77 lines
1.8 KiB
TypeScript
77 lines
1.8 KiB
TypeScript
import type { NextApiRequest, NextApiResponse } from "next";
|
|
|
|
import { getSession } from "@lib/auth";
|
|
import prisma from "@lib/prisma";
|
|
|
|
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
|
|
const session = await getSession({ req });
|
|
|
|
if (!session) {
|
|
res.status(401).json({ message: "Not authenticated" });
|
|
return;
|
|
}
|
|
|
|
const isTeamOwner = !!(await prisma.membership.findFirst({
|
|
where: {
|
|
userId: session.user?.id,
|
|
teamId: parseInt(req.query.team as string),
|
|
role: "OWNER",
|
|
},
|
|
}));
|
|
|
|
if (!isTeamOwner) {
|
|
res.status(403).json({ message: "You are not authorized to manage this team" });
|
|
return;
|
|
}
|
|
|
|
// List members
|
|
if (req.method === "GET") {
|
|
const memberships = await prisma.membership.findMany({
|
|
where: {
|
|
teamId: parseInt(req.query.team as string),
|
|
},
|
|
});
|
|
|
|
let members = await prisma.user.findMany({
|
|
where: {
|
|
id: {
|
|
in: memberships.map((membership) => membership.userId),
|
|
},
|
|
},
|
|
select: {
|
|
id: true,
|
|
username: true,
|
|
name: true,
|
|
email: true,
|
|
bio: true,
|
|
avatar: true,
|
|
timeZone: true,
|
|
},
|
|
});
|
|
|
|
members = members.map((member) => {
|
|
const membership = memberships.find((membership) => member.id === membership.userId);
|
|
return {
|
|
...member,
|
|
role: membership?.accepted ? membership?.role : "INVITEE",
|
|
};
|
|
});
|
|
|
|
return res.status(200).json({ members: members });
|
|
}
|
|
|
|
// Cancel a membership (invite)
|
|
if (req.method === "DELETE") {
|
|
await prisma.membership.delete({
|
|
where: {
|
|
userId_teamId: { userId: req.body.userId, teamId: parseInt(req.query.team as string) },
|
|
},
|
|
});
|
|
return res.status(204).send(null);
|
|
}
|
|
|
|
// Promote or demote a member of the team
|
|
|
|
res.status(200).json({});
|
|
}
|