diff options
Diffstat (limited to 'src/app/api/links')
| -rw-r--r-- | src/app/api/links/[linkId]/route.ts | 77 | ||||
| -rw-r--r-- | src/app/api/links/route.ts | 64 |
2 files changed, 141 insertions, 0 deletions
diff --git a/src/app/api/links/[linkId]/route.ts b/src/app/api/links/[linkId]/route.ts new file mode 100644 index 0000000..92f572c --- /dev/null +++ b/src/app/api/links/[linkId]/route.ts @@ -0,0 +1,77 @@ +import { z } from 'zod'; +import { parseRequest } from '@/lib/request'; +import { badRequest, json, ok, serverError, unauthorized } from '@/lib/response'; +import { canDeleteLink, canUpdateLink, canViewLink } from '@/permissions'; +import { deleteLink, getLink, updateLink } from '@/queries/prisma'; + +export async function GET(request: Request, { params }: { params: Promise<{ linkId: string }> }) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + + const { linkId } = await params; + + if (!(await canViewLink(auth, linkId))) { + return unauthorized(); + } + + const website = await getLink(linkId); + + return json(website); +} + +export async function POST(request: Request, { params }: { params: Promise<{ linkId: string }> }) { + const schema = z.object({ + name: z.string().optional(), + url: z.string().optional(), + slug: z.string().min(8).optional(), + }); + + const { auth, body, error } = await parseRequest(request, schema); + + if (error) { + return error(); + } + + const { linkId } = await params; + const { name, url, slug } = body; + + if (!(await canUpdateLink(auth, linkId))) { + return unauthorized(); + } + + try { + const result = await updateLink(linkId, { name, url, slug }); + + return Response.json(result); + } catch (e: any) { + if (e.message.toLowerCase().includes('unique constraint') && e.message.includes('slug')) { + return badRequest({ message: 'That slug is already taken.' }); + } + + return serverError(e); + } +} + +export async function DELETE( + request: Request, + { params }: { params: Promise<{ linkId: string }> }, +) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + + const { linkId } = await params; + + if (!(await canDeleteLink(auth, linkId))) { + return unauthorized(); + } + + await deleteLink(linkId); + + return ok(); +} diff --git a/src/app/api/links/route.ts b/src/app/api/links/route.ts new file mode 100644 index 0000000..a639888 --- /dev/null +++ b/src/app/api/links/route.ts @@ -0,0 +1,64 @@ +import { z } from 'zod'; +import { uuid } from '@/lib/crypto'; +import { getQueryFilters, parseRequest } from '@/lib/request'; +import { json, unauthorized } from '@/lib/response'; +import { pagingParams, searchParams } from '@/lib/schema'; +import { canCreateTeamWebsite, canCreateWebsite } from '@/permissions'; +import { createLink, getUserLinks } from '@/queries/prisma'; + +export async function GET(request: Request) { + const schema = z.object({ + ...pagingParams, + ...searchParams, + }); + + const { auth, query, error } = await parseRequest(request, schema); + + if (error) { + return error(); + } + + const filters = await getQueryFilters(query); + + const links = await getUserLinks(auth.user.id, filters); + + return json(links); +} + +export async function POST(request: Request) { + const schema = z.object({ + name: z.string().max(100), + url: z.string().max(500), + slug: z.string().max(100), + teamId: z.string().nullable().optional(), + id: z.uuid().nullable().optional(), + }); + + const { auth, body, error } = await parseRequest(request, schema); + + if (error) { + return error(); + } + + const { id, name, url, slug, teamId } = body; + + if ((teamId && !(await canCreateTeamWebsite(auth, teamId))) || !(await canCreateWebsite(auth))) { + return unauthorized(); + } + + const data: any = { + id: id ?? uuid(), + name, + url, + slug, + teamId, + }; + + if (!teamId) { + data.userId = auth.user.id; + } + + const result = await createLink(data); + + return json(result); +} |