fix issues from test deploy

2026-02-18 10:56:38 +00:00 · 2024-12-21 21:01:12 -05:00
parent 3fb3be1f1e
commit ce5df3b0b9
92 changed files with 1410 additions and 1019 deletions
--- a/server/routers/user/acceptInvite.ts
+++ b/server/routers/user/acceptInvite.ts
@@ -11,10 +11,12 @@ import logger from "@server/logger";
 import { fromError } from "zod-validation-error";
 import { isWithinExpirationDate } from "oslo";

-const acceptInviteBodySchema = z.object({
-    token: z.string(),
-    inviteId: z.string(),
-});
+const acceptInviteBodySchema = z
+    .object({
+        token: z.string(),
+        inviteId: z.string()
+    })
+    .strict();

 export type AcceptInviteResponse = {
    accepted: boolean;
@@ -64,7 +66,7 @@ export async function acceptInvite(
            memoryCost: 19456,
            timeCost: 2,
            outputLen: 32,
-            parallelism: 1,
+            parallelism: 1
        });
        if (!validToken) {
            return next(
@@ -121,7 +123,7 @@ export async function acceptInvite(
        await db.insert(userOrgs).values({
            userId: existingUser[0].userId,
            orgId: existingInvite[0].orgId,
-            roleId: existingInvite[0].roleId,
+            roleId: existingInvite[0].roleId
        });

        // delete the invite
@@ -132,7 +134,7 @@ export async function acceptInvite(
            success: true,
            error: false,
            message: "Invite accepted",
-            status: HttpCode.OK,
+            status: HttpCode.OK
        });
    } catch (error) {
        logger.error(error);
--- a/server/routers/user/addUserAction.ts
+++ b/server/routers/user/addUserAction.ts
@@ -9,11 +9,13 @@ import logger from "@server/logger";
 import { eq } from "drizzle-orm";
 import { fromError } from "zod-validation-error";

-const addUserActionSchema = z.object({
-    userId: z.string(),
-    actionId: z.string(),
-    orgId: z.string(),
-});
+const addUserActionSchema = z
+    .object({
+        userId: z.string(),
+        actionId: z.string(),
+        orgId: z.string()
+    })
+    .strict();

 export async function addUserAction(
    req: Request,
@@ -52,7 +54,7 @@ export async function addUserAction(
            .values({
                userId,
                actionId,
-                orgId,
+                orgId
            })
            .returning();

@@ -61,7 +63,7 @@ export async function addUserAction(
            success: true,
            error: false,
            message: "Action added to user successfully",
-            status: HttpCode.CREATED,
+            status: HttpCode.CREATED
        });
    } catch (error) {
        logger.error(error);
--- a/server/routers/user/addUserRole.ts
+++ b/server/routers/user/addUserRole.ts
@@ -10,10 +10,12 @@ import logger from "@server/logger";
 import { fromError } from "zod-validation-error";
 import stoi from "@server/utils/stoi";

-const addUserRoleParamsSchema = z.object({
-    userId: z.string(),
-    roleId: z.string().transform(stoi).pipe(z.number()),
-});
+const addUserRoleParamsSchema = z
+    .object({
+        userId: z.string(),
+        roleId: z.string().transform(stoi).pipe(z.number())
+    })
+    .strict();

 export type AddUserRoleResponse = z.infer<typeof addUserRoleParamsSchema>;

@@ -96,7 +98,7 @@ export async function addUserRole(
            success: true,
            error: false,
            message: "Role added to user successfully",
-            status: HttpCode.OK,
+            status: HttpCode.OK
        });
    } catch (error) {
        logger.error(error);
--- a/server/routers/user/addUserSite.ts
+++ b/server/routers/user/addUserSite.ts
@@ -9,10 +9,12 @@ import logger from "@server/logger";
 import { eq } from "drizzle-orm";
 import { fromError } from "zod-validation-error";

-const addUserSiteSchema = z.object({
-    userId: z.string(),
-    siteId: z.string().transform(Number).pipe(z.number().int().positive()),
-});
+const addUserSiteSchema = z
+    .object({
+        userId: z.string(),
+        siteId: z.string().transform(Number).pipe(z.number().int().positive())
+    })
+    .strict();

 export async function addUserSite(
    req: Request,
@@ -36,7 +38,7 @@ export async function addUserSite(
            .insert(userSites)
            .values({
                userId,
-                siteId,
+                siteId
            })
            .returning();

@@ -48,7 +50,7 @@ export async function addUserSite(
        for (const resource of siteResources) {
            await db.insert(userResources).values({
                userId,
-                resourceId: resource.resourceId,
+                resourceId: resource.resourceId
            });
        }

@@ -57,7 +59,7 @@ export async function addUserSite(
            success: true,
            error: false,
            message: "Site added to user successfully",
-            status: HttpCode.CREATED,
+            status: HttpCode.CREATED
        });
    } catch (error) {
        logger.error(error);
--- a/server/routers/user/getOrgUser.ts
+++ b/server/routers/user/getOrgUser.ts
@@ -19,7 +19,7 @@ async function queryUser(orgId: string, userId: string) {
            roleId: userOrgs.roleId,
            roleName: roles.name,
            isOwner: userOrgs.isOwner,
-            isAdmin: roles.isAdmin,
+            isAdmin: roles.isAdmin
        })
        .from(userOrgs)
        .leftJoin(roles, eq(userOrgs.roleId, roles.roleId))
@@ -33,10 +33,12 @@ export type GetOrgUserResponse = NonNullable<
    Awaited<ReturnType<typeof queryUser>>
 >;

-const getOrgUserParamsSchema = z.object({
-    userId: z.string(),
-    orgId: z.string(),
-});
+const getOrgUserParamsSchema = z
+    .object({
+        userId: z.string(),
+        orgId: z.string()
+    })
+    .strict();

 export async function getOrgUser(
    req: Request,
@@ -109,7 +111,7 @@ export async function getOrgUser(
            success: true,
            error: false,
            message: "User retrieved successfully",
-            status: HttpCode.OK,
+            status: HttpCode.OK
        });
    } catch (error) {
        logger.error(error);
--- a/server/routers/user/inviteUser.ts
+++ b/server/routers/user/inviteUser.ts
@@ -6,7 +6,6 @@ import { and, eq } from "drizzle-orm";
 import response from "@server/utils/response";
 import HttpCode from "@server/types/HttpCode";
 import createHttpError from "http-errors";
-import { ActionsEnum, checkUserActionPermission } from "@server/auth/actions";
 import logger from "@server/logger";
 import { alphabet, generateRandomString } from "oslo/crypto";
 import { createDate, TimeSpan } from "oslo";
@@ -16,15 +15,20 @@ import { fromError } from "zod-validation-error";
 import { sendEmail } from "@server/emails";
 import SendInviteLink from "@server/emails/templates/SendInviteLink";

-const inviteUserParamsSchema = z.object({
-    orgId: z.string(),
-});
+const inviteUserParamsSchema = z
+    .object({
+        orgId: z.string()
+    })
+    .strict();

-const inviteUserBodySchema = z.object({
-    email: z.string().email(),
-    roleId: z.number(),
-    validHours: z.number().gt(0).lte(168),
-});
+const inviteUserBodySchema = z
+    .object({
+        email: z.string().email(),
+        roleId: z.number(),
+        validHours: z.number().gt(0).lte(168),
+        sendEmail: z.boolean().optional()
+    })
+    .strict();

 export type InviteUserBody = z.infer<typeof inviteUserBodySchema>;

@@ -38,7 +42,7 @@ const inviteTracker: Record<string, { timestamps: number[] }> = {};
 export async function inviteUser(
    req: Request,
    res: Response,
-    next: NextFunction,
+    next: NextFunction
 ): Promise<any> {
    try {
        const parsedParams = inviteUserParamsSchema.safeParse(req.params);
@@ -46,8 +50,8 @@ export async function inviteUser(
            return next(
                createHttpError(
                    HttpCode.BAD_REQUEST,
-                    fromError(parsedParams.error).toString(),
-                ),
+                    fromError(parsedParams.error).toString()
+                )
            );
        }

@@ -56,13 +60,18 @@ export async function inviteUser(
            return next(
                createHttpError(
                    HttpCode.BAD_REQUEST,
-                    fromError(parsedBody.error).toString(),
-                ),
+                    fromError(parsedBody.error).toString()
+                )
            );
        }

        const { orgId } = parsedParams.data;
-        const { email, validHours, roleId } = parsedBody.data;
+        const {
+            email,
+            validHours,
+            roleId,
+            sendEmail: doEmail
+        } = parsedBody.data;

        const currentTime = Date.now();
        const oneHourAgo = currentTime - 3600000;
@@ -79,8 +88,8 @@ export async function inviteUser(
            return next(
                createHttpError(
                    HttpCode.TOO_MANY_REQUESTS,
-                    "User has already been invited 3 times in the last hour",
-                ),
+                    "User has already been invited 3 times in the last hour"
+                )
            );
        }

@@ -93,7 +102,7 @@ export async function inviteUser(
            .limit(1);
        if (!org.length) {
            return next(
-                createHttpError(HttpCode.NOT_FOUND, "Organization not found"),
+                createHttpError(HttpCode.NOT_FOUND, "Organization not found")
            );
        }

@@ -107,14 +116,14 @@ export async function inviteUser(
            return next(
                createHttpError(
                    HttpCode.BAD_REQUEST,
-                    "User is already a member of this organization",
-                ),
+                    "User is already a member of this organization"
+                )
            );
        }

        const inviteId = generateRandomString(
            10,
-            alphabet("a-z", "A-Z", "0-9"),
+            alphabet("a-z", "A-Z", "0-9")
        );
        const token = generateRandomString(32, alphabet("a-z", "A-Z", "0-9"));
        const expiresAt = createDate(new TimeSpan(validHours, "h")).getTime();
@@ -125,7 +134,7 @@ export async function inviteUser(
        await db
            .delete(userInvites)
            .where(
-                and(eq(userInvites.email, email), eq(userInvites.orgId, orgId)),
+                and(eq(userInvites.email, email), eq(userInvites.orgId, orgId))
            )
            .execute();

@@ -135,43 +144,42 @@ export async function inviteUser(
            email,
            expiresAt,
            tokenHash,
-            roleId,
+            roleId
        });

        const inviteLink = `${config.app.base_url}/invite?token=${inviteId}-${token}`;

-        await sendEmail(
-            SendInviteLink({
-                email,
-                inviteLink,
-                expiresInDays: (validHours / 24).toString(),
-                orgName: org[0].name || orgId,
-                inviterName: req.user?.email,
-            }),
-            {
-                to: email,
-                from: config.email?.no_reply,
-                subject: "You're invited to join a Fossorial organization",
-            },
-        );
+        if (doEmail) {
+            await sendEmail(
+                SendInviteLink({
+                    email,
+                    inviteLink,
+                    expiresInDays: (validHours / 24).toString(),
+                    orgName: org[0].name || orgId,
+                    inviterName: req.user?.email
+                }),
+                {
+                    to: email,
+                    from: config.email?.no_reply,
+                    subject: "You're invited to join a Fossorial organization"
+                }
+            );
+        }

        return response<InviteUserResponse>(res, {
            data: {
                inviteLink,
-                expiresAt,
+                expiresAt
            },
            success: true,
            error: false,
            message: "User invited successfully",
-            status: HttpCode.OK,
+            status: HttpCode.OK
        });
    } catch (error) {
-        console.error(error);
+        logger.error(error);
        return next(
-            createHttpError(
-                HttpCode.INTERNAL_SERVER_ERROR,
-                "An error occurred",
-            ),
+            createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred")
        );
    }
 }
--- a/server/routers/user/listUsers.ts
+++ b/server/routers/user/listUsers.ts
@@ -8,24 +8,28 @@ import createHttpError from "http-errors";
 import { sql } from "drizzle-orm";
 import logger from "@server/logger";

-const listUsersParamsSchema = z.object({
-    orgId: z.string(),
-});
+const listUsersParamsSchema = z
+    .object({
+        orgId: z.string()
+    })
+    .strict();

-const listUsersSchema = z.object({
-    limit: z
-        .string()
-        .optional()
-        .default("1000")
-        .transform(Number)
-        .pipe(z.number().int().nonnegative()),
-    offset: z
-        .string()
-        .optional()
-        .default("0")
-        .transform(Number)
-        .pipe(z.number().int().nonnegative()),
-});
+const listUsersSchema = z
+    .object({
+        limit: z
+            .string()
+            .optional()
+            .default("1000")
+            .transform(Number)
+            .pipe(z.number().int().nonnegative()),
+        offset: z
+            .string()
+            .optional()
+            .default("0")
+            .transform(Number)
+            .pipe(z.number().int().nonnegative())
+    })
+    .strict();

 async function queryUsers(orgId: string, limit: number, offset: number) {
    return await db
@@ -37,7 +41,7 @@ async function queryUsers(orgId: string, limit: number, offset: number) {
            orgId: userOrgs.orgId,
            roleId: userOrgs.roleId,
            roleName: roles.name,
-            isOwner: userOrgs.isOwner,
+            isOwner: userOrgs.isOwner
        })
        .from(users)
        .leftJoin(userOrgs, sql`${users.userId} = ${userOrgs.userId}`)
@@ -97,13 +101,13 @@ export async function listUsers(
                pagination: {
                    total: count,
                    limit,
-                    offset,
-                },
+                    offset
+                }
            },
            success: true,
            error: false,
            message: "Users retrieved successfully",
-            status: HttpCode.OK,
+            status: HttpCode.OK
        });
    } catch (error) {
        logger.error(error);
--- a/server/routers/user/removeUserAction.ts
+++ b/server/routers/user/removeUserAction.ts
@@ -9,14 +9,18 @@ import createHttpError from "http-errors";
 import logger from "@server/logger";
 import { fromError } from "zod-validation-error";

-const removeUserActionParamsSchema = z.object({
-    userId: z.string(),
-});
+const removeUserActionParamsSchema = z
+    .object({
+        userId: z.string()
+    })
+    .strict();

-const removeUserActionSchema = z.object({
-    actionId: z.string(),
-    orgId: z.string(),
-});
+const removeUserActionSchema = z
+    .object({
+        actionId: z.string(),
+        orgId: z.string()
+    })
+    .strict();

 export async function removeUserAction(
    req: Request,
@@ -73,7 +77,7 @@ export async function removeUserAction(
            success: true,
            error: false,
            message: "Action removed from user successfully",
-            status: HttpCode.OK,
+            status: HttpCode.OK
        });
    } catch (error) {
        logger.error(error);
--- a/server/routers/user/removeUserOrg.ts
+++ b/server/routers/user/removeUserOrg.ts
@@ -9,10 +9,12 @@ import createHttpError from "http-errors";
 import logger from "@server/logger";
 import { fromError } from "zod-validation-error";

-const removeUserSchema = z.object({
-    userId: z.string(),
-    orgId: z.string(),
-});
+const removeUserSchema = z
+    .object({
+        userId: z.string(),
+        orgId: z.string()
+    })
+    .strict();

 export async function removeUserOrg(
    req: Request,
@@ -70,7 +72,7 @@ export async function removeUserOrg(
            success: true,
            error: false,
            message: "User remove from org successfully",
-            status: HttpCode.OK,
+            status: HttpCode.OK
        });
    } catch (error) {
        logger.error(error);
--- a/server/routers/user/removeUserResource.ts
+++ b/server/routers/user/removeUserResource.ts
@@ -9,10 +9,15 @@ import createHttpError from "http-errors";
 import logger from "@server/logger";
 import { fromError } from "zod-validation-error";

-const removeUserResourceSchema = z.object({
-    userId: z.string(),
-    resourceId: z.string().transform(Number).pipe(z.number().int().positive()),
-});
+const removeUserResourceSchema = z
+    .object({
+        userId: z.string(),
+        resourceId: z
+            .string()
+            .transform(Number)
+            .pipe(z.number().int().positive())
+    })
+    .strict();

 export async function removeUserResource(
    req: Request,
@@ -56,7 +61,7 @@ export async function removeUserResource(
            success: true,
            error: false,
            message: "Resource removed from user successfully",
-            status: HttpCode.OK,
+            status: HttpCode.OK
        });
    } catch (error) {
        logger.error(error);
--- a/server/routers/user/removeUserSite.ts
+++ b/server/routers/user/removeUserSite.ts
@@ -9,13 +9,17 @@ import createHttpError from "http-errors";
 import logger from "@server/logger";
 import { fromError } from "zod-validation-error";

-const removeUserSiteParamsSchema = z.object({
-    userId: z.string(),
-});
+const removeUserSiteParamsSchema = z
+    .object({
+        userId: z.string()
+    })
+    .strict();

-const removeUserSiteSchema = z.object({
-    siteId: z.number().int().positive(),
-});
+const removeUserSiteSchema = z
+    .object({
+        siteId: z.number().int().positive()
+    })
+    .strict();

 export async function removeUserSite(
    req: Request,
@@ -85,7 +89,7 @@ export async function removeUserSite(
            success: true,
            error: false,
            message: "Site removed from user successfully",
-            status: HttpCode.OK,
+            status: HttpCode.OK
        });
    } catch (error) {
        logger.error(error);