cal.pub0.org/packages/trpc/server/routers/viewer/organizations/getUser.handler.ts

import { isOrganisationAdmin } from "@calcom/lib/server/queries/organisations";
import { prisma } from "@calcom/prisma";

import { TRPCError } from "@trpc/server";

import type { TrpcSessionUser } from "../../../trpc";
import type { TGetUserInput } from "./getUser.schema";

type AdminVerifyOptions = {
  ctx: {
    user: NonNullable<TrpcSessionUser>;
  };
  input: TGetUserInput;
};

export async function getUserHandler({ input, ctx }: AdminVerifyOptions) {
  const currentUser = ctx.user;

  if (!currentUser.organizationId) throw new TRPCError({ code: "UNAUTHORIZED" });

  // check if user is admin of organization
  if (!(await isOrganisationAdmin(currentUser?.id, currentUser.organizationId)))
    throw new TRPCError({ code: "UNAUTHORIZED" });

  // get requested user from database and ensure they are in the same organization
  const [requestedUser, membership, teams] = await prisma.$transaction([
    prisma.user.findFirst({
      where: { id: input.userId, organizationId: currentUser.organizationId },
      select: {
        id: true,
        email: true,
        username: true,
        name: true,
        bio: true,
        timeZone: true,
        schedules: {
          select: {
            id: true,
            name: true,
          },
        },
      },
    }),
    // Query on accepted as we don't want the user to be able to get this much info on a user that hasn't accepted the invite
    prisma.membership.findFirst({
      where: {
        userId: input.userId,
        teamId: currentUser.organizationId,
        accepted: true,
      },
      select: {
        role: true,
      },
    }),
    prisma.membership.findMany({
      where: {
        userId: input.userId,
        team: {
          parentId: currentUser.organizationId,
        },
      },
      select: {
        team: {
          select: {
            id: true,
            name: true,
          },
        },
        accepted: true,
      },
    }),
  ]);

  if (!requestedUser || !membership)
    throw new TRPCError({ code: "UNAUTHORIZED", message: "user_not_exist_or_not_in_org" });

  const foundUser = {
    ...requestedUser,
    teams: teams.map((team) => ({
      ...team.team,
      accepted: team.accepted,
    })),
    role: membership.role,
  };

  return foundUser;
}

export default getUserHandler;
feat: Org user table - bulk actions (#10504) Co-authored-by: Udit Takkar <53316345+Udit-takkar@users.noreply.github.com> Co-authored-by: Hariom Balhara <hariombalhara@gmail.com> Co-authored-by: Leo Giovanetti <hello@leog.me> Co-authored-by: Alex van Andel <me@alexvanandel.com> Co-authored-by: CarinaWolli <wollencarina@gmail.com> Co-authored-by: zomars <zomars@me.com> Co-authored-by: Peer Richelsen <peeroke@gmail.com> Co-authored-by: Joe Au-Yeung <65426560+joeauyeung@users.noreply.github.com> Co-authored-by: Udit Takkar <udit.07814802719@cse.mait.ac.in> Co-authored-by: Keith Williams <keithwillcode@gmail.com> Co-authored-by: Peer Richelsen <peer@cal.com> Co-authored-by: Syed Ali Shahbaz <52925846+alishaz-polymath@users.noreply.github.com> Co-authored-by: gitstart-calcom <gitstart@users.noreply.github.com> Co-authored-by: Shivam Kalra <shivamkalra98@gmail.com> Co-authored-by: cherish2003 <saicherissh90@gmail.com> Co-authored-by: sean-brydon <55134778+sean-brydon@users.noreply.github.com> Co-authored-by: rkreddy99 <rreddy@e2clouds.com> Co-authored-by: varun thummar <Varun> Co-authored-by: Crowdin Bot <support+bot@crowdin.com> Co-authored-by: Pradumn Kumar <47187878+Pradumn27@users.noreply.github.com> Co-authored-by: Richard Poelderl <richard.poelderl@gmail.com> Co-authored-by: mohammed hussam <hussamkhatib20@gmail.com> Co-authored-by: Carina Wollendorfer <30310907+CarinaWolli@users.noreply.github.com> Co-authored-by: Anik Dhabal Babu <81948346+anikdhabal@users.noreply.github.com> Co-authored-by: nicktrn <55853254+nicktrn@users.noreply.github.com> Co-authored-by: sydwardrae <94979838+sydwardrae@users.noreply.github.com> Co-authored-by: Janakiram Yellapu <jyellapu@vmware.com> Co-authored-by: GitStart-Cal.com <121884634+gitstart-calcom@users.noreply.github.com> Co-authored-by: sajanlamsal <saznlamsal@gmail.com> Co-authored-by: Cherish <88829894+cherish2003@users.noreply.github.com> Co-authored-by: Danila <daniil.demidovich@gmail.com> Co-authored-by: Neel Patel <29038590+N-NeelPatel@users.noreply.github.com> Co-authored-by: Rama Krishna Reddy <49095575+rkreddy99@users.noreply.github.com> Co-authored-by: Varun Thummar <110765105+VARUN949@users.noreply.github.com> Co-authored-by: Bhargav <bhargavtenali@gmail.com> Co-authored-by: Pratik Kumar <kpratik1929@gmail.com> Co-authored-by: Ritesh Patil <riteshsp2000@gmail.com> 2023-08-15 21:07:38 +00:00			`import { isOrganisationAdmin } from "@calcom/lib/server/queries/organisations";`
			`import { prisma } from "@calcom/prisma";`

			`import { TRPCError } from "@trpc/server";`

			`import type { TrpcSessionUser } from "../../../trpc";`
			`import type { TGetUserInput } from "./getUser.schema";`

			`type AdminVerifyOptions = {`
			`ctx: {`
			`user: NonNullable<TrpcSessionUser>;`
			`};`
			`input: TGetUserInput;`
			`};`

			`export async function getUserHandler({ input, ctx }: AdminVerifyOptions) {`
			`const currentUser = ctx.user;`

			`if (!currentUser.organizationId) throw new TRPCError({ code: "UNAUTHORIZED" });`

			`// check if user is admin of organization`
			`if (!(await isOrganisationAdmin(currentUser?.id, currentUser.organizationId)))`
			`throw new TRPCError({ code: "UNAUTHORIZED" });`

			`// get requested user from database and ensure they are in the same organization`
			`const [requestedUser, membership, teams] = await prisma.$transaction([`
			`prisma.user.findFirst({`
			`where: { id: input.userId, organizationId: currentUser.organizationId },`
			`select: {`
			`id: true,`
			`email: true,`
			`username: true,`
			`name: true,`
			`bio: true,`
			`timeZone: true,`
			`schedules: {`
			`select: {`
			`id: true,`
			`name: true,`
			`},`
			`},`
			`},`
			`}),`
			`// Query on accepted as we don't want the user to be able to get this much info on a user that hasn't accepted the invite`
			`prisma.membership.findFirst({`
			`where: {`
			`userId: input.userId,`
			`teamId: currentUser.organizationId,`
			`accepted: true,`
			`},`
			`select: {`
			`role: true,`
			`},`
			`}),`
			`prisma.membership.findMany({`
			`where: {`
			`userId: input.userId,`
			`team: {`
			`parentId: currentUser.organizationId,`
			`},`
			`},`
			`select: {`
			`team: {`
			`select: {`
			`id: true,`
			`name: true,`
			`},`
			`},`
			`accepted: true,`
			`},`
			`}),`
			`]);`

			`if (!requestedUser \|\| !membership)`
			`throw new TRPCError({ code: "UNAUTHORIZED", message: "user_not_exist_or_not_in_org" });`

			`const foundUser = {`
			`...requestedUser,`
			`teams: teams.map((team) => ({`
			`...team.team,`
			`accepted: team.accepted,`
			`})),`
			`role: membership.role,`
			`};`

			`return foundUser;`
			`}`

			`export default getUserHandler;`