2022-04-03 22:49:05 +00:00
|
|
|
import type { NextApiRequest, NextApiResponse } from "next";
|
|
|
|
|
|
|
|
import prisma from "@calcom/prisma";
|
|
|
|
|
|
|
|
import { withMiddleware } from "@lib/helpers/withMiddleware";
|
|
|
|
import type { TeamResponse } from "@lib/types";
|
|
|
|
import {
|
|
|
|
schemaQueryIdParseInt,
|
|
|
|
withValidQueryIdTransformParseInt,
|
|
|
|
} from "@lib/validations/shared/queryIdTransformParseInt";
|
|
|
|
import { schemaTeamBodyParams, schemaTeamPublic } from "@lib/validations/team";
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @swagger
|
2022-04-26 19:56:59 +00:00
|
|
|
* /teams/{id}:
|
2022-04-03 22:49:05 +00:00
|
|
|
* get:
|
2022-04-27 17:25:36 +00:00
|
|
|
* summary: Find a team by ID
|
2022-04-03 22:49:05 +00:00
|
|
|
* parameters:
|
|
|
|
* - in: path
|
|
|
|
* name: id
|
|
|
|
* schema:
|
|
|
|
* type: integer
|
|
|
|
* required: true
|
|
|
|
* description: Numeric ID of the team to get
|
2022-04-17 14:39:38 +00:00
|
|
|
* security:
|
|
|
|
* - ApiKeyAuth: []
|
2022-04-03 22:49:05 +00:00
|
|
|
* tags:
|
|
|
|
* - teams
|
|
|
|
* responses:
|
|
|
|
* 200:
|
|
|
|
* description: OK
|
|
|
|
* 401:
|
|
|
|
* description: Authorization information is missing or invalid.
|
|
|
|
* 404:
|
|
|
|
* description: Team was not found
|
|
|
|
* patch:
|
|
|
|
* summary: Edit an existing team
|
|
|
|
* consumes:
|
|
|
|
* - application/json
|
|
|
|
* parameters:
|
|
|
|
* - in: body
|
|
|
|
* name: team
|
|
|
|
* description: The team to edit
|
|
|
|
* schema:
|
|
|
|
* type: object
|
|
|
|
* $ref: '#/components/schemas/Team'
|
|
|
|
* required: true
|
|
|
|
* - in: path
|
|
|
|
* name: id
|
|
|
|
* schema:
|
|
|
|
* type: integer
|
|
|
|
* required: true
|
|
|
|
* description: Numeric ID of the team to edit
|
2022-04-17 14:39:38 +00:00
|
|
|
* security:
|
|
|
|
* - ApiKeyAuth: []
|
2022-04-03 22:49:05 +00:00
|
|
|
* tags:
|
|
|
|
* - teams
|
|
|
|
* responses:
|
|
|
|
* 201:
|
|
|
|
* description: OK, team edited successfuly
|
|
|
|
* model: Team
|
|
|
|
* 400:
|
|
|
|
* description: Bad request. Team body is invalid.
|
|
|
|
* 401:
|
|
|
|
* description: Authorization information is missing or invalid.
|
|
|
|
* delete:
|
|
|
|
* summary: Remove an existing team
|
|
|
|
* parameters:
|
|
|
|
* - in: path
|
|
|
|
* name: id
|
|
|
|
* schema:
|
|
|
|
* type: integer
|
|
|
|
* required: true
|
|
|
|
* description: Numeric ID of the team to delete
|
2022-04-17 14:39:38 +00:00
|
|
|
* security:
|
|
|
|
* - ApiKeyAuth: []
|
2022-04-03 22:49:05 +00:00
|
|
|
* tags:
|
|
|
|
* - teams
|
|
|
|
* responses:
|
|
|
|
* 201:
|
|
|
|
* description: OK, team removed successfuly
|
|
|
|
* model: Team
|
|
|
|
* 400:
|
|
|
|
* description: Bad request. Team id is invalid.
|
|
|
|
* 401:
|
|
|
|
* description: Authorization information is missing or invalid.
|
|
|
|
*/
|
|
|
|
export async function teamById(req: NextApiRequest, res: NextApiResponse<TeamResponse>) {
|
|
|
|
const { method, query, body } = req;
|
2022-04-08 23:29:26 +00:00
|
|
|
const safeQuery = schemaQueryIdParseInt.safeParse(query);
|
|
|
|
const safeBody = schemaTeamBodyParams.safeParse(body);
|
2022-04-03 22:49:05 +00:00
|
|
|
if (!safeQuery.success) throw new Error("Invalid request query", safeQuery.error);
|
2022-04-22 01:36:33 +00:00
|
|
|
const userId = req.userId;
|
2022-04-11 10:03:15 +00:00
|
|
|
const userWithMemberships = await prisma.membership.findMany({
|
|
|
|
where: { userId: userId },
|
|
|
|
});
|
2022-04-13 00:12:16 +00:00
|
|
|
//FIXME: This is a hack to get the teamId from the user's membership
|
2022-04-11 10:03:15 +00:00
|
|
|
console.log(userWithMemberships);
|
2022-04-20 21:42:49 +00:00
|
|
|
const userTeamIds = userWithMemberships.map((membership) => membership.teamId);
|
2022-04-23 00:17:06 +00:00
|
|
|
if (!userTeamIds.includes(safeQuery.data.id)) res.status(401).json({ message: "Unauthorized" });
|
|
|
|
else {
|
2022-04-20 21:42:49 +00:00
|
|
|
switch (method) {
|
|
|
|
case "GET":
|
|
|
|
await prisma.team
|
|
|
|
.findUnique({ where: { id: safeQuery.data.id } })
|
|
|
|
.then((data) => schemaTeamPublic.parse(data))
|
|
|
|
.then((team) => res.status(200).json({ team }))
|
|
|
|
.catch((error: Error) =>
|
|
|
|
res.status(404).json({
|
|
|
|
message: `Team with id: ${safeQuery.data.id} not found`,
|
|
|
|
error,
|
|
|
|
})
|
|
|
|
);
|
|
|
|
break;
|
2022-04-03 22:49:05 +00:00
|
|
|
|
2022-04-20 21:42:49 +00:00
|
|
|
case "PATCH":
|
|
|
|
if (!safeBody.success) {
|
|
|
|
throw new Error("Invalid request body");
|
|
|
|
}
|
|
|
|
await prisma.team
|
|
|
|
.update({ where: { id: safeQuery.data.id }, data: safeBody.data })
|
|
|
|
.then((team) => schemaTeamPublic.parse(team))
|
|
|
|
.then((team) => res.status(200).json({ team }))
|
|
|
|
.catch((error: Error) =>
|
|
|
|
res.status(404).json({
|
|
|
|
message: `Team with id: ${safeQuery.data.id} not found`,
|
|
|
|
error,
|
|
|
|
})
|
|
|
|
);
|
|
|
|
break;
|
2022-04-03 22:49:05 +00:00
|
|
|
|
2022-04-20 21:42:49 +00:00
|
|
|
case "DELETE":
|
|
|
|
await prisma.team
|
|
|
|
.delete({ where: { id: safeQuery.data.id } })
|
|
|
|
.then(() =>
|
|
|
|
res.status(200).json({
|
|
|
|
message: `Team with id: ${safeQuery.data.id} deleted successfully`,
|
|
|
|
})
|
|
|
|
)
|
|
|
|
.catch((error: Error) =>
|
|
|
|
res.status(404).json({
|
|
|
|
message: `Team with id: ${safeQuery.data.id} not found`,
|
|
|
|
error,
|
|
|
|
})
|
|
|
|
);
|
|
|
|
break;
|
2022-04-03 22:49:05 +00:00
|
|
|
|
2022-04-20 21:42:49 +00:00
|
|
|
default:
|
|
|
|
res.status(405).json({ message: "Method not allowed" });
|
|
|
|
break;
|
|
|
|
}
|
2022-04-23 00:17:06 +00:00
|
|
|
}
|
2022-04-03 22:49:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
export default withMiddleware("HTTP_GET_DELETE_PATCH")(withValidQueryIdTransformParseInt(teamById));
|