255 lines
6 KiB
TypeScript
255 lines
6 KiB
TypeScript
import { API_ERROR } from "../../controllers/errors.js";
|
|
import type { Community, Invite, User } from "../../generated/prisma/client.js";
|
|
import { getDB } from "../../store/store.js";
|
|
import { getUserFromAuth, isUserAllowed } from "../auth/helpers.js";
|
|
import { PERMISSION } from "../auth/permission.js";
|
|
import type {
|
|
ICreateCommunity,
|
|
ICommunityChannel,
|
|
ICommunityMember,
|
|
ICommunityRole,
|
|
ICreateInvite,
|
|
IUpdateCommunity,
|
|
} from "./types.js";
|
|
|
|
const getCommunityById = async (id: string): Promise<Community | null> => {
|
|
return await getDB().community.findUnique({
|
|
where: { id: id },
|
|
});
|
|
};
|
|
|
|
const createCommunity = async (
|
|
ownerId: string,
|
|
create: ICreateCommunity,
|
|
): Promise<Community> => {
|
|
return await getDB().community.create({
|
|
data: {
|
|
ownerId: ownerId,
|
|
...create,
|
|
members: {
|
|
connect: {
|
|
id: ownerId,
|
|
},
|
|
},
|
|
},
|
|
});
|
|
};
|
|
|
|
const createCommunityAuth = async (
|
|
create: ICreateCommunity,
|
|
authHeader: string | undefined,
|
|
): Promise<Community | API_ERROR.ACCESS_DENIED> => {
|
|
const authUser = await getUserFromAuth(authHeader);
|
|
|
|
if (!authUser) {
|
|
return API_ERROR.ACCESS_DENIED;
|
|
}
|
|
|
|
return await createCommunity(authUser.id, create);
|
|
};
|
|
|
|
const updateCommunityById = async (
|
|
id: string,
|
|
update: IUpdateCommunity,
|
|
): Promise<Community | null> => {
|
|
return await getDB().community.update({
|
|
where: {
|
|
id: id,
|
|
},
|
|
data: {
|
|
...update,
|
|
},
|
|
});
|
|
};
|
|
|
|
const updateCommunityByIdAuth = async (
|
|
id: string,
|
|
update: IUpdateCommunity,
|
|
authHeader: string | undefined,
|
|
): Promise<Community | null | API_ERROR.ACCESS_DENIED> => {
|
|
const authUser = await getUserFromAuth(authHeader);
|
|
const community = await getCommunityById(id);
|
|
|
|
if (
|
|
!(await isUserAllowed(
|
|
authUser,
|
|
{
|
|
community: community,
|
|
},
|
|
community,
|
|
[PERMISSION.COMMUNITY_MANAGE],
|
|
))
|
|
) {
|
|
return API_ERROR.ACCESS_DENIED;
|
|
}
|
|
|
|
return await updateCommunityById(id, update);
|
|
};
|
|
|
|
const getCommunityMembersById = async (
|
|
id: string,
|
|
): Promise<ICommunityMember[]> => {
|
|
return await getDB().user.findMany({
|
|
where: {
|
|
communities: {
|
|
some: {
|
|
id: id,
|
|
},
|
|
},
|
|
},
|
|
select: {
|
|
id: true,
|
|
username: true,
|
|
},
|
|
});
|
|
};
|
|
|
|
const getCommunityMembersByIdAuth = async (
|
|
id: string,
|
|
authHeader: string | undefined,
|
|
): Promise<ICommunityMember[] | API_ERROR.ACCESS_DENIED> => {
|
|
const authUser = await getUserFromAuth(authHeader);
|
|
const community = await getCommunityById(id);
|
|
|
|
if (
|
|
!(await isUserAllowed(
|
|
authUser,
|
|
{
|
|
community: community,
|
|
},
|
|
community,
|
|
[PERMISSION.MEMBERS_READ],
|
|
))
|
|
) {
|
|
return API_ERROR.ACCESS_DENIED;
|
|
}
|
|
|
|
return await getCommunityMembersById(id);
|
|
};
|
|
|
|
const getCommunityChannelsById = async (
|
|
id: string,
|
|
): Promise<ICommunityChannel[]> => {
|
|
return await getDB().channel.findMany({
|
|
where: {
|
|
communityId: id,
|
|
},
|
|
select: {
|
|
id: true,
|
|
name: true,
|
|
},
|
|
});
|
|
};
|
|
|
|
const getCommunityChannelsByIdAuth = async (
|
|
id: string,
|
|
authHeader: string | undefined,
|
|
): Promise<ICommunityChannel[] | API_ERROR.ACCESS_DENIED> => {
|
|
const authUser = await getUserFromAuth(authHeader);
|
|
const community = await getCommunityById(id);
|
|
|
|
if (
|
|
!(await isUserAllowed(
|
|
authUser,
|
|
{
|
|
community: community,
|
|
},
|
|
community,
|
|
[PERMISSION.CHANNELS_READ],
|
|
))
|
|
) {
|
|
return API_ERROR.ACCESS_DENIED;
|
|
}
|
|
|
|
return await getCommunityChannelsById(id);
|
|
};
|
|
|
|
const getCommunityRolesById = async (id: string): Promise<ICommunityRole[]> => {
|
|
return await getDB().role.findMany({
|
|
where: {
|
|
communityId: id,
|
|
},
|
|
select: {
|
|
id: true,
|
|
name: true,
|
|
},
|
|
});
|
|
};
|
|
|
|
const getCommunityRolesByIdAuth = async (
|
|
id: string,
|
|
authHeader: string | undefined,
|
|
): Promise<ICommunityRole[] | API_ERROR.ACCESS_DENIED> => {
|
|
const authUser = await getUserFromAuth(authHeader);
|
|
const community = await getCommunityById(id);
|
|
|
|
if (
|
|
!(await isUserAllowed(
|
|
authUser,
|
|
{
|
|
community: community,
|
|
},
|
|
community,
|
|
[PERMISSION.ROLES_READ],
|
|
))
|
|
) {
|
|
return API_ERROR.ACCESS_DENIED;
|
|
}
|
|
|
|
return await getCommunityRolesById(id);
|
|
};
|
|
|
|
const createInvite = async (
|
|
id: string,
|
|
creatorId: string,
|
|
createInviteData: ICreateInvite,
|
|
): Promise<Invite> => {
|
|
return await getDB().invite.create({
|
|
data: {
|
|
...createInviteData,
|
|
creatorId: creatorId,
|
|
communityId: id,
|
|
},
|
|
});
|
|
};
|
|
|
|
const createInviteAuth = async (
|
|
id: string,
|
|
createInviteData: ICreateInvite,
|
|
authHeader: string | undefined,
|
|
): Promise<Invite | API_ERROR.ACCESS_DENIED> => {
|
|
const authUser = await getUserFromAuth(authHeader);
|
|
const community = await getCommunityById(id);
|
|
|
|
if (
|
|
!(await isUserAllowed(
|
|
authUser,
|
|
{
|
|
community: community,
|
|
},
|
|
community,
|
|
[PERMISSION.INVITES_CREATE],
|
|
)) ||
|
|
!authUser
|
|
) {
|
|
return API_ERROR.ACCESS_DENIED;
|
|
}
|
|
|
|
return await createInvite(id, authUser.id, createInviteData);
|
|
};
|
|
|
|
export {
|
|
getCommunityById,
|
|
createCommunity,
|
|
createCommunityAuth,
|
|
updateCommunityById,
|
|
updateCommunityByIdAuth,
|
|
getCommunityMembersById,
|
|
getCommunityMembersByIdAuth,
|
|
getCommunityChannelsById,
|
|
getCommunityChannelsByIdAuth,
|
|
getCommunityRolesById,
|
|
getCommunityRolesByIdAuth,
|
|
createInvite,
|
|
createInviteAuth,
|
|
};
|