diff options
| author | Fuwn <[email protected]> | 2026-01-24 13:09:50 +0000 |
|---|---|---|
| committer | Fuwn <[email protected]> | 2026-01-24 13:09:50 +0000 |
| commit | 396acf3bbbe00a192cb0ea0a9ccf91b1d8d2850b (patch) | |
| tree | b9df4ca6a70db45cfffbae6fdd7252e20fb8e93c /src/app/api/pixels/[pixelId] | |
| download | umami-main.tar.xz umami-main.zip | |
Created from https://vercel.com/new
Diffstat (limited to 'src/app/api/pixels/[pixelId]')
| -rw-r--r-- | src/app/api/pixels/[pixelId]/route.ts | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/src/app/api/pixels/[pixelId]/route.ts b/src/app/api/pixels/[pixelId]/route.ts new file mode 100644 index 0000000..ecaf1fd --- /dev/null +++ b/src/app/api/pixels/[pixelId]/route.ts @@ -0,0 +1,76 @@ +import { z } from 'zod'; +import { parseRequest } from '@/lib/request'; +import { badRequest, json, ok, serverError, unauthorized } from '@/lib/response'; +import { canDeletePixel, canUpdatePixel, canViewPixel } from '@/permissions'; +import { deletePixel, getPixel, updatePixel } from '@/queries/prisma'; + +export async function GET(request: Request, { params }: { params: Promise<{ pixelId: string }> }) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + + const { pixelId } = await params; + + if (!(await canViewPixel(auth, pixelId))) { + return unauthorized(); + } + + const pixel = await getPixel(pixelId); + + return json(pixel); +} + +export async function POST(request: Request, { params }: { params: Promise<{ pixelId: string }> }) { + const schema = z.object({ + name: z.string().optional(), + slug: z.string().min(8).optional(), + }); + + const { auth, body, error } = await parseRequest(request, schema); + + if (error) { + return error(); + } + + const { pixelId } = await params; + const { name, slug } = body; + + if (!(await canUpdatePixel(auth, pixelId))) { + return unauthorized(); + } + + try { + const pixel = await updatePixel(pixelId, { name, slug }); + + return Response.json(pixel); + } catch (e: any) { + if (e.message.toLowerCase().includes('unique constraint') && e.message.includes('slug')) { + return badRequest({ message: 'That slug is already taken.' }); + } + + return serverError(e); + } +} + +export async function DELETE( + request: Request, + { params }: { params: Promise<{ pixelId: string }> }, +) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + + const { pixelId } = await params; + + if (!(await canDeletePixel(auth, pixelId))) { + return unauthorized(); + } + + await deletePixel(pixelId); + + return ok(); +} |