cal.pub0.org/pages/api/memberships/[id].ts

189 lines
5.7 KiB
TypeScript

import type { NextApiRequest, NextApiResponse } from "next";
import prisma from "@calcom/prisma";
import { withMiddleware } from "@lib/helpers/withMiddleware";
import type { MembershipResponse } from "@lib/types";
import { schemaMembershipBodyParams, schemaMembershipPublic } from "@lib/validations/membership";
import { schemaQueryIdAsString, withValidQueryIdString } from "@lib/validations/shared/queryIdString";
/**
* @swagger
* /memberships/{userId}_{teamId}:
* get:
* summary: Get a membership by userID and teamID
* parameters:
* - in: path
* name: userId
* schema:
* type: integer
* required: true
* description: Numeric userId of the membership to get
* - in: path
* name: teamId
* schema:
* type: integer
* required: true
* description: Numeric teamId of the membership to get
* security:
* - ApiKeyAuth: []
* tags:
* - memberships
* responses:
* 200:
* description: OK
* 401:
* description: Authorization information is missing or invalid.
* 404:
* description: Membership was not found
* patch:
* summary: Edit an existing membership
* consumes:
* - application/json
* parameters:
* - in: body
* name: membership
* description: The membership to edit
* schema:
* type: object
* $ref: '#/components/schemas/Membership'
* required: true
* - in: path
* name: userId
* schema:
* type: integer
* required: true
* description: Numeric userId of the membership to get
* - in: path
* name: teamId
* schema:
* type: integer
* required: true
* description: Numeric teamId of the membership to get
* security:
* - ApiKeyAuth: []
* tags:
* - memberships
* responses:
* 201:
* description: OK, membership edited successfuly
* model: Membership
* 400:
* description: Bad request. Membership body is invalid.
* 401:
* description: Authorization information is missing or invalid.
* delete:
* summary: Remove an existing membership
* parameters:
* - in: path
* name: userId
* schema:
* type: integer
* required: true
* description: Numeric userId of the membership to get
* - in: path
* name: teamId
* schema:
* type: integer
* required: true
* description: Numeric teamId of the membership to get
* security:
* - ApiKeyAuth: []
* tags:
* - memberships
* responses:
* 201:
* description: OK, membership removed successfuly
* model: Membership
* 400:
* description: Bad request. Membership id is invalid.
* 401:
* description: Authorization information is missing or invalid.
*/
export async function membershipById(req: NextApiRequest, res: NextApiResponse<MembershipResponse>) {
const { method, query, body } = req;
const safeQuery = schemaQueryIdAsString.safeParse(query);
const safeBody = schemaMembershipBodyParams.safeParse(body);
if (!safeQuery.success) throw new Error("Invalid request query", safeQuery.error);
// This is how we set the userId and teamId in the query for managing compoundId.
const [paramUserId, teamId] = safeQuery.data.id.split("_");
const userId = req.userId;
if (parseInt(paramUserId) !== userId) res.status(401).json({ message: "Unauthorized" });
else {
switch (method) {
case "GET":
await prisma.membership
.findUnique({
where: {
userId_teamId: {
userId: userId,
teamId: parseInt(teamId),
},
},
})
.then((data) => schemaMembershipPublic.parse(data))
.then((membership) => res.status(200).json({ membership }))
.catch((error: Error) =>
res.status(404).json({
message: `Membership with id: ${safeQuery.data.id} not found`,
error,
})
);
break;
case "PATCH":
if (!safeBody.success) {
throw new Error("Invalid request body");
}
await prisma.membership
.update({
where: {
userId_teamId: {
userId: userId,
teamId: parseInt(teamId),
},
},
data: safeBody.data,
})
.then((data) => schemaMembershipPublic.parse(data))
.then((membership) => res.status(200).json({ membership }))
.catch((error: Error) =>
res.status(404).json({
message: `Membership with id: ${safeQuery.data.id} not found`,
error,
})
);
break;
case "DELETE":
await prisma.membership
.delete({
where: {
userId_teamId: {
userId: userId,
teamId: parseInt(teamId),
},
},
})
.then(() =>
res.status(200).json({
message: `Membership with id: ${safeQuery.data.id} deleted successfully`,
})
)
.catch((error: Error) =>
res.status(404).json({
message: `Membership with id: ${safeQuery.data.id} not found`,
error,
})
);
break;
default:
res.status(405).json({ message: "Method not allowed" });
break;
}
}
}
export default withMiddleware("HTTP_GET_DELETE_PATCH")(withValidQueryIdString(membershipById));