temp: typos + group api routes

MrMysterius · Oct 15, 2024 · 433a955 · 433a955
1 parent 98550e8
commit 433a955
Show file tree

Hide file tree

Showing 6 changed files with 282 additions and 2 deletions.
diff --git a/src/app.d.ts b/src/app.d.ts
@@ -8,6 +8,17 @@ declare global {
 		// interface Error {}
 		interface Locals {
 			auth: AuthenticatedUser;
+			group: {
+				data: Prisma.groupGetPayload<{
+					include: {
+						user: { select: { id: true; name: true; displayname: true } };
+						group_members: {
+							include: { user: { select: { id: true; name: true; displayname: true } } };
+						};
+					};
+				}>?;
+				isOwner: boolean;
+			}?;
 		}
 		// interface PageData {}
 		// interface PageState {}

diff --git a/src/lib/server/db/group.ts b/src/lib/server/db/group.ts
@@ -0,0 +1,19 @@
+import type { RequestEvent } from '@sveltejs/kit';
+import prisma from '../prisma';
+
+export async function getGroupWithMembers(group_id: string, event: RequestEvent) {
+	const group = await prisma.group.findFirst({
+		where: { id: group_id },
+		include: {
+			user: { select: { id: true, name: true, displayname: true } },
+			group_members: {
+				include: { user: { select: { id: true, name: true, displayname: true } } }
+			}
+		}
+	});
+
+	return {
+		group,
+		isOwner: event.locals.auth.user?.id === group?.owner
+	};
+}
diff --git a/src/routes/api/v1/groups/+server.ts b/src/routes/api/v1/groups/+server.ts
@@ -0,0 +1,96 @@
+import type { RequestHandler } from './$types';
+import { generateIdentifier } from '$lib/server/functions/generateIdentifier';
+import { getJsonBody } from '$lib/server/getJsonBodySade';
+import { isAuthed } from '$lib/server/functions/isAuthed';
+import { json } from '@sveltejs/kit';
+import prisma from '$lib/server/prisma';
+import { z } from 'zod';
+
+export const GET: RequestHandler = async (e) => {
+	isAuthed(e);
+
+	if (e.locals.auth.user?.role == 'admin') {
+		const groups = await prisma.group.findMany({
+			include: {
+				user: { select: { id: true, name: true, displayname: true } },
+				group_members: {
+					include: { user: { select: { id: true, name: true, displayname: true } } }
+				}
+			}
+		});
+		return json({ groups }, { status: 200 });
+	}
+
+	const groups = await prisma.group.findMany({
+		where: {
+			OR: [
+				{
+					owner: e.locals.auth.user?.id
+				},
+				{
+					group_members: { some: { user_id: e.locals.auth.user?.id } }
+				}
+			]
+		},
+		include: {
+			user: { select: { id: true, name: true, displayname: true } },
+			group_members: {
+				include: { user: { select: { id: true, name: true, displayname: true } } }
+			}
+		}
+	});
+	return json({ groups }, { status: 200 });
+};
+
+const VGroupNew = z.object({
+	name: z
+		.string()
+		.min(1, 'name has to be at least one character and less than 60')
+		.max(60, 'name has to be at least one character and less than 60'),
+	owner_id: z
+		.string()
+		.refine(async (v) => {
+			const user = await prisma.user.findFirst({ where: { id: v } });
+			if (!user) return false;
+			return true;
+		})
+		.optional()
+});
+
+//TODO Creation Event in Group Events
+export const POST: RequestHandler = async (e) => {
+	isAuthed(e);
+
+	const bodyJson = await getJsonBody(e);
+
+	if (e.locals.auth.user?.role == 'admin') {
+		const parsed = await VGroupNew.safeParseAsync(bodyJson);
+		if (!parsed.success)
+			return json({ message: 'Bad Request', errors: parsed.error.errors }, { status: 400 });
+
+		const group = await prisma.group.create({
+			data: {
+				id: generateIdentifier('grp'),
+				name: parsed.data.name,
+				owner: parsed.data.owner_id || e.locals.auth.user.id
+			}
+		});
+
+		return json({ group }, { status: 200 });
+	}
+
+	const parsed = await VGroupNew.omit({ owner_id: true }).safeParseAsync(bodyJson);
+	if (!parsed.success)
+		return json({ message: 'Bad Request', errors: parsed.error.errors }, { status: 400 });
+
+	const group = await prisma.group.create({
+		data: {
+			id: generateIdentifier('grp'),
+			name: parsed.data.name,
+			//@ts-expect-error auth.user is already checked for existence in isAuthed()
+			owner: e.locals.auth.user.id
+		}
+	});
+
+	return json({ group }, { status: 200 });
+};
diff --git a/src/routes/api/v1/groups/[group_id]/+server.ts b/src/routes/api/v1/groups/[group_id]/+server.ts
@@ -0,0 +1,131 @@
+import type { RequestHandler } from './$types';
+import { getJsonBody } from '$lib/server/getJsonBodySade';
+import { isAuthed } from '$lib/server/functions/isAuthed';
+import { json } from '@sveltejs/kit';
+import prisma from '$lib/server/prisma';
+import { z } from 'zod';
+import { getGroupWithMembers } from '$lib/server/db/group';
+
+export const GET: RequestHandler = async (e) => {
+	isAuthed(e);
+
+	if (e.locals.auth.user?.role == 'admin') {
+		const group = await prisma.group.findFirst({
+			where: {
+				id: e.params.group_id
+			},
+			include: {
+				user: { select: { id: true, name: true, displayname: true } },
+				group_members: {
+					include: { user: { select: { id: true, name: true, displayname: true } } }
+				}
+			}
+		});
+		if (!group) return json({ message: 'Group not found' }, { status: 404 });
+		return json({ group }, { status: 200 });
+	}
+
+	const group = await prisma.group.findFirst({
+		where: {
+			OR: [
+				{
+					id: e.params.group_id,
+					owner: e.locals.auth.user?.id
+				},
+				{
+					id: e.params.group_id,
+					group_members: { some: { user_id: e.locals.auth.user?.id } }
+				}
+			]
+		},
+		include: {
+			user: { select: { id: true, name: true, displayname: true } },
+			group_members: {
+				include: { user: { select: { id: true, name: true, displayname: true } } }
+			}
+		}
+	});
+
+	if (!group) return json({ message: 'Group not found' }, { status: 404 });
+	return json({ group }, { status: 200 });
+};
+
+const VGroupUpdate = z.object({
+	name: z
+		.string()
+		.min(1, 'name has to be at least one character and less than 60')
+		.max(60, 'name has to be at least one character and less than 60')
+		.optional(),
+	owner_id: z
+		.string()
+		.refine(async (v) => {
+			const user = await prisma.user.findFirst({ where: { id: v } });
+			if (!user) return false;
+			return true;
+		}, "user with that id doesn't exist")
+		.optional()
+});
+
+export const PUT: RequestHandler = async (e) => {
+	isAuthed(e);
+	const preGroup = await getGroupWithMembers(e.params.group_id, e);
+
+	const bodyJson = await getJsonBody(e);
+
+	if (e.locals.auth.user?.role == 'admin') {
+		const parsed = await VGroupUpdate.safeParseAsync(bodyJson);
+		if (!parsed.success)
+			return json({ message: 'Bad Request', errors: parsed.error.errors }, { status: 400 });
+
+		try {
+			const group = await prisma.group.update({
+				where: { id: e.params.group_id },
+				data: {
+					name: parsed.data.name,
+					owner: parsed.data.owner_id
+				}
+			});
+			return json({ message: 'Updated group', group }, { status: 200 });
+		} catch {
+			return json({ message: 'Group not found' }, { status: 404 });
+		}
+	}
+
+	if (!preGroup.isOwner || !preGroup.group)
+		return json({ message: 'Forbidden Access' }, { status: 403 });
+
+	const parsed = await VGroupUpdate.safeParseAsync(bodyJson);
+	if (!parsed.success)
+		return json({ message: 'Bad Request', errors: parsed.error.errors }, { status: 400 });
+
+	if (
+		parsed.data.owner_id &&
+		preGroup.group.group_members.some((m) => m.user_id == parsed.data.owner_id)
+	)
+		try {
+			if (parsed.data.owner_id) {
+				const group = await prisma.group.update({
+					where: { id: e.params.group_id },
+					data: {
+						name: parsed.data.name,
+						owner: parsed.data.owner_id,
+						group_members: {
+							create: { user_id: preGroup.group.owner },
+							delete: { group_id: e.params.group_id, user_id: parsed.data.owner_id }
+						}
+					}
+				});
+			} else {
+				const group = await prisma.group.update({
+					where: { id: e.params.group_id },
+					data: {
+						name: parsed.data.name,
+						owner: parsed.data.owner_id
+					}
+				});
+				return json({ message: 'Updated group', group }, { status: 200 });
+			}
+		} catch {
+			return json({ message: 'Group not found' }, { status: 404 });
+		}
+};
diff --git a/src/routes/api/v1/groups/[group_id]/mid.server.ts b/src/routes/api/v1/groups/[group_id]/mid.server.ts
@@ -0,0 +1,23 @@
+import type { Handle } from '@sveltejs/kit';
+import prisma from '$lib/server/prisma';
+
+export const handle: Handle = async ({ event, resolve }) => {
+	const group = await prisma.group.findFirst({
+		where: { id: event.params.group_id },
+		include: {
+			user: { select: { id: true, name: true, displayname: true } },
+			group_members: {
+				include: { user: { select: { id: true, name: true, displayname: true } } }
+			}
+		}
+	});
+
+	event.locals.group = {
+		data: group,
+		isOwner: event.locals.auth.user?.id === group?.owner
+	};
+	console.log(event.locals.group);
+
+	const res = await resolve(event);
+	return res;
+};
diff --git a/src/routes/api/v1/users/[user_id]/+server.ts b/src/routes/api/v1/users/[user_id]/+server.ts
@@ -91,7 +91,7 @@ export async function PUT(e: RequestEvent) {
 				},
 				omit: { password_hash: true }
 			});
-			return json({ messae: 'Updated user', user }, { status: 200 });
+			return json({ message: 'Updated user', user }, { status: 200 });
 		} catch {
 			return json({ message: 'User not found' }, { status: 404 });
 		}
@@ -116,7 +116,7 @@ export async function PUT(e: RequestEvent) {
 			},
 			omit: { password_hash: true }
 		});
-		return json({ messae: 'Updated user', user }, { status: 200 });
+		return json({ message: 'Updated user', user }, { status: 200 });
 	} catch {
 		return json({ message: 'User not found' }, { status: 404 });
 	}