90 lines
2.7 KiB
TypeScript
90 lines
2.7 KiB
TypeScript
// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
|
|
import type { NextApiRequest, NextApiResponse } from "next";
|
|
import client from "@/lib/mongodb";
|
|
import { withIronSessionApiRoute } from "iron-session/next";
|
|
import { sessionOptions } from "@/lib/session";
|
|
import { Exam, ExamBase, InstructorGender, Variant } from "@/interfaces/exam";
|
|
import { getExams } from "@/utils/exams.be";
|
|
import { Module } from "@/interfaces";
|
|
import { getUserCorporate } from "@/utils/groups.be";
|
|
import { requestUser } from "@/utils/api";
|
|
import { isAdmin } from "@/utils/users";
|
|
import { mapBy } from "@/utils";
|
|
|
|
const db = client.db(process.env.MONGODB_DB);
|
|
|
|
export default withIronSessionApiRoute(handler, sessionOptions);
|
|
|
|
async function handler(req: NextApiRequest, res: NextApiResponse) {
|
|
if (req.method === "GET") return await GET(req, res);
|
|
if (req.method === "POST") return await POST(req, res);
|
|
|
|
res.status(404).json({ ok: false });
|
|
}
|
|
|
|
async function GET(req: NextApiRequest, res: NextApiResponse) {
|
|
if (!req.session.user) {
|
|
res.status(401).json({ ok: false });
|
|
return;
|
|
}
|
|
|
|
const { module, avoidRepeated, variant, instructorGender } = req.query as {
|
|
module: Module;
|
|
avoidRepeated: string;
|
|
variant?: Variant;
|
|
instructorGender?: InstructorGender;
|
|
};
|
|
|
|
const exams: Exam[] = await getExams(db, module, avoidRepeated, req.session.user.id, variant, instructorGender);
|
|
res.status(200).json(exams);
|
|
}
|
|
|
|
async function POST(req: NextApiRequest, res: NextApiResponse) {
|
|
const user = await requestUser(req, res)
|
|
if (!user) return res.status(401).json({ ok: false });
|
|
|
|
const { module } = req.query as { module: string };
|
|
|
|
const session = client.startSession();
|
|
const entities = isAdmin(user) ? [] : mapBy(user.entities, 'id')
|
|
|
|
try {
|
|
const exam = {
|
|
...req.body,
|
|
module: module,
|
|
entities,
|
|
createdBy: user.id,
|
|
createdAt: new Date().toISOString(),
|
|
};
|
|
|
|
await session.withTransaction(async () => {
|
|
const docSnap = await db.collection(module).findOne<ExamBase>({ id: req.body.id }, { session });
|
|
|
|
// Check whether the id of the exam matches another exam with different
|
|
// owners, throw exception if there is, else allow editing
|
|
const ownersSet = new Set(docSnap?.owners || []);
|
|
|
|
if (docSnap !== null && docSnap?.owners?.length === exam.owners.lenght && exam.owners.every((e: string) => ownersSet.has(e))) {
|
|
throw new Error("Name already exists");
|
|
}
|
|
|
|
await db.collection(module).updateOne(
|
|
{ id: req.body.id },
|
|
{ $set: { id: req.body.id, ...exam } },
|
|
{
|
|
upsert: true,
|
|
session
|
|
}
|
|
);
|
|
});
|
|
|
|
res.status(200).json(exam);
|
|
|
|
} catch (error) {
|
|
console.error("Transaction failed: ", error);
|
|
res.status(500).json({ ok: false, error: (error as any).message });
|
|
} finally {
|
|
session.endSession();
|
|
}
|
|
}
|