devops/encoach_frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Started implementing the roles permissions

Browse Source
This commit is contained in:
Tiago Ribeiro
2024-10-10 19:13:18 +01:00
parent c43ab9a911
commit 55204e2ce1
67 changed files with 1357 additions and 1134 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/pages/api/entities/[id]/index.ts
View File

@@ -2,9 +2,12 @@
import type {NextApiRequest, NextApiResponse} from "next";
import {withIronSessionApiRoute} from "iron-session/next";
import {sessionOptions} from "@/lib/session";
import {getEntity, getEntityWithRoles} from "@/utils/entities.be";
import {deleteEntity, getEntity, getEntityWithRoles} from "@/utils/entities.be";
import client from "@/lib/mongodb";
import {Entity} from "@/interfaces/entity";
import { doesEntityAllow } from "@/utils/permissions";
import { getUser } from "@/utils/users.be";
import { requestUser } from "@/utils/api";
const db = client.db(process.env.MONGODB_DB);
@@ -16,10 +19,8 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
}
async function get(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const {id, showRoles} = req.query as {id: string; showRoles: string};
@@ -27,15 +28,27 @@ async function get(req: NextApiRequest, res: NextApiResponse) {
res.status(200).json(entity);
}
async function del(req: NextApiRequest, res: NextApiResponse) {
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const { id } = req.query as { id: string };
const entity = await getEntityWithRoles(id)
if (!entity) return res.status(404).json({ok: false})
if (!doesEntityAllow(user, entity, "delete_entity_role")) return res.status(403).json({ok: false})
await deleteEntity(entity)
return res.status(200).json({ok: true});
}
async function patch(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const {id} = req.query as {id: string};
const user = req.session.user;
if (!user.entities.map((x) => x.id).includes(id)) {
return res.status(403).json({ok: false});
}

11
src/pages/api/entities/groups.ts
View File

@@ -6,9 +6,10 @@ import { getEntities, getEntitiesWithRoles } from "@/utils/entities.be";
import { Entity, WithEntities, WithEntity, WithLabeledEntities } from "@/interfaces/entity";
import { v4 } from "uuid";
import { mapBy } from "@/utils";
import { getEntitiesUsers, getUsers } from "@/utils/users.be";
import { getEntitiesUsers, getUser, getUsers } from "@/utils/users.be";
import { Group, User } from "@/interfaces/user";
import { getGroups, getGroupsByEntities } from "@/utils/groups.be";
import { requestUser } from "@/utils/api";
export default withIronSessionApiRoute(handler, sessionOptions);
@@ -17,12 +18,8 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
}
async function get(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ ok: false });
return;
}
const user = req.session.user;
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const groups: WithEntity<Group>[] = ["admin", "developer"].includes(user.type)
? await getGroups()

18
src/pages/api/entities/index.ts
View File

@@ -2,9 +2,10 @@
import type {NextApiRequest, NextApiResponse} from "next";
import {withIronSessionApiRoute} from "iron-session/next";
import {sessionOptions} from "@/lib/session";
import {getEntities, getEntitiesWithRoles} from "@/utils/entities.be";
import {createEntity, getEntities, getEntitiesWithRoles} from "@/utils/entities.be";
import {Entity} from "@/interfaces/entity";
import {v4} from "uuid";
import { requestUser } from "@/utils/api";
export default withIronSessionApiRoute(handler, sessionOptions);
@@ -14,12 +15,9 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
}
async function get(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const user = req.session.user;
const {showRoles} = req.query as {showRoles: string};
const getFn = showRoles ? getEntitiesWithRoles : getEntities;
@@ -29,12 +27,9 @@ async function get(req: NextApiRequest, res: NextApiResponse) {
}
async function post(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const user = req.session.user;
if (!["admin", "developer"].includes(user.type)) {
return res.status(403).json({ok: false});
}
@@ -44,5 +39,6 @@ async function post(req: NextApiRequest, res: NextApiResponse) {
label: req.body.label,
};
await createEntity(entity)
return res.status(200).json(entity);
}

58
src/pages/api/entities/users.ts
View File

@@ -3,11 +3,13 @@ import type { NextApiRequest, NextApiResponse } from "next";
import { withIronSessionApiRoute } from "iron-session/next";
import { sessionOptions } from "@/lib/session";
import { getEntities, getEntitiesWithRoles } from "@/utils/entities.be";
import { Entity, WithEntities, WithLabeledEntities } from "@/interfaces/entity";
import { Entity, EntityWithRoles, WithEntities, WithLabeledEntities } from "@/interfaces/entity";
import { v4 } from "uuid";
import { mapBy } from "@/utils";
import { getEntitiesUsers, getUsers } from "@/utils/users.be";
import { getEntitiesUsers, getUser, getUsers } from "@/utils/users.be";
import { User } from "@/interfaces/user";
import { findAllowedEntities } from "@/utils/permissions";
import { RolePermission } from "@/resources/entityPermissions";
export default withIronSessionApiRoute(handler, sessionOptions);
@@ -15,33 +17,47 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
if (req.method === "GET") return await get(req, res);
}
async function get(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ ok: false });
return;
}
const labelUserEntity = (u: User, entities: EntityWithRoles[]) => ({
...u, entities: (u.entities || []).map((e) => {
const entity = entities.find((x) => x.id === e.id)
if (!entity) return e
const user = req.session.user;
const role = entity.roles.find((x) => x.id === e.role)
return { id: e.id, label: entity.label, role: e.role, roleLabel: role?.label }
})
})
async function get(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) return res.status(401).json({ ok: false });
const user = await getUser(req.session.user.id)
if (!user) return res.status(401).json({ ok: false });
const { type } = req.query as { type: string }
const entities = await getEntitiesWithRoles(mapBy(user.entities || [], 'id'))
const entityIDs = mapBy(user.entities || [], 'id')
const entities = await getEntitiesWithRoles(entityIDs)
const isAdmin = ["admin", "developer"].includes(user.type)
const filter = !type ? undefined : { type }
const users = ["admin", "developer"].includes(user.type)
const users = isAdmin
? await getUsers(filter)
: await getEntitiesUsers(mapBy(entities, 'id') as string[], filter)
const usersWithEntities: WithLabeledEntities<User>[] = users.map((u) => {
return {
...u, entities: (u.entities || []).map((e) => {
const entity = entities.find((x) => x.id === e.id)
if (!entity) return e
const filteredUsers = users.map((u) => {
if (isAdmin) return labelUserEntity(u, entities)
if (!isAdmin && ["admin", "developer", "agent"].includes(user.type)) return undefined
const role = entity.roles.find((x) => x.id === e.role)
return { id: e.id, label: entity.label, role: e.role, roleLabel: role?.label }
})
}
})
const userEntities = mapBy(u.entities || [], 'id')
const sameEntities = entities.filter(e => userEntities.includes(e.id))
res.status(200).json(usersWithEntities);
const permission = `view_${u.type}s` as RolePermission
const allowedEntities = findAllowedEntities(user, sameEntities, permission)
if (allowedEntities.length === 0) return undefined
return labelUserEntity(u, allowedEntities)
}).filter(x => !!x) as WithLabeledEntities<User>[]
res.status(200).json(filteredUsers);
}

21
src/pages/api/groups/[id].ts
View File

@@ -5,6 +5,7 @@ import {withIronSessionApiRoute} from "iron-session/next";
import {sessionOptions} from "@/lib/session";
import {Group} from "@/interfaces/user";
import {updateExpiryDateOnGroup} from "@/utils/groups.be";
import { requestUser } from "@/utils/api";
const db = client.db(process.env.MONGODB_DB);
@@ -19,10 +20,8 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
}
async function get(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const {id} = req.query as {id: string};
@@ -36,10 +35,8 @@ async function get(req: NextApiRequest, res: NextApiResponse) {
}
async function del(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const {id} = req.query as {id: string};
const group = await db.collection("groups").findOne<Group>({id: id});
@@ -49,7 +46,6 @@ async function del(req: NextApiRequest, res: NextApiResponse) {
return;
}
const user = req.session.user;
if (user.type === "admin" || user.type === "developer" || user.id === group.admin) {
await db.collection("groups").deleteOne({id: id});
@@ -61,10 +57,8 @@ async function del(req: NextApiRequest, res: NextApiResponse) {
}
async function patch(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const {id} = req.query as {id: string};
@@ -74,7 +68,6 @@ async function patch(req: NextApiRequest, res: NextApiResponse) {
return;
}
const user = req.session.user;
if (
user.type === "admin" ||
user.type === "developer" ||

21
src/pages/api/invites/[id].ts
View File

@@ -4,6 +4,7 @@ import client from "@/lib/mongodb";
import { withIronSessionApiRoute } from "iron-session/next";
import { sessionOptions } from "@/lib/session";
import { Invite } from "@/interfaces/invite";
import { requestUser } from "@/utils/api";
const db = client.db(process.env.MONGODB_DB);
@@ -18,10 +19,8 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
}
async function get(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ ok: false });
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const { id } = req.query as { id: string };
@@ -35,10 +34,8 @@ async function get(req: NextApiRequest, res: NextApiResponse) {
}
async function del(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ ok: false });
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const { id } = req.query as { id: string };
@@ -48,7 +45,6 @@ async function del(req: NextApiRequest, res: NextApiResponse) {
return;
}
const user = req.session.user;
if (user.type === "admin" || user.type === "developer") {
await db.collection("invites").deleteOne({ id: id });
res.status(200).json({ ok: true });
@@ -59,13 +55,10 @@ async function del(req: NextApiRequest, res: NextApiResponse) {
}
async function patch(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ ok: false });
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const { id } = req.query as { id: string };
const user = req.session.user;
if (user.type === "admin" || user.type === "developer") {
await db.collection("invites").updateOne(

15
src/pages/api/payments/[id].ts
View File

@@ -7,6 +7,7 @@ import {Group} from "@/interfaces/user";
import {Payment} from "@/interfaces/paypal";
import {deleteObject, ref} from "firebase/storage";
import client from "@/lib/mongodb";
import { requestUser } from "@/utils/api";
const db = client.db(process.env.MONGODB_DB);
@@ -38,17 +39,14 @@ async function get(req: NextApiRequest, res: NextApiResponse) {
}
async function del(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const {id} = req.query as {id: string};
const payment = await db.collection("payments").findOne<Payment>({id});
if (!payment) return res.status(404).json({ok: false});
const user = req.session.user;
if (user.type === "admin" || user.type === "developer") {
if (payment.commissionTransfer) await deleteObject(ref(storage, payment.commissionTransfer));
if (payment.corporateTransfer) await deleteObject(ref(storage, payment.corporateTransfer));
@@ -62,17 +60,14 @@ async function del(req: NextApiRequest, res: NextApiResponse) {
}
async function patch(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const {id} = req.query as {id: string};
const payment = await db.collection("payments").findOne<Payment>({id});
if (!payment) return res.status(404).json({ok: false});
const user = req.session.user;
if (user.type === "admin" || user.type === "developer") {
await db.collection("payments").updateOne({id: payment.id}, {$set: req.body});

4
src/pages/api/paypal/approve.ts
View File

@@ -11,6 +11,7 @@ import { OrderResponseBody } from "@paypal/paypal-js";
import { getAccessToken } from "@/utils/paypal";
import moment from "moment";
import { Group } from "@/interfaces/user";
import { requestUser } from "@/utils/api";
const db = client.db(process.env.MONGODB_DB);
@@ -25,6 +26,9 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
if (!accessToken)
return res.status(401).json({ ok: false, reason: "Authorization failed!" });
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const { id, duration, duration_unit, trackingId } = req.body as {
id: string;
duration: number;

79
src/pages/api/roles/[id]/index.ts Normal file
View File

@@ -0,0 +1,79 @@
// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
import type {NextApiRequest, NextApiResponse} from "next";
import {withIronSessionApiRoute} from "iron-session/next";
import {sessionOptions} from "@/lib/session";
import {getEntityWithRoles} from "@/utils/entities.be";
import client from "@/lib/mongodb";
import {Entity} from "@/interfaces/entity";
import { deleteRole, getRole, transferRole } from "@/utils/roles.be";
import { doesEntityAllow } from "@/utils/permissions";
import { findBy } from "@/utils";
import { requestUser } from "@/utils/api";
const db = client.db(process.env.MONGODB_DB);
export default withIronSessionApiRoute(handler, sessionOptions);
async function handler(req: NextApiRequest, res: NextApiResponse) {
if (req.method === "GET") return await get(req, res);
if (req.method === "PATCH") return await patch(req, res);
if (req.method === "DELETE") return await del(req, res);
}
async function get(req: NextApiRequest, res: NextApiResponse) {
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const {id} = req.query as {id: string};
const role = await getRole(id)
if (!role) return res.status(404).json({ok: false})
res.status(200).json(role);
}
async function del(req: NextApiRequest, res: NextApiResponse) {
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const { id } = req.query as { id: string };
const role = await getRole(id)
if (!role) return res.status(404).json({ok: false})
if (role.isDefault) return res.status(403).json({ok: false})
const entity = await getEntityWithRoles(role.entityID)
if (!entity) return res.status(404).json({ok: false})
if (!doesEntityAllow(user, entity, "delete_entity_role")) return res.status(403).json({ok: false})
const defaultRole = findBy(entity.roles, 'isDefault', true)!
await transferRole(role.id, defaultRole.id)
await deleteRole(role.id)
return res.status(200).json({ok: true});
}
async function patch(req: NextApiRequest, res: NextApiResponse) {
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const { id } = req.query as { id: string };
const {label, permissions} = req.body as {label?: string, permissions?: string}
const role = await getRole(id)
if (!role) return res.status(404).json({ok: false})
const entity = await getEntityWithRoles(role.entityID)
if (!entity) return res.status(404).json({ok: false})
if (!doesEntityAllow(user, entity, "rename_entity_role") && !!label) return res.status(403).json({ok: false})
if (!doesEntityAllow(user, entity, "edit_role_permissions") && !!permissions) return res.status(403).json({ok: false})
if (!!label) await db.collection<Entity>("roles").updateOne({ id }, { $set: {label} });
if (!!permissions) await db.collection<Entity>("roles").updateOne({ id }, { $set: {permissions} });
return res.status(200).json({ok: true});
}

40
src/pages/api/roles/[id]/users.ts Normal file
View File

@@ -0,0 +1,40 @@
// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
import type {NextApiRequest, NextApiResponse} from "next";
import {withIronSessionApiRoute} from "iron-session/next";
import {sessionOptions} from "@/lib/session";
import {getEntityWithRoles} from "@/utils/entities.be";
import client from "@/lib/mongodb";
import {Entity} from "@/interfaces/entity";
import { assignRoleToUsers, deleteRole, getRole, transferRole } from "@/utils/roles.be";
import { doesEntityAllow } from "@/utils/permissions";
import { findBy } from "@/utils";
import { getUser } from "@/utils/users.be";
const db = client.db(process.env.MONGODB_DB);
export default withIronSessionApiRoute(handler, sessionOptions);
async function handler(req: NextApiRequest, res: NextApiResponse) {
if (req.method === "POST") return await post(req, res);
}
async function post(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) return res.status(401).json({ ok: false })
const user = await getUser(req.session.user.id);
if (!user) return res.status(401).json({ ok: false })
const { id } = req.query as { id: string };
const {users} = req.body as {users: string[]}
const role = await getRole(id)
if (!role) return res.status(404).json({ok: false})
const entity = await getEntityWithRoles(role.entityID)
if (!entity) return res.status(404).json({ok: false})
if (!doesEntityAllow(user, entity, "assign_to_role")) return res.status(403).json({ok: false})
const result = await assignRoleToUsers(users, entity.id, role.id)
return res.status(200).json({ok: result.acknowledged});
}

50
src/pages/api/roles/index.ts Normal file
View File

@@ -0,0 +1,50 @@
// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
import type {NextApiRequest, NextApiResponse} from "next";
import {withIronSessionApiRoute} from "iron-session/next";
import {sessionOptions} from "@/lib/session";
import {getEntities, getEntitiesWithRoles, getEntity, getEntityWithRoles} from "@/utils/entities.be";
import {Entity} from "@/interfaces/entity";
import {v4} from "uuid";
import { createRole, getRoles, getRolesByEntity } from "@/utils/roles.be";
import { mapBy } from "@/utils";
import { RolePermission } from "@/resources/entityPermissions";
import { doesEntityAllow } from "@/utils/permissions";
import { User } from "@/interfaces/user";
import { requestUser } from "@/utils/api";
export default withIronSessionApiRoute(handler, sessionOptions);
async function handler(req: NextApiRequest, res: NextApiResponse) {
if (req.method === "GET") return await get(req, res);
if (req.method === "POST") return await post(req, res);
}
async function get(req: NextApiRequest, res: NextApiResponse) {
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
if (["admin", "developer"].includes(user.type)) return res.status(200).json(await getRoles());
res.status(200).json(await getRoles(mapBy(user.entities, 'role')));
}
async function post(req: NextApiRequest, res: NextApiResponse) {
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const {entityID, label, permissions} = req.body as {entityID: string, label: string, permissions: RolePermission[]}
const entity = await getEntityWithRoles(entityID)
if (!entity) return res.status(404).json({ok: false})
if (!doesEntityAllow(user, entity, "create_entity_role")) return res.status(403).json({ok: false})
const role = {
id: v4(),
entityID,
label,
permissions
}
await createRole(role)
return res.status(200).json(role);
}

16
src/pages/api/stats/index.ts
View File

@@ -6,6 +6,7 @@ import { sessionOptions } from "@/lib/session";
import { Stat } from "@/interfaces/user";
import { Assignment } from "@/interfaces/results";
import { groupBy } from "lodash";
import { requestUser } from "@/utils/api";
const db = client.db(process.env.MONGODB_DB);
@@ -17,20 +18,17 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
}
async function get(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ ok: false });
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const snapshot = await db.collection("stats").find<Stat>({}).toArray();
res.status(200).json(snapshot);
}
async function post(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ ok: false });
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const stats = req.body as Stat[];
stats.forEach(async (stat) => await db.collection("stats").updateOne(
@@ -59,7 +57,7 @@ async function post(req: NextApiRequest, res: NextApiResponse) {
$set: {
results: [
...assignmentSnapshot ? assignmentSnapshot.results : [],
{ user: req.session.user?.id, type: req.session.user?.focus, stats: assignmentStats },
{ user: user.id, type: user.focus, stats: assignmentStats },
],
}
}

22
src/pages/api/stats/update.ts
View File

@@ -10,21 +10,23 @@ import client from "@/lib/mongodb";
import {withIronSessionApiRoute} from "iron-session/next";
import {groupBy} from "lodash";
import {NextApiRequest, NextApiResponse} from "next";
import { requestUser } from "@/utils/api";
const db = client.db(process.env.MONGODB_DB);
export default withIronSessionApiRoute(update, sessionOptions);
async function update(req: NextApiRequest, res: NextApiResponse) {
if (req.session.user) {
const docUser = await db.collection("users").findOne({ id: req.session.user.id });
const user = await requestUser(req, res)
if (user) {
const docUser = await db.collection("users").findOne({ id: user.id });
if (!docUser) {
res.status(401).json(undefined);
return;
}
const stats = await db.collection("stats").find<Stat>({ user: req.session.user.id }).toArray();
const stats = await db.collection("stats").find<Stat>({ user: user.id }).toArray();
const groupedStats = groupBySession(stats);
const sessionLevels: {[key in Module]: {correct: number; total: number}}[] = Object.keys(groupedStats).map((key) => {
@@ -91,18 +93,18 @@ async function update(req: NextApiRequest, res: NextApiResponse) {
const levels = {
reading: calculateBandScore(readingLevel.correct, readingLevel.total, "reading", req.session.user.focus),
listening: calculateBandScore(listeningLevel.correct, listeningLevel.total, "listening", req.session.user.focus),
writing: calculateBandScore(writingLevel.correct, writingLevel.total, "writing", req.session.user.focus),
speaking: calculateBandScore(speakingLevel.correct, speakingLevel.total, "speaking", req.session.user.focus),
level: calculateBandScore(levelLevel.correct, levelLevel.total, "level", req.session.user.focus),
reading: calculateBandScore(readingLevel.correct, readingLevel.total, "reading", user.focus),
listening: calculateBandScore(listeningLevel.correct, listeningLevel.total, "listening", user.focus),
writing: calculateBandScore(writingLevel.correct, writingLevel.total, "writing", user.focus),
speaking: calculateBandScore(speakingLevel.correct, speakingLevel.total, "speaking", user.focus),
level: calculateBandScore(levelLevel.correct, levelLevel.total, "level", user.focus),
};
await db.collection("users").updateOne(
{ id: req.session.user.id},
{ id: user.id},
{ $set: {levels} }
);
res.status(200).json({ok: true});
} else {
res.status(401).json(undefined);

8
src/pages/api/user.ts
View File

@@ -9,6 +9,7 @@ import {getPermissions, getPermissionDocs} from "@/utils/permissions.be";
import client from "@/lib/mongodb";
import {getGroupsForUser, getParticipantGroups, removeParticipantFromGroup} from "@/utils/groups.be";
import { mapBy } from "@/utils";
import { getUser } from "@/utils/users.be";
const auth = getAuth(adminApp);
const db = client.db(process.env.MONGODB_DB);
@@ -59,11 +60,8 @@ async function del(req: NextApiRequest, res: NextApiResponse) {
async function get(req: NextApiRequest, res: NextApiResponse) {
if (req.session.user) {
const user = await db.collection("users").findOne<User>({id: req.session.user.id});
if (!user) {
res.status(401).json(undefined);
return;
}
const user = await getUser(req.session.user.id)
if (!user) return res.status(401).json(undefined);
await db.collection("users").updateOne({id: user.id}, {$set: {lastLogin: new Date().toISOString()}});