mirror of
https://github.com/kremalicious/umami.git
synced 2024-11-22 09:57:00 +01:00
Created admin API endpoints.
This commit is contained in:
parent
e1c65cdf2a
commit
442ad61779
@ -11,7 +11,7 @@ export function UsersDataTable() {
|
|||||||
const modified = useCache((state: any) => state?.users);
|
const modified = useCache((state: any) => state?.users);
|
||||||
const queryResult = useFilterQuery({
|
const queryResult = useFilterQuery({
|
||||||
queryKey: ['users', { modified }],
|
queryKey: ['users', { modified }],
|
||||||
queryFn: (params: { [key: string]: any }) => get(`/users`, params),
|
queryFn: (params: { [key: string]: any }) => get(`/admin/users`, params),
|
||||||
});
|
});
|
||||||
|
|
||||||
return (
|
return (
|
||||||
|
@ -17,7 +17,7 @@ export function WebsiteSettings({ websiteId, openExternal = false }) {
|
|||||||
const { formatMessage, labels, messages } = useMessages();
|
const { formatMessage, labels, messages } = useMessages();
|
||||||
const { get, useQuery } = useApi();
|
const { get, useQuery } = useApi();
|
||||||
const { showToast } = useToasts();
|
const { showToast } = useToasts();
|
||||||
const { websitesUrl, settingsUrl } = useContext(SettingsContext);
|
const { websitesUrl, websitesPath, settingsPath } = useContext(SettingsContext);
|
||||||
const { data, isLoading } = useQuery({
|
const { data, isLoading } = useQuery({
|
||||||
queryKey: ['website', websiteId],
|
queryKey: ['website', websiteId],
|
||||||
queryFn: () => get(`${websitesUrl}/${websiteId}`),
|
queryFn: () => get(`${websitesUrl}/${websiteId}`),
|
||||||
@ -38,7 +38,7 @@ export function WebsiteSettings({ websiteId, openExternal = false }) {
|
|||||||
|
|
||||||
const handleReset = async (value: string) => {
|
const handleReset = async (value: string) => {
|
||||||
if (value === 'delete') {
|
if (value === 'delete') {
|
||||||
router.push(settingsUrl);
|
router.push(settingsPath);
|
||||||
} else if (value === 'reset') {
|
} else if (value === 'reset') {
|
||||||
showSuccess();
|
showSuccess();
|
||||||
}
|
}
|
||||||
@ -57,7 +57,7 @@ export function WebsiteSettings({ websiteId, openExternal = false }) {
|
|||||||
return (
|
return (
|
||||||
<>
|
<>
|
||||||
<PageHeader title={values?.name}>
|
<PageHeader title={values?.name}>
|
||||||
<Link href={`${websitesUrl}/${websiteId}`} target={openExternal ? '_blank' : null}>
|
<Link href={`${websitesPath}/${websiteId}`} target={openExternal ? '_blank' : null}>
|
||||||
<Button variant="primary">
|
<Button variant="primary">
|
||||||
<Icon>
|
<Icon>
|
||||||
<Icons.External />
|
<Icons.External />
|
||||||
|
@ -25,7 +25,7 @@ export function WebsitesTable({
|
|||||||
const { formatMessage, labels } = useMessages();
|
const { formatMessage, labels } = useMessages();
|
||||||
const { user } = useUser();
|
const { user } = useUser();
|
||||||
const breakpoint = useBreakpoint();
|
const breakpoint = useBreakpoint();
|
||||||
const { settingsUrl, websitesUrl } = useContext(SettingsContext);
|
const { settingsPath, websitesPath } = useContext(SettingsContext);
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<GridTable data={data} cardMode={['xs', 'sm', 'md'].includes(breakpoint)}>
|
<GridTable data={data} cardMode={['xs', 'sm', 'md'].includes(breakpoint)}>
|
||||||
@ -52,7 +52,7 @@ export function WebsitesTable({
|
|||||||
return (
|
return (
|
||||||
<>
|
<>
|
||||||
{allowEdit && (!showTeam || ownerId === user.id) && (
|
{allowEdit && (!showTeam || ownerId === user.id) && (
|
||||||
<Link href={`${settingsUrl}/${id}`}>
|
<Link href={`${settingsPath}/${id}`}>
|
||||||
<Button>
|
<Button>
|
||||||
<Icon>
|
<Icon>
|
||||||
<Icons.Edit />
|
<Icons.Edit />
|
||||||
@ -62,7 +62,7 @@ export function WebsitesTable({
|
|||||||
</Link>
|
</Link>
|
||||||
)}
|
)}
|
||||||
{allowView && (
|
{allowView && (
|
||||||
<Link href={`${websitesUrl}/${id}`}>
|
<Link href={`${websitesPath}/${id}`}>
|
||||||
<Button>
|
<Button>
|
||||||
<Icon>
|
<Icon>
|
||||||
<Icons.External />
|
<Icons.External />
|
||||||
|
@ -33,10 +33,11 @@ function SettingsProvider({ children }) {
|
|||||||
const hostUrl = process.env.hostUrl || window?.location.origin;
|
const hostUrl = process.env.hostUrl || window?.location.origin;
|
||||||
|
|
||||||
setConfig({
|
setConfig({
|
||||||
settingsUrl: '/settings/websites',
|
|
||||||
shareUrl: hostUrl,
|
shareUrl: hostUrl,
|
||||||
trackingCodeUrl: hostUrl,
|
trackingCodeUrl: hostUrl,
|
||||||
websitesUrl: `/websites`,
|
websitesUrl: '/websites',
|
||||||
|
settingsPath: '/settings/websites',
|
||||||
|
websitesPath: `/websites`,
|
||||||
});
|
});
|
||||||
}, []);
|
}, []);
|
||||||
|
|
||||||
|
53
src/pages/api/admin/users.ts
Normal file
53
src/pages/api/admin/users.ts
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
import { canViewUsers } from 'lib/auth';
|
||||||
|
import { useAuth, useValidate } from 'lib/middleware';
|
||||||
|
import { NextApiRequestQueryBody, Role, SearchFilter, User } from 'lib/types';
|
||||||
|
import { pageInfo } from 'lib/schema';
|
||||||
|
import { NextApiResponse } from 'next';
|
||||||
|
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
|
||||||
|
import { getUsers } from 'queries';
|
||||||
|
import * as yup from 'yup';
|
||||||
|
|
||||||
|
export interface UsersRequestQuery extends SearchFilter {}
|
||||||
|
export interface UsersRequestBody {
|
||||||
|
username: string;
|
||||||
|
password: string;
|
||||||
|
id: string;
|
||||||
|
role: Role;
|
||||||
|
}
|
||||||
|
|
||||||
|
const schema = {
|
||||||
|
GET: yup.object().shape({
|
||||||
|
...pageInfo,
|
||||||
|
}),
|
||||||
|
POST: yup.object().shape({
|
||||||
|
username: yup.string().max(255).required(),
|
||||||
|
password: yup.string().required(),
|
||||||
|
id: yup.string().uuid(),
|
||||||
|
role: yup
|
||||||
|
.string()
|
||||||
|
.matches(/admin|user|view-only/i)
|
||||||
|
.required(),
|
||||||
|
}),
|
||||||
|
};
|
||||||
|
|
||||||
|
export default async (
|
||||||
|
req: NextApiRequestQueryBody<UsersRequestQuery, UsersRequestBody>,
|
||||||
|
res: NextApiResponse<User[] | User>,
|
||||||
|
) => {
|
||||||
|
await useAuth(req, res);
|
||||||
|
await useValidate(schema, req, res);
|
||||||
|
|
||||||
|
if (req.method === 'GET') {
|
||||||
|
if (!(await canViewUsers(req.auth))) {
|
||||||
|
return unauthorized(res);
|
||||||
|
}
|
||||||
|
|
||||||
|
const { page, query, pageSize } = req.query;
|
||||||
|
|
||||||
|
const users = await getUsers({ page, query, pageSize: +pageSize || undefined });
|
||||||
|
|
||||||
|
return ok(res, users);
|
||||||
|
}
|
||||||
|
|
||||||
|
return methodNotAllowed(res);
|
||||||
|
};
|
66
src/pages/api/admin/websites.ts
Normal file
66
src/pages/api/admin/websites.ts
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
import { canViewAllWebsites } from 'lib/auth';
|
||||||
|
import { useAuth, useCors, useValidate } from 'lib/middleware';
|
||||||
|
import { NextApiRequestQueryBody, SearchFilter } from 'lib/types';
|
||||||
|
import { NextApiResponse } from 'next';
|
||||||
|
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
|
||||||
|
import { getWebsites } from 'queries';
|
||||||
|
import * as yup from 'yup';
|
||||||
|
import { pageInfo } from 'lib/schema';
|
||||||
|
|
||||||
|
export interface WebsitesRequestQuery extends SearchFilter {}
|
||||||
|
|
||||||
|
export interface WebsitesRequestBody {
|
||||||
|
name: string;
|
||||||
|
domain: string;
|
||||||
|
shareId: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
const schema = {
|
||||||
|
GET: yup.object().shape({
|
||||||
|
...pageInfo,
|
||||||
|
}),
|
||||||
|
POST: yup.object().shape({
|
||||||
|
name: yup.string().max(100).required(),
|
||||||
|
domain: yup.string().max(500).required(),
|
||||||
|
shareId: yup.string().max(50).nullable(),
|
||||||
|
}),
|
||||||
|
};
|
||||||
|
|
||||||
|
export default async (
|
||||||
|
req: NextApiRequestQueryBody<WebsitesRequestQuery, WebsitesRequestBody>,
|
||||||
|
res: NextApiResponse,
|
||||||
|
) => {
|
||||||
|
await useCors(req, res);
|
||||||
|
await useAuth(req, res);
|
||||||
|
await useValidate(schema, req, res);
|
||||||
|
|
||||||
|
if (req.method === 'GET') {
|
||||||
|
if (!(await canViewAllWebsites(req.auth))) {
|
||||||
|
return unauthorized(res);
|
||||||
|
}
|
||||||
|
|
||||||
|
const websites = await getWebsites(req.query, {
|
||||||
|
include: {
|
||||||
|
teamWebsite: {
|
||||||
|
include: {
|
||||||
|
team: {
|
||||||
|
select: {
|
||||||
|
name: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
user: {
|
||||||
|
select: {
|
||||||
|
username: true,
|
||||||
|
id: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
return ok(res, websites);
|
||||||
|
}
|
||||||
|
|
||||||
|
return methodNotAllowed(res);
|
||||||
|
};
|
@ -1,4 +1,4 @@
|
|||||||
import { canCreateUser, canViewUsers } from 'lib/auth';
|
import { canCreateUser } from 'lib/auth';
|
||||||
import { ROLES } from 'lib/constants';
|
import { ROLES } from 'lib/constants';
|
||||||
import { uuid } from 'lib/crypto';
|
import { uuid } from 'lib/crypto';
|
||||||
import { useAuth, useValidate } from 'lib/middleware';
|
import { useAuth, useValidate } from 'lib/middleware';
|
||||||
@ -6,7 +6,7 @@ import { NextApiRequestQueryBody, Role, SearchFilter, User } from 'lib/types';
|
|||||||
import { pageInfo } from 'lib/schema';
|
import { pageInfo } from 'lib/schema';
|
||||||
import { NextApiResponse } from 'next';
|
import { NextApiResponse } from 'next';
|
||||||
import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics';
|
import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics';
|
||||||
import { createUser, getUserByUsername, getUsers } from 'queries';
|
import { createUser, getUserByUsername } from 'queries';
|
||||||
import * as yup from 'yup';
|
import * as yup from 'yup';
|
||||||
|
|
||||||
export interface UsersRequestQuery extends SearchFilter {}
|
export interface UsersRequestQuery extends SearchFilter {}
|
||||||
@ -39,18 +39,6 @@ export default async (
|
|||||||
await useAuth(req, res);
|
await useAuth(req, res);
|
||||||
await useValidate(schema, req, res);
|
await useValidate(schema, req, res);
|
||||||
|
|
||||||
if (req.method === 'GET') {
|
|
||||||
if (!(await canViewUsers(req.auth))) {
|
|
||||||
return unauthorized(res);
|
|
||||||
}
|
|
||||||
|
|
||||||
const { page, query, pageSize } = req.query;
|
|
||||||
|
|
||||||
const users = await getUsers({ page, query, pageSize: +pageSize || undefined });
|
|
||||||
|
|
||||||
return ok(res, users);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (req.method === 'POST') {
|
if (req.method === 'POST') {
|
||||||
if (!(await canCreateUser(req.auth))) {
|
if (!(await canCreateUser(req.auth))) {
|
||||||
return unauthorized(res);
|
return unauthorized(res);
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
import { canCreateWebsite, canViewAllWebsites } from 'lib/auth';
|
import { canCreateWebsite } from 'lib/auth';
|
||||||
import { uuid } from 'lib/crypto';
|
import { uuid } from 'lib/crypto';
|
||||||
import { useAuth, useCors, useValidate } from 'lib/middleware';
|
import { useAuth, useCors, useValidate } from 'lib/middleware';
|
||||||
import { NextApiRequestQueryBody, SearchFilter } from 'lib/types';
|
import { NextApiRequestQueryBody, SearchFilter } from 'lib/types';
|
||||||
import { NextApiResponse } from 'next';
|
import { NextApiResponse } from 'next';
|
||||||
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
|
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
|
||||||
import { createWebsite, getWebsites } from 'queries';
|
import { createWebsite } from 'queries';
|
||||||
import userWebsites from 'pages/api/users/[id]/websites';
|
import userWebsites from 'pages/api/users/[id]/websites';
|
||||||
import * as yup from 'yup';
|
import * as yup from 'yup';
|
||||||
import { pageInfo } from 'lib/schema';
|
import { pageInfo } from 'lib/schema';
|
||||||
@ -41,30 +41,6 @@ export default async (
|
|||||||
} = req.auth;
|
} = req.auth;
|
||||||
|
|
||||||
if (req.method === 'GET') {
|
if (req.method === 'GET') {
|
||||||
if (await canViewAllWebsites(req.auth)) {
|
|
||||||
const websites = await getWebsites(req.query, {
|
|
||||||
include: {
|
|
||||||
teamWebsite: {
|
|
||||||
include: {
|
|
||||||
team: {
|
|
||||||
select: {
|
|
||||||
name: true,
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
user: {
|
|
||||||
select: {
|
|
||||||
username: true,
|
|
||||||
id: true,
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
});
|
|
||||||
|
|
||||||
return ok(res, websites);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!req.query.id) {
|
if (!req.query.id) {
|
||||||
req.query.id = userId;
|
req.query.id = userId;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user