devops/encoach_frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Started implementing the roles permissions

Browse Source
This commit is contained in:
Tiago Ribeiro
2024-10-10 19:13:18 +01:00
parent c43ab9a911
commit 55204e2ce1
67 changed files with 1357 additions and 1134 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/pages/api/groups/[id].ts
View File

@@ -5,6 +5,7 @@ import {withIronSessionApiRoute} from "iron-session/next";
import {sessionOptions} from "@/lib/session";
import {Group} from "@/interfaces/user";
import {updateExpiryDateOnGroup} from "@/utils/groups.be";
import { requestUser } from "@/utils/api";
const db = client.db(process.env.MONGODB_DB);
@@ -19,10 +20,8 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
}
async function get(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const {id} = req.query as {id: string};
@@ -36,10 +35,8 @@ async function get(req: NextApiRequest, res: NextApiResponse) {
}
async function del(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const {id} = req.query as {id: string};
const group = await db.collection("groups").findOne<Group>({id: id});
@@ -49,7 +46,6 @@ async function del(req: NextApiRequest, res: NextApiResponse) {
return;
}
const user = req.session.user;
if (user.type === "admin" || user.type === "developer" || user.id === group.admin) {
await db.collection("groups").deleteOne({id: id});
@@ -61,10 +57,8 @@ async function del(req: NextApiRequest, res: NextApiResponse) {
}
async function patch(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const user = await requestUser(req, res)
if (!user) return res.status(401).json({ ok: false });
const {id} = req.query as {id: string};
@@ -74,7 +68,6 @@ async function patch(req: NextApiRequest, res: NextApiResponse) {
return;
}
const user = req.session.user;
if (
user.type === "admin" ||
user.type === "developer" ||