Merge branch 'dev' of https://github.com/umami-software/umami into dev

# Conflicts:
#	pages/api/account/index.js

pages/api/websites/[id]/active.js

@@ -0,0 +1,24 @@
+import { methodNotAllowed, ok, unauthorized } from 'next-basics';
+import { allowQuery } from 'lib/auth';
+import { useCors } from 'lib/middleware';
+import { getActiveVisitors } from 'queries';
+
+export default async (req, res) => {
+  if (req.method === 'GET') {
+    await useCors(req, res);
+
+    if (!(await allowQuery(req))) {
+      return unauthorized(res);
+    }
+
+    const { id } = req.query;
+
+    const websiteId = +id;
+
+    const result = await getActiveVisitors(websiteId);
+
+    return ok(res, result);
+  }
+
+  return methodNotAllowed(res);
+};

pages/api/websites/[id]/events.js

@@ -0,0 +1,36 @@
+import moment from 'moment-timezone';
+import { getEventMetrics } from 'queries';
+import { ok, badRequest, methodNotAllowed, unauthorized } from 'next-basics';
+import { allowQuery } from 'lib/auth';
+import { useCors } from 'lib/middleware';
+
+const unitTypes = ['year', 'month', 'hour', 'day'];
+
+export default async (req, res) => {
+  if (req.method === 'GET') {
+    await useCors(req, res);
+
+    if (!(await allowQuery(req))) {
+      return unauthorized(res);
+    }
+
+    const { id, start_at, end_at, unit, tz, url, event_name } = req.query;
+
+    if (!moment.tz.zone(tz) || !unitTypes.includes(unit)) {
+      return badRequest(res);
+    }
+
+    const websiteId = +id;
+    const startDate = new Date(+start_at);
+    const endDate = new Date(+end_at);
+
+    const events = await getEventMetrics(websiteId, startDate, endDate, tz, unit, {
+      url,
+      event_name,
+    });
+
+    return ok(res, events);
+  }
+
+  return methodNotAllowed(res);
+};

pages/api/websites/[id]/index.js

@@ -0,0 +1,59 @@
+import { getRandomChars, methodNotAllowed, ok, unauthorized } from 'next-basics';
+import { deleteWebsite, getWebsiteById, updateWebsite } from 'queries';
+import { allowQuery } from 'lib/auth';
+import { useAuth, useCors } from 'lib/middleware';
+
+export default async (req, res) => {
+  const { id } = req.query;
+
+  const websiteId = +id;
+
+  if (req.method === 'GET') {
+    await useCors(req, res);
+
+    if (!(await allowQuery(req))) {
+      return unauthorized(res);
+    }
+
+    const website = await getWebsiteById(websiteId);
+
+    return ok(res, website);
+  }
+
+  if (req.method === 'POST') {
+    await useAuth(req, res);
+
+    const { is_admin: currentUserIsAdmin, user_id: currentUserId } = req.auth;
+    const { name, domain, owner, enable_share_url } = req.body;
+
+    const website = await getWebsiteById(websiteId);
+
+    if (website.user_id !== currentUserId && !currentUserIsAdmin) {
+      return unauthorized(res);
+    }
+
+    let { share_id } = website;
+
+    if (enable_share_url) {
+      share_id = share_id ? share_id : getRandomChars(8);
+    } else {
+      share_id = null;
+    }
+
+    await updateWebsite(websiteId, { name, domain, share_id, user_id: +owner });
+
+    return ok(res);
+  }
+
+  if (req.method === 'DELETE') {
+    if (!(await allowQuery(req, true))) {
+      return unauthorized(res);
+    }
+
+    await deleteWebsite(websiteId);
+
+    return ok(res);
+  }
+
+  return methodNotAllowed(res);
+};

pages/api/websites/[id]/metrics.js

@@ -0,0 +1,122 @@
+import { getPageviewMetrics, getSessionMetrics, getWebsiteById } from 'queries';
+import { ok, methodNotAllowed, unauthorized, badRequest } from 'next-basics';
+import { allowQuery } from 'lib/auth';
+import { useCors } from 'lib/middleware';
+import { FILTER_IGNORED } from 'lib/constants';
+
+const sessionColumns = ['browser', 'os', 'device', 'screen', 'country', 'language'];
+const pageviewColumns = ['url', 'referrer', 'query'];
+
+function getTable(type) {
+  if (type === 'event') {
+    return 'event';
+  }
+
+  if (sessionColumns.includes(type)) {
+    return 'session';
+  }
+
+  if (pageviewColumns.includes(type)) {
+    return 'pageview';
+  }
+
+  throw new Error('Invalid type');
+}
+
+function getColumn(type) {
+  if (type === 'event') {
+    return 'event_name';
+  }
+  if (type === 'query') {
+    return 'url';
+  }
+  return type;
+}
+
+export default async (req, res) => {
+  if (req.method === 'GET') {
+    await useCors(req, res);
+
+    if (!(await allowQuery(req))) {
+      return unauthorized(res);
+    }
+
+    const { id, type, start_at, end_at, url, referrer, os, browser, device, country } = req.query;
+
+    const websiteId = +id;
+    const startDate = new Date(+start_at);
+    const endDate = new Date(+end_at);
+
+    if (sessionColumns.includes(type)) {
+      let data = await getSessionMetrics(websiteId, {
+        startDate,
+        endDate,
+        field: type,
+        filters: {
+          os,
+          browser,
+          device,
+          country,
+        },
+      });
+
+      if (type === 'language') {
+        let combined = {};
+
+        for (let { x, y } of data) {
+          x = String(x).toLowerCase().split('-')[0];
+
+          if (!combined[x]) {
+            combined[x] = { x, y };
+          } else {
+            combined[x].y += y;
+          }
+        }
+
+        data = Object.values(combined);
+      }
+
+      return ok(res, data);
+    }
+
+    if (pageviewColumns.includes(type) || type === 'event') {
+      let domain;
+
+      if (type === 'referrer') {
+        const website = await getWebsiteById(websiteId);
+
+        if (!website) {
+          return badRequest(res);
+        }
+
+        domain = website.domain;
+      }
+
+      const column = getColumn(type);
+      const table = getTable(type);
+      const filters = {
+        domain,
+        url: type !== 'url' && table !== 'event' ? url : undefined,
+        referrer: type !== 'referrer' && table !== 'event' ? referrer : FILTER_IGNORED,
+        os: type !== 'os' ? os : undefined,
+        browser: type !== 'browser' ? browser : undefined,
+        device: type !== 'device' ? device : undefined,
+        country: type !== 'country' ? country : undefined,
+        event_url: type !== 'url' && table === 'event' ? url : undefined,
+        query: type === 'query' && table !== 'event' ? true : undefined,
+      };
+
+      const data = await getPageviewMetrics(websiteId, {
+        startDate,
+        endDate,
+        column,
+        table,
+        filters,
+      });
+
+      return ok(res, data);
+    }
+  }
+
+  return methodNotAllowed(res);
+};

pages/api/websites/[id]/pageviews.js

@@ -0,0 +1,64 @@
+import moment from 'moment-timezone';
+import { getPageviewStats } from 'queries';
+import { ok, badRequest, methodNotAllowed, unauthorized } from 'next-basics';
+import { allowQuery } from 'lib/auth';
+import { useCors } from 'lib/middleware';
+
+const unitTypes = ['year', 'month', 'hour', 'day'];
+
+export default async (req, res) => {
+  if (req.method === 'GET') {
+    await useCors(req, res);
+
+    if (!(await allowQuery(req))) {
+      return unauthorized(res);
+    }
+
+    const { id, start_at, end_at, unit, tz, url, referrer, os, browser, device, country } =
+      req.query;
+
+    const websiteId = +id;
+    const startDate = new Date(+start_at);
+    const endDate = new Date(+end_at);
+
+    if (!moment.tz.zone(tz) || !unitTypes.includes(unit)) {
+      return badRequest(res);
+    }
+
+    const [pageviews, sessions] = await Promise.all([
+      getPageviewStats(websiteId, {
+        start_at: startDate,
+        end_at: endDate,
+        timezone: tz,
+        unit,
+        count: '*',
+        filters: {
+          url,
+          referrer,
+          os,
+          browser,
+          device,
+          country,
+        },
+      }),
+      getPageviewStats(websiteId, {
+        start_at: startDate,
+        end_at: endDate,
+        timezone: tz,
+        unit,
+        count: 'distinct pageview.',
+        filters: {
+          url,
+          os,
+          browser,
+          device,
+          country,
+        },
+      }),
+    ]);
+
+    return ok(res, { pageviews, sessions });
+  }
+
+  return methodNotAllowed(res);
+};

pages/api/websites/[id]/reset.js

@@ -0,0 +1,20 @@
+import { resetWebsite } from 'queries';
+import { methodNotAllowed, ok, unauthorized } from 'next-basics';
+import { allowQuery } from 'lib/auth';
+
+export default async (req, res) => {
+  const { id } = req.query;
+  const websiteId = +id;
+
+  if (req.method === 'POST') {
+    if (!(await allowQuery(req))) {
+      return unauthorized(res);
+    }
+
+    await resetWebsite(websiteId);
+
+    return ok(res);
+  }
+
+  return methodNotAllowed(res);
+};

pages/api/websites/[id]/stats.js

@@ -0,0 +1,61 @@
+import { getWebsiteStats } from 'queries';
+import { methodNotAllowed, ok, unauthorized } from 'next-basics';
+import { allowQuery } from 'lib/auth';
+import { useCors } from 'lib/middleware';
+
+export default async (req, res) => {
+  if (req.method === 'GET') {
+    await useCors(req, res);
+
+    if (!(await allowQuery(req))) {
+      return unauthorized(res);
+    }
+
+    const { id, start_at, end_at, url, referrer, os, browser, device, country } = req.query;
+
+    const websiteId = +id;
+    const startDate = new Date(+start_at);
+    const endDate = new Date(+end_at);
+
+    const distance = end_at - start_at;
+    const prevStartDate = new Date(+start_at - distance);
+    const prevEndDate = new Date(+end_at - distance);
+
+    const metrics = await getWebsiteStats(websiteId, {
+      start_at: startDate,
+      end_at: endDate,
+      filters: {
+        url,
+        referrer,
+        os,
+        browser,
+        device,
+        country,
+      },
+    });
+    const prevPeriod = await getWebsiteStats(websiteId, {
+      start_at: prevStartDate,
+      end_at: prevEndDate,
+      filters: {
+        url,
+        referrer,
+        os,
+        browser,
+        device,
+        country,
+      },
+    });
+
+    const stats = Object.keys(metrics[0]).reduce((obj, key) => {
+      obj[key] = {
+        value: Number(metrics[0][key]) || 0,
+        change: Number(metrics[0][key]) - Number(prevPeriod[0][key]) || 0,
+      };
+      return obj;
+    }, {});
+
+    return ok(res, stats);
+  }
+
+  return methodNotAllowed(res);
+};

pages/api/websites/index.js

@@ -1,6 +1,7 @@
-import { getAllWebsites, getUserWebsites } from 'queries';
+import { createWebsite, getAllWebsites, getUserWebsites } from 'queries';
+import { ok, methodNotAllowed, unauthorized, getRandomChars } from 'next-basics';
 import { useAuth } from 'lib/middleware';
-import { ok, methodNotAllowed, unauthorized } from 'next-basics';
+import { uuid } from 'lib/crypto';
 
 export default async (req, res) => {
   await useAuth(req, res);
@@ -22,5 +23,24 @@ export default async (req, res) => {
     return ok(res, websites);
   }
 
+  if (req.method === 'POST') {
+    await useAuth(req, res);
+
+    const { is_admin: currentUserIsAdmin, user_id: currentUserId } = req.auth;
+    const { name, domain, owner, enable_share_url } = req.body;
+
+    const website_owner = +owner;
+
+    if (website_owner !== currentUserId && !currentUserIsAdmin) {
+      return unauthorized(res);
+    }
+
+    const website_uuid = uuid();
+    const share_id = enable_share_url ? getRandomChars(8) : null;
+    const website = await createWebsite(website_owner, { website_uuid, name, domain, share_id });
+
+    return ok(res, website);
+  }
+
   return methodNotAllowed(res);
 };