mirror of
https://github.com/kremalicious/umami.git
synced 2024-11-22 01:46:58 +01:00
Merge remote-tracking branch 'origin/dev' into dev
This commit is contained in:
commit
e462a55ab9
@ -12,9 +12,11 @@ import useDashboard from 'store/dashboard';
|
||||
import useMessages from 'components/hooks/useMessages';
|
||||
import useLocale from 'components/hooks/useLocale';
|
||||
import useFilterQuery from 'components/hooks/useFilterQuery';
|
||||
import { useUser } from 'components/hooks';
|
||||
|
||||
export function Dashboard() {
|
||||
const { formatMessage, labels, messages } = useMessages();
|
||||
const { user } = useUser();
|
||||
const { showCharts, editing } = useDashboard();
|
||||
const { dir } = useLocale();
|
||||
const { get } = useApi();
|
||||
@ -23,7 +25,7 @@ export function Dashboard() {
|
||||
const { query, params, setParams, result } = useFilterQuery({
|
||||
queryKey: ['dashboard:websites'],
|
||||
queryFn: (params: any) => {
|
||||
return get(`/websites`, { ...params, includeTeams: true, pageSize });
|
||||
return get(`/users/${user.id}/websites`, { ...params, includeTeams: true, pageSize });
|
||||
},
|
||||
});
|
||||
|
||||
|
@ -59,6 +59,10 @@ export async function canViewWebsite({ user, shareToken }: Auth, websiteId: stri
|
||||
return !!(await findTeamWebsiteByUserId(websiteId, user.id));
|
||||
}
|
||||
|
||||
export async function canViewAllWebsite({ user }: Auth) {
|
||||
return user.isAdmin;
|
||||
}
|
||||
|
||||
export async function canCreateWebsite({ user, grant }: Auth) {
|
||||
if (cloudMode) {
|
||||
return !!grant?.find(a => a === PERMISSIONS.websiteCreate);
|
||||
|
@ -8,6 +8,6 @@ export const dateRange = {
|
||||
export const pageInfo = {
|
||||
query: yup.string(),
|
||||
page: yup.number().integer().positive(),
|
||||
pageSize: yup.number().integer().positive().max(200),
|
||||
pageSize: yup.number().integer().positive().min(1).max(200),
|
||||
orderBy: yup.string(),
|
||||
};
|
||||
|
@ -1,10 +1,10 @@
|
||||
import { canCreateWebsite } from 'lib/auth';
|
||||
import { canCreateWebsite, canViewAllWebsite } from 'lib/auth';
|
||||
import { uuid } from 'lib/crypto';
|
||||
import { useAuth, useCors, useValidate } from 'lib/middleware';
|
||||
import { NextApiRequestQueryBody, SearchFilter } from 'lib/types';
|
||||
import { NextApiResponse } from 'next';
|
||||
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
|
||||
import { createWebsite } from 'queries';
|
||||
import { createWebsite, getWebsites } from 'queries';
|
||||
import userWebsites from 'pages/api/users/[id]/websites';
|
||||
import * as yup from 'yup';
|
||||
import { pageInfo } from 'lib/schema';
|
||||
@ -41,6 +41,30 @@ export default async (
|
||||
} = req.auth;
|
||||
|
||||
if (req.method === 'GET') {
|
||||
if (canViewAllWebsite(req.auth)) {
|
||||
const websites = getWebsites(req.query, {
|
||||
include: {
|
||||
teamWebsite: {
|
||||
include: {
|
||||
team: {
|
||||
select: {
|
||||
name: true,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
user: {
|
||||
select: {
|
||||
username: true,
|
||||
id: true,
|
||||
},
|
||||
},
|
||||
},
|
||||
});
|
||||
|
||||
return ok(res, websites);
|
||||
}
|
||||
|
||||
if (!req.query.id) {
|
||||
req.query.id = userId;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user