Changed req to query to allow passing in userId, not session (#197)

2022-10-20 18:27:01 +01:00 · 2022-10-20 18:27:01 +01:00 · f4d52b88a4
parent 1f9be423ad
commit f4d52b88a4
1 changed files with 8 additions and 6 deletions
--- a/pages/api/users/[userId]/_patch.ts
+++ b/pages/api/users/[userId]/_patch.ts
@ -42,14 +42,16 @@ import { schemaUserEditBodyParams, schemaUserReadPublic } from "@lib/validations
 *        required: true
 *        description: ID of the user to edit
 *     tags:
- *     - users
+ *       - users
 *     responses:
- *       201:
+ *       200:
 *         description: OK, user edited successfuly
 *       400:
- *        description: Bad request. User body is invalid.
+ *         description: Bad request. User body is invalid.
 *       401:
- *        description: Authorization information is missing or invalid.
+ *         description: Authorization information is missing or invalid.
+ *       403:
+ *         description: Insufficient permissions to access resource.
 */
 export async function patchHandler(req: NextApiRequest) {
  const { prisma, isAdmin } = req;
@ -59,7 +61,7 @@ export async function patchHandler(req: NextApiRequest) {

  const body = schemaUserEditBodyParams.parse(req.body);
  const userSchedules = await prisma.schedule.findMany({
-    where: { userId: req.userId },
+    where: { userId: query.userId },
  });
  const userSchedulesIds = userSchedules.map((schedule) => schedule.id);
  // @note: here we make sure user can only make as default his own scheudles
@ -70,7 +72,7 @@ export async function patchHandler(req: NextApiRequest) {
    });
  }
  const data = await prisma.user.update({
-    where: { id: req.userId },
+    where: { id: query.userId },
    data: body,
  });
  const user = schemaUserReadPublic.parse(data);