public-offering
/
cal.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: move patch to no then/catch

pull/9078/head
Agusti Fernandez Pardo 2022-07-12 20:01:25 +02:00
parent 3f6e7904cb
commit f985bbd1ff
1 changed files with 6 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
pages/api/teams/[teamId]/_patch.ts
View File

@ -39,7 +39,7 @@ export async function patchHandler(req: NextApiRequest, res: NextApiResponse) {
});
const userTeamIds = userWithMemberships.map((membership) => membership.teamId);
// Here we only check for ownership of the user if the user is not admin, otherwise we let ADMIN's edit any user
if (!isAdmin && !userTeamIds.includes(query.teamId))
if (!isAdmin || !userTeamIds.includes(query.teamId))
throw new HttpError({ statusCode: 401, message: "Unauthorized" });
if (!safeBody.success) {
{
@ -47,16 +47,11 @@ export async function patchHandler(req: NextApiRequest, res: NextApiResponse) {
return;
}
}
await prisma.team
.update({ where: { id: query.teamId }, data: safeBody.data })
.then((team) => schemaTeamReadPublic.parse(team))
.then((team) => res.status(200).json({ team }))
.catch((error: Error) =>
res.status(404).json({
message: `Team with id: ${query.teamId} not found`,
error,
})
);
const data = await prisma.team.update({ where: { id: query.teamId }, data: safeBody.data });
if (!data) throw new HttpError({ statusCode: 404, message: `Team with id: ${query.teamId} not found` });
const team = schemaTeamReadPublic.parse(data);
if (!team) throw new HttpError({ statusCode: 401, message: `Your request body wasn't valid` });
return { team };
}
export default defaultResponder(patchHandler);