docs: add some comments

pull/9078/head
Agusti Fernandez Pardo 2022-05-31 18:53:41 +02:00
parent 4eccc8a74b
commit 187d5f2b10
1 changed files with 4 additions and 5 deletions

View File

@ -30,19 +30,18 @@ async function getAllorCreateUser(
const isAdmin = await isAdminGuard(userId); const isAdmin = await isAdminGuard(userId);
if (method === "GET") { if (method === "GET") {
if (!isAdmin) { if (!isAdmin) {
const data = await prisma.user.findMany({ // If user is not ADMIN, return only his data.
where: { const data = await prisma.user.findMany({ where: { id: userId } });
id: userId,
},
});
const users = data.map((user) => schemaUserReadPublic.parse(user)); const users = data.map((user) => schemaUserReadPublic.parse(user));
if (users) res.status(200).json({ users }); if (users) res.status(200).json({ users });
} else { } else {
// If user is admin, return all users.
const data = await prisma.user.findMany({}); const data = await prisma.user.findMany({});
const users = data.map((user) => schemaUserReadPublic.parse(user)); const users = data.map((user) => schemaUserReadPublic.parse(user));
if (users) res.status(200).json({ users }); if (users) res.status(200).json({ users });
} }
} else if (method === "POST") { } else if (method === "POST") {
// If user is not ADMIN, return unauthorized.
if (!isAdmin) res.status(401).json({ message: "You are not authorized" }); if (!isAdmin) res.status(401).json({ message: "You are not authorized" });
else { else {
const safeBody = schemaUserCreateBodyParams.safeParse(body); const safeBody = schemaUserCreateBodyParams.safeParse(body);