tom/hermes-web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added impersonation for admins

Browse Source
This commit is contained in:
Tom
2024-01-04 21:57:32 +00:00
parent 320c826684
commit 8f7f18e069
25 changed files with 494 additions and 131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

91
app/api/account/impersonate/route.ts Normal file
View File

@ -0,0 +1,91 @@
import { db } from "@/lib/db"
import { NextResponse } from "next/server";
import fetchUser from "@/lib/fetch-user";
export async function GET(req: Request) {
try {
const user = await fetchUser(req)
if (!user || user.role != "ADMIN") {
return new NextResponse("Unauthorized", { status: 401 });
}
const impersonation = await db.impersonation.findFirst({
where: {
sourceId: user.id
}
});
return NextResponse.json(impersonation);
} catch (error) {
console.log("[AUTH/ACCOUNT/IMPERSONATION]", error);
return new NextResponse("Internal Error", { status: 500 });
}
}
export async function POST(req: Request) {
try {
const user = await fetchUser(req)
if (!user || user.role != "ADMIN") {
return new NextResponse("Unauthorized", { status: 401 });
}
const { targetId } = await req.json();
const impersonation = await db.impersonation.create({
data: {
sourceId: user.id,
targetId
}
});
return NextResponse.json(impersonation);
} catch (error) {
console.log("[AUTH/ACCOUNT/IMPERSONATION]", error);
return new NextResponse("Internal Error", { status: 500 });
}
}
export async function PUT(req: Request) {
try {
const user = await fetchUser(req)
if (!user || user.role != "ADMIN") {
return new NextResponse("Unauthorized", { status: 401 });
}
const { targetId } = await req.json();
const impersonation = await db.impersonation.update({
where: {
sourceId: user.id,
},
data: {
targetId
}
});
return NextResponse.json(impersonation);
} catch (error) {
console.log("[AUTH/ACCOUNT/IMPERSONATION]", error);
return new NextResponse("Internal Error", { status: 500 });
}
}
export async function DELETE(req: Request) {
try {
const user = await fetchUser(req)
if (!user || user.role != "ADMIN") {
return new NextResponse("Unauthorized", { status: 401 });
}
const impersonation = await db.impersonation.delete({
where: {
sourceId: user.id
}
});
return NextResponse.json(impersonation)
} catch (error) {
console.log("[AUTH/ACCOUNT/IMPERSONATION]", error);
return new NextResponse("Internal Error" + error, { status: 500 });
}
}

4
app/api/account/route.ts
View File

@ -1,12 +1,12 @@
import { db } from "@/lib/db"
import { NextResponse } from "next/server";
import { auth } from "@/auth";
import fetchUserUsingAPI from "@/lib/validate-api";
import fetchUser from "@/lib/fetch-user";
export async function GET(req: Request) {
try {
return NextResponse.json(await fetchUserUsingAPI(req))
return NextResponse.json(await fetchUser(req))
} catch (error) {
console.log("[ACCOUNT]", error);
return new NextResponse("Internal Error", { status: 500 });

4
app/api/settings/connections/twitch/delete/route.ts
View File

@ -1,10 +1,10 @@
import { db } from "@/lib/db"
import fetchUserUsingAPI from "@/lib/validate-api";
import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation";
import { NextResponse } from "next/server";
export async function POST(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}

4
app/api/settings/connections/twitch/route.ts
View File

@ -1,10 +1,10 @@
import { db } from "@/lib/db"
import { NextResponse } from "next/server";
import fetchUserUsingAPI from "@/lib/validate-api";
import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation";
export async function GET(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}

6
app/api/settings/tts/default/route.ts
View File

@ -1,11 +1,11 @@
import { db } from "@/lib/db"
import { NextResponse } from "next/server";
import fetchUserUsingAPI from "@/lib/validate-api";
import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation";
import voices from "@/data/tts";
export async function GET(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}
@ -26,7 +26,7 @@ export async function GET(req: Request) {
export async function POST(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}

8
app/api/settings/tts/filter/users/route.ts
View File

@ -1,10 +1,10 @@
import { db } from "@/lib/db"
import { NextResponse } from "next/server";
import fetchUserUsingAPI from "@/lib/validate-api";
import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation";
export async function GET(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}
@ -24,7 +24,7 @@ export async function GET(req: Request) {
export async function POST(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}
@ -57,7 +57,7 @@ export async function POST(req: Request) {
export async function DELETE(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}

17
app/api/settings/tts/filter/words/route.ts
View File

@ -1,10 +1,10 @@
import { db } from "@/lib/db"
import { NextResponse } from "next/server";
import fetchUserUsingAPI from "@/lib/validate-api";
import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation";
export async function GET(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}
@ -24,7 +24,7 @@ export async function GET(req: Request) {
export async function POST(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}
@ -35,7 +35,7 @@ export async function POST(req: Request) {
data: {
search,
replace,
userId: user.id as string
userId: user.id
}
});
@ -48,7 +48,7 @@ export async function POST(req: Request) {
export async function PUT(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}
@ -61,7 +61,8 @@ export async function PUT(req: Request) {
},
data: {
search,
replace
replace,
userId: user.id
}
});
@ -74,7 +75,7 @@ export async function PUT(req: Request) {
export async function DELETE(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}
@ -87,7 +88,7 @@ export async function DELETE(req: Request) {
const filter = await db.ttsWordFilter.delete({
where: {
userId_search: {
userId: user.id as string,
userId: user.id,
search
}
}

6
app/api/settings/tts/route.ts
View File

@ -1,11 +1,11 @@
import { db } from "@/lib/db"
import { NextResponse } from "next/server";
import fetchUserUsingAPI from "@/lib/validate-api";
import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation";
import voices from "@/data/tts";
export async function GET(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}
@ -40,7 +40,7 @@ export async function GET(req: Request) {
export async function POST(req: Request) {
try {
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}

21
app/api/token/[id]/route.ts
View File

@ -1,12 +1,17 @@
import { db } from "@/lib/db"
import fetchUserUsingAPI from "@/lib/validate-api";
import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation";
import { NextResponse } from "next/server";
export async function GET(req: Request, { params } : { params: { id: string } }) {
try {
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}
let id = req.headers?.get('x-api-key')
if (id == null) {
return NextResponse.json(null);
return NextResponse.json(null);
}
const tokens = await db.apiKey.findFirst({
@ -18,15 +23,19 @@ export async function GET(req: Request, { params } : { params: { id: string } })
return NextResponse.json(tokens);
} catch (error) {
console.log("[TOKEN/GET]", error);
return new NextResponse("Internal Error", { status: 500});
return new NextResponse("Internal Error", { status: 500 });
}
}
export async function DELETE(req: Request, { params } : { params: { id: string } }) {
try {
const { id } = params
const user = await fetchUserUsingAPI(req)
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}
const { id } = params
const token = await db.apiKey.delete({
where: {
id,
@ -37,6 +46,6 @@ export async function DELETE(req: Request, { params } : { params: { id: string }
return NextResponse.json(token);
} catch (error) {
console.log("[TOKEN/DELETE]", error);
return new NextResponse("Internal Error", { status: 500});
return new NextResponse("Internal Error", { status: 500 });
}
}

4
app/api/token/bot/route.ts
View File

@ -1,10 +1,10 @@
import { db } from "@/lib/db"
import fetchUserUsingAPI from "@/lib/validate-api";
import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation";
import { NextResponse } from "next/server";
export async function GET(req: Request) {
try {
const user = await fetchUserUsingAPI(req);
const user = await fetchUserWithImpersonation(req);
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}

17
app/api/token/route.ts
View File

@ -1,13 +1,18 @@
import fetchUserUsingAPI from "@/lib/validate-api";
import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation";
import { db } from "@/lib/db"
import { NextResponse } from "next/server";
export async function POST(req: Request) {
try {
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}
let { userId, label } = await req.json();
if (userId == null) {
const user = await fetchUserUsingAPI(req);
const user = await fetchUserWithImpersonation(req);
if (user != null) {
userId = user.id;
}
@ -31,9 +36,13 @@ export async function POST(req: Request) {
export async function DELETE(req: Request) {
try {
const user = await fetchUserWithImpersonation(req)
if (!user) {
return new NextResponse("Unauthorized", { status: 401 });
}
let { id } = await req.json();
const user = await fetchUserUsingAPI(req);
if (!id || !user) {
if (!id) {
return NextResponse.json(null)
}

4
app/api/tokens/route.ts
View File

@ -1,4 +1,4 @@
import fetchUserUsingAPI from "@/lib/validate-api";
import fetchUser from "@/lib/fetch-user";
import { db } from "@/lib/db"
import { NextResponse } from "next/server";
@ -8,7 +8,7 @@ export async function GET(req: Request) {
let userId = searchParams.get('userId')
if (userId == null) {
const user = await fetchUserUsingAPI(req);
const user = await fetchUser(req);
if (user != null) {
userId = user.id as string;
}

41
app/api/users/route.ts Normal file
View File

@ -0,0 +1,41 @@
import { db } from "@/lib/db"
import { NextResponse } from "next/server";
import fetchUser from "@/lib/fetch-user";
export async function GET(req: Request) {
try {
const user = await fetchUser(req)
if (!user || user.role != "ADMIN") {
return new NextResponse("Unauthorized", { status: 401 });
}
const { searchParams } = new URL(req.url)
const qn = searchParams.get('qn') as string
const id = searchParams.get('id') as string
if (qn) {
const users = await db.user.findMany({
where: {
name: {
contains: qn
}
}
})
return NextResponse.json(users)
}
if (id) {
const users = await db.user.findUnique({
where: {
id: id
}
})
return NextResponse.json(users)
}
const users = await db.user.findMany();
return NextResponse.json(users)
} catch (error) {
console.log("[AUTH/ACCOUNT/IMPERSONATION]", error);
return new NextResponse("Internal Error", { status: 500 });
}
}