2022-04-04 19:39:30 +00:00
|
|
|
import type { NextApiRequest, NextApiResponse } from "next";
|
|
|
|
|
|
|
|
import prisma from "@calcom/prisma";
|
|
|
|
|
|
|
|
import { withMiddleware } from "@lib/helpers/withMiddleware";
|
|
|
|
import type { MembershipResponse } from "@lib/types";
|
|
|
|
import { schemaMembershipBodyParams, schemaMembershipPublic } from "@lib/validations/membership";
|
|
|
|
import { schemaQueryIdAsString, withValidQueryIdString } from "@lib/validations/shared/queryIdString";
|
|
|
|
|
2022-04-29 15:29:57 +00:00
|
|
|
export async function membershipById(
|
|
|
|
{ method, query, body, userId }: NextApiRequest,
|
|
|
|
res: NextApiResponse<MembershipResponse>
|
|
|
|
) {
|
2022-04-10 00:10:34 +00:00
|
|
|
const safeQuery = schemaQueryIdAsString.safeParse(query);
|
2022-05-18 12:27:30 +00:00
|
|
|
if (!safeQuery.success) {
|
|
|
|
res.status(400).json({ message: "Your query was invalid" });
|
|
|
|
return;
|
|
|
|
}
|
2022-04-04 19:39:30 +00:00
|
|
|
// This is how we set the userId and teamId in the query for managing compoundId.
|
2022-04-20 22:55:22 +00:00
|
|
|
const [paramUserId, teamId] = safeQuery.data.id.split("_");
|
2022-04-23 00:17:06 +00:00
|
|
|
if (parseInt(paramUserId) !== userId) res.status(401).json({ message: "Unauthorized" });
|
|
|
|
else {
|
2022-04-20 22:55:22 +00:00
|
|
|
switch (method) {
|
2022-04-29 15:29:57 +00:00
|
|
|
/**
|
|
|
|
* @swagger
|
|
|
|
* /memberships/{userId}_{teamId}:
|
|
|
|
* get:
|
|
|
|
* summary: Find a membership by userID and teamID
|
|
|
|
* parameters:
|
|
|
|
* - in: path
|
|
|
|
* name: userId
|
|
|
|
* schema:
|
|
|
|
* type: integer
|
|
|
|
* required: true
|
|
|
|
* description: Numeric userId of the membership to get
|
|
|
|
* - in: path
|
|
|
|
* name: teamId
|
|
|
|
* schema:
|
|
|
|
* type: integer
|
|
|
|
* required: true
|
|
|
|
* description: Numeric teamId of the membership to get
|
|
|
|
* tags:
|
|
|
|
* - memberships
|
|
|
|
* responses:
|
|
|
|
* 200:
|
|
|
|
* description: OK
|
|
|
|
* 401:
|
|
|
|
* description: Authorization information is missing or invalid.
|
|
|
|
* 404:
|
|
|
|
* description: Membership was not found
|
|
|
|
*/
|
2022-04-20 22:55:22 +00:00
|
|
|
case "GET":
|
|
|
|
await prisma.membership
|
|
|
|
.findUnique({
|
|
|
|
where: {
|
|
|
|
userId_teamId: {
|
|
|
|
userId: userId,
|
|
|
|
teamId: parseInt(teamId),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
})
|
|
|
|
.then((data) => schemaMembershipPublic.parse(data))
|
|
|
|
.then((membership) => res.status(200).json({ membership }))
|
|
|
|
.catch((error: Error) =>
|
|
|
|
res.status(404).json({
|
|
|
|
message: `Membership with id: ${safeQuery.data.id} not found`,
|
|
|
|
error,
|
|
|
|
})
|
|
|
|
);
|
|
|
|
break;
|
2022-04-04 19:39:30 +00:00
|
|
|
|
2022-04-29 15:29:57 +00:00
|
|
|
/**
|
|
|
|
* @swagger
|
|
|
|
* /memberships/{userId}_{teamId}:
|
|
|
|
* patch:
|
|
|
|
* summary: Edit an existing membership
|
|
|
|
* parameters:
|
|
|
|
* - in: path
|
|
|
|
* name: userId
|
|
|
|
* schema:
|
|
|
|
* type: integer
|
|
|
|
* required: true
|
|
|
|
* description: Numeric userId of the membership to get
|
|
|
|
* - in: path
|
|
|
|
* name: teamId
|
|
|
|
* schema:
|
|
|
|
* type: integer
|
|
|
|
* required: true
|
|
|
|
* description: Numeric teamId of the membership to get
|
|
|
|
* tags:
|
|
|
|
* - memberships
|
|
|
|
* responses:
|
|
|
|
* 201:
|
|
|
|
* description: OK, membership edited successfuly
|
|
|
|
* 400:
|
|
|
|
* description: Bad request. Membership body is invalid.
|
|
|
|
* 401:
|
|
|
|
* description: Authorization information is missing or invalid.
|
|
|
|
*/
|
2022-04-20 22:55:22 +00:00
|
|
|
case "PATCH":
|
2022-04-29 15:29:57 +00:00
|
|
|
const safeBody = schemaMembershipBodyParams.safeParse(body);
|
2022-04-20 22:55:22 +00:00
|
|
|
if (!safeBody.success) {
|
2022-05-17 17:33:18 +00:00
|
|
|
{
|
|
|
|
res.status(400).json({ message: "Invalid request body" });
|
|
|
|
return;
|
|
|
|
}
|
2022-04-20 22:55:22 +00:00
|
|
|
}
|
|
|
|
await prisma.membership
|
|
|
|
.update({
|
|
|
|
where: {
|
|
|
|
userId_teamId: {
|
|
|
|
userId: userId,
|
|
|
|
teamId: parseInt(teamId),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
data: safeBody.data,
|
|
|
|
})
|
|
|
|
.then((data) => schemaMembershipPublic.parse(data))
|
|
|
|
.then((membership) => res.status(200).json({ membership }))
|
|
|
|
.catch((error: Error) =>
|
|
|
|
res.status(404).json({
|
|
|
|
message: `Membership with id: ${safeQuery.data.id} not found`,
|
|
|
|
error,
|
|
|
|
})
|
|
|
|
);
|
|
|
|
break;
|
2022-04-04 19:39:30 +00:00
|
|
|
|
2022-04-29 15:29:57 +00:00
|
|
|
/**
|
|
|
|
* @swagger
|
|
|
|
* /memberships/{userId}_{teamId}:
|
|
|
|
* delete:
|
|
|
|
* summary: Remove an existing membership
|
|
|
|
* parameters:
|
|
|
|
* - in: path
|
|
|
|
* name: userId
|
|
|
|
* schema:
|
|
|
|
* type: integer
|
|
|
|
* required: true
|
|
|
|
* description: Numeric userId of the membership to get
|
|
|
|
* - in: path
|
|
|
|
* name: teamId
|
|
|
|
* schema:
|
|
|
|
* type: integer
|
|
|
|
* required: true
|
|
|
|
* description: Numeric teamId of the membership to get
|
|
|
|
* tags:
|
|
|
|
* - memberships
|
|
|
|
* responses:
|
|
|
|
* 201:
|
|
|
|
* description: OK, membership removed successfuly
|
|
|
|
* 400:
|
|
|
|
* description: Bad request. Membership id is invalid.
|
|
|
|
* 401:
|
|
|
|
* description: Authorization information is missing or invalid.
|
|
|
|
*/
|
2022-04-20 22:55:22 +00:00
|
|
|
case "DELETE":
|
|
|
|
await prisma.membership
|
|
|
|
.delete({
|
|
|
|
where: {
|
|
|
|
userId_teamId: {
|
|
|
|
userId: userId,
|
|
|
|
teamId: parseInt(teamId),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
})
|
|
|
|
.then(() =>
|
|
|
|
res.status(200).json({
|
|
|
|
message: `Membership with id: ${safeQuery.data.id} deleted successfully`,
|
|
|
|
})
|
|
|
|
)
|
|
|
|
.catch((error: Error) =>
|
|
|
|
res.status(404).json({
|
|
|
|
message: `Membership with id: ${safeQuery.data.id} not found`,
|
|
|
|
error,
|
|
|
|
})
|
|
|
|
);
|
|
|
|
break;
|
2022-04-04 19:39:30 +00:00
|
|
|
|
2022-04-20 22:55:22 +00:00
|
|
|
default:
|
|
|
|
res.status(405).json({ message: "Method not allowed" });
|
|
|
|
break;
|
|
|
|
}
|
2022-04-23 00:17:06 +00:00
|
|
|
}
|
2022-04-04 19:39:30 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
export default withMiddleware("HTTP_GET_DELETE_PATCH")(withValidQueryIdString(membershipById));
|