fix(paypal/add): safeparse teamId

11791-cal-2603-refactor-paypal-to-use-their-oauth-and-not-require-users-to-make-an-app
Morgan Vernay 2023-10-12 17:34:21 +03:00
parent 9941186a74
commit 43365dc6ec
1 changed files with 5 additions and 2 deletions

View File

@ -1,4 +1,5 @@
import type { NextApiRequest, NextApiResponse } from "next"; import type { NextApiRequest, NextApiResponse } from "next";
import { z } from "zod";
import Paypal from "@calcom/app-store/paypal/lib/Paypal"; import Paypal from "@calcom/app-store/paypal/lib/Paypal";
import { defaultHandler } from "@calcom/lib/server"; import { defaultHandler } from "@calcom/lib/server";
@ -7,7 +8,7 @@ import prisma from "@calcom/prisma";
import config from "../config.json"; import config from "../config.json";
async function getHandler(req: NextApiRequest, res: NextApiResponse) { async function getHandler(req: NextApiRequest, res: NextApiResponse) {
const teamId = Number(req.query?.teamId); const parsedTeamId = z.coerce.number().safeParse(req.query.teamId);
const userId = req.session?.user?.id; const userId = req.session?.user?.id;
if (!userId) { if (!userId) {
return res.status(401).json({ message: "You must be logged in to do this" }); return res.status(401).json({ message: "You must be logged in to do this" });
@ -18,7 +19,9 @@ async function getHandler(req: NextApiRequest, res: NextApiResponse) {
select: { id: true }, select: { id: true },
where: { where: {
appId: config.slug, appId: config.slug,
...(Boolean(teamId) ? { AND: [{ userId: userId }, { teamId }] } : { userId: userId }), ...(parsedTeamId.success
? { AND: [{ userId: userId }, { teamId: parsedTeamId.data }] }
: { userId: userId }),
}, },
}) })
); );