},
|
||||||
|
}),
|
||||||
|
client.teamUser.deleteMany({
|
||||||
|
where: {
|
||||||
|
id: teamId,
|
||||||
|
},
|
||||||
|
}),
|
||||||
|
client.team.delete({
|
||||||
|
where: {
|
||||||
|
id: teamId,
|
||||||
|
},
|
||||||
|
}),
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
@ -54,3 +54,15 @@ export async function deleteTeamUser(teamUserId: string): Promise<TeamUser> {
|
|||||||
},
|
},
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export async function deleteTeamUserByUserId(
|
||||||
|
userId: string,
|
||||||
|
teamId: string,
|
||||||
|
): Promise<Prisma.BatchPayload> {
|
||||||
|
return prisma.client.teamUser.deleteMany({
|
||||||
|
where: {
|
||||||
|
userId,
|
||||||
|
teamId,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
}
|
||||||
|
@ -37,3 +37,11 @@ export async function createTeamWebsite(
|
|||||||
},
|
},
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export async function deleteTeamWebsite(teamWebsiteId: string): Promise<TeamWebsite> {
|
||||||
|
return prisma.client.teamWebsite.delete({
|
||||||
|
where: {
|
||||||
|
id: teamWebsiteId,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
}
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
import { Prisma, Team } from '@prisma/client';
|
import { Prisma, Team } from '@prisma/client';
|
||||||
import cache from 'lib/cache';
|
import cache from 'lib/cache';
|
||||||
import prisma from 'lib/prisma';
|
import prisma from 'lib/prisma';
|
||||||
import { Website, User } from 'lib/types';
|
import { Website, User, Roles } from 'lib/types';
|
||||||
|
|
||||||
export async function getUser(
|
export async function getUser(
|
||||||
where: Prisma.UserWhereInput | Prisma.UserWhereUniqueInput,
|
where: Prisma.UserWhereInput | Prisma.UserWhereUniqueInput,
|
||||||
@ -76,7 +76,7 @@ export async function createUser(data: {
|
|||||||
id: string;
|
id: string;
|
||||||
username: string;
|
username: string;
|
||||||
password: string;
|
password: string;
|
||||||
role: string;
|
role: Roles;
|
||||||
}): Promise<{
|
}): Promise<{
|
||||||
id: string;
|
id: string;
|
||||||
username: string;
|
username: string;
|
||||||
@ -110,7 +110,17 @@ export async function updateUser(
|
|||||||
|
|
||||||
export async function deleteUser(
|
export async function deleteUser(
|
||||||
userId: string,
|
userId: string,
|
||||||
): Promise<[Prisma.BatchPayload, Prisma.BatchPayload, Prisma.BatchPayload, User]> {
|
): Promise<
|
||||||
|
[
|
||||||
|
Prisma.BatchPayload,
|
||||||
|
Prisma.BatchPayload,
|
||||||
|
Prisma.BatchPayload,
|
||||||
|
Prisma.BatchPayload,
|
||||||
|
Prisma.BatchPayload,
|
||||||
|
Prisma.BatchPayload,
|
||||||
|
User,
|
||||||
|
]
|
||||||
|
> {
|
||||||
const { client } = prisma;
|
const { client } = prisma;
|
||||||
const cloudMode = process.env.CLOUD_MODE;
|
const cloudMode = process.env.CLOUD_MODE;
|
||||||
|
|
||||||
@ -132,6 +142,25 @@ export async function deleteUser(
|
|||||||
client.session.deleteMany({
|
client.session.deleteMany({
|
||||||
where: { websiteId: { in: websiteIds } },
|
where: { websiteId: { in: websiteIds } },
|
||||||
}),
|
}),
|
||||||
|
client.teamWebsite.deleteMany({
|
||||||
|
where: {
|
||||||
|
website: {
|
||||||
|
userId,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}),
|
||||||
|
client.teamUser.deleteMany({
|
||||||
|
where: {
|
||||||
|
team: {
|
||||||
|
userId,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}),
|
||||||
|
client.team.deleteMany({
|
||||||
|
where: {
|
||||||
|
userId,
|
||||||
|
},
|
||||||
|
}),
|
||||||
cloudMode
|
cloudMode
|
||||||
? client.website.updateMany({
|
? client.website.updateMany({
|
||||||
data: {
|
data: {
|
||||||
|
@ -81,6 +81,11 @@ export async function deleteWebsite(
|
|||||||
client.session.deleteMany({
|
client.session.deleteMany({
|
||||||
where: { websiteId },
|
where: { websiteId },
|
||||||
}),
|
}),
|
||||||
|
client.teamWebsite.deleteMany({
|
||||||
|
where: {
|
||||||
|
websiteId,
|
||||||
|
},
|
||||||
|
}),
|
||||||
cloudMode
|
cloudMode
|
||||||
? prisma.client.website.update({
|
? prisma.client.website.update({
|
||||||
data: {
|
data: {
|
||||||
|
Loading…
Reference in New Issue
Block a user