feat: admin endpoints for bookings

pull/9078/head
Agusti Fernandez Pardo 2022-06-15 21:10:19 +02:00
parent dd94df8c97
commit 6349491ae7
3 changed files with 31 additions and 15 deletions

View File

@ -3,7 +3,6 @@ import { z } from "zod";
import { _BookingModel as Booking } from "@calcom/prisma/zod";
const schemaBookingBaseBodyParams = Booking.pick({
uid: true,
userId: true,
eventTypeId: true,
title: true,

View File

@ -11,7 +11,7 @@ import {
} from "@lib/validations/shared/queryIdTransformParseInt";
export async function bookingById(
{ method, query, body, userId }: NextApiRequest,
{ method, query, body, userId, isAdmin }: NextApiRequest,
res: NextApiResponse<BookingResponse>
) {
const safeQuery = schemaQueryIdParseInt.safeParse(query);
@ -25,8 +25,10 @@ export async function bookingById(
});
if (!userWithBookings) throw new Error("User not found");
const userBookingIds = userWithBookings.bookings.map((booking: { id: number }) => booking.id).flat();
if (!userBookingIds.includes(safeQuery.data.id)) res.status(401).json({ message: "Unauthorized" });
else {
if (!isAdmin) {
if (!userBookingIds.includes(safeQuery.data.id)) res.status(401).json({ message: "Unauthorized" });
} else {
switch (method) {
/**
* @swagger

View File

@ -33,16 +33,29 @@ async function createOrlistAllBookings(
* 404:
* description: No bookings were found
*/
const data = await prisma.booking.findMany({ where: { userId } });
const bookings = data.map((booking) => schemaBookingReadPublic.parse(booking));
console.log(`Bookings requested by ${userId}`);
if (bookings) res.status(200).json({ bookings });
else
(error: Error) =>
res.status(404).json({
message: "No Bookings were found",
error,
});
if (!isAdmin) {
const data = await prisma.booking.findMany({ where: { userId } });
const bookings = data.map((booking) => schemaBookingReadPublic.parse(booking));
if (bookings) res.status(200).json({ bookings });
else {
(error: Error) =>
res.status(404).json({
message: "No Bookings were found",
error,
});
}
} else {
const data = await prisma.booking.findMany();
const bookings = data.map((booking) => schemaBookingReadPublic.parse(booking));
if (bookings) res.status(200).json({ bookings });
else {
(error: Error) =>
res.status(404).json({
message: "No Bookings were found",
error,
});
}
}
} else if (method === "POST") {
/**
* @swagger
@ -83,7 +96,9 @@ async function createOrlistAllBookings(
res.status(400).json({ message: "Bad request. Booking body is invalid." });
return;
}
safe.data.userId = userId;
if (!isAdmin) {
safe.data.userId = userId;
}
const data = await prisma.booking.create({ data: { uid: uuidv4(), ...safe.data } });
const booking = schemaBookingReadPublic.parse(data);