m/umami
1
0
Fork 0
mirror of https://github.com/kremalicious/umami.git synced 2024-06-28 00:37:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add userReport api

Browse Source
This commit is contained in:
Brian Cao 2023-05-18 13:13:18 -07:00
parent de509e7ccc
commit 4df7d6a2a1
7 changed files with 189 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
lib/auth.ts
View File

@ -15,6 +15,7 @@ import { getTeamWebsite, getTeamWebsiteByTeamMemberId } from 'queries/admin/team
import { validate } from 'uuid';
import { Auth } from './types';
import { loadWebsite } from './query';
import { UserReport } from '@prisma/client';
const log = debug('umami:auth');
@ -135,7 +136,34 @@ export async function canDeleteWebsite({ user }: Auth, websiteId: string) {
return false;
}
// To-do: Implement when payments are setup.
export async function canViewUserReport(auth: Auth, userReport: UserReport) {
if (auth.user.isAdmin) {
return true;
}
if ((auth.user.id = userReport.userId)) {
return true;
}
if (await canViewWebsite(auth, userReport.websiteId)) {
return true;
}
return false;
}
export async function canUpdateUserReport(auth: Auth, userReport: UserReport) {
if (auth.user.isAdmin) {
return true;
}
if ((auth.user.id = userReport.userId)) {
return true;
}
return false;
}
export async function canCreateTeam({ user }: Auth) {
if (user.isAdmin) {
return true;
@ -144,7 +172,6 @@ export async function canCreateTeam({ user }: Auth) {
return !!user;
}
// To-do: Implement when payments are setup.
export async function canViewTeam({ user }: Auth, teamId: string) {
if (user.isAdmin) {
return true;

60
pages/api/reports/[id].ts Normal file
View File

@ -0,0 +1,60 @@
import { canUpdateUserReport, canViewUserReport } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { NextApiRequestQueryBody } from 'lib/types';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getUserReportById, updateUserReport } from 'queries';
export interface UserReportRequestQuery {
id: string;
}
export interface UserReportRequestBody {
websiteId: string;
reportName: string;
templateName: string;
parameters: string;
}
export default async (
req: NextApiRequestQueryBody<UserReportRequestQuery, UserReportRequestBody>,
res: NextApiResponse,
) => {
await useCors(req, res);
await useAuth(req, res);
if (req.method === 'GET') {
const { id: userReportId } = req.query;
const data = await getUserReportById(userReportId);
if (!(await canViewUserReport(req.auth, data))) {
return unauthorized(res);
}
return ok(res, data);
}
if (req.method === 'POST') {
const { id: userReportId } = req.query;
const data = await getUserReportById(userReportId);
if (!(await canUpdateUserReport(req.auth, data))) {
return unauthorized(res);
}
const updated = await updateUserReport(
{
...req.body,
},
{
id: userReportId,
},
);
return ok(res, updated);
}
return methodNotAllowed(res);
};

43
pages/api/reports/index.ts Normal file
View File

@ -0,0 +1,43 @@
import { uuid } from 'lib/crypto';
import { useAuth, useCors } from 'lib/middleware';
import { NextApiRequestQueryBody } from 'lib/types';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok } from 'next-basics';
import { createUserReport, getUserReports } from 'queries';
export interface UserReportRequestBody {
websiteId: string;
reportName: string;
templateName: string;
parameters: string;
}
export default async (
req: NextApiRequestQueryBody<any, UserReportRequestBody>,
res: NextApiResponse,
) => {
await useCors(req, res);
await useAuth(req, res);
const {
user: { id: userId },
} = req.auth;
if (req.method === 'GET') {
const data = await getUserReports(userId);
return ok(res, data);
}
if (req.method === 'POST') {
const data = await createUserReport({
id: uuid(),
userId,
...req.body,
});
return ok(res, data);
}
return methodNotAllowed(res);
};

14
queries/admin/user.ts
View File

@ -210,6 +210,20 @@ export async function deleteUser(
},
},
}),
client.userReport.deleteMany({
where: {
OR: [
{
websiteId: {
in: websiteIds,
},
},
{
userId,
},
],
},
}),
cloudMode
? client.website.updateMany({
data: {

37
queries/admin/userReport.ts Normal file
View File

@ -0,0 +1,37 @@
import { Prisma, UserReport } from '@prisma/client';
import prisma from 'lib/prisma';
export async function createUserReport(
data: Prisma.UserReportUncheckedCreateInput,
): Promise<UserReport> {
return prisma.client.userReport.create({ data });
}
export async function getUserReportById(userReportId: string): Promise<UserReport> {
return prisma.client.userReport.findUnique({
where: {
id: userReportId,
},
});
}
export async function getUserReports(userId: string): Promise<UserReport[]> {
return prisma.client.userReport.findMany({
where: {
userId,
},
});
}
export async function updateUserReport(
data: Prisma.UserReportUpdateInput,
where: Prisma.UserReportWhereUniqueInput,
): Promise<UserReport> {
return prisma.client.userReport.update({ data, where });
}
export async function deleteUserReport(
where: Prisma.UserReportWhereUniqueInput,
): Promise<UserReport> {
return prisma.client.userReport.delete({ where });
}

5
queries/admin/website.ts
View File

@ -92,6 +92,11 @@ export async function deleteWebsite(
websiteId,
},
}),
client.userReport.deleteMany({
where: {
websiteId,
},
}),
cloudMode
? prisma.client.website.update({
data: {

1
queries/index.js
View File

@ -1,6 +1,7 @@
export * from './admin/team';
export * from './admin/teamUser';
export * from './admin/user';
export * from './admin/userReport';
export * from './admin/website';
export * from './analytics/event/getEventMetrics';
export * from './analytics/event/getEventUsage';