Feat/um 197 hook up teams (#1825)

* Link up teams UI. * Fix auth order. * PR touchups.
2025-12-08 05:12:36 +01:00 · 2023-03-09 12:42:12 -08:00 · 2023-03-09 12:42:12 -08:00 · 8a9532f213
commit 8a9532f213
parent f908476e71
17 changed files with 500 additions and 111 deletions
--- a/pages/api/teamWebsites/[id].ts
+++ b/pages/api/teamWebsites/[id].ts
@ -0,0 +1,31 @@
+import { canDeleteTeamWebsite } from 'lib/auth';
+import { useAuth } from 'lib/middleware';
+import { NextApiRequestQueryBody } from 'lib/types';
+import { NextApiResponse } from 'next';
+import { methodNotAllowed, ok, unauthorized } from 'next-basics';
+import { deleteTeamWebsite } from 'queries/admin/teamWebsite';
+
+export interface TeamWebsiteRequestQuery {
+  id: string;
+}
+
+export default async (
+  req: NextApiRequestQueryBody<TeamWebsiteRequestQuery>,
+  res: NextApiResponse,
+) => {
+  await useAuth(req, res);
+
+  const { id: teamWebsiteId } = req.query;
+
+  if (req.method === 'DELETE') {
+    if (!(await canDeleteTeamWebsite(req.auth, teamWebsiteId))) {
+      return unauthorized(res);
+    }
+
+    const websites = await deleteTeamWebsite(teamWebsiteId);
+
+    return ok(res, websites);
+  }
+
+  return methodNotAllowed(res);
+};
--- a/pages/api/teams/[id]/websites.ts
+++ b/pages/api/teams/[id]/websites.ts
@ -1,17 +1,17 @@
-import { NextApiResponse } from 'next';
-import { methodNotAllowed, ok, unauthorized } from 'next-basics';
-import { NextApiRequestQueryBody } from 'lib/types';
 import { canViewTeam } from 'lib/auth';
 import { useAuth } from 'lib/middleware';
-import { getTeamWebsites } from 'queries/admin/team';
+import { NextApiRequestQueryBody } from 'lib/types';
+import { NextApiResponse } from 'next';
+import { methodNotAllowed, ok, unauthorized } from 'next-basics';
+import { createTeamWebsites, getTeamWebsites } from 'queries/admin/teamWebsite';

 export interface TeamWebsiteRequestQuery {
  id: string;
 }

 export interface TeamWebsiteRequestBody {
-  websiteId: string;
  teamWebsiteId?: string;
+  websiteIds?: string[];
 }

 export default async (
@ -21,6 +21,9 @@ export default async (
  await useAuth(req, res);

  const { id: teamId } = req.query;
+  const {
+    user: { id: userId },
+  } = req.auth;

  if (req.method === 'GET') {
    if (!(await canViewTeam(req.auth, teamId))) {
@ -32,5 +35,17 @@ export default async (
    return ok(res, websites);
  }

+  if (req.method === 'POST') {
+    if (!(await canViewTeam(req.auth, teamId))) {
+      return unauthorized(res);
+    }
+
+    const { websiteIds } = req.body;
+
+    const websites = await createTeamWebsites(teamId, websiteIds);
+
+    return ok(res, websites);
+  }
+
  return methodNotAllowed(res);
 };
--- a/pages/api/teams/index.ts
+++ b/pages/api/teams/index.ts
@ -34,12 +34,14 @@ export default async (

    const { name } = req.body;

-    const team = await createTeam({
-      id: uuid(),
-      name,
+    const team = await createTeam(
+      {
+        id: uuid(),
+        name,
+        accessCode: getRandomChars(16),
+      },
      userId,
-      accessCode: getRandomChars(16),
-    });
+    );

    return ok(res, team);
  }
--- a/pages/api/teams/join.ts
+++ b/pages/api/teams/join.ts
@ -6,13 +6,13 @@ import { methodNotAllowed, ok, notFound } from 'next-basics';
 import { createTeamUser, getTeam } from 'queries';
 import { ROLES } from 'lib/constants';

-export interface TeamsRequestBody {
+export interface TeamsJoinRequestBody {
  accessCode: string;
 }

 export default async (
-  req: NextApiRequestQueryBody<any, TeamsRequestBody>,
-  res: NextApiResponse<Team[] | Team>,
+  req: NextApiRequestQueryBody<any, TeamsJoinRequestBody>,
+  res: NextApiResponse<Team>,
 ) => {
  await useAuth(req, res);