watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-10 07:37:11 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Add api validations.

Browse source
This commit is contained in:
Brian Cao 2023-08-19 22:23:15 -07:00
parent 7d5a24044a
commit 7a7233ead4
41 changed files with 690 additions and 180 deletions
Download patch file Download diff file Expand all files Collapse all files

12
pages/api/websites/[id]/active.ts
View file

@ -1,14 +1,21 @@
import { WebsiteActive, NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { useAuth, useCors, useValidate } from 'lib/middleware';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getActiveVisitors } from 'queries';
import * as yup from 'yup';
export interface WebsiteActiveRequestQuery {
id: string;
}
const schema = {
GET: yup.object().shape({
id: yup.string().uuid().required(),
}),
};
export default async (
req: NextApiRequestQueryBody<WebsiteActiveRequestQuery>,
res: NextApiResponse<WebsiteActive>,
@ -16,6 +23,9 @@ export default async (
await useCors(req, res);
await useAuth(req, res);
req.yup = schema;
await useValidate(req, res);
const { id: websiteId } = req.query;
if (req.method === 'GET') {

12
pages/api/websites/[id]/daterange.ts
View file

@ -1,14 +1,21 @@
import { WebsiteActive, NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { useAuth, useCors, useValidate } from 'lib/middleware';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getWebsiteDateRange } from 'queries';
import * as yup from 'yup';
export interface WebsiteDateRangeRequestQuery {
id: string;
}
const schema = {
GET: yup.object().shape({
id: yup.string().uuid().required(),
}),
};
export default async (
req: NextApiRequestQueryBody<WebsiteDateRangeRequestQuery>,
res: NextApiResponse<WebsiteActive>,
@ -16,6 +23,9 @@ export default async (
await useCors(req, res);
await useAuth(req, res);
req.yup = schema;
await useValidate(req, res);
const { id: websiteId } = req.query;
if (req.method === 'GET') {

22
pages/api/websites/[id]/events.ts
View file

@ -1,6 +1,6 @@
import { WebsiteMetric, NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { useAuth, useCors, useValidate } from 'lib/middleware';
import moment from 'moment-timezone';
import { NextApiResponse } from 'next';
import { badRequest, methodNotAllowed, ok, unauthorized } from 'next-basics';
@ -16,9 +16,21 @@ export interface WebsiteEventsRequestQuery {
unit: string;
timezone: string;
url: string;
eventName: string;
}
import * as yup from 'yup';
const schema = {
GET: yup.object().shape({
id: yup.string().uuid().required(),
startAt: yup.number().integer().required(),
endAt: yup.number().integer().moreThan(yup.ref('startAt')).required(),
unit: yup.string().required(),
timezone: yup.string().required(),
url: yup.string(),
}),
};
export default async (
req: NextApiRequestQueryBody<WebsiteEventsRequestQuery>,
res: NextApiResponse<WebsiteMetric>,
@ -26,7 +38,10 @@ export default async (
await useCors(req, res);
await useAuth(req, res);
const { id: websiteId, timezone, url, eventName } = req.query;
req.yup = schema;
await useValidate(req, res);
const { id: websiteId, timezone, url } = req.query;
const { startDate, endDate, unit } = await parseDateRangeQuery(req);
if (req.method === 'GET') {
@ -44,7 +59,6 @@ export default async (
timezone,
unit,
url,
eventName,
});
return ok(res, events);

12
pages/api/websites/[id]/index.ts
View file

@ -2,7 +2,7 @@ import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, serverError, unauthorized } from 'next-basics';
import { Website, NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite, canUpdateWebsite, canDeleteWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { useAuth, useCors, useValidate } from 'lib/middleware';
import { deleteWebsite, getWebsiteById, updateWebsite } from 'queries';
import { SHARE_ID_REGEX } from 'lib/constants';
@ -16,6 +16,13 @@ export interface WebsiteRequestBody {
shareId: string;
}
import * as yup from 'yup';
const schema = {
GET: yup.object().shape({
id: yup.string().uuid().required(),
}),
};
export default async (
req: NextApiRequestQueryBody<WebsiteRequestQuery, WebsiteRequestBody>,
res: NextApiResponse<Website>,
@ -23,6 +30,9 @@ export default async (
await useCors(req, res);
await useAuth(req, res);
req.yup = schema;
await useValidate(req, res);
const { id: websiteId } = req.query;
if (req.method === 'GET') {

12
pages/api/websites/[id]/metrics.ts
View file

@ -2,10 +2,11 @@ import { NextApiResponse } from 'next';
import { badRequest, methodNotAllowed, ok, unauthorized } from 'next-basics';
import { WebsiteMetric, NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { useAuth, useCors, useValidate } from 'lib/middleware';
import { SESSION_COLUMNS, EVENT_COLUMNS, FILTER_COLUMNS } from 'lib/constants';
import { getPageviewMetrics, getSessionMetrics } from 'queries';
import { parseDateRangeQuery } from 'lib/query';
import * as yup from 'yup';
export interface WebsiteMetricsRequestQuery {
id: string;
@ -26,6 +27,12 @@ export interface WebsiteMetricsRequestQuery {
language: string;
}
const schema = {
GET: yup.object().shape({
id: yup.string().uuid().required(),
}),
};
export default async (
req: NextApiRequestQueryBody<WebsiteMetricsRequestQuery>,
res: NextApiResponse<WebsiteMetric[]>,
@ -33,6 +40,9 @@ export default async (
await useCors(req, res);
await useAuth(req, res);
req.yup = schema;
await useValidate(req, res);
const {
id: websiteId,
type,

12
pages/api/websites/[id]/pageviews.ts
View file

@ -3,7 +3,7 @@ import { NextApiResponse } from 'next';
import { badRequest, methodNotAllowed, ok, unauthorized } from 'next-basics';
import { NextApiRequestQueryBody, WebsitePageviews } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { useAuth, useCors, useValidate } from 'lib/middleware';
import { getPageviewStats, getSessionStats } from 'queries';
import { parseDateRangeQuery } from 'lib/query';
@ -24,6 +24,13 @@ export interface WebsitePageviewRequestQuery {
city?: string;
}
import * as yup from 'yup';
const schema = {
GET: yup.object().shape({
id: yup.string().uuid().required(),
}),
};
export default async (
req: NextApiRequestQueryBody<WebsitePageviewRequestQuery>,
res: NextApiResponse<WebsitePageviews>,
@ -31,6 +38,9 @@ export default async (
await useCors(req, res);
await useAuth(req, res);
req.yup = schema;
await useValidate(req, res);
const {
id: websiteId,
timezone,

12
pages/api/websites/[id]/reports.ts
View file

@ -1,5 +1,5 @@
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { useAuth, useCors, useValidate } from 'lib/middleware';
import { NextApiRequestQueryBody, ReportSearchFilterType, SearchFilter } from 'lib/types';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
@ -9,6 +9,13 @@ export interface ReportsRequestQuery extends SearchFilter<ReportSearchFilterType
id: string;
}
import * as yup from 'yup';
const schema = {
GET: yup.object().shape({
id: yup.string().uuid().required(),
}),
};
export default async (
req: NextApiRequestQueryBody<ReportsRequestQuery, any>,
res: NextApiResponse,
@ -16,6 +23,9 @@ export default async (
await useCors(req, res);
await useAuth(req, res);
req.yup = schema;
await useValidate(req, res);
const { id: websiteId } = req.query;
if (req.method === 'GET') {

12
pages/api/websites/[id]/reset.ts
View file

@ -1,6 +1,6 @@
import { NextApiRequestQueryBody } from 'lib/types';
import { canUpdateWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { useAuth, useCors, useValidate } from 'lib/middleware';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { resetWebsite } from 'queries';
@ -9,6 +9,13 @@ export interface WebsiteResetRequestQuery {
id: string;
}
import * as yup from 'yup';
const schema = {
GET: yup.object().shape({
id: yup.string().uuid().required(),
}),
};
export default async (
req: NextApiRequestQueryBody<WebsiteResetRequestQuery>,
res: NextApiResponse,
@ -16,6 +23,9 @@ export default async (
await useCors(req, res);
await useAuth(req, res);
req.yup = schema;
await useValidate(req, res);
const { id: websiteId } = req.query;
if (req.method === 'POST') {

12
pages/api/websites/[id]/stats.ts
View file

@ -2,7 +2,7 @@ import { subMinutes, differenceInMinutes } from 'date-fns';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { useAuth, useCors, useValidate } from 'lib/middleware';
import { NextApiRequestQueryBody, WebsiteStats } from 'lib/types';
import { parseDateRangeQuery } from 'lib/query';
import { getWebsiteStats } from 'queries';
@ -24,6 +24,13 @@ export interface WebsiteStatsRequestQuery {
city: string;
}
import * as yup from 'yup';
const schema = {
GET: yup.object().shape({
id: yup.string().uuid().required(),
}),
};
export default async (
req: NextApiRequestQueryBody<WebsiteStatsRequestQuery>,
res: NextApiResponse<WebsiteStats>,
@ -31,6 +38,9 @@ export default async (
await useCors(req, res);
await useAuth(req, res);
req.yup = schema;
await useValidate(req, res);
const {
id: websiteId,
url,

12
pages/api/websites/[id]/values.ts
View file

@ -1,6 +1,6 @@
import { NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { useAuth, useCors, useValidate } from 'lib/middleware';
import { NextApiResponse } from 'next';
import { badRequest, methodNotAllowed, ok, unauthorized } from 'next-basics';
import { EVENT_COLUMNS, FILTER_COLUMNS, SESSION_COLUMNS } from 'lib/constants';
@ -10,6 +10,13 @@ export interface WebsiteResetRequestQuery {
id: string;
}
import * as yup from 'yup';
const schema = {
GET: yup.object().shape({
id: yup.string().uuid().required(),
}),
};
export default async (
req: NextApiRequestQueryBody<WebsiteResetRequestQuery>,
res: NextApiResponse,
@ -17,6 +24,9 @@ export default async (
await useCors(req, res);
await useAuth(req, res);
req.yup = schema;
await useValidate(req, res);
const { id: websiteId, type } = req.query;
if (req.method === 'GET') {

19
pages/api/websites/index.ts
View file

@ -1,11 +1,13 @@
import { canCreateWebsite } from 'lib/auth';
import { uuid } from 'lib/crypto';
import { useAuth, useCors } from 'lib/middleware';
import { useAuth, useCors, useValidate } from 'lib/middleware';
import { NextApiRequestQueryBody, SearchFilter, WebsiteSearchFilterType } from 'lib/types';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { createWebsite } from 'queries';
import userWebsites from 'pages/api/users/[id]/websites';
import * as yup from 'yup';
import { getFilterValidation } from 'lib/yup';
export interface WebsitesRequestQuery extends SearchFilter<WebsiteSearchFilterType> {}
@ -15,12 +17,25 @@ export interface WebsitesRequestBody {
shareId: string;
}
const schema = {
GET: yup.object().shape({
...getFilterValidation(/All|Name|Domain/i),
}),
POST: yup.object().shape({
name: yup.string().max(100).required(),
domain: yup.string().max(500).required(),
shareId: yup.string().max(50),
}),
};
export default async (
req: NextApiRequestQueryBody<WebsitesRequestQuery, WebsitesRequestBody>,
res: NextApiResponse,
) => {
await useCors(req, res);
await useAuth(req, res);
req.yup = schema;
await useValidate(req, res);
const {
user: { id: userId },
@ -30,7 +45,7 @@ export default async (
req.query.id = userId;
req.query.pageSize = 100;
return userWebsites(req, res);
return userWebsites(req as any, res);
}
if (req.method === 'POST') {