cal.pub0.org/pages/api/memberships/[id].ts

187 lines
5.9 KiB
TypeScript
Raw Normal View History

2022-04-04 19:39:30 +00:00
import type { NextApiRequest, NextApiResponse } from "next";
import prisma from "@calcom/prisma";
import { withMiddleware } from "@lib/helpers/withMiddleware";
import type { MembershipResponse } from "@lib/types";
import { schemaMembershipBodyParams, schemaMembershipPublic } from "@lib/validations/membership";
import { schemaQueryIdAsString, withValidQueryIdString } from "@lib/validations/shared/queryIdString";
2022-04-29 15:29:57 +00:00
export async function membershipById(
{ method, query, body, userId }: NextApiRequest,
res: NextApiResponse<MembershipResponse>
) {
const safeQuery = schemaQueryIdAsString.safeParse(query);
2022-05-18 12:27:30 +00:00
if (!safeQuery.success) {
res.status(400).json({ message: "Your query was invalid" });
return;
}
2022-04-04 19:39:30 +00:00
// This is how we set the userId and teamId in the query for managing compoundId.
2022-04-20 22:55:22 +00:00
const [paramUserId, teamId] = safeQuery.data.id.split("_");
if (parseInt(paramUserId) !== userId) res.status(401).json({ message: "Unauthorized" });
else {
2022-04-20 22:55:22 +00:00
switch (method) {
2022-04-29 15:29:57 +00:00
/**
* @swagger
* /memberships/{userId}_{teamId}:
* get:
* summary: Find a membership by userID and teamID
* parameters:
* - in: path
* name: userId
* schema:
* type: integer
* required: true
* description: Numeric userId of the membership to get
* - in: path
* name: teamId
* schema:
* type: integer
* required: true
* description: Numeric teamId of the membership to get
* tags:
* - memberships
* responses:
* 200:
* description: OK
* 401:
* description: Authorization information is missing or invalid.
* 404:
* description: Membership was not found
*/
2022-04-20 22:55:22 +00:00
case "GET":
await prisma.membership
.findUnique({
where: {
userId_teamId: {
userId: userId,
teamId: parseInt(teamId),
},
},
})
.then((data) => schemaMembershipPublic.parse(data))
.then((membership) => res.status(200).json({ membership }))
.catch((error: Error) =>
res.status(404).json({
message: `Membership with id: ${safeQuery.data.id} not found`,
error,
})
);
break;
2022-04-04 19:39:30 +00:00
2022-04-29 15:29:57 +00:00
/**
* @swagger
* /memberships/{userId}_{teamId}:
* patch:
* summary: Edit an existing membership
* parameters:
* - in: path
* name: userId
* schema:
* type: integer
* required: true
* description: Numeric userId of the membership to get
* - in: path
* name: teamId
* schema:
* type: integer
* required: true
* description: Numeric teamId of the membership to get
* tags:
* - memberships
* responses:
* 201:
* description: OK, membership edited successfuly
* 400:
* description: Bad request. Membership body is invalid.
* 401:
* description: Authorization information is missing or invalid.
*/
2022-04-20 22:55:22 +00:00
case "PATCH":
2022-04-29 15:29:57 +00:00
const safeBody = schemaMembershipBodyParams.safeParse(body);
2022-04-20 22:55:22 +00:00
if (!safeBody.success) {
2022-05-17 17:33:18 +00:00
{
res.status(400).json({ message: "Invalid request body" });
return;
}
2022-04-20 22:55:22 +00:00
}
await prisma.membership
.update({
where: {
userId_teamId: {
userId: userId,
teamId: parseInt(teamId),
},
},
data: safeBody.data,
})
.then((data) => schemaMembershipPublic.parse(data))
.then((membership) => res.status(200).json({ membership }))
.catch((error: Error) =>
res.status(404).json({
message: `Membership with id: ${safeQuery.data.id} not found`,
error,
})
);
break;
2022-04-04 19:39:30 +00:00
2022-04-29 15:29:57 +00:00
/**
* @swagger
* /memberships/{userId}_{teamId}:
* delete:
* summary: Remove an existing membership
* parameters:
* - in: path
* name: userId
* schema:
* type: integer
* required: true
* description: Numeric userId of the membership to get
* - in: path
* name: teamId
* schema:
* type: integer
* required: true
* description: Numeric teamId of the membership to get
* tags:
* - memberships
* responses:
* 201:
* description: OK, membership removed successfuly
* 400:
* description: Bad request. Membership id is invalid.
* 401:
* description: Authorization information is missing or invalid.
*/
2022-04-20 22:55:22 +00:00
case "DELETE":
await prisma.membership
.delete({
where: {
userId_teamId: {
userId: userId,
teamId: parseInt(teamId),
},
},
})
.then(() =>
res.status(200).json({
message: `Membership with id: ${safeQuery.data.id} deleted successfully`,
})
)
.catch((error: Error) =>
res.status(404).json({
message: `Membership with id: ${safeQuery.data.id} not found`,
error,
})
);
break;
2022-04-04 19:39:30 +00:00
2022-04-20 22:55:22 +00:00
default:
res.status(405).json({ message: "Method not allowed" });
break;
}
}
2022-04-04 19:39:30 +00:00
}
export default withMiddleware("HTTP_GET_DELETE_PATCH")(withValidQueryIdString(membershipById));