m/umami
1
0
Fork 0
mirror of https://github.com/kremalicious/umami.git synced 2025-02-14 21:10:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
umami/src/pages/api/admin/websites.ts

98 lines
2.3 KiB
TypeScript
Raw Blame History

import { canViewAllWebsites } from 'lib/auth';
import { ROLES } from 'lib/constants';
import { useAuth, useCors, useValidate } from 'lib/middleware';
import { pageInfo } from 'lib/schema';
import { NextApiRequestQueryBody, PageParams } from 'lib/types';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getWebsites } from 'queries';
import * as yup from 'yup';
export interface WebsitesRequestQuery extends PageParams {
userId?: string;
includeTeams?: boolean;
}
export interface WebsitesRequestBody {
name: string;
domain: string;
shareId: string;
}
const schema = {
GET: yup.object().shape({
...pageInfo,
}),
POST: yup.object().shape({
name: yup.string().max(100).required(),
domain: yup.string().max(500).required(),
shareId: yup.string().max(50).nullable(),
}),
};
export default async (
req: NextApiRequestQueryBody<WebsitesRequestQuery, WebsitesRequestBody>,
res: NextApiResponse,
) => {
await useCors(req, res);
await useAuth(req, res);
await useValidate(schema, req, res);
if (req.method === 'GET') {
if (!(await canViewAllWebsites(req.auth))) {
return unauthorized(res);
}
const { userId, includeOwnedTeams } = req.query;
const websites = await getWebsites(
{
where: {
OR: [
...(userId && [{ userId }]),
...(userId &&
includeOwnedTeams && [
{
team: {
deletedAt: null,
teamUser: {
some: {
role: ROLES.teamOwner,
userId,
},
},
},
},
]),
],
},
include: {
user: {
select: {
username: true,
id: true,
},
},
team: {
where: {
deletedAt: null,
},
include: {
teamUser: {
where: {
role: ROLES.teamOwner,
},
},
},
},
},
},
req.query,
);
return ok(res, websites);
}
return methodNotAllowed(res);
};
Reference in New Issue View Git Blame Copy Permalink