Changed req to query to allow passing in userId, not session (#197)

pull/9078/head
Alex van Andel 2022-10-20 18:27:01 +01:00 committed by GitHub
parent 1f9be423ad
commit f4d52b88a4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 6 deletions

View File

@ -44,12 +44,14 @@ import { schemaUserEditBodyParams, schemaUserReadPublic } from "@lib/validations
* tags:
* - users
* responses:
* 201:
* 200:
* description: OK, user edited successfuly
* 400:
* description: Bad request. User body is invalid.
* 401:
* description: Authorization information is missing or invalid.
* 403:
* description: Insufficient permissions to access resource.
*/
export async function patchHandler(req: NextApiRequest) {
const { prisma, isAdmin } = req;
@ -59,7 +61,7 @@ export async function patchHandler(req: NextApiRequest) {
const body = schemaUserEditBodyParams.parse(req.body);
const userSchedules = await prisma.schedule.findMany({
where: { userId: req.userId },
where: { userId: query.userId },
});
const userSchedulesIds = userSchedules.map((schedule) => schedule.id);
// @note: here we make sure user can only make as default his own scheudles
@ -70,7 +72,7 @@ export async function patchHandler(req: NextApiRequest) {
});
}
const data = await prisma.user.update({
where: { id: req.userId },
where: { id: query.userId },
data: body,
});
const user = schemaUserReadPublic.parse(data);