Add admin check. (#1716)

* Add admin check.

* Fix teamId check.

pages/api/websites/[id]/active.ts

@@ -17,13 +17,10 @@ export default async (
   await useCors(req, res);
   await useAuth(req, res);
 
-  const {
-    user: { id: userId },
-  } = req.auth;
   const { id: websiteId } = req.query;
 
   if (req.method === 'GET') {
-    if (await canViewWebsite(userId, websiteId)) {
+    if (await canViewWebsite(req.auth, websiteId)) {
       return unauthorized(res);
     }
 

pages/api/websites/[id]/eventdata.ts

@@ -24,13 +24,10 @@ export default async (
   await useCors(req, res);
   await useAuth(req, res);
 
-  const {
-    user: { id: userId },
-  } = req.auth;
   const { id: websiteId } = req.query;
 
   if (req.method === 'POST') {
-    if (canViewWebsite(userId, websiteId)) {
+    if (!(await canViewWebsite(req.auth, websiteId))) {
       return unauthorized(res);
     }
 

pages/api/websites/[id]/events.ts

@@ -25,13 +25,10 @@ export default async (
   await useCors(req, res);
   await useAuth(req, res);
 
-  const {
-    user: { id: userId },
-  } = req.auth;
   const { id: websiteId, startAt, endAt, unit, tz, url, eventName } = req.query;
 
   if (req.method === 'GET') {
-    if (canViewWebsite(userId, websiteId)) {
+    if (!(await canViewWebsite(req.auth, websiteId))) {
       return unauthorized(res);
     }
 

pages/api/websites/[id]/index.ts

@@ -22,13 +22,10 @@ export default async (
   await useCors(req, res);
   await useAuth(req, res);
 
-  const {
-    user: { id: userId },
-  } = req.auth;
   const { id: websiteId } = req.query;
 
   if (req.method === 'GET') {
-    if (!(await canViewWebsite(userId, websiteId))) {
+    if (!(await canViewWebsite(req.auth, websiteId))) {
       return unauthorized(res);
     }
 
@@ -38,7 +35,7 @@ export default async (
   }
 
   if (req.method === 'POST') {
-    if (!(await canUpdateWebsite(userId, websiteId))) {
+    if (!(await canUpdateWebsite(req.auth, websiteId))) {
       return unauthorized(res);
     }
 
@@ -56,7 +53,7 @@ export default async (
   }
 
   if (req.method === 'DELETE') {
-    if (!(await canDeleteWebsite(userId, websiteId))) {
+    if (!(await canDeleteWebsite(req.auth, websiteId))) {
       return unauthorized(res);
     }
 

pages/api/websites/[id]/metrics.ts

@@ -55,9 +55,6 @@ export default async (
   await useCors(req, res);
   await useAuth(req, res);
 
-  const {
-    user: { id: userId },
-  } = req.auth;
   const {
     id: websiteId,
     type,
@@ -72,7 +69,7 @@ export default async (
   } = req.query;
 
   if (req.method === 'GET') {
-    if (!(await canViewWebsite(userId, websiteId))) {
+    if (!(await canViewWebsite(req.auth, websiteId))) {
       return unauthorized(res);
     }
 

pages/api/websites/[id]/pageviews.ts

@@ -30,9 +30,6 @@ export default async (
   await useCors(req, res);
   await useAuth(req, res);
 
-  const {
-    user: { id: userId },
-  } = req.auth;
   const {
     id: websiteId,
     startAt,
@@ -48,7 +45,7 @@ export default async (
   } = req.query;
 
   if (req.method === 'GET') {
-    if (!(await canViewWebsite(userId, websiteId))) {
+    if (!(await canViewWebsite(req.auth, websiteId))) {
       return unauthorized(res);
     }
 

pages/api/websites/[id]/reset.ts

@@ -16,13 +16,10 @@ export default async (
   await useCors(req, res);
   await useAuth(req, res);
 
-  const {
-    user: { id: userId },
-  } = req.auth;
   const { id: websiteId } = req.query;
 
   if (req.method === 'POST') {
-    if (!(await canViewWebsite(userId, websiteId))) {
+    if (!(await canViewWebsite(req.auth, websiteId))) {
       return unauthorized(res);
     }
 

pages/api/websites/[id]/stats.ts

@@ -26,13 +26,10 @@ export default async (
   await useCors(req, res);
   await useAuth(req, res);
 
-  const {
-    user: { id: userId },
-  } = req.auth;
   const { id: websiteId, startAt, endAt, url, referrer, os, browser, device, country } = req.query;
 
   if (req.method === 'GET') {
-    if (!(await canViewWebsite(userId, websiteId))) {
+    if (!(await canViewWebsite(req.auth, websiteId))) {
       return unauthorized(res);
     }