Changed req to query to allow passing in userId, not session (#197)

pull/9078/head
Alex van Andel 2022-10-20 18:27:01 +01:00 committed by GitHub
parent 1f9be423ad
commit f4d52b88a4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 6 deletions

View File

@ -42,14 +42,16 @@ import { schemaUserEditBodyParams, schemaUserReadPublic } from "@lib/validations
* required: true * required: true
* description: ID of the user to edit * description: ID of the user to edit
* tags: * tags:
* - users * - users
* responses: * responses:
* 201: * 200:
* description: OK, user edited successfuly * description: OK, user edited successfuly
* 400: * 400:
* description: Bad request. User body is invalid. * description: Bad request. User body is invalid.
* 401: * 401:
* description: Authorization information is missing or invalid. * description: Authorization information is missing or invalid.
* 403:
* description: Insufficient permissions to access resource.
*/ */
export async function patchHandler(req: NextApiRequest) { export async function patchHandler(req: NextApiRequest) {
const { prisma, isAdmin } = req; const { prisma, isAdmin } = req;
@ -59,7 +61,7 @@ export async function patchHandler(req: NextApiRequest) {
const body = schemaUserEditBodyParams.parse(req.body); const body = schemaUserEditBodyParams.parse(req.body);
const userSchedules = await prisma.schedule.findMany({ const userSchedules = await prisma.schedule.findMany({
where: { userId: req.userId }, where: { userId: query.userId },
}); });
const userSchedulesIds = userSchedules.map((schedule) => schedule.id); const userSchedulesIds = userSchedules.map((schedule) => schedule.id);
// @note: here we make sure user can only make as default his own scheudles // @note: here we make sure user can only make as default his own scheudles
@ -70,7 +72,7 @@ export async function patchHandler(req: NextApiRequest) {
}); });
} }
const data = await prisma.user.update({ const data = await prisma.user.update({
where: { id: req.userId }, where: { id: query.userId },
data: body, data: body,
}); });
const user = schemaUserReadPublic.parse(data); const user = schemaUserReadPublic.parse(data);