Added ability to delete reports.

2026-02-09 07:07:17 +01:00 · 2023-07-30 00:11:26 -07:00 · 2023-07-30 00:11:26 -07:00 · 95d824542f
commit 95d824542f
parent ad710cc86a
8 changed files with 159 additions and 40 deletions
--- a/pages/api/reports/[id].ts
+++ b/pages/api/reports/[id].ts
@ -1,9 +1,9 @@
-import { canUpdateReport, canViewReport } from 'lib/auth';
+import { canUpdateReport, canViewReport, canDeleteReport } from 'lib/auth';
 import { useAuth, useCors } from 'lib/middleware';
 import { NextApiRequestQueryBody } from 'lib/types';
 import { NextApiResponse } from 'next';
 import { methodNotAllowed, ok, unauthorized } from 'next-basics';
-import { getReportById, updateReport } from 'queries';
+import { getReportById, updateReport, deleteReport } from 'queries';

 export interface ReportRequestQuery {
  id: string;
@ -24,31 +24,29 @@ export default async (
  await useCors(req, res);
  await useAuth(req, res);

+  const { id: reportId } = req.query;
+  const {
+    user: { id: userId },
+  } = req.auth;
+
  if (req.method === 'GET') {
-    const { id: reportId } = req.query;
+    const report = await getReportById(reportId);

-    const data = await getReportById(reportId);
-
-    if (!(await canViewReport(req.auth, data))) {
+    if (!(await canViewReport(req.auth, report))) {
      return unauthorized(res);
    }

-    data.parameters = JSON.parse(data.parameters);
+    report.parameters = JSON.parse(report.parameters);

-    return ok(res, data);
+    return ok(res, report);
  }

  if (req.method === 'POST') {
-    const { id: reportId } = req.query;
-    const {
-      user: { id: userId },
-    } = req.auth;
-
    const { websiteId, type, name, description, parameters } = req.body;

-    const data = await getReportById(reportId);
+    const report = await getReportById(reportId);

-    if (!(await canUpdateReport(req.auth, data))) {
+    if (!(await canUpdateReport(req.auth, report))) {
      return unauthorized(res);
    }

@ -64,5 +62,17 @@ export default async (
    return ok(res, result);
  }

+  if (req.method === 'DELETE') {
+    const report = await getReportById(reportId);
+
+    if (!(await canDeleteReport(req.auth, report))) {
+      return unauthorized(res);
+    }
+
+    await deleteReport(reportId);
+
+    return ok(res);
+  }
+
  return methodNotAllowed(res);
 };