watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-12 08:37:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Dev (#1702)

Browse source 
* Initial Typescript models.

* Re-add realtime data

* get distinct sessions for session metrics

* Add queries for new schema.

* Fix Typo.

* Add some api/team endpoints.

* Fix destructure error.

* Fix getWebsites call.

* Ignore typescript build errors.

* Fix enum issue.

* add clickhouse route to deleteWebsite

* Fix Website auth.

* Updated lint-staged config.

* Add permission checks.

* Add user role api.

* Fix error when updating website.

* Fix isAdmin check.  Fix Schema.

* Initial conversion to react-basics.

* Remove user/team transfer from website update.

* delete website in relational query

* Fix login secure token creation.

* Add event type to event.

* Allow user to be added to team with role.

* Updated login form.

* Add Role to TeamUser.

* Add database migration.

* Refactored permissions check. Updated redis lib.

* Feat/um 114 roles and permissions (#1683)

* Auth checkpoint.

* Merge branch 'dev' into feat/um-114-roles-and-permissions

* Add 02 migration.

* Added lib/types.

* Updated schema.

* Updated roles and permissions logic.

* Implement react-basics styles. Fix queries.

* Update website details layout.

* Add 01 migration.

* Fix admin create.

* Update react-basics.

Co-authored-by: Francis Cao <franciscao@gmail.com>
Co-authored-by: Mike Cao <mike@mikecao.com>
Co-authored-by: Mike Cao <moocao@gmail.com>
This commit is contained in:
Brian Cao 2022-12-12 19:45:38 -08:00 committed by GitHub
parent 94848cc41b
commit 8732d056dd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
165 changed files with 3370 additions and 6268 deletions
Download patch file Download diff file Expand all files Collapse all files

24
pages/api/websites/[id]/active.js
View file

@ -1,24 +0,0 @@
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { allowQuery } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { getActiveVisitors } from 'queries';
import { TYPE_WEBSITE } from 'lib/constants';
export default async (req, res) => {
await useCors(req, res);
await useAuth(req, res);
if (req.method === 'GET') {
if (!(await allowQuery(req, TYPE_WEBSITE))) {
return unauthorized(res);
}
const { id: websiteId } = req.query;
const result = await getActiveVisitors(websiteId);
return ok(res, result);
}
return methodNotAllowed(res);
};

36
pages/api/websites/[id]/active.ts Normal file
View file

@ -0,0 +1,36 @@
import { WebsiteActive } from 'lib/types';
import { NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getActiveVisitors } from 'queries';
export interface WebsiteActiveRequestQuery {
id: string;
}
export default async (
req: NextApiRequestQueryBody<WebsiteActiveRequestQuery>,
res: NextApiResponse<WebsiteActive>,
) => {
await useCors(req, res);
await useAuth(req, res);
const {
user: { id: userId },
} = req.auth;
const { id: websiteId } = req.query;
if (req.method === 'GET') {
if (await canViewWebsite(userId, websiteId)) {
return unauthorized(res);
}
const result = await getActiveVisitors(websiteId);
return ok(res, result);
}
return methodNotAllowed(res);
};

41
pages/api/websites/[id]/eventdata.js
View file

@ -1,41 +0,0 @@
import moment from 'moment-timezone';
import { getEventData } from 'queries';
import { ok, badRequest, methodNotAllowed, unauthorized } from 'next-basics';
import { allowQuery } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { TYPE_WEBSITE } from 'lib/constants';
export default async (req, res) => {
await useCors(req, res);
await useAuth(req, res);
if (req.method === 'POST') {
if (!(await allowQuery(req, TYPE_WEBSITE))) {
return unauthorized(res);
}
const { id: websiteId } = req.query;
const { start_at, end_at, timezone, event_name: eventName, columns, filters } = req.body;
if (!moment.tz.zone(timezone)) {
return badRequest(res);
}
const startDate = new Date(+start_at);
const endDate = new Date(+end_at);
const events = await getEventData(websiteId, {
startDate,
endDate,
timezone,
eventName,
columns,
filters,
});
return ok(res, events);
}
return methodNotAllowed(res);
};

54
pages/api/websites/[id]/eventdata.ts Normal file
View file

@ -0,0 +1,54 @@
import { WebsiteMetric, NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getEventData } from 'queries';
export interface WebsiteEventDataRequestQuery {
id: string;
}
export interface WebsiteEventDataRequestBody {
start_at: string;
end_at: string;
event_name: string;
columns: { [key: string]: 'count' | 'max' | 'min' | 'avg' | 'sum' };
filters?: { [key: string]: any };
}
export default async (
req: NextApiRequestQueryBody<WebsiteEventDataRequestQuery, WebsiteEventDataRequestBody>,
res: NextApiResponse<WebsiteMetric>,
) => {
await useCors(req, res);
await useAuth(req, res);
const {
user: { id: userId },
} = req.auth;
const { id: websiteId } = req.query;
if (req.method === 'POST') {
if (canViewWebsite(userId, websiteId)) {
return unauthorized(res);
}
const { start_at, end_at, event_name: eventName, columns, filters } = req.body;
const startDate = new Date(+start_at);
const endDate = new Date(+end_at);
const events = await getEventData(websiteId, {
startDate,
endDate,
eventName,
columns,
filters,
});
return ok(res, events);
}
return methodNotAllowed(res);
};

36
pages/api/websites/[id]/events.js
View file

@ -1,36 +0,0 @@
import moment from 'moment-timezone';
import { getEventMetrics } from 'queries';
import { ok, badRequest, methodNotAllowed, unauthorized } from 'next-basics';
import { allowQuery } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { TYPE_WEBSITE } from 'lib/constants';
const unitTypes = ['year', 'month', 'hour', 'day'];
export default async (req, res) => {
await useCors(req, res);
await useAuth(req, res);
if (req.method === 'GET') {
if (!(await allowQuery(req, TYPE_WEBSITE))) {
return unauthorized(res);
}
const { id: websiteId, start_at, end_at, unit, tz, url, event_name } = req.query;
if (!moment.tz.zone(tz) || !unitTypes.includes(unit)) {
return badRequest(res);
}
const startDate = new Date(+start_at);
const endDate = new Date(+end_at);
const events = await getEventMetrics(websiteId, startDate, endDate, tz, unit, {
url,
eventName: event_name,
});
return ok(res, events);
}
return methodNotAllowed(res);
};

59
pages/api/websites/[id]/events.ts Normal file
View file

@ -0,0 +1,59 @@
import { WebsiteMetric, NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import moment from 'moment-timezone';
import { NextApiResponse } from 'next';
import { badRequest, methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getEventMetrics } from 'queries';
const unitTypes = ['year', 'month', 'hour', 'day'];
export interface WebsiteEventsRequestQuery {
id: string;
start_at: string;
end_at: string;
unit: string;
tz: string;
url: string;
event_name: string;
}
export default async (
req: NextApiRequestQueryBody<WebsiteEventsRequestQuery>,
res: NextApiResponse<WebsiteMetric>,
) => {
await useCors(req, res);
await useAuth(req, res);
const {
user: { id: userId },
} = req.auth;
const { id: websiteId, start_at, end_at, unit, tz, url, event_name } = req.query;
if (req.method === 'GET') {
if (canViewWebsite(userId, websiteId)) {
return unauthorized(res);
}
if (!moment.tz.zone(tz) || !unitTypes.includes(unit)) {
return badRequest(res);
}
const startDate = new Date(+start_at);
const endDate = new Date(+end_at);
const events = await getEventMetrics(websiteId, {
startDate,
endDate,
timezone: tz,
unit,
filters: {
url,
eventName: event_name,
},
});
return ok(res, events);
}
return methodNotAllowed(res);
};

45
pages/api/websites/[id]/index.js → pages/api/websites/[id]/index.ts
View file

@ -1,35 +1,52 @@
import { allowQuery } from 'lib/auth';
import { Website, NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite, canUpdateWebsite, canDeleteWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, serverError, unauthorized } from 'next-basics';
import { deleteWebsite, getWebsite, updateWebsite } from 'queries';
import { TYPE_WEBSITE } from 'lib/constants';
export default async (req, res) => {
export interface WebsiteRequestQuery {
id: string;
}
export interface WebsiteRequestBody {
name: string;
domain: string;
shareId: string;
}
export default async (
req: NextApiRequestQueryBody<WebsiteRequestQuery, WebsiteRequestBody>,
res: NextApiResponse<Website>,
) => {
await useCors(req, res);
await useAuth(req, res);
const {
user: { id: userId },
} = req.auth;
const { id: websiteId } = req.query;
if (!(await allowQuery(req, TYPE_WEBSITE))) {
return unauthorized(res);
}
if (req.method === 'GET') {
if (!(await canViewWebsite(userId, websiteId))) {
return unauthorized(res);
}
const website = await getWebsite({ id: websiteId });
return ok(res, website);
}
if (req.method === 'POST') {
if (!(await canUpdateWebsite(userId, websiteId))) {
return unauthorized(res);
}
const { name, domain, shareId } = req.body;
try {
await updateWebsite(websiteId, {
name,
domain,
shareId,
});
} catch (e) {
await updateWebsite(websiteId, { name, domain, shareId });
} catch (e: any) {
if (e.message.includes('Unique constraint') && e.message.includes('share_id')) {
return serverError(res, 'That share ID is already taken.');
}
@ -39,7 +56,7 @@ export default async (req, res) => {
}
if (req.method === 'DELETE') {
if (!(await allowQuery(req, TYPE_WEBSITE))) {
if (!(await canDeleteWebsite(userId, websiteId))) {
return unauthorized(res);
}

55
pages/api/websites/[id]/metrics.js → pages/api/websites/[id]/metrics.ts
View file

@ -1,6 +1,8 @@
import { allowQuery } from 'lib/auth';
import { FILTER_IGNORED, TYPE_WEBSITE } from 'lib/constants';
import { WebsiteMetric, NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { FILTER_IGNORED } from 'lib/constants';
import { useAuth, useCors } from 'lib/middleware';
import { NextApiResponse } from 'next';
import { badRequest, methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getPageviewMetrics, getSessionMetrics, getWebsite } from 'queries';
@ -33,28 +35,47 @@ function getColumn(type) {
return type;
}
export default async (req, res) => {
export interface WebsiteMetricsRequestQuery {
id: string;
type: string;
start_at: number;
end_at: number;
url: string;
referrer: string;
os: string;
browser: string;
device: string;
country: string;
}
export default async (
req: NextApiRequestQueryBody<WebsiteMetricsRequestQuery>,
res: NextApiResponse<WebsiteMetric[]>,
) => {
await useCors(req, res);
await useAuth(req, res);
const {
user: { id: userId },
} = req.auth;
const {
id: websiteId,
type,
start_at,
end_at,
url,
referrer,
os,
browser,
device,
country,
} = req.query;
if (req.method === 'GET') {
if (!(await allowQuery(req, TYPE_WEBSITE))) {
if (!(await canViewWebsite(userId, websiteId))) {
return unauthorized(res);
}
const {
id: websiteId,
type,
start_at,
end_at,
url,
referrer,
os,
browser,
device,
country,
} = req.query;
const startDate = new Date(+start_at);
const endDate = new Date(+end_at);

72
pages/api/websites/[id]/pageviews.js → pages/api/websites/[id]/pageviews.ts
View file

@ -1,35 +1,57 @@
import moment from 'moment-timezone';
import { getPageviewStats } from 'queries';
import { ok, badRequest, methodNotAllowed, unauthorized } from 'next-basics';
import { allowQuery } from 'lib/auth';
import { NextApiRequestQueryBody, WebsitePageviews } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { TYPE_WEBSITE } from 'lib/constants';
import moment from 'moment-timezone';
import { NextApiResponse } from 'next';
import { badRequest, methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getPageviewStats } from 'queries';
const unitTypes = ['year', 'month', 'hour', 'day'];
export default async (req, res) => {
export interface WebsitePageviewRequestQuery {
id: string;
websiteId: string;
start_at: number;
end_at: number;
unit: string;
tz: string;
url?: string;
referrer?: string;
os?: string;
browser?: string;
device?: string;
country?: string;
}
export default async (
req: NextApiRequestQueryBody<WebsitePageviewRequestQuery>,
res: NextApiResponse<WebsitePageviews>,
) => {
await useCors(req, res);
await useAuth(req, res);
const {
user: { id: userId },
} = req.auth;
const {
id: websiteId,
start_at,
end_at,
unit,
tz,
url,
referrer,
os,
browser,
device,
country,
} = req.query;
if (req.method === 'GET') {
if (!(await allowQuery(req, TYPE_WEBSITE))) {
if (!(await canViewWebsite(userId, websiteId))) {
return unauthorized(res);
}
const {
id: websiteId,
start_at,
end_at,
unit,
tz,
url,
referrer,
os,
browser,
device,
country,
} = req.query;
const startDate = new Date(+start_at);
const endDate = new Date(+end_at);
@ -39,8 +61,8 @@ export default async (req, res) => {
const [pageviews, sessions] = await Promise.all([
getPageviewStats(websiteId, {
start_at: startDate,
end_at: endDate,
startDate,
endDate,
timezone: tz,
unit,
count: '*',
@ -54,8 +76,8 @@ export default async (req, res) => {
},
}),
getPageviewStats(websiteId, {
start_at: startDate,
end_at: endDate,
startDate,
endDate,
timezone: tz,
unit,
count: 'distinct pageview.',

23
pages/api/websites/[id]/reset.js → pages/api/websites/[id]/reset.ts
View file

@ -1,17 +1,28 @@
import { resetWebsite } from 'queries';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { allowQuery } from 'lib/auth';
import { NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { TYPE_WEBSITE } from 'lib/constants';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { resetWebsite } from 'queries';
export default async (req, res) => {
export interface WebsiteResetRequestQuery {
id: string;
}
export default async (
req: NextApiRequestQueryBody<WebsiteResetRequestQuery>,
res: NextApiResponse,
) => {
await useCors(req, res);
await useAuth(req, res);
const {
user: { id: userId },
} = req.auth;
const { id: websiteId } = req.query;
if (req.method === 'POST') {
if (!(await allowQuery(req, TYPE_WEBSITE))) {
if (!(await canViewWebsite(userId, websiteId))) {
return unauthorized(res);
}

65
pages/api/websites/[id]/stats.js → pages/api/websites/[id]/stats.ts
View file

@ -1,30 +1,51 @@
import { getWebsiteStats } from 'queries';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { allowQuery } from 'lib/auth';
import { WebsiteStats } from 'lib/types';
import { NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { TYPE_WEBSITE } from 'lib/constants';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { getWebsiteStats } from 'queries';
export default async (req, res) => {
export interface WebsiteStatsRequestQuery {
id: string;
type: string;
start_at: number;
end_at: number;
url: string;
referrer: string;
os: string;
browser: string;
device: string;
country: string;
}
export default async (
req: NextApiRequestQueryBody<WebsiteStatsRequestQuery>,
res: NextApiResponse<WebsiteStats>,
) => {
await useCors(req, res);
await useAuth(req, res);
const {
user: { id: userId },
} = req.auth;
const {
id: websiteId,
start_at,
end_at,
url,
referrer,
os,
browser,
device,
country,
} = req.query;
if (req.method === 'GET') {
if (!(await allowQuery(req, TYPE_WEBSITE))) {
if (!(await canViewWebsite(userId, websiteId))) {
return unauthorized(res);
}
const {
id: websiteId,
start_at,
end_at,
url,
referrer,
os,
browser,
device,
country,
} = req.query;
const startDate = new Date(+start_at);
const endDate = new Date(+end_at);
@ -33,8 +54,8 @@ export default async (req, res) => {
const prevEndDate = new Date(+end_at - distance);
const metrics = await getWebsiteStats(websiteId, {
start_at: startDate,
end_at: endDate,
startDate,
endDate,
filters: {
url,
referrer,
@ -45,8 +66,8 @@ export default async (req, res) => {
},
});
const prevPeriod = await getWebsiteStats(websiteId, {
start_at: prevStartDate,
end_at: prevEndDate,
startDate: prevStartDate,
endDate: prevEndDate,
filters: {
url,
referrer,

33
pages/api/websites/index.js
View file

@ -1,33 +0,0 @@
import { createWebsite, getAllWebsites, getUserWebsites } from 'queries';
import { ok, methodNotAllowed, getRandomChars } from 'next-basics';
import { useAuth, useCors } from 'lib/middleware';
import { uuid } from 'lib/crypto';
export default async (req, res) => {
await useCors(req, res);
await useAuth(req, res);
const {
user: { id: userId, isAdmin },
} = req.auth;
if (req.method === 'GET') {
const { include_all } = req.query;
const websites =
isAdmin && include_all ? await getAllWebsites() : await getUserWebsites(userId);
return ok(res, websites);
}
if (req.method === 'POST') {
const { name, domain, enableShareUrl } = req.body;
const shareId = enableShareUrl ? getRandomChars(8) : null;
const website = await createWebsite(userId, { id: uuid(), name, domain, shareId });
return ok(res, website);
}
return methodNotAllowed(res);
};

57
pages/api/websites/index.ts Normal file
View file

@ -0,0 +1,57 @@
import { Prisma } from '@prisma/client';
import { NextApiRequestQueryBody } from 'lib/types';
import { uuid } from 'lib/crypto';
import { useAuth, useCors } from 'lib/middleware';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok } from 'next-basics';
import { createWebsite, getUserWebsites } from 'queries';
export interface WebsitesRequestQuery {}
export interface WebsitesRequestBody {
name: string;
domain: string;
shareId: string;
teamId?: string;
}
export default async (
req: NextApiRequestQueryBody<WebsitesRequestQuery, WebsitesRequestBody>,
res: NextApiResponse,
) => {
await useCors(req, res);
await useAuth(req, res);
const {
user: { id: userId },
} = req.auth;
if (req.method === 'GET') {
const websites = await getUserWebsites(userId);
return ok(res, websites);
}
if (req.method === 'POST') {
const { name, domain, shareId, teamId } = req.body;
const data: Prisma.WebsiteUncheckedCreateInput = {
id: uuid(),
name,
domain,
shareId,
};
if (teamId) {
data.teamId = teamId;
} else {
data.userId = userId;
}
const website = await createWebsite(data);
return ok(res, website);
}
return methodNotAllowed(res);
};