From fefef951f13369bf7795aede9170e9a29773a827 Mon Sep 17 00:00:00 2001 From: Timur Ercan Date: Mon, 13 Feb 2023 19:43:00 +0100 Subject: [PATCH] upsert, get and delete fields --- .../pages/api/documents/[id]/fields/[fid].ts | 36 ++++++++ .../pages/api/documents/[id]/fields/index.ts | 85 +++++++++++++++++++ 2 files changed, 121 insertions(+) create mode 100644 apps/web/pages/api/documents/[id]/fields/[fid].ts create mode 100644 apps/web/pages/api/documents/[id]/fields/index.ts diff --git a/apps/web/pages/api/documents/[id]/fields/[fid].ts b/apps/web/pages/api/documents/[id]/fields/[fid].ts new file mode 100644 index 000000000..4f55a4d56 --- /dev/null +++ b/apps/web/pages/api/documents/[id]/fields/[fid].ts @@ -0,0 +1,36 @@ +import { + defaultHandler, + defaultResponder, + getUserFromToken, +} from "@documenso/lib/server"; +import prisma from "@documenso/prisma"; +import { NextApiRequest, NextApiResponse } from "next"; +import short from "short-uuid"; +import { Document as PrismaDocument, FieldType } from "@prisma/client"; +import { getDocument } from "@documenso/lib/query"; + +async function deleteHandler(req: NextApiRequest, res: NextApiResponse) { + const user = await getUserFromToken(req, res); + const { fid: fieldId } = req.query; + const body: { + id: number; + type: FieldType; + page: number; + position: { x: number; y: number }; + } = req.body; + + if (!user) return; + + if (!fieldId) { + res.status(400).send("Missing parameter fieldId."); + return; + } + + await prisma.field.delete({ where: { id: +fieldId } }); + + return res.status(200).end(); +} + +export default defaultHandler({ + DELETE: Promise.resolve({ default: defaultResponder(deleteHandler) }), +}); diff --git a/apps/web/pages/api/documents/[id]/fields/index.ts b/apps/web/pages/api/documents/[id]/fields/index.ts new file mode 100644 index 000000000..be4db31ce --- /dev/null +++ b/apps/web/pages/api/documents/[id]/fields/index.ts @@ -0,0 +1,85 @@ +import { + defaultHandler, + defaultResponder, + getUserFromToken, +} from "@documenso/lib/server"; +import prisma from "@documenso/prisma"; +import { NextApiRequest, NextApiResponse } from "next"; +import short from "short-uuid"; +import { Document as PrismaDocument, FieldType } from "@prisma/client"; +import { getDocument } from "@documenso/lib/query"; + +async function getHandler(req: NextApiRequest, res: NextApiResponse) { + const user = await getUserFromToken(req, res); + const { id: documentId } = req.query; + const body: { + id: number; + type: FieldType; + page: number; + position: { x: number; y: number }; + } = req.body; + + if (!user) return; + + if (!documentId) { + res.status(400).send("Missing parameter documentId."); + return; + } + + // todo encapsulate entity ownerships checks + + const fields = await prisma.field.findMany({ + where: { documentId: +documentId }, + }); + + return res.status(200).end(JSON.stringify(fields)); +} + +async function postHandler(req: NextApiRequest, res: NextApiResponse) { + const user = await getUserFromToken(req, res); + const { id: documentId } = req.query; + const body: { + id: number; + type: FieldType; + page: number; + position: { x: number; y: number }; + } = req.body; + + if (!user) return; + + if (!documentId) { + res.status(400).send("Missing parameter documentId."); + return; + } + + const document: PrismaDocument = await getDocument(+documentId, req, res); + + // todo encapsulate entity ownerships checks + if (document.userId !== user.id) { + return res.status(401).send("User does not have access to this document."); + } + + const field = await prisma.field.upsert({ + where: { + id: +body.id, + }, + update: { + positionX: +body.position.x, + positionY: +body.position.y, + }, + create: { + documentId: +documentId, + type: body.type, + page: +body.page, + positionX: +body.position.x, + positionY: +body.position.y, + }, + }); + + return res.status(201).end(JSON.stringify(field)); +} + +export default defaultHandler({ + GET: Promise.resolve({ default: defaultResponder(getHandler) }), + POST: Promise.resolve({ default: defaultResponder(postHandler) }), +});