// Next.js API route support: https://nextjs.org/docs/api-routes/introduction import type {NextApiRequest, NextApiResponse} from "next"; import client from "@/lib/mongodb"; import {withIronSessionApiRoute} from "iron-session/next"; import {sessionOptions} from "@/lib/session"; import {Group} from "@/interfaces/user"; import {updateExpiryDateOnGroup} from "@/utils/groups.be"; import { requestUser } from "@/utils/api"; const db = client.db(process.env.MONGODB_DB); export default withIronSessionApiRoute(handler, sessionOptions); async function handler(req: NextApiRequest, res: NextApiResponse) { if (req.method === "GET") return await get(req, res); if (req.method === "DELETE") return await del(req, res); if (req.method === "PATCH") return await patch(req, res); res.status(404).json(undefined); } async function get(req: NextApiRequest, res: NextApiResponse) { const user = await requestUser(req, res) if (!user) return res.status(401).json({ ok: false }); const {id} = req.query as {id: string}; const snapshot = await db.collection("groups").findOne({id: id}); if (snapshot) { res.status(200).json({...snapshot}); } else { res.status(404).json(undefined); } } async function del(req: NextApiRequest, res: NextApiResponse) { const user = await requestUser(req, res) if (!user) return res.status(401).json({ ok: false }); const {id} = req.query as {id: string}; const group = await db.collection("groups").findOne({id: id}); if (!group) { res.status(404); return; } if (user.type === "admin" || user.type === "developer" || user.id === group.admin) { await db.collection("groups").deleteOne({id: id}); res.status(200).json({ok: true}); return; } res.status(403).json({ok: false}); } async function patch(req: NextApiRequest, res: NextApiResponse) { const user = await requestUser(req, res) if (!user) return res.status(401).json({ ok: false }); const {id} = req.query as {id: string}; const group = await db.collection("groups").findOne({id: id}); if (!group) { res.status(404); return; } if ( user.type === "admin" || user.type === "developer" || user.type === "mastercorporate" || user.type === "corporate" || user.id === group.admin ) { if ("participants" in req.body && req.body.participants.length > 0) { const newParticipants = (req.body.participants as string[]).filter((x) => !group.participants.includes(x)); await Promise.all(newParticipants.map(async (p) => await updateExpiryDateOnGroup(p, group.admin))); } console.log(req.body); await db.collection("groups").updateOne({id}, {$set: {id, ...req.body}}, {upsert: true}); res.status(200).json({ok: true}); return; } res.status(403).json({ok: false}); }