first commit

2024-08-09 00:39:27 +02:00
commit 79688abe2e
5698 changed files with 497838 additions and 0 deletions
--- a/calcom/apps/api/v1/lib/utils/extractUserIdsFromQuery.ts
+++ b/calcom/apps/api/v1/lib/utils/extractUserIdsFromQuery.ts
@@ -0,0 +1,14 @@
+import type { NextApiRequest } from "next";
+
+import { HttpError } from "@calcom/lib/http-error";
+
+import { schemaQuerySingleOrMultipleUserIds } from "~/lib/validations/shared/queryUserId";
+
+export function extractUserIdsFromQuery({ isSystemWideAdmin, query }: NextApiRequest) {
+  /** Guard: Only admins can query other users */
+  if (!isSystemWideAdmin) {
+    throw new HttpError({ statusCode: 401, message: "ADMIN required" });
+  }
+  const { userId: userIdOrUserIds } = schemaQuerySingleOrMultipleUserIds.parse(query);
+  return Array.isArray(userIdOrUserIds) ? userIdOrUserIds : [userIdOrUserIds];
+}
--- a/calcom/apps/api/v1/lib/utils/isAdmin.ts
+++ b/calcom/apps/api/v1/lib/utils/isAdmin.ts
@@ -0,0 +1,37 @@
+import type { NextApiRequest } from "next";
+
+import prisma from "@calcom/prisma";
+import { UserPermissionRole, MembershipRole } from "@calcom/prisma/enums";
+
+import { ScopeOfAdmin } from "./scopeOfAdmin";
+
+export const isAdminGuard = async (req: NextApiRequest) => {
+  const { userId } = req;
+  const user = await prisma.user.findUnique({ where: { id: userId }, select: { role: true } });
+  if (!user) return { isAdmin: false, scope: null };
+
+  const { role: userRole } = user;
+  if (userRole === UserPermissionRole.ADMIN) return { isAdmin: true, scope: ScopeOfAdmin.SystemWide };
+
+  const orgOwnerOrAdminMemberships = await prisma.membership.findMany({
+    where: {
+      userId: userId,
+      accepted: true,
+      team: {
+        isOrganization: true,
+      },
+      OR: [{ role: MembershipRole.OWNER }, { role: MembershipRole.ADMIN }],
+    },
+    select: {
+      team: {
+        select: {
+          id: true,
+          isOrganization: true,
+        },
+      },
+    },
+  });
+  if (!orgOwnerOrAdminMemberships.length) return { isAdmin: false, scope: null };
+
+  return { isAdmin: true, scope: ScopeOfAdmin.OrgOwnerOrAdmin };
+};
--- a/calcom/apps/api/v1/lib/utils/isValidBase64Image.ts
+++ b/calcom/apps/api/v1/lib/utils/isValidBase64Image.ts
@@ -0,0 +1,4 @@
+export function isValidBase64Image(input: string): boolean {
+  const regex = /^data:image\/[^;]+;base64,(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$/;
+  return regex.test(input);
+}
--- a/calcom/apps/api/v1/lib/utils/retrieveScopedAccessibleUsers.ts
+++ b/calcom/apps/api/v1/lib/utils/retrieveScopedAccessibleUsers.ts
@@ -0,0 +1,92 @@
+import prisma from "@calcom/prisma";
+import { MembershipRole } from "@calcom/prisma/enums";
+
+type AccessibleUsersType = {
+  memberUserIds: number[];
+  adminUserId: number;
+};
+
+const getAllOrganizationMemberships = async (
+  memberships: {
+    userId: number;
+    role: MembershipRole;
+    teamId: number;
+  }[],
+  orgId: number
+) => {
+  return memberships.reduce<number[]>((acc, membership) => {
+    if (membership.teamId === orgId) {
+      acc.push(membership.userId);
+    }
+    return acc;
+  }, []);
+};
+
+const getAllAdminMemberships = async (userId: number) => {
+  return await prisma.membership.findMany({
+    where: {
+      userId: userId,
+      accepted: true,
+      OR: [{ role: MembershipRole.OWNER }, { role: MembershipRole.ADMIN }],
+    },
+    select: {
+      team: {
+        select: {
+          id: true,
+          isOrganization: true,
+        },
+      },
+    },
+  });
+};
+
+const getAllOrganizationMembers = async (organizationId: number) => {
+  return await prisma.membership.findMany({
+    where: {
+      teamId: organizationId,
+      accepted: true,
+    },
+    select: {
+      userId: true,
+    },
+  });
+};
+
+export const getAccessibleUsers = async ({
+  memberUserIds,
+  adminUserId,
+}: AccessibleUsersType): Promise<number[]> => {
+  const memberships = await prisma.membership.findMany({
+    where: {
+      team: {
+        isOrganization: true,
+      },
+      accepted: true,
+      OR: [
+        { userId: { in: memberUserIds } },
+        { userId: adminUserId, role: { in: [MembershipRole.OWNER, MembershipRole.ADMIN] } },
+      ],
+    },
+    select: {
+      userId: true,
+      role: true,
+      teamId: true,
+    },
+  });
+
+  const orgId = memberships.find((membership) => membership.userId === adminUserId)?.teamId;
+  if (!orgId) return [];
+
+  const allAccessibleMemberUserIds = await getAllOrganizationMemberships(memberships, orgId);
+  const accessibleUserIds = allAccessibleMemberUserIds.filter((userId) => userId !== adminUserId);
+  return accessibleUserIds;
+};
+
+export const retrieveOrgScopedAccessibleUsers = async ({ adminId }: { adminId: number }) => {
+  const adminMemberships = await getAllAdminMemberships(adminId);
+  const organizationId = adminMemberships.find((membership) => membership.team.isOrganization)?.team.id;
+  if (!organizationId) return [];
+
+  const allMemberships = await getAllOrganizationMembers(organizationId);
+  return allMemberships.map((membership) => membership.userId);
+};
--- a/calcom/apps/api/v1/lib/utils/scopeOfAdmin.ts
+++ b/calcom/apps/api/v1/lib/utils/scopeOfAdmin.ts
@@ -0,0 +1,4 @@
+export const ScopeOfAdmin = {
+  SystemWide: "SystemWide",
+  OrgOwnerOrAdmin: "OrgOwnerOrAdmin",
+} as const;
--- a/calcom/apps/api/v1/lib/utils/stringifyISODate.ts
+++ b/calcom/apps/api/v1/lib/utils/stringifyISODate.ts
@@ -0,0 +1,4 @@
+export const stringifyISODate = (date: Date | undefined): string => {
+  return `${date?.toISOString()}`;
+};
+// TODO: create a function that takes an object and returns a stringified version of dates of it.