92 lines
2.7 KiB
TypeScript
92 lines
2.7 KiB
TypeScript
// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
|
|
import type {NextApiRequest, NextApiResponse} from "next";
|
|
import client from "@/lib/mongodb";
|
|
import {withIronSessionApiRoute} from "iron-session/next";
|
|
import {sessionOptions} from "@/lib/session";
|
|
import {Group} from "@/interfaces/user";
|
|
import {updateExpiryDateOnGroup} from "@/utils/groups.be";
|
|
import { requestUser } from "@/utils/api";
|
|
|
|
const db = client.db(process.env.MONGODB_DB);
|
|
|
|
export default withIronSessionApiRoute(handler, sessionOptions);
|
|
|
|
async function handler(req: NextApiRequest, res: NextApiResponse) {
|
|
if (req.method === "GET") return await get(req, res);
|
|
if (req.method === "DELETE") return await del(req, res);
|
|
if (req.method === "PATCH") return await patch(req, res);
|
|
|
|
res.status(404).json(undefined);
|
|
}
|
|
|
|
async function get(req: NextApiRequest, res: NextApiResponse) {
|
|
const user = await requestUser(req, res)
|
|
if (!user) return res.status(401).json({ ok: false });
|
|
|
|
const {id} = req.query as {id: string};
|
|
|
|
const snapshot = await db.collection("groups").findOne({id: id});
|
|
|
|
if (snapshot) {
|
|
res.status(200).json({...snapshot});
|
|
} else {
|
|
res.status(404).json(undefined);
|
|
}
|
|
}
|
|
|
|
async function del(req: NextApiRequest, res: NextApiResponse) {
|
|
const user = await requestUser(req, res)
|
|
if (!user) return res.status(401).json({ ok: false });
|
|
|
|
const {id} = req.query as {id: string};
|
|
const group = await db.collection("groups").findOne<Group>({id: id});
|
|
|
|
if (!group) {
|
|
res.status(404);
|
|
return;
|
|
}
|
|
|
|
if (user.type === "admin" || user.type === "developer" || user.id === group.admin) {
|
|
await db.collection("groups").deleteOne({id: id});
|
|
|
|
res.status(200).json({ok: true});
|
|
return;
|
|
}
|
|
|
|
res.status(403).json({ok: false});
|
|
}
|
|
|
|
async function patch(req: NextApiRequest, res: NextApiResponse) {
|
|
const user = await requestUser(req, res)
|
|
if (!user) return res.status(401).json({ ok: false });
|
|
|
|
const {id} = req.query as {id: string};
|
|
|
|
const group = await db.collection("groups").findOne<Group>({id: id});
|
|
if (!group) {
|
|
res.status(404);
|
|
return;
|
|
}
|
|
|
|
if (
|
|
user.type === "admin" ||
|
|
user.type === "developer" ||
|
|
user.type === "mastercorporate" ||
|
|
user.type === "corporate" ||
|
|
user.id === group.admin
|
|
) {
|
|
if ("participants" in req.body && req.body.participants.length > 0) {
|
|
const newParticipants = (req.body.participants as string[]).filter((x) => !group.participants.includes(x));
|
|
await Promise.all(newParticipants.map(async (p) => await updateExpiryDateOnGroup(p, group.admin)));
|
|
}
|
|
|
|
console.log(req.body);
|
|
await db.collection("groups").updateOne({id}, {$set: {id, ...req.body}}, {upsert: true});
|
|
|
|
res.status(200).json({ok: true});
|
|
return;
|
|
}
|
|
|
|
res.status(403).json({ok: false});
|
|
}
|