public-offering
/
cal.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #170 from calcom/admin-event-types 

Allow for admin to edit other user's event types
pull/9078/head
Omar López 2022-10-06 10:33:52 -06:00 committed by GitHub
parent 7e9226fabc 48f270d032
commit 7909d90915
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
pages/api/event-types/[id].ts
View File

@ -12,19 +12,24 @@ export async function eventTypeById(
{ method, query, body, userId, isAdmin, prisma }: NextApiRequest,
res: NextApiResponse<EventTypeResponse>
) {
if (body.userId && !isAdmin) {
res.status(401).json({ message: "Unauthorized" });
return;
}
const safeQuery = schemaQueryIdParseInt.safeParse(query);
if (!safeQuery.success) {
res.status(400).json({ message: "Your query was invalid" });
return;
}
const data = await prisma.user.findUnique({
where: { id: userId },
where: { id: body.userId || userId },
rejectOnNotFound: true,
select: { eventTypes: true },
});
const userEventTypes = data.eventTypes.map((eventType) => eventType.id);
if (!isAdmin) {
if (!userEventTypes.includes(safeQuery.data.id)) res.status(401).json({ message: "Unauthorized" });
if (!userEventTypes.includes(safeQuery.data.id)) {
res.status(401).json({ message: "Unauthorized" });
return;
} else {
switch (method) {
/**
@ -96,6 +101,7 @@ export async function eventTypeById(
*/
case "PATCH":
const safeBody = schemaEventTypeEditBodyParams.safeParse(body);
if (!safeBody.success) {
{
res.status(400).json({ message: "Invalid request body" });

9
pages/api/event-types/index.ts
View File

@ -44,7 +44,14 @@ async function createOrlistAllEventTypes(
error,
});
} else {
const data = await prisma.eventType.findMany({});
const data = await prisma.eventType.findMany({
where: {
...(Array.isArray(body.userId)
? { userId: { in: body.userId } }
: { userId: body.userId || userId }),
},
...(Array.isArray(body.userId) && { orderBy: { userId: "asc" } }),
});
const event_types = data.map((eventType) => schemaEventTypeReadPublic.parse(eventType));
if (event_types) res.status(200).json({ event_types });
}