Ryan/documenso
1
0
Fork 1
mirror of https://github.com/documenso/documenso.git synced 2025-11-17 10:11:35 +10:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into doc-162

Browse Source
This commit is contained in:
Timur Ercan
2023-03-21 14:16:47 +01:00
parent 266ecf0f8d 9e536e95b6
commit 0e9aa4ab62
17 changed files with 178 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
apps/web/pages/api/documents/[id].ts
View File

@ -18,10 +18,10 @@ async function getHandler(req: NextApiRequest, res: NextApiResponse) {
}
let user = null;
let recipient = null;
if (recipientToken) {
// Request from signing page without login
const recipient = await prisma.recipient.findFirst({
recipient = await prisma.recipient.findFirst({
where: {
token: recipientToken?.toString(),
},
@ -37,7 +37,14 @@ async function getHandler(req: NextApiRequest, res: NextApiResponse) {
if (!user) return res.status(401).end();
const document: PrismaDocument = await getDocument(+documentId, req, res);
let document: PrismaDocument | null = null;
if (recipientToken) {
document = await prisma.document.findFirst({
where: { id: recipient?.Document?.id },
});
} else {
document = await getDocument(+documentId, req, res);
}
if (!document)
res.status(404).end(`No document with id ${documentId} found.`);
@ -45,16 +52,18 @@ async function getHandler(req: NextApiRequest, res: NextApiResponse) {
const signaturesCount = await prisma.signature.count({
where: {
Field: {
documentId: document.id,
documentId: document?.id,
},
},
});
let signedDocumentAsBase64 = document.document;
let signedDocumentAsBase64 = document?.document || "";
// No need to add a signature, if no one signed yet.
if (signaturesCount > 0) {
signedDocumentAsBase64 = await addDigitalSignature(document.document);
signedDocumentAsBase64 = await addDigitalSignature(
document?.document || ""
);
}
const buffer: Buffer = Buffer.from(signedDocumentAsBase64, "base64");
@ -62,7 +71,7 @@ async function getHandler(req: NextApiRequest, res: NextApiResponse) {
res.setHeader("Content-Length", buffer.length);
res.setHeader(
"Content-Disposition",
`attachment; filename=${document.title}`
`attachment; filename=${document?.title}`
);
return res.status(200).send(buffer);

34
apps/web/pages/api/documents/[id]/fields/index.ts
View File

@ -36,8 +36,10 @@ async function getHandler(req: NextApiRequest, res: NextApiResponse) {
}
async function postHandler(req: NextApiRequest, res: NextApiResponse) {
const user = await getUserFromToken(req, res);
const { id: documentId } = req.query;
const { token: recipientToken } = req.query;
let user = null;
if (!recipientToken) user = await getUserFromToken(req, res);
if (!user && !recipientToken) return res.status(401).end();
const body: {
id: number;
type: FieldType;
@ -48,18 +50,30 @@ async function postHandler(req: NextApiRequest, res: NextApiResponse) {
customText: string;
} = req.body;
if (!user) return;
const { id: documentId } = req.query;
if (!documentId) {
res.status(400).send("Missing parameter documentId.");
return;
return res.status(400).send("Missing parameter documentId.");
}
const document: PrismaDocument = await getDocument(+documentId, req, res);
if (recipientToken) {
const recipient = await prisma.recipient.findFirst({
where: { token: recipientToken?.toString() },
});
// todo entity ownerships checks
if (document.userId !== user.id) {
return res.status(401).send("User does not have access to this document.");
if (!recipient || recipient?.documentId !== +documentId)
return res
.status(401)
.send("Recipient does not have access to this document.");
}
if (user) {
const document: PrismaDocument = await getDocument(+documentId, req, res);
// todo entity ownerships checks
if (document.userId !== user.id) {
return res
.status(401)
.send("User does not have access to this document.");
}
}
const field = await prisma.field.upsert({

27
apps/web/pages/api/documents/[id]/sign.ts
View File

@ -1,8 +1,4 @@
import {
defaultHandler,
defaultResponder,
getUserFromToken,
} from "@documenso/lib/server";
import { defaultHandler, defaultResponder } from "@documenso/lib/server";
import prisma from "@documenso/prisma";
import { NextApiRequest, NextApiResponse } from "next";
import { SigningStatus, DocumentStatus } from "@prisma/client";
@ -12,7 +8,6 @@ import { insertImageInPDF, insertTextInPDF } from "@documenso/pdf";
import { sendSigningDoneMail } from "@documenso/lib/mail";
async function postHandler(req: NextApiRequest, res: NextApiResponse) {
const existingUser = await getUserFromToken(req, res);
const { token: recipientToken } = req.query;
const { signatures: signaturesFromBody }: { signatures: any[] } = req.body;
@ -29,11 +24,19 @@ async function postHandler(req: NextApiRequest, res: NextApiResponse) {
return res.status(401).send("Recipient not found.");
}
const document: PrismaDocument = await getDocument(
recipient.documentId,
req,
res
);
const document: PrismaDocument = await prisma.document.findFirstOrThrow({
where: {
id: recipient.documentId,
},
include: {
Recipient: {
orderBy: {
id: "asc",
},
},
Field: { include: { Recipient: true, Signature: true } },
},
});
if (!document) res.status(404).end(`No document found.`);
@ -70,6 +73,8 @@ async function postHandler(req: NextApiRequest, res: NextApiResponse) {
},
});
// Don't check for inserted, because currently no "sign again" scenarios exist and
// this is probably the expected behaviour in unclean states.
const nonSignatureFields = await prisma.field.findMany({
where: {
documentId: document.id,

1
apps/web/pages/documents/[id]/sign.tsx
View File

@ -107,7 +107,6 @@ export async function getServerSideProps(context: any) {
where: {
documentId: recipient.Document.id,
recipientId: recipient.id,
type: { in: [FieldType.SIGNATURE] },
Signature: { is: null },
},
include: {

12
apps/web/pages/documents/[id]/signed.tsx
View File

@ -6,7 +6,7 @@ import { Button, IconButton } from "@documenso/ui";
import Link from "next/link";
import { useRouter } from "next/router";
const SignPage: NextPageWithLayout = (props: any) => {
const Signed: NextPageWithLayout = (props: any) => {
const router = useRouter();
const allRecipientsSigned = props.document.Recipient?.every(
(r: any) => r.signingStatus === "SIGNED"
@ -47,7 +47,12 @@ const SignPage: NextPageWithLayout = (props: any) => {
onClick={(event: any) => {
event.preventDefault();
event.stopPropagation();
router.push("/api/documents/" + props.document.id);
router.push(
"/api/documents/" +
props.document.id +
"?token=" +
props.recipient.token
);
}}
>
Download "{props.document.title}"
@ -103,8 +108,9 @@ export async function getServerSideProps(context: any) {
props: {
document: JSON.parse(JSON.stringify(recipient.Document)),
fields: JSON.parse(JSON.stringify(fields)),
recipient: JSON.parse(JSON.stringify(recipient)),
},
};
}
export default SignPage;
export default Signed;

14
apps/web/pages/login.tsx
View File

@ -1,13 +1,23 @@
import Head from "next/head";
import Login from "../components/login";
export default function LoginPage() {
export default function LoginPage(props: any) {
return (
<>
<Head>
<title>Login | Documenso</title>
</Head>
<Login></Login>
<Login allowSignup={props.ALLOW_SIGNUP}></Login>
</>
);
}
export async function getServerSideProps(context: any) {
const ALLOW_SIGNUP = process.env.ALLOW_SIGNUP === "true";
return {
props: {
ALLOW_SIGNUP: ALLOW_SIGNUP,
},
};
}

8
apps/web/pages/signup.tsx
View File

@ -14,6 +14,14 @@ export default function SignupPage(props: { source: string }) {
}
export async function getServerSideProps(context: any) {
if (process.env.ALLOW_SIGNUP !== "true")
return {
redirect: {
destination: "/login",
permanent: false,
},
};
const signupSource: string = context.query["source"];
return {
props: {