apps/web/pages/api/documents/%5Bid%5D/recipients/index.ts

import {
  defaultHandler,
  defaultResponder,
  getUserFromToken,
} from "@documenso/lib/server";
import prisma from "@documenso/prisma";
import { NextApiRequest, NextApiResponse } from "next";
import short from "short-uuid";
import { Document as PrismaDocument } from "@prisma/client";
import { getDocument } from "@documenso/lib/query";

async function postHandler(req: NextApiRequest, res: NextApiResponse) {
  const user = await getUserFromToken(req, res);
  const { id: documentId } = req.query;
  const body: { name: string; email: string; id: string } = req.body;

  if (!user) return;

  if (!documentId) {
    res.status(400).send("Missing parameter documentId.");
    return;
  }

  const document: PrismaDocument = await getDocument(+documentId, req, res);

  // todo encapsulate entity ownerships checks
  if (document.userId !== user.id) {
    return res.status(401).send("User does not have access to this document.");
  }

  const recipient = await prisma.recipient.upsert({
    where: {
      id: +body.id,
    },
    update: {
      email: body.email.toString(),
      name: body.name.toString(),
    },
    create: {
      documentId: +documentId,
      email: body.email.toString(),
      name: body.name.toString(),
      token: short.generate().toString(),
    },
  });

  return res.status(200).end(JSON.stringify(recipient));
}

export default defaultHandler({
  POST: Promise.resolve({ default: defaultResponder(postHandler) }),
});
create recipient and short uid 2023-01-27 17:14:36 +01:00			`import {`
			`defaultHandler,`
			`defaultResponder,`
			`getUserFromToken,`
			`} from "@documenso/lib/server";`
			`import prisma from "@documenso/prisma";`
			`import { NextApiRequest, NextApiResponse } from "next";`
			`import short from "short-uuid";`
			`import { Document as PrismaDocument } from "@prisma/client";`
getDocument refactor 2023-02-01 18:32:59 +01:00			`import { getDocument } from "@documenso/lib/query";`
create recipient and short uid 2023-01-27 17:14:36 +01:00
			`async function postHandler(req: NextApiRequest, res: NextApiResponse) {`
			`const user = await getUserFromToken(req, res);`
			`const { id: documentId } = req.query;`
build fix 2023-02-07 10:19:51 +01:00			`const body: { name: string; email: string; id: string } = req.body;`
create recipient and short uid 2023-01-27 17:14:36 +01:00
			`if (!user) return;`

			`if (!documentId) {`
			`res.status(400).send("Missing parameter documentId.");`
			`return;`
			`}`

getDocument recfactor, qoc 2023-02-01 19:15:43 +01:00			`const document: PrismaDocument = await getDocument(+documentId, req, res);`
create recipient and short uid 2023-01-27 17:14:36 +01:00
todo 2023-02-03 16:38:11 +01:00			`// todo encapsulate entity ownerships checks`
create recipient and short uid 2023-01-27 17:14:36 +01:00			`if (document.userId !== user.id) {`
			`return res.status(401).send("User does not have access to this document.");`
			`}`

signers 2023-02-03 19:32:25 +01:00			`const recipient = await prisma.recipient.upsert({`
add recipient ui 2023-02-03 18:07:43 +01:00			`where: {`
signers 2023-02-03 19:32:25 +01:00			`id: +body.id,`
add recipient ui 2023-02-03 18:07:43 +01:00			`},`
			`update: {`
build fix 2023-02-03 20:03:38 +01:00			`email: body.email.toString(),`
			`name: body.name.toString(),`
add recipient ui 2023-02-03 18:07:43 +01:00			`},`
			`create: {`
create recipient and short uid 2023-01-27 17:14:36 +01:00			`documentId: +documentId,`
build fix 2023-02-03 20:03:38 +01:00			`email: body.email.toString(),`
			`name: body.name.toString(),`
build fix 2023-01-27 20:22:11 +01:00			`token: short.generate().toString(),`
create recipient and short uid 2023-01-27 17:14:36 +01:00			`},`
			`});`

signers 2023-02-03 19:32:25 +01:00			`return res.status(200).end(JSON.stringify(recipient));`
create recipient and short uid 2023-01-27 17:14:36 +01:00			`}`

			`export default defaultHandler({`
			`POST: Promise.resolve({ default: defaultResponder(postHandler) }),`
			`});`