// Next.js API route support: https://nextjs.org/docs/api-routes/introduction import type {NextApiRequest, NextApiResponse} from "next"; import client from "@/lib/mongodb"; import {withIronSessionApiRoute} from "iron-session/next"; import {sessionOptions} from "@/lib/session"; import {PERMISSIONS} from "@/constants/userPermissions"; const db = client.db(process.env.MONGODB_DB); export default withIronSessionApiRoute(handler, sessionOptions); async function handler(req: NextApiRequest, res: NextApiResponse) { if (req.method === "GET") return get(req, res); if (req.method === "DELETE") return del(req, res); if (req.method === "PATCH") return patch(req, res); } async function get(req: NextApiRequest, res: NextApiResponse) { if (!req.session.user) { res.status(401).json({ok: false}); return; } const {id} = req.query as {id: string}; const docSnap = await db.collection("packages").findOne({ id: id}); if (docSnap) { res.status(200).json({ ...docSnap, module, }); } else { res.status(404).json(undefined); } } async function patch(req: NextApiRequest, res: NextApiResponse) { if (!req.session.user) { res.status(401).json({ok: false}); return; } const {id} = req.query as {id: string}; const docSnap = await db.collection("packages").findOne({ id: id}); if (docSnap) { if (!["developer", "admin"].includes(req.session.user.type)) { res.status(403).json({ok: false}); return; } await db.collection("packages").updateOne( { id: id }, { $set: req.body } ); res.status(200).json({ok: true}); } else { res.status(404).json({ok: false}); } } async function del(req: NextApiRequest, res: NextApiResponse) { if (!req.session.user) { res.status(401).json({ok: false}); return; } const {id} = req.query as {id: string}; const docSnap = await db.collection("packages").findOne({ id: id}); if (docSnap) { if (!["developer", "admin"].includes(req.session.user.type)) { res.status(403).json({ok: false}); return; } await db.collection("packages").deleteOne({ id: id }); res.status(200).json({ok: true}); } else { res.status(404).json({ok: false}); } }