75 lines
2.8 KiB
TypeScript
75 lines
2.8 KiB
TypeScript
// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
|
|
import type {NextApiRequest, NextApiResponse} from "next";
|
|
import {app} from "@/firebase";
|
|
import {getFirestore, collection, getDocs, setDoc, doc, getDoc, deleteDoc, query} from "firebase/firestore";
|
|
import {withIronSessionApiRoute} from "iron-session/next";
|
|
import {sessionOptions} from "@/lib/session";
|
|
import {CorporateUser, Group} from "@/interfaces/user";
|
|
import {Discount, Package} from "@/interfaces/paypal";
|
|
import {v4} from "uuid";
|
|
import {checkAccess} from "@/utils/permissions";
|
|
import {CEFR_STEPS} from "@/resources/grading";
|
|
import {getCorporateUser} from "@/resources/user";
|
|
import {getUserCorporate} from "@/utils/groups";
|
|
import {Grading} from "@/interfaces";
|
|
import {getGroupsForUser} from "@/utils/groups.be";
|
|
import {uniq} from "lodash";
|
|
import {getUser} from "@/utils/users.be";
|
|
|
|
const db = getFirestore(app);
|
|
|
|
export default withIronSessionApiRoute(handler, sessionOptions);
|
|
|
|
async function handler(req: NextApiRequest, res: NextApiResponse) {
|
|
if (req.method === "GET") await get(req, res);
|
|
if (req.method === "POST") await post(req, res);
|
|
}
|
|
|
|
async function get(req: NextApiRequest, res: NextApiResponse) {
|
|
if (!req.session.user) {
|
|
res.status(401).json({ok: false});
|
|
return;
|
|
}
|
|
|
|
const snapshot = await getDoc(doc(db, "grading", req.session.user.id));
|
|
if (snapshot.exists()) return res.status(200).json(snapshot.data());
|
|
|
|
if (req.session.user.type !== "teacher" && req.session.user.type !== "student") return res.status(200).json(CEFR_STEPS);
|
|
|
|
const corporate = await getUserCorporate(req.session.user.id);
|
|
if (!corporate) return res.status(200).json(CEFR_STEPS);
|
|
|
|
const corporateSnapshot = await getDoc(doc(db, "grading", corporate.id));
|
|
if (corporateSnapshot.exists()) return res.status(200).json(snapshot.data());
|
|
|
|
return res.status(200).json(CEFR_STEPS);
|
|
}
|
|
|
|
async function post(req: NextApiRequest, res: NextApiResponse) {
|
|
if (!req.session.user) {
|
|
res.status(401).json({ok: false});
|
|
return;
|
|
}
|
|
|
|
if (!checkAccess(req.session.user, ["admin", "developer", "mastercorporate", "corporate"]))
|
|
return res.status(403).json({
|
|
ok: false,
|
|
reason: "You do not have permission to create a new grading system",
|
|
});
|
|
|
|
const body = req.body as Grading;
|
|
await setDoc(doc(db, "grading", req.session.user.id), body);
|
|
|
|
if (req.session.user.type === "mastercorporate") {
|
|
const groups = await getGroupsForUser(req.session.user.id);
|
|
const participants = uniq(groups.flatMap((x) => x.participants));
|
|
|
|
const participantUsers = await Promise.all(participants.map(getUser));
|
|
const corporateUsers = participantUsers.filter((x) => x.type === "corporate") as CorporateUser[];
|
|
|
|
await Promise.all(corporateUsers.map(async (g) => await setDoc(doc(db, "grading", g.id), body)));
|
|
}
|
|
|
|
res.status(200).json({ok: true});
|
|
}
|