Ryan/documenso
1
0
Fork 1
mirror of https://github.com/documenso/documenso.git synced 2025-11-12 15:53:02 +10:00
Code Issues Packages Projects Releases Wiki Activity

chore: implement pr feedback

Browse Source
This commit is contained in:
pit
2023-10-11 12:32:33 +03:00
committed by Mythie
parent f569361e57
commit 35087f551c
7 changed files with 154 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
packages/trpc/server/admin-router/router.ts
View File

@ -1,24 +1,14 @@
import { TRPCError } from '@trpc/server';
import { isAdmin } from '@documenso/lib/next-auth/guards/is-admin';
import { updateUser } from '@documenso/lib/server-only/admin/update-user';
import { authenticatedProcedure, router } from '../trpc';
import { adminProcedure, router } from '../trpc';
import { ZUpdateProfileMutationByAdminSchema } from './schema';
export const adminRouter = router({
updateUser: authenticatedProcedure
updateUser: adminProcedure
.input(ZUpdateProfileMutationByAdminSchema)
.mutation(async ({ input, ctx }) => {
const isUserAdmin = isAdmin(ctx.user);
if (!isUserAdmin) {
throw new TRPCError({
code: 'UNAUTHORIZED',
message: 'Not authorized to perform this action.',
});
}
.mutation(async ({ input }) => {
const { id, name, email, roles } = input;
try {

36
packages/trpc/server/profile-router/router.ts
View File

@ -1,13 +1,12 @@
import { TRPCError } from '@trpc/server';
import { isAdmin } from '@documenso/lib/next-auth/guards/is-admin';
import { forgotPassword } from '@documenso/lib/server-only/user/forgot-password';
import { getUserById } from '@documenso/lib/server-only/user/get-user-by-id';
import { resetPassword } from '@documenso/lib/server-only/user/reset-password';
import { updatePassword } from '@documenso/lib/server-only/user/update-password';
import { updateProfile } from '@documenso/lib/server-only/user/update-profile';
import { authenticatedProcedure, procedure, router } from '../trpc';
import { adminProcedure, authenticatedProcedure, procedure, router } from '../trpc';
import {
ZForgotPasswordFormSchema,
ZResetPasswordFormSchema,
@ -17,29 +16,18 @@ import {
} from './schema';
export const profileRouter = router({
getUser: authenticatedProcedure
.input(ZRetrieveUserByIdQuerySchema)
.query(async ({ input, ctx }) => {
const isUserAdmin = isAdmin(ctx.user);
getUser: adminProcedure.input(ZRetrieveUserByIdQuerySchema).query(async ({ input }) => {
try {
const { id } = input;
if (!isUserAdmin) {
throw new TRPCError({
code: 'UNAUTHORIZED',
message: 'Not authorized to perform this action.',
});
}
try {
const { id } = input;
return await getUserById({ id });
} catch (err) {
throw new TRPCError({
code: 'BAD_REQUEST',
message: 'We were unable to retrieve the specified account. Please try again.',
});
}
}),
return await getUserById({ id });
} catch (err) {
throw new TRPCError({
code: 'BAD_REQUEST',
message: 'We were unable to retrieve the specified account. Please try again.',
});
}
}),
updateProfile: authenticatedProcedure
.input(ZUpdateProfileMutationSchema)

30
packages/trpc/server/trpc.ts
View File

@ -1,6 +1,8 @@
import { TRPCError, initTRPC } from '@trpc/server';
import SuperJSON from 'superjson';
import { isAdmin } from '@documenso/lib/next-auth/guards/is-admin';
import { TrpcContext } from './context';
const t = initTRPC.context<TrpcContext>().create({
@ -28,9 +30,37 @@ export const authenticatedMiddleware = t.middleware(async ({ ctx, next }) => {
});
});
export const adminMiddleware = t.middleware(async ({ ctx, next }) => {
if (!ctx.session || !ctx.user) {
throw new TRPCError({
code: 'UNAUTHORIZED',
message: 'You must be logged in to perform this action.',
});
}
const isUserAdmin = isAdmin(ctx.user);
if (!isUserAdmin) {
throw new TRPCError({
code: 'UNAUTHORIZED',
message: 'Not authorized to perform this action.',
});
}
return await next({
ctx: {
...ctx,
user: ctx.user,
session: ctx.session,
},
});
});
/**
* Routers and Procedures
*/
export const router = t.router;
export const procedure = t.procedure;
export const authenticatedProcedure = t.procedure.use(authenticatedMiddleware);
export const adminProcedure = t.procedure.use(adminMiddleware);