watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-15 10:05:36 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Fix teamWebsite / teamUser.

Browse source
This commit is contained in:
Brian Cao 2023-04-09 16:04:28 -07:00
parent 53b23420a4
commit 9eff565e7a
14 changed files with 83 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

32
pages/api/teams/[id]/websites/[websiteId].ts Normal file
View file

@ -0,0 +1,32 @@
import { canDeleteTeamWebsite } from 'lib/auth';
import { useAuth } from 'lib/middleware';
import { NextApiRequestQueryBody } from 'lib/types';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { deleteTeamWebsite } from 'queries/admin/teamWebsite';
export interface TeamWebsitesRequestQuery {
id: string;
websiteId: string;
}
export default async (
req: NextApiRequestQueryBody<TeamWebsitesRequestQuery>,
res: NextApiResponse,
) => {
await useAuth(req, res);
const { id: teamId, websiteId } = req.query;
if (req.method === 'DELETE') {
if (!(await canDeleteTeamWebsite(req.auth, teamId, websiteId))) {
return unauthorized(res);
}
const websites = await deleteTeamWebsite(teamId, websiteId);
return ok(res, websites);
}
return methodNotAllowed(res);
};

51
pages/api/teams/[id]/websites/index.ts Normal file
View file

@ -0,0 +1,51 @@
import { canViewTeam } from 'lib/auth';
import { useAuth } from 'lib/middleware';
import { NextApiRequestQueryBody } from 'lib/types';
import { NextApiResponse } from 'next';
import { methodNotAllowed, ok, unauthorized } from 'next-basics';
import { createTeamWebsites, getTeamWebsites } from 'queries/admin/teamWebsite';
export interface TeamWebsiteRequestQuery {
id: string;
}
export interface TeamWebsiteRequestBody {
teamWebsiteId?: string;
websiteIds?: string[];
}
export default async (
req: NextApiRequestQueryBody<TeamWebsiteRequestQuery, TeamWebsiteRequestBody>,
res: NextApiResponse,
) => {
await useAuth(req, res);
const { id: teamId } = req.query;
const {
user: { id: userId },
} = req.auth;
if (req.method === 'GET') {
if (!(await canViewTeam(req.auth, teamId))) {
return unauthorized(res);
}
const websites = await getTeamWebsites(teamId);
return ok(res, websites);
}
if (req.method === 'POST') {
if (!(await canViewTeam(req.auth, teamId))) {
return unauthorized(res);
}
const { websiteIds } = req.body;
const websites = await createTeamWebsites(teamId, websiteIds);
return ok(res, websites);
}
return methodNotAllowed(res);
};