2023-01-27 17:14:36 +01:00
|
|
|
import {
|
|
|
|
|
defaultHandler,
|
|
|
|
|
defaultResponder,
|
|
|
|
|
getUserFromToken,
|
|
|
|
|
} from "@documenso/lib/server";
|
|
|
|
|
import prisma from "@documenso/prisma";
|
|
|
|
|
import { NextApiRequest, NextApiResponse } from "next";
|
|
|
|
|
import short from "short-uuid";
|
|
|
|
|
import { Document as PrismaDocument } from "@prisma/client";
|
2023-02-01 18:32:59 +01:00
|
|
|
import { getDocument } from "@documenso/lib/query";
|
2023-01-27 17:14:36 +01:00
|
|
|
|
|
|
|
|
async function postHandler(req: NextApiRequest, res: NextApiResponse) {
|
|
|
|
|
const user = await getUserFromToken(req, res);
|
|
|
|
|
const { id: documentId } = req.query;
|
2023-02-07 10:19:51 +01:00
|
|
|
const body: { name: string; email: string; id: string } = req.body;
|
2023-01-27 17:14:36 +01:00
|
|
|
|
|
|
|
|
if (!user) return;
|
|
|
|
|
|
|
|
|
|
if (!documentId) {
|
|
|
|
|
res.status(400).send("Missing parameter documentId.");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-01 19:15:43 +01:00
|
|
|
const document: PrismaDocument = await getDocument(+documentId, req, res);
|
2023-01-27 17:14:36 +01:00
|
|
|
|
2023-02-03 16:38:11 +01:00
|
|
|
// todo encapsulate entity ownerships checks
|
2023-01-27 17:14:36 +01:00
|
|
|
if (document.userId !== user.id) {
|
|
|
|
|
return res.status(401).send("User does not have access to this document.");
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-03 19:32:25 +01:00
|
|
|
const recipient = await prisma.recipient.upsert({
|
2023-02-03 18:07:43 +01:00
|
|
|
where: {
|
2023-02-03 19:32:25 +01:00
|
|
|
id: +body.id,
|
2023-02-03 18:07:43 +01:00
|
|
|
},
|
|
|
|
|
update: {
|
2023-02-03 20:03:38 +01:00
|
|
|
email: body.email.toString(),
|
|
|
|
|
name: body.name.toString(),
|
2023-02-03 18:07:43 +01:00
|
|
|
},
|
|
|
|
|
create: {
|
2023-01-27 17:14:36 +01:00
|
|
|
documentId: +documentId,
|
2023-02-03 20:03:38 +01:00
|
|
|
email: body.email.toString(),
|
|
|
|
|
name: body.name.toString(),
|
2023-01-27 20:22:11 +01:00
|
|
|
token: short.generate().toString(),
|
2023-01-27 17:14:36 +01:00
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
2023-02-03 19:32:25 +01:00
|
|
|
return res.status(200).end(JSON.stringify(recipient));
|
2023-01-27 17:14:36 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export default defaultHandler({
|
|
|
|
|
POST: Promise.resolve({ default: defaultResponder(postHandler) }),
|
|
|
|
|
});
|