feat: update org operate
This commit is contained in:
@@ -1,7 +1,6 @@
|
||||
import { app, sequelize } from '@/app.ts';
|
||||
import { Org } from '@/models/org.ts';
|
||||
import { User } from '@/models/user.ts';
|
||||
import { CustomError } from '@kevisual/router';
|
||||
import { Op } from 'sequelize';
|
||||
|
||||
app
|
||||
@@ -35,18 +34,19 @@ app
|
||||
.route({
|
||||
path: 'org',
|
||||
key: 'update',
|
||||
middleware: ['auth'],
|
||||
middleware: ['auth-admin'],
|
||||
})
|
||||
.define(async (ctx) => {
|
||||
const tokenUser = ctx.state.tokenUser;
|
||||
// username 为org的名字,在用户表中也是唯一的
|
||||
const { username, description, id } = ctx.query.data;
|
||||
if (!username) {
|
||||
throw new CustomError('username is required');
|
||||
ctx.throw('username is required');
|
||||
}
|
||||
if (id) {
|
||||
const org = await Org.findByPk(id);
|
||||
if (!org) {
|
||||
throw new CustomError('org not found');
|
||||
ctx.throw('org not found');
|
||||
}
|
||||
org.description = description;
|
||||
await org.save();
|
||||
@@ -62,11 +62,11 @@ app
|
||||
}
|
||||
const user = await User.findByPk(tokenUser.id);
|
||||
if (!user) {
|
||||
throw new CustomError('user not found');
|
||||
ctx.throw('user not found');
|
||||
}
|
||||
const orgs = await user.getOrgs();
|
||||
if (!orgs.includes('admin')) {
|
||||
throw new CustomError('Permission denied');
|
||||
ctx.throw('Permission denied');
|
||||
}
|
||||
const newUser = await User.createOrg(username, tokenUser.id, description);
|
||||
ctx.body = {
|
||||
@@ -87,17 +87,17 @@ app
|
||||
const tokenUser = ctx.state.tokenUser;
|
||||
const id = ctx.query.id;
|
||||
if (!id) {
|
||||
throw new CustomError('id is required');
|
||||
ctx.throw('id is required');
|
||||
}
|
||||
const org = await Org.findByPk(id);
|
||||
if (!org) {
|
||||
throw new CustomError('org not found');
|
||||
ctx.throw('org not found');
|
||||
}
|
||||
const username = org.username;
|
||||
const users = org.users;
|
||||
const owner = users.find((u) => u.role === 'owner');
|
||||
if (owner.uid !== tokenUser.id) {
|
||||
throw new CustomError('Permission denied');
|
||||
ctx.throw('Permission denied');
|
||||
}
|
||||
await org.destroy({ force: true });
|
||||
const orgUser = await User.findOne({
|
||||
@@ -118,36 +118,21 @@ app
|
||||
const tokenUser = ctx.state.tokenUser;
|
||||
const id = ctx.query.id;
|
||||
if (!id) {
|
||||
throw new CustomError('id is required');
|
||||
ctx.throw('id is required');
|
||||
}
|
||||
const org = await Org.findByPk(id);
|
||||
if (!org) {
|
||||
throw new CustomError('org not found');
|
||||
ctx.throw('org not found');
|
||||
}
|
||||
const usersIds = org.users;
|
||||
const me = usersIds.find((u) => u.uid === tokenUser.id);
|
||||
if (!me) {
|
||||
throw new CustomError('Permission denied');
|
||||
ctx.throw('Permission denied');
|
||||
}
|
||||
const _users = await User.findAll({
|
||||
where: {
|
||||
id: {
|
||||
[Op.in]: usersIds.map((u) => u.uid),
|
||||
},
|
||||
},
|
||||
});
|
||||
|
||||
const users = _users.map((u) => {
|
||||
const role = usersIds.find((r) => r.uid === u.id)?.role;
|
||||
return {
|
||||
id: u.id,
|
||||
username: u.username,
|
||||
role: role,
|
||||
};
|
||||
});
|
||||
const orgGetUser = await org.getUsers();
|
||||
ctx.body = {
|
||||
org,
|
||||
users,
|
||||
users: orgGetUser.users,
|
||||
};
|
||||
})
|
||||
.addTo(app);
|
||||
|
||||
Reference in New Issue
Block a user