47 lines
1.4 KiB
TypeScript
47 lines
1.4 KiB
TypeScript
// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
|
|
import type {NextApiRequest, NextApiResponse} from "next";
|
|
import {app} from "@/firebase";
|
|
import {getFirestore, doc, setDoc, getDoc} from "firebase/firestore";
|
|
import {withIronSessionApiRoute} from "iron-session/next";
|
|
import {sessionOptions} from "@/lib/session";
|
|
import {getPermissionDoc} from "@/utils/permissions.be";
|
|
|
|
const db = getFirestore(app);
|
|
|
|
export default withIronSessionApiRoute(handler, sessionOptions);
|
|
|
|
async function handler(req: NextApiRequest, res: NextApiResponse) {
|
|
if (req.method === "PATCH") return patch(req, res);
|
|
if (req.method === "GET") return get(req, res);
|
|
}
|
|
|
|
async function get(req: NextApiRequest, res: NextApiResponse) {
|
|
if (!req.session.user) {
|
|
res.status(401).json({ok: false});
|
|
return;
|
|
}
|
|
|
|
const {id} = req.query as {id: string};
|
|
|
|
const permissionDoc = await getPermissionDoc(id);
|
|
return res.status(200).json({allowed: permissionDoc.users.includes(req.session.user.id)});
|
|
}
|
|
|
|
async function patch(req: NextApiRequest, res: NextApiResponse) {
|
|
if (!req.session.user) {
|
|
res.status(401).json({ok: false});
|
|
return;
|
|
}
|
|
|
|
const {id} = req.query as {id: string};
|
|
const {users} = req.body;
|
|
|
|
try {
|
|
await setDoc(doc(db, "permissions", id), {users}, {merge: true});
|
|
return res.status(200).json({ok: true});
|
|
} catch (err) {
|
|
console.error(err);
|
|
return res.status(500).json({ok: false});
|
|
}
|
|
}
|