refactor: zones => topics

public/api/topics/:topic_id/events/:event_id/index.ts

@@ -0,0 +1,166 @@
+import { FSDB_COLLECTION } from '@andyburke/fsdb';
+import { EVENT, get_events_collection_for_topic } from '../../../../../../models/event.ts';
+import { TOPIC, TOPICS } from '../../../../../../models/topic.ts';
+import parse_body from '../../../../../../utils/bodyparser.ts';
+import * as CANNED_RESPONSES from '../../../../../../utils/canned_responses.ts';
+import { get_session, get_user, PRECHECK_TABLE, require_user } from '../../../../../../utils/prechecks.ts';
+
+export const PRECHECKS: PRECHECK_TABLE = {};
+
+// GET /api/topics/:topic_id/events/:id - Get an event
+PRECHECKS.GET = [get_session, get_user, require_user, async (_req: Request, meta: Record<string, any>): Promise<Response | undefined> => {
+	const topic_id: string = meta.params?.topic_id?.toLowerCase().trim() ?? '';
+
+	// lurid is 49 chars as we use them, eg: "also-play-flow-want-form-wide-thus-work-burn-same"
+	const topic: TOPIC | null = topic_id.length === 49 ? await TOPICS.get(topic_id) : null;
+
+	if (!topic) {
+		return CANNED_RESPONSES.not_found();
+	}
+
+	meta.topic = topic;
+	const topic_is_public = topic.permissions.read.length === 0;
+	const user_has_read_for_topic = topic_is_public || topic.permissions.read.includes(meta.user.id);
+	const topic_has_public_events = user_has_read_for_topic && (topic.permissions.read_events.length === 0);
+	const user_has_read_events_for_topic = user_has_read_for_topic &&
+		(topic_has_public_events || topic.permissions.read_events.includes(meta.user.id));
+
+	if (!user_has_read_events_for_topic) {
+		return CANNED_RESPONSES.permission_denied();
+	}
+}];
+export async function GET(_req: Request, meta: Record<string, any>): Promise<Response> {
+	const events: FSDB_COLLECTION<EVENT> = get_events_collection_for_topic(meta.topic.id);
+	const event: EVENT | null = await events.get(meta.params.event_id);
+
+	if (!event) {
+		return CANNED_RESPONSES.not_found();
+	}
+
+	return Response.json(event, {
+		status: 200
+	});
+}
+
+// PUT /api/topics/:topic_id/events/:event_id - Update event
+PRECHECKS.PUT = [
+	get_session,
+	get_user,
+	require_user,
+	(_req: Request, _meta: Record<string, any>): Response | undefined => {
+		if (Deno.env.get('APPEND_ONLY_EVENTS')) {
+			return CANNED_RESPONSES.append_only_events();
+		}
+	},
+	async (_req: Request, meta: Record<string, any>): Promise<Response | undefined> => {
+		const topic_id: string = meta.params?.topic_id?.toLowerCase().trim() ?? '';
+
+		// lurid is 49 chars as we use them, eg: "also-play-flow-want-form-wide-thus-work-burn-same"
+		const topic: TOPIC | null = topic_id.length === 49 ? await TOPICS.get(topic_id) : null;
+
+		if (!topic) {
+			return CANNED_RESPONSES.not_found();
+		}
+
+		meta.topic = topic;
+		const topic_is_public: boolean = meta.topic.permissions.read.length === 0;
+		const user_has_read_for_topic = topic_is_public || meta.topic.permissions.read.includes(meta.user.id);
+		const topic_events_are_publicly_writable = meta.topic.permissions.write_events.length === 0;
+		const user_has_write_events_for_topic = user_has_read_for_topic &&
+			(topic_events_are_publicly_writable || meta.topic.permissions.write_events.includes(meta.user.id));
+
+		if (!user_has_write_events_for_topic) {
+			return CANNED_RESPONSES.permission_denied();
+		}
+	}
+];
+export async function PUT(req: Request, meta: Record<string, any>): Promise<Response> {
+	const now = new Date().toISOString();
+
+	try {
+		const events: FSDB_COLLECTION<EVENT> = get_events_collection_for_topic(meta.topic.id);
+		const event: EVENT | null = await events.get(meta.params.event_id);
+
+		if (!event) {
+			return CANNED_RESPONSES.not_found();
+		}
+
+		if (event.creator_id !== meta.user.id) {
+			return CANNED_RESPONSES.permission_denied();
+		}
+
+		const body = await parse_body(req);
+		const updated = {
+			...event,
+			...body,
+			id: event.id,
+			creator_id: event.creator_id,
+			timestamps: {
+				created: event.timestamps.created,
+				updated: now
+			}
+		};
+
+		await events.update(updated);
+		return Response.json(updated, {
+			status: 200
+		});
+	} catch (err) {
+		return Response.json({
+			error: {
+				message: (err as Error)?.message ?? 'Unknown error due to invalid data.',
+				cause: (err as Error)?.cause ?? 'invalid_data'
+			}
+		}, {
+			status: 400
+		});
+	}
+}
+
+// DELETE /api/topics/:topic_id/events/:event_id - Delete event
+PRECHECKS.DELETE = [
+	get_session,
+	get_user,
+	require_user,
+	(_req: Request, _meta: Record<string, any>): Response | undefined => {
+		if (Deno.env.get('APPEND_ONLY_EVENTS')) {
+			return CANNED_RESPONSES.append_only_events();
+		}
+	},
+	async (_req: Request, meta: Record<string, any>): Promise<Response | undefined> => {
+		const topic_id: string = meta.params?.topic_id?.toLowerCase().trim() ?? '';
+
+		// lurid is 49 chars as we use them, eg: "also-play-flow-want-form-wide-thus-work-burn-same"
+		const topic: TOPIC | null = topic_id.length === 49 ? await TOPICS.get(topic_id) : null;
+
+		if (!topic) {
+			return CANNED_RESPONSES.not_found();
+		}
+
+		meta.topic = topic;
+		const topic_is_public: boolean = meta.topic.permissions.read.length === 0;
+		const user_has_read_for_topic = topic_is_public || meta.topic.permissions.read.includes(meta.user.id);
+		const topic_events_are_publicly_writable = meta.topic.permissions.write_events.length === 0;
+		const user_has_write_events_for_topic = user_has_read_for_topic &&
+			(topic_events_are_publicly_writable || meta.topic.permissions.write_events.includes(meta.user.id));
+
+		if (!user_has_write_events_for_topic) {
+			return CANNED_RESPONSES.permission_denied();
+		}
+	}
+];
+export async function DELETE(_req: Request, meta: Record<string, any>): Promise<Response> {
+	const events: FSDB_COLLECTION<EVENT> = get_events_collection_for_topic(meta.topic.id);
+	const event: EVENT | null = await events.get(meta.params.event_id);
+	if (!event) {
+		return CANNED_RESPONSES.not_found();
+	}
+
+	await events.delete(event);
+
+	return Response.json({
+		deleted: true
+	}, {
+		status: 200
+	});
+}