m/umami
1
0
Fork 0
mirror of https://github.com/kremalicious/umami.git synced 2025-02-14 21:10:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

More yup validations.

Browse Source
This commit is contained in:
Brian Cao 2023-09-25 13:19:56 -07:00
parent 2ccb8d0a3c
commit ce2a83a09f
12 changed files with 99 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/lib/yup.ts
View File

@ -1,11 +1,10 @@
import moment from 'moment';
import * as yup from 'yup'; import * as yup from 'yup';
export function getDateRangeValidation() { export const DateRangeValidation = {
return { startAt: yup.number().integer().required(),
startAt: yup.number().integer().required(), endAt: yup.number().integer().moreThan(yup.ref('startAt')).required(),
endAt: yup.number().integer().moreThan(yup.ref('startAt')).required(), };
};
}
// ex: /funnel|insights|retention/i // ex: /funnel|insights|retention/i
export function getFilterValidation(matchRegex) { export function getFilterValidation(matchRegex) {
@ -17,3 +16,9 @@ export function getFilterValidation(matchRegex) {
orderBy: yup.string(), orderBy: yup.string(),
}; };
} }
export const TimezoneTest = yup.string().test(
'timezone',
() => `Invalid timezone`,
value => !moment.tz.zone(value),
);

7
src/pages/api/reports/retention.ts
View File

@ -1,6 +1,7 @@
import { canViewWebsite } from 'lib/auth'; import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors, useValidate } from 'lib/middleware'; import { useAuth, useCors, useValidate } from 'lib/middleware';
import { NextApiRequestQueryBody } from 'lib/types'; import { NextApiRequestQueryBody } from 'lib/types';
import { TimezoneTest } from 'lib/yup';
import { NextApiResponse } from 'next'; import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics'; import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getRetention } from 'queries'; import { getRetention } from 'queries';
@ -8,7 +9,7 @@ import * as yup from 'yup';
export interface RetentionRequestBody { export interface RetentionRequestBody {
websiteId: string; websiteId: string;
dateRange: { startDate: string; endDate: string }; dateRange: { startDate: string; endDate: string; timezone: string };
} }
const schema = { const schema = {
@ -19,6 +20,7 @@ const schema = {
.shape({ .shape({
startDate: yup.date().required(), startDate: yup.date().required(),
endDate: yup.date().required(), endDate: yup.date().required(),
timezone: TimezoneTest,
}) })
.required(), .required(),
}), }),
@ -37,7 +39,7 @@ export default async (
if (req.method === 'POST') { if (req.method === 'POST') {
const { const {
websiteId, websiteId,
dateRange: { startDate, endDate }, dateRange: { startDate, endDate, timezone },
} = req.body; } = req.body;
if (!(await canViewWebsite(req.auth, websiteId))) { if (!(await canViewWebsite(req.auth, websiteId))) {
@ -47,6 +49,7 @@ export default async (
const data = await getRetention(websiteId, { const data = await getRetention(websiteId, {
startDate: new Date(startDate), startDate: new Date(startDate),
endDate: new Date(endDate), endDate: new Date(endDate),
timezone,
}); });
return ok(res, data); return ok(res, data);

1
src/pages/api/teams/[id]/users/[userId].ts
View File

@ -5,6 +5,7 @@ import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics'; import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { deleteTeamUser } from 'queries'; import { deleteTeamUser } from 'queries';
import * as yup from 'yup'; import * as yup from 'yup';
export interface TeamUserRequestQuery { export interface TeamUserRequestQuery {
id: string; id: string;
userId: string; userId: string;

17
src/pages/api/teams/[id]/users/index.ts
View File

@ -1,24 +1,27 @@
import { canViewTeam } from 'lib/auth'; import { canViewTeam } from 'lib/auth';
import { useAuth } from 'lib/middleware'; import { useAuth, useValidate } from 'lib/middleware';
import { NextApiRequestQueryBody, SearchFilter, TeamSearchFilterType } from 'lib/types'; import { NextApiRequestQueryBody, SearchFilter, TeamSearchFilterType } from 'lib/types';
import { NextApiResponse } from 'next'; import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics'; import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getUsersByTeamId } from 'queries'; import { getUsersByTeamId } from 'queries';
import * as yup from 'yup';
export interface TeamUserRequestQuery extends SearchFilter<TeamSearchFilterType> { export interface TeamUserRequestQuery extends SearchFilter<TeamSearchFilterType> {
id: string; id: string;
} }
export interface TeamUserRequestBody { const schema = {
email: string; GET: yup.object().shape({
roleId: string; id: yup.string().uuid().required(),
} }),
};
export default async ( export default async (
req: NextApiRequestQueryBody<TeamUserRequestQuery, TeamUserRequestBody>, req: NextApiRequestQueryBody<TeamUserRequestQuery, any>,
res: NextApiResponse, res: NextApiResponse,
) => { ) => {
await useAuth(req, res); await useAuth(req, res);
req.yup = schema;
await useValidate(req, res);
const { id: teamId } = req.query; const { id: teamId } = req.query;

6
src/pages/api/websites/[id]/events.ts
View File

@ -6,6 +6,8 @@ import { NextApiResponse } from 'next';
import { badRequest, methodNotAllowed, ok, unauthorized } from 'next-basics'; import { badRequest, methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getEventMetrics } from 'queries'; import { getEventMetrics } from 'queries';
import { parseDateRangeQuery } from 'lib/query'; import { parseDateRangeQuery } from 'lib/query';
import * as yup from 'yup';
import { TimezoneTest } from 'lib/yup';
const unitTypes = ['year', 'month', 'hour', 'day']; const unitTypes = ['year', 'month', 'hour', 'day'];
@ -18,15 +20,13 @@ export interface WebsiteEventsRequestQuery {
url: string; url: string;
} }
import * as yup from 'yup';
const schema = { const schema = {
GET: yup.object().shape({ GET: yup.object().shape({
id: yup.string().uuid().required(), id: yup.string().uuid().required(),
startAt: yup.number().integer().required(), startAt: yup.number().integer().required(),
endAt: yup.number().integer().moreThan(yup.ref('startAt')).required(), endAt: yup.number().integer().moreThan(yup.ref('startAt')).required(),
unit: yup.string().required(), unit: yup.string().required(),
timezone: yup.string().required(), timezone: TimezoneTest.required(),
url: yup.string(), url: yup.string(),
}), }),
}; };

10
src/pages/api/websites/[id]/index.ts
View File

@ -22,6 +22,12 @@ const schema = {
GET: yup.object().shape({ GET: yup.object().shape({
id: yup.string().uuid().required(), id: yup.string().uuid().required(),
}), }),
POST: yup.object().shape({
id: yup.string().uuid().required(),
name: yup.string().required(),
domain: yup.string().required(),
shareId: yup.string().matches(SHARE_ID_REGEX, { excludeEmptyString: true }),
}),
}; };
export default async ( export default async (
@ -55,10 +61,6 @@ export default async (
let website; let website;
if (shareId && !shareId.match(SHARE_ID_REGEX)) {
return serverError(res, 'Invalid share ID.');
}
try { try {
website = await updateWebsite(websiteId, { name, domain, shareId }); website = await updateWebsite(websiteId, { name, domain, shareId });
} catch (e: any) { } catch (e: any) {

12
src/pages/api/websites/[id]/metrics.ts
View File

@ -33,6 +33,18 @@ const schema = {
type: yup.string().required(), type: yup.string().required(),
startAt: yup.number().required(), startAt: yup.number().required(),
endAt: yup.number().required(), endAt: yup.number().required(),
url: yup.string(),
referrer: yup.string(),
title: yup.string(),
query: yup.string(),
os: yup.string(),
browser: yup.string(),
device: yup.string(),
country: yup.string(),
region: yup.string(),
city: yup.string(),
language: yup.string(),
event: yup.string(),
}), }),
}; };

31
src/pages/api/websites/[id]/pageviews.ts
View File

@ -1,18 +1,17 @@
import moment from 'moment-timezone';
import { NextApiResponse } from 'next';
import { badRequest, methodNotAllowed, ok, unauthorized } from 'next-basics';
import { NextApiRequestQueryBody, WebsitePageviews } from 'lib/types';
import { canViewWebsite } from 'lib/auth'; import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors, useValidate } from 'lib/middleware'; import { useAuth, useCors, useValidate } from 'lib/middleware';
import { getPageviewStats, getSessionStats } from 'queries';
import { parseDateRangeQuery } from 'lib/query'; import { parseDateRangeQuery } from 'lib/query';
import { NextApiRequestQueryBody, WebsitePageviews } from 'lib/types';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getPageviewStats, getSessionStats } from 'queries';
export interface WebsitePageviewRequestQuery { export interface WebsitePageviewRequestQuery {
id: string; id: string;
startAt: number; startAt: number;
endAt: number; endAt: number;
unit: string; unit?: string;
timezone: string; timezone?: string;
url?: string; url?: string;
referrer?: string; referrer?: string;
title?: string; title?: string;
@ -24,10 +23,24 @@ export interface WebsitePageviewRequestQuery {
city?: string; city?: string;
} }
import { TimezoneTest } from 'lib/yup';
import * as yup from 'yup'; import * as yup from 'yup';
const schema = { const schema = {
GET: yup.object().shape({ GET: yup.object().shape({
id: yup.string().uuid().required(), id: yup.string().uuid().required(),
startAt: yup.number().required(),
endAt: yup.number().required(),
unit: yup.string(),
timezone: TimezoneTest,
url: yup.string(),
referrer: yup.string(),
title: yup.string(),
os: yup.string(),
browser: yup.string(),
device: yup.string(),
country: yup.string(),
region: yup.string(),
city: yup.string(),
}), }),
}; };
@ -62,10 +75,6 @@ export default async (
const { startDate, endDate, unit } = await parseDateRangeQuery(req); const { startDate, endDate, unit } = await parseDateRangeQuery(req);
if (!moment.tz.zone(timezone)) {
return badRequest(res);
}
const filters = { const filters = {
startDate, startDate,
endDate, endDate,

2
src/pages/api/websites/[id]/reports.ts
View File

@ -1,6 +1,7 @@
import { canViewWebsite } from 'lib/auth'; import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors, useValidate } from 'lib/middleware'; import { useAuth, useCors, useValidate } from 'lib/middleware';
import { NextApiRequestQueryBody, ReportSearchFilterType, SearchFilter } from 'lib/types'; import { NextApiRequestQueryBody, ReportSearchFilterType, SearchFilter } from 'lib/types';
import { getFilterValidation } from 'lib/yup';
import { NextApiResponse } from 'next'; import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics'; import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getReportsByWebsiteId } from 'queries'; import { getReportsByWebsiteId } from 'queries';
@ -13,6 +14,7 @@ import * as yup from 'yup';
const schema = { const schema = {
GET: yup.object().shape({ GET: yup.object().shape({
id: yup.string().uuid().required(), id: yup.string().uuid().required(),
...getFilterValidation(/All|Name|Description|Type|Username|Website Name|Website Domain/i),
}), }),
}; };

5
src/pages/api/websites/[id]/reset.ts
View File

@ -4,14 +4,14 @@ import { useAuth, useCors, useValidate } from 'lib/middleware';
import { NextApiResponse } from 'next'; import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics'; import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { resetWebsite } from 'queries'; import { resetWebsite } from 'queries';
import * as yup from 'yup';
export interface WebsiteResetRequestQuery { export interface WebsiteResetRequestQuery {
id: string; id: string;
} }
import * as yup from 'yup';
const schema = { const schema = {
GET: yup.object().shape({ POST: yup.object().shape({
id: yup.string().uuid().required(), id: yup.string().uuid().required(),
}), }),
}; };
@ -22,7 +22,6 @@ export default async (
) => { ) => {
await useCors(req, res); await useCors(req, res);
await useAuth(req, res); await useAuth(req, res);
req.yup = schema; req.yup = schema;
await useValidate(req, res); await useValidate(req, res);

35
src/pages/api/websites/[id]/stats.ts
View File

@ -11,23 +11,36 @@ export interface WebsiteStatsRequestQuery {
id: string; id: string;
startAt: number; startAt: number;
endAt: number; endAt: number;
url: string; url?: string;
referrer: string; referrer?: string;
title: string; title?: string;
query: string; query?: string;
event: string; event?: string;
os: string; os?: string;
browser: string; browser?: string;
device: string; device?: string;
country: string; country?: string;
region: string; region?: string;
city: string; city?: string;
} }
import * as yup from 'yup'; import * as yup from 'yup';
const schema = { const schema = {
GET: yup.object().shape({ GET: yup.object().shape({
id: yup.string().uuid().required(), id: yup.string().uuid().required(),
startAt: yup.number().required(),
endAt: yup.number().required(),
url: yup.string(),
referrer: yup.string(),
title: yup.string(),
query: yup.string(),
event: yup.string(),
os: yup.string(),
browser: yup.string(),
device: yup.string(),
country: yup.string(),
region: yup.string(),
city: yup.string(),
}), }),
}; };

6
src/queries/analytics/reports/getRetention.ts
View File

@ -8,7 +8,7 @@ export async function getRetention(
filters: { filters: {
startDate: Date; startDate: Date;
endDate: Date; endDate: Date;
timezone: string; timezone?: string;
}, },
] ]
) { ) {
@ -23,7 +23,7 @@ async function relationalQuery(
filters: { filters: {
startDate: Date; startDate: Date;
endDate: Date; endDate: Date;
timezone: string; timezone?: string;
}, },
): Promise< ): Promise<
{ {
@ -103,7 +103,7 @@ async function clickhouseQuery(
filters: { filters: {
startDate: Date; startDate: Date;
endDate: Date; endDate: Date;
timezone: string; timezone?: string;
}, },
): Promise< ): Promise<
{ {