andyburke/autonomous.contact
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
autonomous.contact/public/api/rooms/:room_id/events/:event_id/index.ts

163 lines
5.3 KiB
TypeScript
Raw Normal View History

feature: rooms and events implemented on the backend
2025-06-27 17:54:04 -07:00
import { EVENT, EVENTS } from '../../../../../../models/event.ts';
import { ROOM, ROOMS } from '../../../../../../models/room.ts';
import parse_body from '../../../../../../utils/bodyparser.ts';
import * as CANNED_RESPONSES from '../../../../../../utils/canned_responses.ts';
import { get_session, get_user, PRECHECK_TABLE, require_user } from '../../../../../../utils/prechecks.ts';
export const PRECHECKS: PRECHECK_TABLE = {};
// GET /api/rooms/:room_id/events/:id - Get an event
PRECHECKS.GET = [get_session, get_user, require_user, async (_req: Request, meta: Record<string, any>): Promise<Response | undefined> => {
const room_id: string = meta.params?.room_id?.toLowerCase().trim() ?? '';
// lurid is 49 chars as we use them, eg: "also-play-flow-want-form-wide-thus-work-burn-same"
const room: ROOM | null = room_id.length === 49 ? await ROOMS.get(room_id) : null;
if (!room) {
return CANNED_RESPONSES.not_found();
}
meta.room = room;
const room_is_public = room.permissions.read.length === 0;
const user_has_read_for_room = room_is_public || room.permissions.read.includes(meta.user.id);
const room_has_public_events = user_has_read_for_room && (room.permissions.read_events.length === 0);
const user_has_read_events_for_room = user_has_read_for_room &&
(room_has_public_events || room.permissions.read_events.includes(meta.user.id));
if (!user_has_read_events_for_room) {
return CANNED_RESPONSES.permission_denied();
}
}];
export async function GET(_req: Request, meta: Record<string, any>): Promise<Response> {
const event: EVENT | null = await EVENTS.get(meta.params.event_id);
if (!event) {
return CANNED_RESPONSES.not_found();
}
return Response.json(event, {
status: 200
});
}
// PUT /api/rooms/:room_id/events/:event_id - Update event
PRECHECKS.PUT = [
get_session,
get_user,
require_user,
(_req: Request, _meta: Record<string, any>): Response | undefined => {
if (Deno.env.get('APPEND_ONLY_EVENTS')) {
return CANNED_RESPONSES.append_only_events();
}
},
async (_req: Request, meta: Record<string, any>): Promise<Response | undefined> => {
const room_id: string = meta.params?.room_id?.toLowerCase().trim() ?? '';
// lurid is 49 chars as we use them, eg: "also-play-flow-want-form-wide-thus-work-burn-same"
const room: ROOM | null = room_id.length === 49 ? await ROOMS.get(room_id) : null;
if (!room) {
return CANNED_RESPONSES.not_found();
}
meta.room = room;
const room_is_public: boolean = meta.room.permissions.read.length === 0;
const user_has_read_for_room = room_is_public || meta.room.permissions.read.includes(meta.user.id);
const room_events_are_publicly_writable = meta.room.permissions.write_events.length === 0;
const user_has_write_events_for_room = user_has_read_for_room &&
(room_events_are_publicly_writable || meta.room.permissions.write_events.includes(meta.user.id));
if (!user_has_write_events_for_room) {
return CANNED_RESPONSES.permission_denied();
}
}
];
export async function PUT(req: Request, meta: Record<string, any>): Promise<Response> {
const now = new Date().toISOString();
try {
const event: EVENT | null = await EVENTS.get(meta.params.event_id);
if (!event) {
return CANNED_RESPONSES.not_found();
}
if (event.creator_id !== meta.user.id) {
return CANNED_RESPONSES.permission_denied();
}
const body = await parse_body(req);
const updated = {
...event,
...body,
id: event.id,
creator_id: event.creator_id,
timestamps: {
created: event.timestamps.created,
updated: now
}
};
await EVENTS.update(updated);
return Response.json(updated, {
status: 200
});
} catch (err) {
return Response.json({
error: {
message: (err as Error)?.message ?? 'Unknown error due to invalid data.',
cause: (err as Error)?.cause ?? 'invalid_data'
}
}, {
status: 400
});
}
}
// DELETE /api/rooms/:room_id/events/:event_id - Delete event
PRECHECKS.DELETE = [
get_session,
get_user,
require_user,
(_req: Request, _meta: Record<string, any>): Response | undefined => {
if (Deno.env.get('APPEND_ONLY_EVENTS')) {
return CANNED_RESPONSES.append_only_events();
}
},
async (_req: Request, meta: Record<string, any>): Promise<Response | undefined> => {
const room_id: string = meta.params?.room_id?.toLowerCase().trim() ?? '';
// lurid is 49 chars as we use them, eg: "also-play-flow-want-form-wide-thus-work-burn-same"
const room: ROOM | null = room_id.length === 49 ? await ROOMS.get(room_id) : null;
if (!room) {
return CANNED_RESPONSES.not_found();
}
meta.room = room;
const room_is_public: boolean = meta.room.permissions.read.length === 0;
const user_has_read_for_room = room_is_public || meta.room.permissions.read.includes(meta.user.id);
const room_events_are_publicly_writable = meta.room.permissions.write_events.length === 0;
const user_has_write_events_for_room = user_has_read_for_room &&
(room_events_are_publicly_writable || meta.room.permissions.write_events.includes(meta.user.id));
if (!user_has_write_events_for_room) {
return CANNED_RESPONSES.permission_denied();
}
}
];
export async function DELETE(_req: Request, meta: Record<string, any>): Promise<Response> {
const event: EVENT | null = await EVENTS.get(meta.params.event_id);
if (!event) {
return CANNED_RESPONSES.not_found();
}
await EVENTS.delete(event);
return Response.json({
deleted: true
}, {
status: 200
});
}
Reference in a new issue Copy permalink