chore: implement pr feedback

2025-11-17 18:21:32 +10:00 · 2023-10-11 12:32:33 +03:00
parent 9e0d281883
commit e02ab7d256
7 changed files with 154 additions and 130 deletions
--- a/packages/lib/server-only/admin/update-user.ts
+++ b/packages/lib/server-only/admin/update-user.ts
@ -15,7 +15,7 @@ export const updateUser = async ({ id, name, email, roles }: UpdateUserOptions)
    },
  });

-  const updatedUser = await prisma.user.update({
+  return await prisma.user.update({
    where: {
      id,
    },
@ -25,5 +25,4 @@ export const updateUser = async ({ id, name, email, roles }: UpdateUserOptions)
      roles,
    },
  });
-  return updatedUser;
 };
--- a/packages/lib/server-only/user/get-all-users.ts
+++ b/packages/lib/server-only/user/get-all-users.ts
@ -2,7 +2,7 @@ import { Prisma } from '@prisma/client';

 import { prisma } from '@documenso/prisma';

-type getAllUsersProps = {
+type GetAllUsersProps = {
  username: string;
  email: string;
  page: number;
@ -14,7 +14,7 @@ export const findUsers = async ({
  email = '',
  page = 1,
  perPage = 10,
-}: getAllUsersProps) => {
+}: GetAllUsersProps) => {
  const whereClause = Prisma.validator<Prisma.UserWhereInput>()({
    OR: [
      {
--- a/packages/trpc/server/admin-router/router.ts
+++ b/packages/trpc/server/admin-router/router.ts
@ -1,24 +1,14 @@
 import { TRPCError } from '@trpc/server';

-import { isAdmin } from '@documenso/lib/next-auth/guards/is-admin';
 import { updateUser } from '@documenso/lib/server-only/admin/update-user';

-import { authenticatedProcedure, router } from '../trpc';
+import { adminProcedure, router } from '../trpc';
 import { ZUpdateProfileMutationByAdminSchema } from './schema';

 export const adminRouter = router({
-  updateUser: authenticatedProcedure
+  updateUser: adminProcedure
    .input(ZUpdateProfileMutationByAdminSchema)
-    .mutation(async ({ input, ctx }) => {
-      const isUserAdmin = isAdmin(ctx.user);
-
-      if (!isUserAdmin) {
-        throw new TRPCError({
-          code: 'UNAUTHORIZED',
-          message: 'Not authorized to perform this action.',
-        });
-      }
-
+    .mutation(async ({ input }) => {
      const { id, name, email, roles } = input;

      try {
--- a/packages/trpc/server/profile-router/router.ts
+++ b/packages/trpc/server/profile-router/router.ts
@ -1,13 +1,12 @@
 import { TRPCError } from '@trpc/server';

-import { isAdmin } from '@documenso/lib/next-auth/guards/is-admin';
 import { forgotPassword } from '@documenso/lib/server-only/user/forgot-password';
 import { getUserById } from '@documenso/lib/server-only/user/get-user-by-id';
 import { resetPassword } from '@documenso/lib/server-only/user/reset-password';
 import { updatePassword } from '@documenso/lib/server-only/user/update-password';
 import { updateProfile } from '@documenso/lib/server-only/user/update-profile';

-import { authenticatedProcedure, procedure, router } from '../trpc';
+import { adminProcedure, authenticatedProcedure, procedure, router } from '../trpc';
 import {
  ZForgotPasswordFormSchema,
  ZResetPasswordFormSchema,
@ -17,29 +16,18 @@ import {
 } from './schema';

 export const profileRouter = router({
-  getUser: authenticatedProcedure
-    .input(ZRetrieveUserByIdQuerySchema)
-    .query(async ({ input, ctx }) => {
-      const isUserAdmin = isAdmin(ctx.user);
+  getUser: adminProcedure.input(ZRetrieveUserByIdQuerySchema).query(async ({ input }) => {
+    try {
+      const { id } = input;

-      if (!isUserAdmin) {
-        throw new TRPCError({
-          code: 'UNAUTHORIZED',
-          message: 'Not authorized to perform this action.',
-        });
-      }
-
-      try {
-        const { id } = input;
-
-        return await getUserById({ id });
-      } catch (err) {
-        throw new TRPCError({
-          code: 'BAD_REQUEST',
-          message: 'We were unable to retrieve the specified account. Please try again.',
-        });
-      }
-    }),
+      return await getUserById({ id });
+    } catch (err) {
+      throw new TRPCError({
+        code: 'BAD_REQUEST',
+        message: 'We were unable to retrieve the specified account. Please try again.',
+      });
+    }
+  }),

  updateProfile: authenticatedProcedure
    .input(ZUpdateProfileMutationSchema)
--- a/packages/trpc/server/trpc.ts
+++ b/packages/trpc/server/trpc.ts
@ -1,6 +1,8 @@
 import { TRPCError, initTRPC } from '@trpc/server';
 import SuperJSON from 'superjson';

+import { isAdmin } from '@documenso/lib/next-auth/guards/is-admin';
+
 import { TrpcContext } from './context';

 const t = initTRPC.context<TrpcContext>().create({
@ -28,9 +30,37 @@ export const authenticatedMiddleware = t.middleware(async ({ ctx, next }) => {
  });
 });

+export const adminMiddleware = t.middleware(async ({ ctx, next }) => {
+  if (!ctx.session || !ctx.user) {
+    throw new TRPCError({
+      code: 'UNAUTHORIZED',
+      message: 'You must be logged in to perform this action.',
+    });
+  }
+
+  const isUserAdmin = isAdmin(ctx.user);
+
+  if (!isUserAdmin) {
+    throw new TRPCError({
+      code: 'UNAUTHORIZED',
+      message: 'Not authorized to perform this action.',
+    });
+  }
+
+  return await next({
+    ctx: {
+      ...ctx,
+
+      user: ctx.user,
+      session: ctx.session,
+    },
+  });
+});
+
 /**
 * Routers and Procedures
 */
 export const router = t.router;
 export const procedure = t.procedure;
 export const authenticatedProcedure = t.procedure.use(authenticatedMiddleware);
+export const adminProcedure = t.procedure.use(adminMiddleware);
--- a/packages/ui/primitives/combobox.tsx
+++ b/packages/ui/primitives/combobox.tsx
@ -44,40 +44,38 @@ const Combobox = ({ listValues, onChange }: ComboboxProps) => {
  };

  return (
-    <>
-      <Popover open={open} onOpenChange={setOpen}>
-        <PopoverTrigger asChild>
-          <Button
-            variant="outline"
-            role="combobox"
-            aria-expanded={open}
-            className="w-[200px] justify-between"
-          >
-            {selectedValues.length > 0 ? selectedValues.join(', ') : 'Select values...'}
-            <ChevronsUpDown className="ml-2 h-4 w-4 shrink-0 opacity-50" />
-          </Button>
-        </PopoverTrigger>
-        <PopoverContent className="w-[200px] p-0">
-          <Command>
-            <CommandInput placeholder={selectedValues.join(', ')} />
-            <CommandEmpty>No value found.</CommandEmpty>
-            <CommandGroup>
-              {allRoles.map((value: string, i: number) => (
-                <CommandItem key={i} onSelect={() => handleSelect(value)}>
-                  <Check
-                    className={cn(
-                      'mr-2 h-4 w-4',
-                      selectedValues.includes(value) ? 'opacity-100' : 'opacity-0',
-                    )}
-                  />
-                  {value}
-                </CommandItem>
-              ))}
-            </CommandGroup>
-          </Command>
-        </PopoverContent>
-      </Popover>
-    </>
+    <Popover open={open} onOpenChange={setOpen}>
+      <PopoverTrigger asChild>
+        <Button
+          variant="outline"
+          role="combobox"
+          aria-expanded={open}
+          className="w-[200px] justify-between"
+        >
+          {selectedValues.length > 0 ? selectedValues.join(', ') : 'Select values...'}
+          <ChevronsUpDown className="ml-2 h-4 w-4 shrink-0 opacity-50" />
+        </Button>
+      </PopoverTrigger>
+      <PopoverContent className="w-[200px] p-0">
+        <Command>
+          <CommandInput placeholder={selectedValues.join(', ')} />
+          <CommandEmpty>No value found.</CommandEmpty>
+          <CommandGroup>
+            {allRoles.map((value: string, i: number) => (
+              <CommandItem key={i} onSelect={() => handleSelect(value)}>
+                <Check
+                  className={cn(
+                    'mr-2 h-4 w-4',
+                    selectedValues.includes(value) ? 'opacity-100' : 'opacity-0',
+                  )}
+                />
+                {value}
+              </CommandItem>
+            ))}
+          </CommandGroup>
+        </Command>
+      </PopoverContent>
+    </Popover>
  );
 };