mirror of
https://github.com/fosrl/pangolin.git
synced 2026-03-03 01:06:39 +00:00
Format files and fix http response
This commit is contained in:
Owen Schwartz
@@ -6,74 +6,74 @@ import response from "@server/utils/response";
|
||||
import HttpCode from '@server/types/HttpCode';
|
||||
import createHttpError from 'http-errors';
|
||||
import { ActionsEnum, checkUserActionPermission } from '@server/auth/actions';
|
||||
import logger from '@server/logger';
|
||||
|
||||
const createResourceParamsSchema = z.object({
|
||||
siteId: z.number().int().positive(),
|
||||
orgId: z.number().int().positive(),
|
||||
siteId: z.number().int().positive(),
|
||||
orgId: z.number().int().positive(),
|
||||
});
|
||||
|
||||
// Define Zod schema for request body validation
|
||||
const createResourceSchema = z.object({
|
||||
name: z.string().min(1).max(255),
|
||||
subdomain: z.string().min(1).max(255).optional(),
|
||||
name: z.string().min(1).max(255),
|
||||
subdomain: z.string().min(1).max(255).optional(),
|
||||
});
|
||||
|
||||
export async function createResource(req: Request, res: Response, next: NextFunction): Promise<any> {
|
||||
try {
|
||||
// Validate request body
|
||||
const parsedBody = createResourceSchema.safeParse(req.body);
|
||||
if (!parsedBody.success) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
parsedBody.error.errors.map(e => e.message).join(', ')
|
||||
)
|
||||
);
|
||||
try {
|
||||
// Validate request body
|
||||
const parsedBody = createResourceSchema.safeParse(req.body);
|
||||
if (!parsedBody.success) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
parsedBody.error.errors.map(e => e.message).join(', ')
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
const { name, subdomain } = parsedBody.data;
|
||||
|
||||
// Validate request params
|
||||
const parsedParams = createResourceParamsSchema.safeParse(req.params);
|
||||
if (!parsedParams.success) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
parsedParams.error.errors.map(e => e.message).join(', ')
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
const { siteId, orgId } = parsedParams.data;
|
||||
|
||||
// Check if the user has permission to list sites
|
||||
const hasPermission = await checkUserActionPermission(ActionsEnum.createResource, req);
|
||||
if (!hasPermission) {
|
||||
return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to list sites'));
|
||||
}
|
||||
|
||||
// Generate a unique resourceId
|
||||
const resourceId = "subdomain" // TODO: create the subdomain here
|
||||
|
||||
// Create new resource in the database
|
||||
const newResource = await db.insert(resources).values({
|
||||
resourceId,
|
||||
siteId,
|
||||
orgId,
|
||||
name,
|
||||
subdomain,
|
||||
}).returning();
|
||||
|
||||
response(res, {
|
||||
data: newResource[0],
|
||||
success: true,
|
||||
error: false,
|
||||
message: "Resource created successfully",
|
||||
status: HttpCode.CREATED,
|
||||
});
|
||||
} catch (error) {
|
||||
logger.error(error);
|
||||
return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred..."));
|
||||
}
|
||||
|
||||
const { name, subdomain } = parsedBody.data;
|
||||
|
||||
// Validate request params
|
||||
const parsedParams = createResourceParamsSchema.safeParse(req.params);
|
||||
if (!parsedParams.success) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
parsedParams.error.errors.map(e => e.message).join(', ')
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
const { siteId, orgId } = parsedParams.data;
|
||||
|
||||
// Check if the user has permission to list sites
|
||||
const hasPermission = await checkUserActionPermission(ActionsEnum.createResource, req);
|
||||
if (!hasPermission) {
|
||||
return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to list sites'));
|
||||
}
|
||||
|
||||
// Generate a unique resourceId
|
||||
const resourceId = "subdomain" // TODO: create the subdomain here
|
||||
|
||||
// Create new resource in the database
|
||||
const newResource = await db.insert(resources).values({
|
||||
resourceId,
|
||||
siteId,
|
||||
orgId,
|
||||
name,
|
||||
subdomain,
|
||||
}).returning();
|
||||
|
||||
return res.status(HttpCode.CREATED).send(
|
||||
response(res, {
|
||||
data: newResource[0],
|
||||
success: true,
|
||||
error: false,
|
||||
message: "Resource created successfully",
|
||||
status: HttpCode.CREATED,
|
||||
})
|
||||
);
|
||||
} catch (error) {
|
||||
next(error);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -7,57 +7,57 @@ import response from "@server/utils/response";
|
||||
import HttpCode from '@server/types/HttpCode';
|
||||
import createHttpError from 'http-errors';
|
||||
import { ActionsEnum, checkUserActionPermission } from '@server/auth/actions';
|
||||
import logger from '@server/logger';
|
||||
|
||||
// Define Zod schema for request parameters validation
|
||||
const deleteResourceSchema = z.object({
|
||||
resourceId: z.string().uuid()
|
||||
resourceId: z.string().uuid()
|
||||
});
|
||||
|
||||
export async function deleteResource(req: Request, res: Response, next: NextFunction): Promise<any> {
|
||||
try {
|
||||
// Validate request parameters
|
||||
const parsedParams = deleteResourceSchema.safeParse(req.params);
|
||||
if (!parsedParams.success) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
parsedParams.error.errors.map(e => e.message).join(', ')
|
||||
)
|
||||
);
|
||||
try {
|
||||
// Validate request parameters
|
||||
const parsedParams = deleteResourceSchema.safeParse(req.params);
|
||||
if (!parsedParams.success) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
parsedParams.error.errors.map(e => e.message).join(', ')
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
const { resourceId } = parsedParams.data;
|
||||
|
||||
// Check if the user has permission to list sites
|
||||
const hasPermission = await checkUserActionPermission(ActionsEnum.deleteResource, req);
|
||||
if (!hasPermission) {
|
||||
return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to list sites'));
|
||||
}
|
||||
|
||||
// Delete the resource from the database
|
||||
const deletedResource = await db.delete(resources)
|
||||
.where(eq(resources.resourceId, resourceId))
|
||||
.returning();
|
||||
|
||||
if (deletedResource.length === 0) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.NOT_FOUND,
|
||||
`Resource with ID ${resourceId} not found`
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
return response(res, {
|
||||
data: null,
|
||||
success: true,
|
||||
error: false,
|
||||
message: "Resource deleted successfully",
|
||||
status: HttpCode.OK,
|
||||
});
|
||||
} catch (error) {
|
||||
logger.error(error);
|
||||
return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred..."));
|
||||
}
|
||||
|
||||
const { resourceId } = parsedParams.data;
|
||||
|
||||
// Check if the user has permission to list sites
|
||||
const hasPermission = await checkUserActionPermission(ActionsEnum.deleteResource, req);
|
||||
if (!hasPermission) {
|
||||
return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to list sites'));
|
||||
}
|
||||
|
||||
// Delete the resource from the database
|
||||
const deletedResource = await db.delete(resources)
|
||||
.where(eq(resources.resourceId, resourceId))
|
||||
.returning();
|
||||
|
||||
if (deletedResource.length === 0) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.NOT_FOUND,
|
||||
`Resource with ID ${resourceId} not found`
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
return res.status(HttpCode.OK).send(
|
||||
response(res, {
|
||||
data: null,
|
||||
success: true,
|
||||
error: false,
|
||||
message: "Resource deleted successfully",
|
||||
status: HttpCode.OK,
|
||||
})
|
||||
);
|
||||
} catch (error) {
|
||||
next(error);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -7,58 +7,58 @@ import response from "@server/utils/response";
|
||||
import HttpCode from '@server/types/HttpCode';
|
||||
import createHttpError from 'http-errors';
|
||||
import { ActionsEnum, checkUserActionPermission } from '@server/auth/actions';
|
||||
import logger from '@server/logger';
|
||||
|
||||
// Define Zod schema for request parameters validation
|
||||
const getResourceSchema = z.object({
|
||||
resourceId: z.string().uuid()
|
||||
resourceId: z.string().uuid()
|
||||
});
|
||||
|
||||
export async function getResource(req: Request, res: Response, next: NextFunction): Promise<any> {
|
||||
try {
|
||||
// Validate request parameters
|
||||
const parsedParams = getResourceSchema.safeParse(req.params);
|
||||
if (!parsedParams.success) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
parsedParams.error.errors.map(e => e.message).join(', ')
|
||||
)
|
||||
);
|
||||
try {
|
||||
// Validate request parameters
|
||||
const parsedParams = getResourceSchema.safeParse(req.params);
|
||||
if (!parsedParams.success) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
parsedParams.error.errors.map(e => e.message).join(', ')
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
const { resourceId } = parsedParams.data;
|
||||
|
||||
// Check if the user has permission to list sites
|
||||
const hasPermission = await checkUserActionPermission(ActionsEnum.getResource, req);
|
||||
if (!hasPermission) {
|
||||
return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to list sites'));
|
||||
}
|
||||
|
||||
// Fetch the resource from the database
|
||||
const resource = await db.select()
|
||||
.from(resources)
|
||||
.where(eq(resources.resourceId, resourceId))
|
||||
.limit(1);
|
||||
|
||||
if (resource.length === 0) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.NOT_FOUND,
|
||||
`Resource with ID ${resourceId} not found`
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
return response(res, {
|
||||
data: resource[0],
|
||||
success: true,
|
||||
error: false,
|
||||
message: "Resource retrieved successfully",
|
||||
status: HttpCode.OK,
|
||||
});
|
||||
} catch (error) {
|
||||
logger.error(error);
|
||||
return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred..."));
|
||||
}
|
||||
|
||||
const { resourceId } = parsedParams.data;
|
||||
|
||||
// Check if the user has permission to list sites
|
||||
const hasPermission = await checkUserActionPermission(ActionsEnum.getResource, req);
|
||||
if (!hasPermission) {
|
||||
return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to list sites'));
|
||||
}
|
||||
|
||||
// Fetch the resource from the database
|
||||
const resource = await db.select()
|
||||
.from(resources)
|
||||
.where(eq(resources.resourceId, resourceId))
|
||||
.limit(1);
|
||||
|
||||
if (resource.length === 0) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.NOT_FOUND,
|
||||
`Resource with ID ${resourceId} not found`
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
return res.status(HttpCode.OK).send(
|
||||
response(res, {
|
||||
data: resource[0],
|
||||
success: true,
|
||||
error: false,
|
||||
message: "Resource retrieved successfully",
|
||||
status: HttpCode.OK,
|
||||
})
|
||||
);
|
||||
} catch (error) {
|
||||
next(error);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -7,6 +7,7 @@ import HttpCode from '@server/types/HttpCode';
|
||||
import createHttpError from 'http-errors';
|
||||
import { sql, eq, and, or, inArray } from 'drizzle-orm';
|
||||
import { ActionsEnum, checkUserActionPermission } from '@server/auth/actions';
|
||||
import logger from '@server/logger';
|
||||
|
||||
const listResourcesParamsSchema = z.object({
|
||||
siteId: z.coerce.number().int().positive().optional(),
|
||||
@@ -16,99 +17,98 @@ const listResourcesParamsSchema = z.object({
|
||||
});
|
||||
|
||||
const listResourcesSchema = z.object({
|
||||
limit: z.coerce.number().int().positive().default(10),
|
||||
offset: z.coerce.number().int().nonnegative().default(0),
|
||||
limit: z.coerce.number().int().positive().default(10),
|
||||
offset: z.coerce.number().int().nonnegative().default(0),
|
||||
});
|
||||
|
||||
interface RequestWithOrgAndRole extends Request {
|
||||
userOrgRoleId?: number;
|
||||
orgId?: number;
|
||||
userOrgRoleId?: number;
|
||||
orgId?: number;
|
||||
}
|
||||
|
||||
export async function listResources(req: RequestWithOrgAndRole, res: Response, next: NextFunction): Promise<any> {
|
||||
try {
|
||||
const parsedQuery = listResourcesSchema.safeParse(req.query);
|
||||
if (!parsedQuery.success) {
|
||||
return next(createHttpError(HttpCode.BAD_REQUEST, parsedQuery.error.errors.map(e => e.message).join(', ')));
|
||||
try {
|
||||
const parsedQuery = listResourcesSchema.safeParse(req.query);
|
||||
if (!parsedQuery.success) {
|
||||
return next(createHttpError(HttpCode.BAD_REQUEST, parsedQuery.error.errors.map(e => e.message).join(', ')));
|
||||
}
|
||||
const { limit, offset } = parsedQuery.data;
|
||||
|
||||
const parsedParams = listResourcesParamsSchema.safeParse(req.params);
|
||||
if (!parsedParams.success) {
|
||||
return next(createHttpError(HttpCode.BAD_REQUEST, parsedParams.error.errors.map(e => e.message).join(', ')));
|
||||
}
|
||||
const { siteId, orgId } = parsedParams.data;
|
||||
|
||||
// Check if the user has permission to list sites
|
||||
const hasPermission = await checkUserActionPermission(ActionsEnum.listResources, req);
|
||||
if (!hasPermission) {
|
||||
return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to list sites'));
|
||||
}
|
||||
|
||||
if (orgId && orgId !== req.orgId) {
|
||||
return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have access to this organization'));
|
||||
}
|
||||
|
||||
// Get the list of resources the user has access to
|
||||
const accessibleResources = await db
|
||||
.select({ resourceId: sql<string>`COALESCE(${userResources.resourceId}, ${roleResources.resourceId})` })
|
||||
.from(userResources)
|
||||
.fullJoin(roleResources, eq(userResources.resourceId, roleResources.resourceId))
|
||||
.where(
|
||||
or(
|
||||
eq(userResources.userId, req.user!.id),
|
||||
eq(roleResources.roleId, req.userOrgRoleId!)
|
||||
)
|
||||
);
|
||||
|
||||
const accessibleResourceIds = accessibleResources.map(resource => resource.resourceId);
|
||||
|
||||
let baseQuery: any = db
|
||||
.select({
|
||||
resourceId: resources.resourceId,
|
||||
name: resources.name,
|
||||
subdomain: resources.subdomain,
|
||||
siteName: sites.name,
|
||||
})
|
||||
.from(resources)
|
||||
.leftJoin(sites, eq(resources.siteId, sites.siteId))
|
||||
.where(inArray(resources.resourceId, accessibleResourceIds));
|
||||
|
||||
let countQuery: any = db
|
||||
.select({ count: sql<number>`cast(count(*) as integer)` })
|
||||
.from(resources)
|
||||
.where(inArray(resources.resourceId, accessibleResourceIds));
|
||||
|
||||
if (siteId) {
|
||||
baseQuery = baseQuery.where(eq(resources.siteId, siteId));
|
||||
countQuery = countQuery.where(eq(resources.siteId, siteId));
|
||||
} else {
|
||||
// If orgId is provided, it's already checked to match req.orgId
|
||||
baseQuery = baseQuery.where(eq(resources.orgId, req.orgId!));
|
||||
countQuery = countQuery.where(eq(resources.orgId, req.orgId!));
|
||||
}
|
||||
|
||||
const resourcesList = await baseQuery.limit(limit).offset(offset);
|
||||
const totalCountResult = await countQuery;
|
||||
const totalCount = totalCountResult[0].count;
|
||||
|
||||
return response(res, {
|
||||
data: {
|
||||
resources: resourcesList,
|
||||
pagination: {
|
||||
total: totalCount,
|
||||
limit,
|
||||
offset,
|
||||
},
|
||||
},
|
||||
success: true,
|
||||
error: false,
|
||||
message: "Resources retrieved successfully",
|
||||
status: HttpCode.OK,
|
||||
});
|
||||
} catch (error) {
|
||||
logger.error(error);
|
||||
return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred..."));
|
||||
}
|
||||
const { limit, offset } = parsedQuery.data;
|
||||
|
||||
const parsedParams = listResourcesParamsSchema.safeParse(req.params);
|
||||
if (!parsedParams.success) {
|
||||
return next(createHttpError(HttpCode.BAD_REQUEST, parsedParams.error.errors.map(e => e.message).join(', ')));
|
||||
}
|
||||
const { siteId, orgId } = parsedParams.data;
|
||||
|
||||
// Check if the user has permission to list sites
|
||||
const hasPermission = await checkUserActionPermission(ActionsEnum.listResources, req);
|
||||
if (!hasPermission) {
|
||||
return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to list sites'));
|
||||
}
|
||||
|
||||
if (orgId && orgId !== req.orgId) {
|
||||
return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have access to this organization'));
|
||||
}
|
||||
|
||||
// Get the list of resources the user has access to
|
||||
const accessibleResources = await db
|
||||
.select({ resourceId: sql<string>`COALESCE(${userResources.resourceId}, ${roleResources.resourceId})` })
|
||||
.from(userResources)
|
||||
.fullJoin(roleResources, eq(userResources.resourceId, roleResources.resourceId))
|
||||
.where(
|
||||
or(
|
||||
eq(userResources.userId, req.user!.id),
|
||||
eq(roleResources.roleId, req.userOrgRoleId!)
|
||||
)
|
||||
);
|
||||
|
||||
const accessibleResourceIds = accessibleResources.map(resource => resource.resourceId);
|
||||
|
||||
let baseQuery: any = db
|
||||
.select({
|
||||
resourceId: resources.resourceId,
|
||||
name: resources.name,
|
||||
subdomain: resources.subdomain,
|
||||
siteName: sites.name,
|
||||
})
|
||||
.from(resources)
|
||||
.leftJoin(sites, eq(resources.siteId, sites.siteId))
|
||||
.where(inArray(resources.resourceId, accessibleResourceIds));
|
||||
|
||||
let countQuery: any = db
|
||||
.select({ count: sql<number>`cast(count(*) as integer)` })
|
||||
.from(resources)
|
||||
.where(inArray(resources.resourceId, accessibleResourceIds));
|
||||
|
||||
if (siteId) {
|
||||
baseQuery = baseQuery.where(eq(resources.siteId, siteId));
|
||||
countQuery = countQuery.where(eq(resources.siteId, siteId));
|
||||
} else {
|
||||
// If orgId is provided, it's already checked to match req.orgId
|
||||
baseQuery = baseQuery.where(eq(resources.orgId, req.orgId!));
|
||||
countQuery = countQuery.where(eq(resources.orgId, req.orgId!));
|
||||
}
|
||||
|
||||
const resourcesList = await baseQuery.limit(limit).offset(offset);
|
||||
const totalCountResult = await countQuery;
|
||||
const totalCount = totalCountResult[0].count;
|
||||
|
||||
return res.status(HttpCode.OK).send(
|
||||
response(res, {
|
||||
data: {
|
||||
resources: resourcesList,
|
||||
pagination: {
|
||||
total: totalCount,
|
||||
limit,
|
||||
offset,
|
||||
},
|
||||
},
|
||||
success: true,
|
||||
error: false,
|
||||
message: "Resources retrieved successfully",
|
||||
status: HttpCode.OK,
|
||||
})
|
||||
);
|
||||
} catch (error) {
|
||||
next(error);
|
||||
}
|
||||
}
|
||||
@@ -7,78 +7,78 @@ import response from "@server/utils/response";
|
||||
import HttpCode from '@server/types/HttpCode';
|
||||
import createHttpError from 'http-errors';
|
||||
import { ActionsEnum, checkUserActionPermission } from '@server/auth/actions';
|
||||
import logger from '@server/logger';
|
||||
|
||||
// Define Zod schema for request parameters validation
|
||||
const updateResourceParamsSchema = z.object({
|
||||
resourceId: z.string().uuid()
|
||||
resourceId: z.string().uuid()
|
||||
});
|
||||
|
||||
// Define Zod schema for request body validation
|
||||
const updateResourceBodySchema = z.object({
|
||||
name: z.string().min(1).max(255).optional(),
|
||||
subdomain: z.string().min(1).max(255).optional(),
|
||||
name: z.string().min(1).max(255).optional(),
|
||||
subdomain: z.string().min(1).max(255).optional(),
|
||||
}).refine(data => Object.keys(data).length > 0, {
|
||||
message: "At least one field must be provided for update"
|
||||
message: "At least one field must be provided for update"
|
||||
});
|
||||
|
||||
export async function updateResource(req: Request, res: Response, next: NextFunction): Promise<any> {
|
||||
try {
|
||||
// Validate request parameters
|
||||
const parsedParams = updateResourceParamsSchema.safeParse(req.params);
|
||||
if (!parsedParams.success) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
parsedParams.error.errors.map(e => e.message).join(', ')
|
||||
)
|
||||
);
|
||||
try {
|
||||
// Validate request parameters
|
||||
const parsedParams = updateResourceParamsSchema.safeParse(req.params);
|
||||
if (!parsedParams.success) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
parsedParams.error.errors.map(e => e.message).join(', ')
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
// Validate request body
|
||||
const parsedBody = updateResourceBodySchema.safeParse(req.body);
|
||||
if (!parsedBody.success) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
parsedBody.error.errors.map(e => e.message).join(', ')
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
const { resourceId } = parsedParams.data;
|
||||
const updateData = parsedBody.data;
|
||||
|
||||
// Check if the user has permission to list sites
|
||||
const hasPermission = await checkUserActionPermission(ActionsEnum.updateResource, req);
|
||||
if (!hasPermission) {
|
||||
return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to list sites'));
|
||||
}
|
||||
|
||||
// Update the resource in the database
|
||||
const updatedResource = await db.update(resources)
|
||||
.set(updateData)
|
||||
.where(eq(resources.resourceId, resourceId))
|
||||
.returning();
|
||||
|
||||
if (updatedResource.length === 0) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.NOT_FOUND,
|
||||
`Resource with ID ${resourceId} not found`
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
return response(res, {
|
||||
data: updatedResource[0],
|
||||
success: true,
|
||||
error: false,
|
||||
message: "Resource updated successfully",
|
||||
status: HttpCode.OK,
|
||||
});
|
||||
} catch (error) {
|
||||
logger.error(error);
|
||||
return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred..."));
|
||||
}
|
||||
|
||||
// Validate request body
|
||||
const parsedBody = updateResourceBodySchema.safeParse(req.body);
|
||||
if (!parsedBody.success) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
parsedBody.error.errors.map(e => e.message).join(', ')
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
const { resourceId } = parsedParams.data;
|
||||
const updateData = parsedBody.data;
|
||||
|
||||
// Check if the user has permission to list sites
|
||||
const hasPermission = await checkUserActionPermission(ActionsEnum.updateResource, req);
|
||||
if (!hasPermission) {
|
||||
return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to list sites'));
|
||||
}
|
||||
|
||||
// Update the resource in the database
|
||||
const updatedResource = await db.update(resources)
|
||||
.set(updateData)
|
||||
.where(eq(resources.resourceId, resourceId))
|
||||
.returning();
|
||||
|
||||
if (updatedResource.length === 0) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.NOT_FOUND,
|
||||
`Resource with ID ${resourceId} not found`
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
return res.status(HttpCode.OK).send(
|
||||
response(res, {
|
||||
data: updatedResource[0],
|
||||
success: true,
|
||||
error: false,
|
||||
message: "Resource updated successfully",
|
||||
status: HttpCode.OK,
|
||||
})
|
||||
);
|
||||
} catch (error) {
|
||||
next(error);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user