diff options
Diffstat (limited to 'src/app/api/pixels')
| -rw-r--r-- | src/app/api/pixels/[pixelId]/route.ts | 76 | ||||
| -rw-r--r-- | src/app/api/pixels/route.ts | 62 |
2 files changed, 138 insertions, 0 deletions
diff --git a/src/app/api/pixels/[pixelId]/route.ts b/src/app/api/pixels/[pixelId]/route.ts new file mode 100644 index 0000000..ecaf1fd --- /dev/null +++ b/src/app/api/pixels/[pixelId]/route.ts @@ -0,0 +1,76 @@ +import { z } from 'zod'; +import { parseRequest } from '@/lib/request'; +import { badRequest, json, ok, serverError, unauthorized } from '@/lib/response'; +import { canDeletePixel, canUpdatePixel, canViewPixel } from '@/permissions'; +import { deletePixel, getPixel, updatePixel } from '@/queries/prisma'; + +export async function GET(request: Request, { params }: { params: Promise<{ pixelId: string }> }) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + + const { pixelId } = await params; + + if (!(await canViewPixel(auth, pixelId))) { + return unauthorized(); + } + + const pixel = await getPixel(pixelId); + + return json(pixel); +} + +export async function POST(request: Request, { params }: { params: Promise<{ pixelId: string }> }) { + const schema = z.object({ + name: z.string().optional(), + slug: z.string().min(8).optional(), + }); + + const { auth, body, error } = await parseRequest(request, schema); + + if (error) { + return error(); + } + + const { pixelId } = await params; + const { name, slug } = body; + + if (!(await canUpdatePixel(auth, pixelId))) { + return unauthorized(); + } + + try { + const pixel = await updatePixel(pixelId, { name, slug }); + + return Response.json(pixel); + } catch (e: any) { + if (e.message.toLowerCase().includes('unique constraint') && e.message.includes('slug')) { + return badRequest({ message: 'That slug is already taken.' }); + } + + return serverError(e); + } +} + +export async function DELETE( + request: Request, + { params }: { params: Promise<{ pixelId: string }> }, +) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + + const { pixelId } = await params; + + if (!(await canDeletePixel(auth, pixelId))) { + return unauthorized(); + } + + await deletePixel(pixelId); + + return ok(); +} diff --git a/src/app/api/pixels/route.ts b/src/app/api/pixels/route.ts new file mode 100644 index 0000000..8baae4f --- /dev/null +++ b/src/app/api/pixels/route.ts @@ -0,0 +1,62 @@ +import { z } from 'zod'; +import { uuid } from '@/lib/crypto'; +import { getQueryFilters, parseRequest } from '@/lib/request'; +import { json, unauthorized } from '@/lib/response'; +import { pagingParams, searchParams } from '@/lib/schema'; +import { canCreateTeamWebsite, canCreateWebsite } from '@/permissions'; +import { createPixel, getUserPixels } from '@/queries/prisma'; + +export async function GET(request: Request) { + const schema = z.object({ + ...pagingParams, + ...searchParams, + }); + + const { auth, query, error } = await parseRequest(request, schema); + + if (error) { + return error(); + } + + const filters = await getQueryFilters(query); + + const links = await getUserPixels(auth.user.id, filters); + + return json(links); +} + +export async function POST(request: Request) { + const schema = z.object({ + name: z.string().max(100), + slug: z.string().max(100), + teamId: z.string().nullable().optional(), + id: z.uuid().nullable().optional(), + }); + + const { auth, body, error } = await parseRequest(request, schema); + + if (error) { + return error(); + } + + const { id, name, slug, teamId } = body; + + if ((teamId && !(await canCreateTeamWebsite(auth, teamId))) || !(await canCreateWebsite(auth))) { + return unauthorized(); + } + + const data: any = { + id: id ?? uuid(), + name, + slug, + teamId, + }; + + if (!teamId) { + data.userId = auth.user.id; + } + + const result = await createPixel(data); + + return json(result); +} |