tomru/pfadi-bussle
1
0
Fork 0
mirror of https://github.com/tomru/pfadi-bussle.git synced 2026-03-04 06:57:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

one api endpoint for admin/non-admin

Browse Source
This commit is contained in:
Thomas Ruoff
2021-06-16 23:18:24 +02:00
parent 498f212ee0
commit b6a1e45fcf
5 changed files with 28 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
helpers/bill.ts
View File

@@ -75,7 +75,7 @@ export async function createBill(
bookingUuid: string, bookingUuid: string,
bill: Bill bill: Bill
): Promise<Bill> { ): Promise<Bill> {
return fetch(`/api/admin/booking/${bookingUuid}/bill`, { return fetch(`/api/booking/${bookingUuid}/bill`, {
method: 'POST', method: 'POST',
body: bill, body: bill,
}) })
@@ -85,7 +85,7 @@ export async function patchBill(
bookingUuid: string, bookingUuid: string,
bill: Bill bill: Bill
): Promise<Bill> { ): Promise<Bill> {
return fetch(`/api/admin/booking/${bookingUuid}/bill`, { return fetch(`/api/booking/${bookingUuid}/bill`, {
method: 'POST', method: 'POST',
body: bill, body: bill,
}) })

2
helpers/booking.ts
View File

@@ -31,7 +31,7 @@ export async function cancelBooking(uuid: string) {
} }
export async function patchBooking(uuid: string, bookingData: object) { export async function patchBooking(uuid: string, bookingData: object) {
return fetch(`/api/admin/booking/${uuid}`, { return fetch(`/api/booking/${uuid}`, {
method: 'PATCH', method: 'PATCH',
body: { ...bookingData }, body: { ...bookingData },
}) })

57
pages/api/admin/booking/[uuid]/index.ts
View File

@@ -1,57 +0,0 @@
import { BookingDocument } from '../../../../../db/booking'
import { getBookingByUUID } from '../../../../../db/index'
import withSession, { isAdminSession } from '../../../../../lib/session'
import {
sendBookingConfirmed,
sendBookingRejected,
} from '../../../../../helpers/mail'
import { BOOKING_STATUS } from '../../../../../db/enums'
export default withSession(async function bookingHandler(req, res): Promise<void> {
if (!isAdminSession(req)) {
res.status(403).send({ message: 'Not Authorized' })
return
}
const {
method,
query: { uuid: uuids },
} = req
const uuid = Array.isArray(uuids) ? uuids[0] : uuids
let booking: BookingDocument
switch (method) {
case 'PATCH':
booking = await getBookingByUUID(uuid)
// FIXME: validate all the things
booking.set(req.body)
const bookingStatusChanged = booking.isModified('status')
await booking.save()
await booking.populate('booker').execPopulate()
res.status(200).json(booking.toJSON())
if (!bookingStatusChanged) {
return
}
if (booking.status === BOOKING_STATUS.CONFIRMED) {
sendBookingConfirmed(booking)
console.log(`Booking ${booking.uuid} confirm sent`)
} else if (booking.status === BOOKING_STATUS.REJECTED) {
sendBookingRejected(booking)
console.log(`Booking ${booking.uuid} rejected sent`)
}
break
default:
res.setHeader('Allow', ['PATCH'])
res.status(405).end(`Method ${method} Not Allowed`)
}
})

0
pages/api/admin/booking/[uuid]/bill.ts → pages/api/booking/[uuid]/bill.ts
View File

42
pages/api/booking/[uuid]/index.ts
View File

@@ -2,8 +2,9 @@ import { NextApiRequest, NextApiResponse } from 'next'
import { BookingDocument } from '../../../../db/booking' import { BookingDocument } from '../../../../db/booking'
import { BOOKING_STATUS } from '../../../../db/enums' import { BOOKING_STATUS } from '../../../../db/enums'
import { getBookingByUUID } from '../../../../db/index' import { getBookingByUUID } from '../../../../db/index'
import withSession, { isAdminSession } from '../../../../lib/session'
export default async function userHandler( export default withSession(async function userHandler(
req: NextApiRequest, req: NextApiRequest,
res: NextApiResponse res: NextApiResponse
): Promise<void> { ): Promise<void> {
@@ -19,19 +20,21 @@ export default async function userHandler(
switch (method) { switch (method) {
case 'PATCH': case 'PATCH':
booking = await getBookingByUUID(uuid) booking = await getBookingByUUID(uuid)
const readonlyProps = Object.keys(req.body).filter(
(key) => key !== 'status'
)
if (readonlyProps.length) { if (!isAdminSession(req)) {
res const deniedPropsForUser = Object.keys(req.body).filter(
.status(400) (key) => key !== 'status'
.end( )
`The following attributes cannot be changed: ${readonlyProps.join( if (deniedPropsForUser.length) {
', ' res
)}` .status(400)
) .end(
break `The following attributes cannot be changed: ${deniedPropsForUser.join(
', '
)}`
)
break
}
} }
if (!Object.values(BOOKING_STATUS).includes(req.body.status)) { if (!Object.values(BOOKING_STATUS).includes(req.body.status)) {
@@ -45,12 +48,17 @@ export default async function userHandler(
break break
} }
booking.status = req.body.status booking.set(req.body)
await booking.save() try {
res.status(200).json(booking.toJSON()) await booking.save()
await booking.populate('booker').execPopulate()
res.status(200).json(booking.toJSON())
} catch (error) {
res.status(400).end(`Failed to save booking: ${error.message}`)
}
break break
default: default:
res.setHeader('Allow', ['PATCH']) res.setHeader('Allow', ['PATCH'])
res.status(405).end(`Method ${method} Not Allowed`) res.status(405).end(`Method ${method} Not Allowed`)
} }
} })