mirror of
https://github.com/umami-software/umami.git
synced 2025-12-08 05:12:36 +01:00
Merged auth into new parseRequest method.
This commit is contained in:
Mike Cao
parent
e51f182403
commit
2d6428172b
39 changed files with 296 additions and 316 deletions
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { unauthorized, json, badRequest, notFound, ok } from 'lib/response';
|
||||
import { canDeleteTeam, canUpdateTeam, canViewTeam, checkAuth } from 'lib/auth';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { unauthorized, json, notFound, ok } from 'lib/response';
|
||||
import { canDeleteTeam, canUpdateTeam, canViewTeam } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { deleteTeam, getTeam, updateTeam } from 'queries';
|
||||
|
||||
export async function GET(request: Request, { params }: { params: Promise<{ teamId: string }> }) {
|
||||
|
|
@ -9,17 +9,15 @@ export async function GET(request: Request, { params }: { params: Promise<{ team
|
|||
teamId: z.string().uuid(),
|
||||
});
|
||||
|
||||
const { error } = await checkRequest(request, schema);
|
||||
const { auth, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { teamId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewTeam(auth, teamId))) {
|
||||
if (!(await canViewTeam(auth, teamId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
@ -38,17 +36,15 @@ export async function POST(request: Request, { params }: { params: Promise<{ tea
|
|||
accessCode: z.string().max(50),
|
||||
});
|
||||
|
||||
const { body, error } = await checkRequest(request, schema);
|
||||
const { auth, body, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { teamId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canUpdateTeam(auth, teamId))) {
|
||||
if (!(await canUpdateTeam(auth, teamId))) {
|
||||
return unauthorized('You must be the owner of this team.');
|
||||
}
|
||||
|
||||
|
|
@ -61,11 +57,15 @@ export async function DELETE(
|
|||
request: Request,
|
||||
{ params }: { params: Promise<{ teamId: string }> },
|
||||
) {
|
||||
const { auth, error } = await parseRequest(request);
|
||||
|
||||
if (error) {
|
||||
return error();
|
||||
}
|
||||
|
||||
const { teamId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canDeleteTeam(auth, teamId))) {
|
||||
if (!(await canDeleteTeam(auth, teamId))) {
|
||||
return unauthorized('You must be the owner of this team.');
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,16 +1,20 @@
|
|||
import { z } from 'zod';
|
||||
import { unauthorized, json, badRequest, ok } from 'lib/response';
|
||||
import { canDeleteTeam, canUpdateTeam, checkAuth } from 'lib/auth';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { canDeleteTeam, canUpdateTeam } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { deleteTeam, getTeamUser, updateTeamUser } from 'queries';
|
||||
|
||||
export async function GET(
|
||||
request: Request,
|
||||
{ params }: { params: Promise<{ teamId: string; userId: string }> },
|
||||
) {
|
||||
const { teamId, userId } = await params;
|
||||
const { auth, error } = await parseRequest(request);
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
if (error) {
|
||||
return error();
|
||||
}
|
||||
|
||||
const { teamId, userId } = await params;
|
||||
|
||||
if (!(await canUpdateTeam(auth, teamId))) {
|
||||
return unauthorized('You must be the owner of this team.');
|
||||
|
|
@ -29,16 +33,14 @@ export async function POST(
|
|||
role: z.string().regex(/team-member|team-view-only|team-manager/),
|
||||
});
|
||||
|
||||
const { body, error } = await checkRequest(request, schema);
|
||||
const { auth, body, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { teamId, userId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!(await canUpdateTeam(auth, teamId))) {
|
||||
return unauthorized('You must be the owner of this team.');
|
||||
}
|
||||
|
|
@ -58,11 +60,15 @@ export async function DELETE(
|
|||
request: Request,
|
||||
{ params }: { params: Promise<{ teamId: string }> },
|
||||
) {
|
||||
const { auth, error } = await parseRequest(request);
|
||||
|
||||
if (error) {
|
||||
return error();
|
||||
}
|
||||
|
||||
const { teamId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canDeleteTeam(auth, teamId))) {
|
||||
if (!(await canDeleteTeam(auth, teamId))) {
|
||||
return unauthorized('You must be the owner of this team.');
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { unauthorized, json, badRequest } from 'lib/response';
|
||||
import { canAddUserToTeam, canUpdateTeam, checkAuth } from 'lib/auth';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { canAddUserToTeam, canUpdateTeam } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { pagingParams, roleParam } from 'lib/schema';
|
||||
import { createTeamUser, getTeamUser, getTeamUsers } from 'queries';
|
||||
|
||||
|
|
@ -10,16 +10,14 @@ export async function GET(request: Request, { params }: { params: Promise<{ team
|
|||
...pagingParams,
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { teamId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!(await canUpdateTeam(auth, teamId))) {
|
||||
return unauthorized('You must be the owner of this team.');
|
||||
}
|
||||
|
|
@ -55,17 +53,15 @@ export async function POST(
|
|||
role: roleParam,
|
||||
});
|
||||
|
||||
const { body, error } = await checkRequest(request, schema);
|
||||
const { auth, body, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { teamId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canAddUserToTeam(auth))) {
|
||||
if (!(await canAddUserToTeam(auth))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { unauthorized, json, badRequest } from 'lib/response';
|
||||
import { canViewTeam, checkAuth } from 'lib/auth';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewTeam } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { pagingParams } from 'lib/schema';
|
||||
import { getTeamWebsites } from 'queries';
|
||||
|
||||
|
|
@ -9,18 +9,14 @@ export async function GET(request: Request, { params }: { params: Promise<{ team
|
|||
const schema = z.object({
|
||||
...pagingParams,
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { teamId } = await params;
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { teamId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewTeam(auth, teamId))) {
|
||||
if (!(await canViewTeam(auth, teamId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { unauthorized, json, badRequest, notFound } from 'lib/response';
|
||||
import { canCreateTeam, checkAuth } from 'lib/auth';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { canCreateTeam } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { ROLES } from 'lib/constants';
|
||||
import { createTeamUser, findTeam, getTeamUser } from 'queries';
|
||||
|
||||
|
|
@ -10,15 +10,13 @@ export async function POST(request: Request) {
|
|||
accessCode: z.string().max(50),
|
||||
});
|
||||
|
||||
const { body, error } = await checkRequest(request, schema);
|
||||
const { auth, body, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canCreateTeam(auth))) {
|
||||
if (!(await canCreateTeam(auth))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
import { z } from 'zod';
|
||||
import { getRandomChars } from 'next-basics';
|
||||
import { unauthorized, json, badRequest } from 'lib/response';
|
||||
import { canCreateTeam, checkAuth } from 'lib/auth';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canCreateTeam } from 'lib/auth';
|
||||
import { uuid } from 'lib/crypto';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { createTeam } from 'queries';
|
||||
|
||||
export async function POST(request: Request) {
|
||||
|
|
@ -11,15 +11,13 @@ export async function POST(request: Request) {
|
|||
name: z.string().max(50),
|
||||
});
|
||||
|
||||
const { body, error } = await checkRequest(request, schema);
|
||||
const { auth, body, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canCreateTeam(auth))) {
|
||||
if (!(await canCreateTeam(auth))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,16 +1,20 @@
|
|||
import { z } from 'zod';
|
||||
import { canUpdateUser, canViewUser, checkAuth } from 'lib/auth';
|
||||
import { canUpdateUser, canViewUser } from 'lib/auth';
|
||||
import { getUser, getUserByUsername, updateUser } from 'queries';
|
||||
import { json, unauthorized, badRequest } from 'lib/response';
|
||||
import { hashPassword } from 'next-basics';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { parseRequest } from 'lib/request';
|
||||
|
||||
export async function GET(request: Request, { params }: { params: Promise<{ userId: string }> }) {
|
||||
const { auth, error } = await parseRequest(request);
|
||||
|
||||
if (error) {
|
||||
return error();
|
||||
}
|
||||
|
||||
const { userId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewUser(auth, userId))) {
|
||||
if (!(await canViewUser(auth, userId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
@ -26,17 +30,15 @@ export async function POST(request: Request, { params }: { params: Promise<{ use
|
|||
role: z.string().regex(/admin|user|view-only/i),
|
||||
});
|
||||
|
||||
const { body, error } = await checkRequest(request, schema);
|
||||
const { auth, body, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { userId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canUpdateUser(auth, userId))) {
|
||||
if (!(await canUpdateUser(auth, userId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,26 +1,23 @@
|
|||
import { z } from 'zod';
|
||||
import { pagingParams } from 'lib/schema';
|
||||
import { getUserTeams } from 'queries';
|
||||
import { checkAuth } from 'lib/auth';
|
||||
import { unauthorized, badRequest, json } from 'lib/response';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { parseRequest } from 'lib/request';
|
||||
|
||||
export async function GET(request: Request, { params }: { params: Promise<{ userId: string }> }) {
|
||||
const schema = z.object({
|
||||
...pagingParams,
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { userId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || (!auth.user.isAdmin && (!userId || auth.user.id !== userId))) {
|
||||
if (!auth.user.isAdmin && (!userId || auth.user.id !== userId)) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,10 +1,9 @@
|
|||
import { z } from 'zod';
|
||||
import { json, unauthorized, badRequest } from 'lib/response';
|
||||
import { json, unauthorized } from 'lib/response';
|
||||
import { getAllUserWebsitesIncludingTeamOwner } from 'queries/prisma/website';
|
||||
import { getEventUsage } from 'queries/analytics/events/getEventUsage';
|
||||
import { getEventDataUsage } from 'queries/analytics/events/getEventDataUsage';
|
||||
import { checkAuth } from 'lib/auth';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { parseRequest } from 'lib/request';
|
||||
|
||||
export async function GET(request: Request, { params }: { params: Promise<{ userId: string }> }) {
|
||||
const schema = z.object({
|
||||
|
|
@ -12,15 +11,13 @@ export async function GET(request: Request, { params }: { params: Promise<{ user
|
|||
endAt: z.coerce.number().int(),
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !auth.user.isAdmin) {
|
||||
if (!auth.user.isAdmin) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,26 +1,23 @@
|
|||
import { z } from 'zod';
|
||||
import { unauthorized, json, badRequest } from 'lib/response';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { getUserWebsites } from 'queries/prisma/website';
|
||||
import { pagingParams } from 'lib/schema';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { checkAuth } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
|
||||
export async function GET(request: Request, { params }: { params: Promise<{ userId: string }> }) {
|
||||
const schema = z.object({
|
||||
...pagingParams,
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { userId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || (!auth.user.isAdmin && auth.user.id !== userId)) {
|
||||
if (!auth.user.isAdmin && auth.user.id !== userId) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
import { z } from 'zod';
|
||||
import { hashPassword } from 'next-basics';
|
||||
import { canCreateUser, checkAuth } from 'lib/auth';
|
||||
import { canCreateUser } from 'lib/auth';
|
||||
import { ROLES } from 'lib/constants';
|
||||
import { uuid } from 'lib/crypto';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json, badRequest } from 'lib/response';
|
||||
import { createUser, getUserByUsername } from 'queries';
|
||||
|
||||
|
|
@ -15,15 +15,13 @@ export async function POST(request: Request) {
|
|||
role: z.string().regex(/admin|user|view-only/i),
|
||||
});
|
||||
|
||||
const { body, error } = await checkRequest(request, schema);
|
||||
const { auth, body, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canCreateUser(auth))) {
|
||||
if (!(await canCreateUser(auth))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,16 +1,21 @@
|
|||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { json, unauthorized } from 'lib/response';
|
||||
import { getActiveVisitors } from 'queries';
|
||||
import { parseRequest } from 'lib/request';
|
||||
|
||||
export async function GET(
|
||||
request: Request,
|
||||
{ params }: { params: Promise<{ websiteId: string }> },
|
||||
) {
|
||||
const { auth, error } = await parseRequest(request);
|
||||
|
||||
if (error) {
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,16 +1,21 @@
|
|||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getWebsiteDateRange } from 'queries';
|
||||
import { json, unauthorized } from 'lib/response';
|
||||
import { parseRequest } from 'lib/request';
|
||||
|
||||
export async function GET(
|
||||
request: Request,
|
||||
{ params }: { params: Promise<{ websiteId: string }> },
|
||||
) {
|
||||
const { auth, error } = await parseRequest(request);
|
||||
|
||||
if (error) {
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getEventDataEvents } from 'queries/analytics/events/getEventDataEvents';
|
||||
|
||||
export async function GET(
|
||||
|
|
@ -13,19 +13,16 @@ export async function GET(
|
|||
endAt: z.coerce.number().int(),
|
||||
event: z.string().optional(),
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { startAt, endAt, event } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getEventDataFields } from 'queries';
|
||||
|
||||
export async function GET(
|
||||
|
|
@ -13,17 +13,15 @@ export async function GET(
|
|||
endAt: z.coerce.number().int(),
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { startAt, endAt } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getEventDataProperties } from 'queries';
|
||||
|
||||
export async function GET(
|
||||
|
|
@ -14,18 +14,16 @@ export async function GET(
|
|||
propertyName: z.string().optional(),
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { startAt, endAt, propertyName } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getEventDataStats } from 'queries';
|
||||
|
||||
export async function GET(
|
||||
|
|
@ -14,18 +14,16 @@ export async function GET(
|
|||
propertyName: z.string().optional(),
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { startAt, endAt } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getEventDataValues } from 'queries';
|
||||
|
||||
export async function GET(
|
||||
|
|
@ -15,18 +15,16 @@ export async function GET(
|
|||
propertyName: z.string().optional(),
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { startAt, endAt, eventName, propertyName } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { pagingParams } from 'lib/schema';
|
||||
import { getWebsiteEvents } from 'queries';
|
||||
|
||||
|
|
@ -15,18 +15,16 @@ export async function GET(
|
|||
...pagingParams,
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { startAt, endAt } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest, getRequestDateRange, getRequestFilters } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest, getRequestDateRange, getRequestFilters } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { filterParams, timezoneParam, unitParam } from 'lib/schema';
|
||||
import { getEventMetrics } from 'queries';
|
||||
|
||||
|
|
@ -17,19 +17,17 @@ export async function GET(
|
|||
...filterParams,
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { timezone } = query;
|
||||
const { startDate, endDate, unit } = await getRequestDateRange(request);
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { SESSION_COLUMNS, EVENT_COLUMNS, FILTER_COLUMNS, OPERATORS } from 'lib/constants';
|
||||
import { getRequestFilters, getRequestDateRange, checkRequest } from 'lib/request';
|
||||
import { getRequestFilters, getRequestDateRange, parseRequest } from 'lib/request';
|
||||
import { json, unauthorized, badRequest } from 'lib/response';
|
||||
import { getPageviewMetrics, getSessionMetrics } from 'queries';
|
||||
import { filterParams } from 'lib/schema';
|
||||
|
|
@ -20,18 +20,16 @@ export async function GET(
|
|||
...filterParams,
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { type, limit, offset, search } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
import { z } from 'zod';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { getRequestFilters, getRequestDateRange, checkRequest } from 'lib/request';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getRequestFilters, getRequestDateRange, parseRequest } from 'lib/request';
|
||||
import { unitParam, timezoneParam, filterParams } from 'lib/schema';
|
||||
import { getCompareDate } from 'lib/date';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { getPageviewStats, getSessionStats } from 'queries';
|
||||
|
||||
export async function GET(
|
||||
|
|
@ -19,18 +19,16 @@ export async function GET(
|
|||
...filterParams,
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { timezone, compare } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
import { z } from 'zod';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getWebsiteReports } from 'queries';
|
||||
import { pagingParams } from 'lib/schema';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
|
||||
export async function GET(
|
||||
request: Request,
|
||||
|
|
@ -13,18 +13,16 @@ export async function GET(
|
|||
...pagingParams,
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { page, pageSize, search } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,16 +1,21 @@
|
|||
import { canUpdateWebsite, checkAuth } from 'lib/auth';
|
||||
import { canUpdateWebsite } from 'lib/auth';
|
||||
import { resetWebsite } from 'queries';
|
||||
import { unauthorized, ok } from 'lib/response';
|
||||
import { parseRequest } from 'lib/request';
|
||||
|
||||
export async function POST(
|
||||
request: Request,
|
||||
{ params }: { params: Promise<{ websiteId: string }> },
|
||||
) {
|
||||
const { auth, error } = await parseRequest(request);
|
||||
|
||||
if (error) {
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canUpdateWebsite(auth, websiteId))) {
|
||||
if (!(await canUpdateWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,19 +1,23 @@
|
|||
import { z } from 'zod';
|
||||
import { canUpdateWebsite, canDeleteWebsite, checkAuth, canViewWebsite } from 'lib/auth';
|
||||
import { canUpdateWebsite, canDeleteWebsite, canViewWebsite } from 'lib/auth';
|
||||
import { SHARE_ID_REGEX } from 'lib/constants';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { ok, json, badRequest, unauthorized, serverError } from 'lib/response';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { ok, json, unauthorized, serverError } from 'lib/response';
|
||||
import { deleteWebsite, getWebsite, updateWebsite } from 'queries';
|
||||
|
||||
export async function GET(
|
||||
request: Request,
|
||||
{ params }: { params: Promise<{ websiteId: string }> },
|
||||
) {
|
||||
const { auth, error } = await parseRequest(request);
|
||||
|
||||
if (error) {
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
@ -32,18 +36,16 @@ export async function POST(
|
|||
shareId: z.string().regex(SHARE_ID_REGEX).nullable(),
|
||||
});
|
||||
|
||||
const { body, error } = await checkRequest(request, schema);
|
||||
const { auth, body, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { name, domain, shareId } = body;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canUpdateWebsite(auth, websiteId))) {
|
||||
if (!(await canUpdateWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
@ -64,11 +66,15 @@ export async function DELETE(
|
|||
request: Request,
|
||||
{ params }: { params: Promise<{ websiteId: string }> },
|
||||
) {
|
||||
const { auth, error } = await parseRequest(request);
|
||||
|
||||
if (error) {
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canDeleteWebsite(auth, websiteId))) {
|
||||
if (!(await canDeleteWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getSessionDataProperties } from 'queries';
|
||||
|
||||
export async function GET(
|
||||
|
|
@ -14,18 +14,16 @@ export async function GET(
|
|||
propertyName: z.string().optional(),
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { startAt, endAt, propertyName } = query;
|
||||
const { websiteId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getEventDataEvents } from 'queries/analytics/events/getEventDataEvents';
|
||||
|
||||
export async function GET(
|
||||
|
|
@ -14,18 +14,16 @@ export async function GET(
|
|||
propertyName: z.string().optional(),
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { startAt, endAt, event } = query;
|
||||
const { websiteId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getSessionActivity } from 'queries';
|
||||
|
||||
export async function GET(
|
||||
|
|
@ -13,18 +13,16 @@ export async function GET(
|
|||
endAt: z.coerce.number().int(),
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId, sessionId } = await params;
|
||||
const { startAt, endAt } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,16 +1,21 @@
|
|||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getSessionData } from 'queries';
|
||||
import { parseRequest } from 'lib/request';
|
||||
|
||||
export async function GET(
|
||||
request: Request,
|
||||
{ params }: { params: Promise<{ websiteId: string; sessionId: string }> },
|
||||
) {
|
||||
const { auth, error } = await parseRequest(request);
|
||||
|
||||
if (error) {
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId, sessionId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,16 +1,21 @@
|
|||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getWebsiteSession } from 'queries';
|
||||
import { parseRequest } from 'lib/request';
|
||||
|
||||
export async function GET(
|
||||
request: Request,
|
||||
{ params }: { params: Promise<{ websiteId: string; sessionId: string }> },
|
||||
) {
|
||||
const { auth, error } = await parseRequest(request);
|
||||
|
||||
if (error) {
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId, sessionId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { pagingParams } from 'lib/schema';
|
||||
import { getWebsiteSessions } from 'queries';
|
||||
|
||||
|
|
@ -15,18 +15,16 @@ export async function GET(
|
|||
...pagingParams,
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { startAt, endAt } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest, getRequestDateRange, getRequestFilters } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest, getRequestDateRange, getRequestFilters } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { filterParams } from 'lib/schema';
|
||||
import { getWebsiteSessionStats } from 'queries';
|
||||
|
||||
|
|
@ -15,17 +15,15 @@ export async function GET(
|
|||
...filterParams,
|
||||
});
|
||||
|
||||
const { error } = await checkRequest(request, schema);
|
||||
const { auth, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { pagingParams, timezoneParam } from 'lib/schema';
|
||||
import { getWebsiteSessionsWeekly } from 'queries';
|
||||
|
||||
|
|
@ -16,18 +16,16 @@ export async function GET(
|
|||
...pagingParams,
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { startAt, endAt, timezone } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { checkRequest, getRequestDateRange, getRequestFilters } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
import { checkAuth, canViewWebsite } from 'lib/auth';
|
||||
import { parseRequest, getRequestDateRange, getRequestFilters } from 'lib/request';
|
||||
import { unauthorized, json } from 'lib/response';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { getCompareDate } from 'lib/date';
|
||||
import { filterParams } from 'lib/schema';
|
||||
import { getWebsiteStats } from 'queries';
|
||||
|
|
@ -17,18 +17,16 @@ export async function GET(
|
|||
...filterParams,
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { compare } = query;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { z } from 'zod';
|
||||
import { canTransferWebsiteToTeam, canTransferWebsiteToUser, checkAuth } from 'lib/auth';
|
||||
import { canTransferWebsiteToTeam, canTransferWebsiteToUser } from 'lib/auth';
|
||||
import { updateWebsite } from 'queries';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { badRequest, unauthorized, json } from 'lib/response';
|
||||
|
||||
export async function POST(
|
||||
|
|
@ -13,20 +13,16 @@ export async function POST(
|
|||
teamId: z.string().uuid().optional(),
|
||||
});
|
||||
|
||||
const { body, error } = await checkRequest(request, schema);
|
||||
const { auth, body, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { userId, teamId } = body;
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth) {
|
||||
return unauthorized();
|
||||
} else if (userId) {
|
||||
if (userId) {
|
||||
if (!(await canTransferWebsiteToUser(auth, websiteId, userId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
|
@ -49,4 +45,6 @@ export async function POST(
|
|||
|
||||
return json(website);
|
||||
}
|
||||
|
||||
return badRequest();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
import { z } from 'zod';
|
||||
import { canViewWebsite, checkAuth } from 'lib/auth';
|
||||
import { canViewWebsite } from 'lib/auth';
|
||||
import { EVENT_COLUMNS, FILTER_COLUMNS, SESSION_COLUMNS } from 'lib/constants';
|
||||
import { getValues } from 'queries';
|
||||
import { checkRequest, getRequestDateRange } from 'lib/request';
|
||||
import { parseRequest, getRequestDateRange } from 'lib/request';
|
||||
import { badRequest, json, unauthorized } from 'lib/response';
|
||||
|
||||
export async function GET(
|
||||
|
|
@ -16,24 +16,22 @@ export async function GET(
|
|||
search: z.string().optional(),
|
||||
});
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
return error();
|
||||
}
|
||||
|
||||
const { websiteId } = await params;
|
||||
const { type, search } = query;
|
||||
const { startDate, endDate } = await getRequestDateRange(request);
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth || !(await canViewWebsite(auth, websiteId))) {
|
||||
if (!(await canViewWebsite(auth, websiteId))) {
|
||||
return unauthorized();
|
||||
}
|
||||
|
||||
if (!SESSION_COLUMNS.includes(type) && !EVENT_COLUMNS.includes(type)) {
|
||||
return badRequest();
|
||||
return badRequest('Invalid type.');
|
||||
}
|
||||
|
||||
const values = await getValues(websiteId, FILTER_COLUMNS[type], startDate, endDate, search);
|
||||
|
|
|
|||
|
|
@ -1,24 +1,18 @@
|
|||
import { z } from 'zod';
|
||||
import { canCreateTeamWebsite, canCreateWebsite, checkAuth } from 'lib/auth';
|
||||
import { json, badRequest, unauthorized } from 'lib/response';
|
||||
import { canCreateTeamWebsite, canCreateWebsite } from 'lib/auth';
|
||||
import { json, unauthorized } from 'lib/response';
|
||||
import { uuid } from 'lib/crypto';
|
||||
import { checkRequest } from 'lib/request';
|
||||
import { parseRequest } from 'lib/request';
|
||||
import { createWebsite, getUserWebsites } from 'queries';
|
||||
import { pagingParams } from 'lib/schema';
|
||||
|
||||
export async function GET(request: Request) {
|
||||
const schema = z.object({ ...pagingParams });
|
||||
|
||||
const { query, error } = await checkRequest(request, schema);
|
||||
const { auth, query, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
}
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth) {
|
||||
return unauthorized();
|
||||
return error();
|
||||
}
|
||||
|
||||
const websites = await getUserWebsites(auth.user.userId, query);
|
||||
|
|
@ -34,16 +28,10 @@ export async function POST(request: Request) {
|
|||
teamId: z.string().nullable(),
|
||||
});
|
||||
|
||||
const { body, error } = await checkRequest(request, schema);
|
||||
const { auth, body, error } = await parseRequest(request, schema);
|
||||
|
||||
if (error) {
|
||||
return badRequest(error);
|
||||
}
|
||||
|
||||
const auth = await checkAuth(request);
|
||||
|
||||
if (!auth) {
|
||||
return unauthorized();
|
||||
return error();
|
||||
}
|
||||
|
||||
const { name, domain, shareId, teamId } = body;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,9 @@
|
|||
import { ZodObject } from 'zod';
|
||||
import { FILTER_COLUMNS } from 'lib/constants';
|
||||
import { badRequest, unauthorized } from 'lib/response';
|
||||
import { getAllowedUnits, getMinimumUnit } from './date';
|
||||
import { getWebsiteDateRange } from '../queries';
|
||||
import { FILTER_COLUMNS } from 'lib/constants';
|
||||
import { checkAuth } from 'lib/auth';
|
||||
|
||||
export async function getJsonBody(request: Request) {
|
||||
try {
|
||||
|
|
@ -11,14 +13,27 @@ export async function getJsonBody(request: Request) {
|
|||
}
|
||||
}
|
||||
|
||||
export async function checkRequest(request: Request, schema: ZodObject<any>) {
|
||||
export async function parseRequest(request: Request, schema?: ZodObject<any>) {
|
||||
let error: () => void | undefined;
|
||||
const url = new URL(request.url);
|
||||
const query = Object.fromEntries(url.searchParams);
|
||||
const body = await getJsonBody(request);
|
||||
|
||||
if (schema) {
|
||||
const result = schema.safeParse(request.method === 'GET' ? query : body);
|
||||
|
||||
return { query, body, error: result.error };
|
||||
if (result.error) {
|
||||
error = () => badRequest(result.error);
|
||||
}
|
||||
}
|
||||
|
||||
const auth = !error ? await checkAuth(request) : null;
|
||||
|
||||
if (!error && !auth) {
|
||||
error = () => unauthorized();
|
||||
}
|
||||
|
||||
return { url, query, body, auth, error };
|
||||
}
|
||||
|
||||
export async function getRequestDateRange(query: Record<string, any>) {
|
||||
|
|
|
|||
|
|
@ -16,8 +16,8 @@ export const pageInfo = {
|
|||
};
|
||||
|
||||
export const pagingParams = {
|
||||
page: z.coerce.number().int().positive(),
|
||||
pageSize: z.coerce.number().int().positive(),
|
||||
page: z.coerce.number().int().positive().optional(),
|
||||
pageSize: z.coerce.number().int().positive().optional(),
|
||||
orderBy: z.string().optional(),
|
||||
query: z.string().optional(),
|
||||
};
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue