mirror of
https://github.com/kremalicious/umami.git
synced 2024-11-22 09:57:00 +01:00
Open /websites endpoint to view all.
This commit is contained in:
Brian Cao
parent
b314cc88f5
commit
467790b67a
@ -59,6 +59,10 @@ export async function canViewWebsite({ user, shareToken }: Auth, websiteId: stri
|
|||||||
return !!(await findTeamWebsiteByUserId(websiteId, user.id));
|
return !!(await findTeamWebsiteByUserId(websiteId, user.id));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export async function canViewAllWebsite({ user }: Auth) {
|
||||||
|
return user.isAdmin;
|
||||||
|
}
|
||||||
|
|
||||||
export async function canCreateWebsite({ user, grant }: Auth) {
|
export async function canCreateWebsite({ user, grant }: Auth) {
|
||||||
if (cloudMode) {
|
if (cloudMode) {
|
||||||
return !!grant?.find(a => a === PERMISSIONS.websiteCreate);
|
return !!grant?.find(a => a === PERMISSIONS.websiteCreate);
|
||||||
|
|||||||
@ -8,6 +8,6 @@ export const dateRange = {
|
|||||||
export const pageInfo = {
|
export const pageInfo = {
|
||||||
query: yup.string(),
|
query: yup.string(),
|
||||||
page: yup.number().integer().positive(),
|
page: yup.number().integer().positive(),
|
||||||
pageSize: yup.number().integer().positive().max(200),
|
pageSize: yup.number().integer().positive().min(1).max(200),
|
||||||
orderBy: yup.string(),
|
orderBy: yup.string(),
|
||||||
};
|
};
|
||||||
|
|||||||
@ -1,10 +1,10 @@
|
|||||||
import { canCreateWebsite } from 'lib/auth';
|
import { canCreateWebsite, canViewAllWebsite } from 'lib/auth';
|
||||||
import { uuid } from 'lib/crypto';
|
import { uuid } from 'lib/crypto';
|
||||||
import { useAuth, useCors, useValidate } from 'lib/middleware';
|
import { useAuth, useCors, useValidate } from 'lib/middleware';
|
||||||
import { NextApiRequestQueryBody, SearchFilter } from 'lib/types';
|
import { NextApiRequestQueryBody, SearchFilter } from 'lib/types';
|
||||||
import { NextApiResponse } from 'next';
|
import { NextApiResponse } from 'next';
|
||||||
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
|
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
|
||||||
import { createWebsite } from 'queries';
|
import { createWebsite, getWebsites } from 'queries';
|
||||||
import userWebsites from 'pages/api/users/[id]/websites';
|
import userWebsites from 'pages/api/users/[id]/websites';
|
||||||
import * as yup from 'yup';
|
import * as yup from 'yup';
|
||||||
import { pageInfo } from 'lib/schema';
|
import { pageInfo } from 'lib/schema';
|
||||||
@ -41,6 +41,30 @@ export default async (
|
|||||||
} = req.auth;
|
} = req.auth;
|
||||||
|
|
||||||
if (req.method === 'GET') {
|
if (req.method === 'GET') {
|
||||||
|
if (canViewAllWebsite(req.auth)) {
|
||||||
|
const websites = getWebsites(req.query, {
|
||||||
|
include: {
|
||||||
|
teamWebsite: {
|
||||||
|
include: {
|
||||||
|
team: {
|
||||||
|
select: {
|
||||||
|
name: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
user: {
|
||||||
|
select: {
|
||||||
|
username: true,
|
||||||
|
id: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
return ok(res, websites);
|
||||||
|
}
|
||||||
|
|
||||||
if (!req.query.id) {
|
if (!req.query.id) {
|
||||||
req.query.id = userId;
|
req.query.id = userId;
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user