Dev (#1702)

* Initial Typescript models. * Re-add realtime data * get distinct sessions for session metrics * Add queries for new schema. * Fix Typo. * Add some api/team endpoints. * Fix destructure error. * Fix getWebsites call. * Ignore typescript build errors. * Fix enum issue. * add clickhouse route to deleteWebsite * Fix Website auth. * Updated lint-staged config. * Add permission checks. * Add user role api. * Fix error when updating website. * Fix isAdmin check. Fix Schema. * Initial conversion to react-basics. * Remove user/team transfer from website update. * delete website in relational query * Fix login secure token creation. * Add event type to event. * Allow user to be added to team with role. * Updated login form. * Add Role to TeamUser. * Add database migration. * Refactored permissions check. Updated redis lib. * Feat/um 114 roles and permissions (#1683) * Auth checkpoint. * Merge branch 'dev' into feat/um-114-roles-and-permissions * Add 02 migration. * Added lib/types. * Updated schema. * Updated roles and permissions logic. * Implement react-basics styles. Fix queries. * Update website details layout. * Add 01 migration. * Fix admin create. * Update react-basics. Co-authored-by: Francis Cao <franciscao@gmail.com> Co-authored-by: Mike Cao <mike@mikecao.com> Co-authored-by: Mike Cao <moocao@gmail.com>
2026-02-12 00:27:11 +01:00 · 2022-12-12 19:45:38 -08:00 · 2022-12-12 19:45:38 -08:00 · 8732d056dd
commit 8732d056dd
parent 94848cc41b
165 changed files with 3370 additions and 6268 deletions
--- a/pages/api/users/index.ts
+++ b/pages/api/users/index.ts
@ -0,0 +1,59 @@
+import { NextApiRequestQueryBody } from 'lib/types';
+import { uuid } from 'lib/crypto';
+import { useAuth } from 'lib/middleware';
+import { ROLES } from 'lib/constants';
+import { NextApiResponse } from 'next';
+import { badRequest, hashPassword, methodNotAllowed, ok, unauthorized } from 'next-basics';
+import { createUser, getUser, getUsers, User } from 'queries';
+
+export interface UsersRequestBody {
+  username: string;
+  password: string;
+  id: string;
+}
+
+export default async (
+  req: NextApiRequestQueryBody<any, UsersRequestBody>,
+  res: NextApiResponse<User[] | User>,
+) => {
+  await useAuth(req, res);
+
+  const {
+    user: { isAdmin },
+  } = req.auth;
+
+  if (req.method === 'GET') {
+    if (isAdmin) {
+      return unauthorized(res);
+    }
+
+    const users = await getUsers();
+
+    return ok(res, users);
+  }
+
+  if (req.method === 'POST') {
+    if (isAdmin) {
+      return unauthorized(res);
+    }
+
+    const { username, password, id } = req.body;
+
+    const existingUser = await getUser({ username });
+
+    if (existingUser) {
+      return badRequest(res, 'User already exists');
+    }
+
+    const created = await createUser({
+      id: id || uuid(),
+      username,
+      password: hashPassword(password),
+      role: ROLES.user,
+    });
+
+    return ok(res, created);
+  }
+
+  return methodNotAllowed(res);
+};