84 lines
1.8 KiB
TypeScript
84 lines
1.8 KiB
TypeScript
import { z } from 'zod';
|
|
import { unauthorized, json, badRequest } from 'lib/response';
|
|
import { canAddUserToTeam, canUpdateTeam, checkAuth } from 'lib/auth';
|
|
import { checkRequest } from 'lib/request';
|
|
import { pagingParams, roleParam } from 'lib/schema';
|
|
import { createTeamUser, getTeamUser, getTeamUsers } from 'queries';
|
|
|
|
export async function GET(request: Request, { params }: { params: Promise<{ teamId: string }> }) {
|
|
const schema = z.object({
|
|
...pagingParams,
|
|
});
|
|
|
|
const { query, error } = await checkRequest(request, schema);
|
|
|
|
if (error) {
|
|
return badRequest(error);
|
|
}
|
|
|
|
const { teamId } = await params;
|
|
|
|
const auth = await checkAuth(request);
|
|
|
|
if (!(await canUpdateTeam(auth, teamId))) {
|
|
return unauthorized('You must be the owner of this team.');
|
|
}
|
|
|
|
const users = await getTeamUsers(
|
|
{
|
|
where: {
|
|
teamId,
|
|
user: {
|
|
deletedAt: null,
|
|
},
|
|
},
|
|
include: {
|
|
user: {
|
|
select: {
|
|
id: true,
|
|
username: true,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
query,
|
|
);
|
|
|
|
return json(users);
|
|
}
|
|
|
|
export async function POST(
|
|
request: Request,
|
|
{ params }: { params: Promise<{ teamId: string; userId: string }> },
|
|
) {
|
|
const schema = z.object({
|
|
role: roleParam,
|
|
});
|
|
|
|
const { body, error } = await checkRequest(request, schema);
|
|
|
|
if (error) {
|
|
return badRequest(error);
|
|
}
|
|
|
|
const { teamId } = await params;
|
|
|
|
const auth = await checkAuth(request);
|
|
|
|
if (!auth || !(await canAddUserToTeam(auth))) {
|
|
return unauthorized();
|
|
}
|
|
|
|
const { userId, role } = body;
|
|
|
|
const teamUser = await getTeamUser(teamId, userId);
|
|
|
|
if (teamUser) {
|
|
return badRequest('User is already a member of the Team.');
|
|
}
|
|
|
|
const users = await createTeamUser(userId, teamId, role);
|
|
|
|
return json(users);
|
|
}
|