upsert, get and delete fields

2025-11-13 08:13:56 +10:00 · 2023-02-13 19:43:00 +01:00
parent 9f30da63d1
commit fefef951f1
2 changed files with 121 additions and 0 deletions
--- a/apps/web/pages/api/documents/[id]/fields/[fid].ts
+++ b/apps/web/pages/api/documents/[id]/fields/[fid].ts
@ -0,0 +1,36 @@
+import {
+  defaultHandler,
+  defaultResponder,
+  getUserFromToken,
+} from "@documenso/lib/server";
+import prisma from "@documenso/prisma";
+import { NextApiRequest, NextApiResponse } from "next";
+import short from "short-uuid";
+import { Document as PrismaDocument, FieldType } from "@prisma/client";
+import { getDocument } from "@documenso/lib/query";
+
+async function deleteHandler(req: NextApiRequest, res: NextApiResponse) {
+  const user = await getUserFromToken(req, res);
+  const { fid: fieldId } = req.query;
+  const body: {
+    id: number;
+    type: FieldType;
+    page: number;
+    position: { x: number; y: number };
+  } = req.body;
+
+  if (!user) return;
+
+  if (!fieldId) {
+    res.status(400).send("Missing parameter fieldId.");
+    return;
+  }
+
+  await prisma.field.delete({ where: { id: +fieldId } });
+
+  return res.status(200).end();
+}
+
+export default defaultHandler({
+  DELETE: Promise.resolve({ default: defaultResponder(deleteHandler) }),
+});
--- a/apps/web/pages/api/documents/[id]/fields/index.ts
+++ b/apps/web/pages/api/documents/[id]/fields/index.ts
@ -0,0 +1,85 @@
+import {
+  defaultHandler,
+  defaultResponder,
+  getUserFromToken,
+} from "@documenso/lib/server";
+import prisma from "@documenso/prisma";
+import { NextApiRequest, NextApiResponse } from "next";
+import short from "short-uuid";
+import { Document as PrismaDocument, FieldType } from "@prisma/client";
+import { getDocument } from "@documenso/lib/query";
+
+async function getHandler(req: NextApiRequest, res: NextApiResponse) {
+  const user = await getUserFromToken(req, res);
+  const { id: documentId } = req.query;
+  const body: {
+    id: number;
+    type: FieldType;
+    page: number;
+    position: { x: number; y: number };
+  } = req.body;
+
+  if (!user) return;
+
+  if (!documentId) {
+    res.status(400).send("Missing parameter documentId.");
+    return;
+  }
+
+  // todo encapsulate entity ownerships checks
+
+  const fields = await prisma.field.findMany({
+    where: { documentId: +documentId },
+  });
+
+  return res.status(200).end(JSON.stringify(fields));
+}
+
+async function postHandler(req: NextApiRequest, res: NextApiResponse) {
+  const user = await getUserFromToken(req, res);
+  const { id: documentId } = req.query;
+  const body: {
+    id: number;
+    type: FieldType;
+    page: number;
+    position: { x: number; y: number };
+  } = req.body;
+
+  if (!user) return;
+
+  if (!documentId) {
+    res.status(400).send("Missing parameter documentId.");
+    return;
+  }
+
+  const document: PrismaDocument = await getDocument(+documentId, req, res);
+
+  // todo encapsulate entity ownerships checks
+  if (document.userId !== user.id) {
+    return res.status(401).send("User does not have access to this document.");
+  }
+
+  const field = await prisma.field.upsert({
+    where: {
+      id: +body.id,
+    },
+    update: {
+      positionX: +body.position.x,
+      positionY: +body.position.y,
+    },
+    create: {
+      documentId: +documentId,
+      type: body.type,
+      page: +body.page,
+      positionX: +body.position.x,
+      positionY: +body.position.y,
+    },
+  });
+
+  return res.status(201).end(JSON.stringify(field));
+}
+
+export default defaultHandler({
+  GET: Promise.resolve({ default: defaultResponder(getHandler) }),
+  POST: Promise.resolve({ default: defaultResponder(postHandler) }),
+});