cal.pub0.org/pages/api/users/[id].ts

import type { NextApiRequest, NextApiResponse } from "next";

import prisma from "@calcom/prisma";

import { withMiddleware } from "@lib/helpers/withMiddleware";
import type { UserResponse } from "@lib/types";
import {
  schemaQueryIdParseInt,
  withValidQueryIdTransformParseInt,
} from "@lib/validations/shared/queryIdTransformParseInt";
import { schemaUserEditBodyParams, schemaUserReadPublic } from "@lib/validations/user";

/**
 * @swagger
 * /users/{id}:
 *   get:
 *     summary: Find a user, returns your user if regular user.
 *     operationId: getUserById
 *     parameters:
 *       - in: path
 *         name: id
 *         schema:
 *           type: integer
 *         required: true
 *         description: Numeric ID of the user to get
 *     tags:
 *     - users
 *     responses:
 *       200:
 *         description: OK
 *       401:
 *        description: Authorization information is missing or invalid.
 *       404:
 *         description: User was not found
 *   patch:
 *     summary: Edit an existing user
 *     operationId: editUserById
 *     parameters:
 *      - in: path
 *        name: id
 *        schema:
 *          type: integer
 *        required: true
 *        description: Numeric ID of the user to edit
 *     tags:
 *     - users
 *     responses:
 *       201:
 *         description: OK, user edited successfuly
 *       400:
 *        description: Bad request. User body is invalid.
 *       401:
 *        description: Authorization information is missing or invalid.
 *   delete:
 *     summary: Remove an existing user
 *     operationId: deleteUserById
 *     parameters:
 *      - in: path
 *        name: id
 *        schema:
 *          type: integer
 *        required: true
 *        description: Numeric ID of the user to delete
 *     tags:
 *     - users
 *     responses:
 *       201:
 *         description: OK, user removed successfuly
 *       400:
 *        description: Bad request. User id is invalid.
 *       401:
 *        description: Authorization information is missing or invalid.
 */
export async function userById({ method, query, body, userId }: NextApiRequest, res: NextApiResponse<any>) {
  const safeQuery = schemaQueryIdParseInt.safeParse(query);
  console.log(body);
  if (!safeQuery.success) throw new Error("Invalid request query", safeQuery.error);
  if (safeQuery.data.id !== userId) res.status(401).json({ message: "Unauthorized" });
  else {
    switch (method) {
      case "GET":
        await prisma.user
          .findUnique({ where: { id: safeQuery.data.id } })
          .then((data) => schemaUserReadPublic.parse(data))
          .then((user) => res.status(200).json({ user }))
          .catch((error: Error) =>
            res.status(404).json({ message: `User with id: ${safeQuery.data.id} not found`, error })
          );
        break;

      case "PATCH":
        const safeBody = schemaUserEditBodyParams.safeParse(body);
        if (!safeBody.success) {
          res.status(400).json({ message: "Bad request", error: safeBody.error });
          throw new Error("Invalid request body");
        }
        const userSchedules = await prisma.schedule.findMany({
          where: { userId },
        });
        const userSchedulesIds = userSchedules.map((schedule) => schedule.id);
        // @note: here we make sure user can only make as default his own scheudles
        if (!userSchedulesIds.includes(Number(safeBody?.data?.defaultScheduleId))) {
          res.status(400).json({
            message: "Bad request",
            error: "Invalid default schedule id",
          });
          throw new Error("Invalid request body value: defaultScheduleId");
        }
        await prisma.user
          .update({
            where: { id: userId },
            data: safeBody.data,
          })
          .then((data) => schemaUserReadPublic.parse(data))
          .then((user) => res.status(200).json({ user }))
          .catch((error: Error) =>
            res.status(404).json({ message: `User with id: ${safeQuery.data.id} not found`, error })
          );
        break;

      case "DELETE":
        await prisma.user
          .delete({ where: { id: safeQuery.data.id } })
          .then(() =>
            res.status(200).json({ message: `User with id: ${safeQuery.data.id} deleted successfully` })
          )
          .catch((error: Error) =>
            res.status(404).json({ message: `User with id: ${safeQuery.data.id} not found`, error })
          );
        break;

      default:
        res.status(405).json({ message: "Method not allowed" });
        break;
    }
  }
}

export default withMiddleware("HTTP_GET_DELETE_PATCH")(withValidQueryIdTransformParseInt(userById));
re-unify into one route all id ops for teams and users 2022-04-03 22:49:05 +00:00			`import type { NextApiRequest, NextApiResponse } from "next";`

			`import prisma from "@calcom/prisma";`

			`import { withMiddleware } from "@lib/helpers/withMiddleware";`
			`import type { UserResponse } from "@lib/types";`
			`import {`
			`schemaQueryIdParseInt,`
			`withValidQueryIdTransformParseInt,`
			`} from "@lib/validations/shared/queryIdTransformParseInt";`
fix: moves to pick and separates availabilities 2022-04-26 20:23:33 +00:00			`import { schemaUserEditBodyParams, schemaUserReadPublic } from "@lib/validations/user";`
re-unify into one route all id ops for teams and users 2022-04-03 22:49:05 +00:00
			`/**`
			`* @swagger`
remove v1 from specs 2022-04-26 19:56:59 +00:00			`* /users/{id}:`
re-unify into one route all id ops for teams and users 2022-04-03 22:49:05 +00:00			`* get:`
fix: improve comments, no anys 2022-04-29 15:29:57 +00:00			`* summary: Find a user, returns your user if regular user.`
fix: channels removed 2022-04-30 17:46:04 +00:00			`* operationId: getUserById`
re-unify into one route all id ops for teams and users 2022-04-03 22:49:05 +00:00			`* parameters:`
			`* - in: path`
			`* name: id`
			`* schema:`
			`* type: integer`
			`* required: true`
			`* description: Numeric ID of the user to get`
			`* tags:`
			`* - users`
			`* responses:`
			`* 200:`
			`* description: OK`
			`* 401:`
			`* description: Authorization information is missing or invalid.`
			`* 404:`
			`* description: User was not found`
			`* patch:`
			`* summary: Edit an existing user`
fix: channels removed 2022-04-30 17:46:04 +00:00			`* operationId: editUserById`
re-unify into one route all id ops for teams and users 2022-04-03 22:49:05 +00:00			`* parameters:`
			`* - in: path`
			`* name: id`
			`* schema:`
			`* type: integer`
			`* required: true`
			`* description: Numeric ID of the user to edit`
			`* tags:`
			`* - users`
			`* responses:`
			`* 201:`
			`* description: OK, user edited successfuly`
			`* 400:`
			`* description: Bad request. User body is invalid.`
			`* 401:`
			`* description: Authorization information is missing or invalid.`
			`* delete:`
			`* summary: Remove an existing user`
fix: channels removed 2022-04-30 17:46:04 +00:00			`* operationId: deleteUserById`
re-unify into one route all id ops for teams and users 2022-04-03 22:49:05 +00:00			`* parameters:`
			`* - in: path`
			`* name: id`
			`* schema:`
			`* type: integer`
			`* required: true`
			`* description: Numeric ID of the user to delete`
			`* tags:`
			`* - users`
			`* responses:`
			`* 201:`
			`* description: OK, user removed successfuly`
			`* 400:`
			`* description: Bad request. User id is invalid.`
			`* 401:`
			`* description: Authorization information is missing or invalid.`
			`*/`
fix: move all req to deconstructed 2022-04-30 18:53:19 +00:00			`export async function userById({ method, query, body, userId }: NextApiRequest, res: NextApiResponse<any>) {`
payments safe, unify endpoints for remindermails schedules 2022-04-10 00:10:34 +00:00			`const safeQuery = schemaQueryIdParseInt.safeParse(query);`
fix users, availabilites, attendees 2022-04-24 00:10:32 +00:00			`console.log(body);`
re-unify into one route all id ops for teams and users 2022-04-03 22:49:05 +00:00			`if (!safeQuery.success) throw new Error("Invalid request query", safeQuery.error);`
fix: build removing extra spaces 2022-04-23 00:40:39 +00:00			`if (safeQuery.data.id !== userId) res.status(401).json({ message: "Unauthorized" });`
fix: move 401 to throw early in all endpoints 2022-04-23 00:17:06 +00:00			`else {`
Add userId check in users getAll and id endpoints 2022-04-07 19:55:43 +00:00			`switch (method) {`
			`case "GET":`
			`await prisma.user`
			`.findUnique({ where: { id: safeQuery.data.id } })`
fix users, availabilites, attendees 2022-04-24 00:10:32 +00:00			`.then((data) => schemaUserReadPublic.parse(data))`
feat: unify new/index of attendees, availabilities, booking references, bookings, selected calendars, update response types 2022-04-11 10:03:15 +00:00			`.then((user) => res.status(200).json({ user }))`
Add userId check in users getAll and id endpoints 2022-04-07 19:55:43 +00:00			`.catch((error: Error) =>`
			res.status(404).json({ message: `User with id: ${safeQuery.data.id} not found`, error })
			`);`
			`break;`
re-unify into one route all id ops for teams and users 2022-04-03 22:49:05 +00:00
Add userId check in users getAll and id endpoints 2022-04-07 19:55:43 +00:00			`case "PATCH":`
fix users, availabilites, attendees 2022-04-24 00:10:32 +00:00			`const safeBody = schemaUserEditBodyParams.safeParse(body);`
			`if (!safeBody.success) {`
			`res.status(400).json({ message: "Bad request", error: safeBody.error });`
			`throw new Error("Invalid request body");`
			`}`
feat: adds full validations for users endpoint 2022-04-24 21:56:25 +00:00			`const userSchedules = await prisma.schedule.findMany({`
			`where: { userId },`
			`});`
			`const userSchedulesIds = userSchedules.map((schedule) => schedule.id);`
			`// @note: here we make sure user can only make as default his own scheudles`
			`if (!userSchedulesIds.includes(Number(safeBody?.data?.defaultScheduleId))) {`
			`res.status(400).json({`
			`message: "Bad request",`
			`error: "Invalid default schedule id",`
			`});`
			`throw new Error("Invalid request body value: defaultScheduleId");`
			`}`
Add userId check in users getAll and id endpoints 2022-04-07 19:55:43 +00:00			`await prisma.user`
			`.update({`
fix users, availabilites, attendees 2022-04-24 00:10:32 +00:00			`where: { id: userId },`
Add userId check in users getAll and id endpoints 2022-04-07 19:55:43 +00:00			`data: safeBody.data,`
			`})`
fix users, availabilites, attendees 2022-04-24 00:10:32 +00:00			`.then((data) => schemaUserReadPublic.parse(data))`
feat: unify new/index of attendees, availabilities, booking references, bookings, selected calendars, update response types 2022-04-11 10:03:15 +00:00			`.then((user) => res.status(200).json({ user }))`
Add userId check in users getAll and id endpoints 2022-04-07 19:55:43 +00:00			`.catch((error: Error) =>`
			res.status(404).json({ message: `User with id: ${safeQuery.data.id} not found`, error })
			`);`
			`break;`
re-unify into one route all id ops for teams and users 2022-04-03 22:49:05 +00:00
Add userId check in users getAll and id endpoints 2022-04-07 19:55:43 +00:00			`case "DELETE":`
			`await prisma.user`
			`.delete({ where: { id: safeQuery.data.id } })`
			`.then(() =>`
			res.status(200).json({ message: `User with id: ${safeQuery.data.id} deleted successfully` })
			`)`
			`.catch((error: Error) =>`
			res.status(404).json({ message: `User with id: ${safeQuery.data.id} not found`, error })
			`);`
			`break;`
re-unify into one route all id ops for teams and users 2022-04-03 22:49:05 +00:00
Add userId check in users getAll and id endpoints 2022-04-07 19:55:43 +00:00			`default:`
			`res.status(405).json({ message: "Method not allowed" });`
			`break;`
			`}`
fix: move 401 to throw early in all endpoints 2022-04-23 00:17:06 +00:00			`}`
re-unify into one route all id ops for teams and users 2022-04-03 22:49:05 +00:00			`}`

			`export default withMiddleware("HTTP_GET_DELETE_PATCH")(withValidQueryIdTransformParseInt(userById));`