Merge remote-tracking branch 'origin/dev' into dev

2024-11-22 09:57:00 +01:00 · 2023-12-03 21:19:17 -08:00 · 2023-12-03 21:19:17 -08:00 · e462a55ab9
commit e462a55ab9
parent a6968e2f70 4d3d784c68
4 changed files with 34 additions and 4 deletions
--- a/src/app/(main)/dashboard/Dashboard.tsx
+++ b/src/app/(main)/dashboard/Dashboard.tsx
@ -12,9 +12,11 @@ import useDashboard from 'store/dashboard';
 import useMessages from 'components/hooks/useMessages';
 import useLocale from 'components/hooks/useLocale';
 import useFilterQuery from 'components/hooks/useFilterQuery';
+import { useUser } from 'components/hooks';

 export function Dashboard() {
  const { formatMessage, labels, messages } = useMessages();
+  const { user } = useUser();
  const { showCharts, editing } = useDashboard();
  const { dir } = useLocale();
  const { get } = useApi();
@ -23,7 +25,7 @@ export function Dashboard() {
  const { query, params, setParams, result } = useFilterQuery({
    queryKey: ['dashboard:websites'],
    queryFn: (params: any) => {
-      return get(`/websites`, { ...params, includeTeams: true, pageSize });
+      return get(`/users/${user.id}/websites`, { ...params, includeTeams: true, pageSize });
    },
  });

--- a/src/lib/auth.ts
+++ b/src/lib/auth.ts
@ -59,6 +59,10 @@ export async function canViewWebsite({ user, shareToken }: Auth, websiteId: stri
  return !!(await findTeamWebsiteByUserId(websiteId, user.id));
 }

+export async function canViewAllWebsite({ user }: Auth) {
+  return user.isAdmin;
+}
+
 export async function canCreateWebsite({ user, grant }: Auth) {
  if (cloudMode) {
    return !!grant?.find(a => a === PERMISSIONS.websiteCreate);
--- a/src/lib/schema.ts
+++ b/src/lib/schema.ts
@ -8,6 +8,6 @@ export const dateRange = {
 export const pageInfo = {
  query: yup.string(),
  page: yup.number().integer().positive(),
-  pageSize: yup.number().integer().positive().max(200),
+  pageSize: yup.number().integer().positive().min(1).max(200),
  orderBy: yup.string(),
 };
--- a/src/pages/api/websites/index.ts
+++ b/src/pages/api/websites/index.ts
@ -1,10 +1,10 @@
-import { canCreateWebsite } from 'lib/auth';
+import { canCreateWebsite, canViewAllWebsite } from 'lib/auth';
 import { uuid } from 'lib/crypto';
 import { useAuth, useCors, useValidate } from 'lib/middleware';
 import { NextApiRequestQueryBody, SearchFilter } from 'lib/types';
 import { NextApiResponse } from 'next';
 import { methodNotAllowed, ok, unauthorized } from 'next-basics';
-import { createWebsite } from 'queries';
+import { createWebsite, getWebsites } from 'queries';
 import userWebsites from 'pages/api/users/[id]/websites';
 import * as yup from 'yup';
 import { pageInfo } from 'lib/schema';
@ -41,6 +41,30 @@ export default async (
  } = req.auth;

  if (req.method === 'GET') {
+    if (canViewAllWebsite(req.auth)) {
+      const websites = getWebsites(req.query, {
+        include: {
+          teamWebsite: {
+            include: {
+              team: {
+                select: {
+                  name: true,
+                },
+              },
+            },
+          },
+          user: {
+            select: {
+              username: true,
+              id: true,
+            },
+          },
+        },
+      });
+
+      return ok(res, websites);
+    }
+
    if (!req.query.id) {
      req.query.id = userId;
    }