Merge pull request #38 from libkush/user-update

feat: added endpoint to update user
ComputerSocietyVITC · Jan 8, 2025 · a8651f9 · a8651f9
2 parents 52e44ba + ec82dc4
commit a8651f9
Show file tree

Hide file tree

Showing 2 changed files with 167 additions and 3 deletions.
diff --git a/src/routes/user/index.ts b/src/routes/user/index.ts
@@ -1,9 +1,15 @@
 import { OpenAPIHono } from "@hono/zod-openapi";
 
 import prisma from "./../../lib/prisma-client.js";
-import { deleteUserById, getAllUsers, getUser, getUserById } from "./routes.js";
-
-import { Role } from "@prisma/client";
+import {
+  deleteUserById,
+  getAllUsers,
+  getUser,
+  getUserById,
+  promoteUser,
+  updateUser,
+} from "./routes.js";
+import { Role, Prisma } from "@prisma/client";
 import { checkRole, getCurrentUser } from "../../lib/auth-provider.js";
 
 const userRouter = new OpenAPIHono();
@@ -65,4 +71,67 @@ userRouter.openapi(deleteUserById, async (ctx) => {
   return ctx.text(`User ${id} deleted successfully`, 200);
 });
 
+userRouter.openapi(updateUser, async (ctx) => {
+  const id = ctx.req.param().id;
+  const uid = ctx.get("jwtPayload").userId;
+  if (!checkRole([Role.ADMIN, Role.SUPER_ADMIN], ctx) && id !== uid) {
+    return ctx.text("Forbidden", 403);
+  }
+  const { name, regNum, phone, college, github, imageId } =
+    ctx.req.valid("json");
+
+  try {
+    await prisma.user.update({
+      where: {
+        id,
+      },
+      data: {
+        name,
+        regNum,
+        phone,
+        college,
+        github,
+        imageId,
+      },
+    });
+  } catch (e) {
+    if (e instanceof Prisma.PrismaClientKnownRequestError) {
+      if (e.code === "P2025") {
+        return ctx.text("User not found", 404);
+      }
+      if (e.code === "P2002") {
+        return ctx.text("One or more field(s) conflicts with other users", 409);
+      }
+    }
+    throw e;
+  }
+  return ctx.text("User updated successfully", 201);
+});
+
+userRouter.openapi(promoteUser, async (ctx) => {
+  const id = ctx.req.param().id;
+  if (!checkRole([Role.SUPER_ADMIN], ctx)) {
+    return ctx.text("Forbidden", 403);
+  }
+  const { role } = ctx.req.valid("json");
+
+  try {
+    await prisma.user.update({
+      where: {
+        id,
+      },
+      data: {
+        role,
+      },
+    });
+  } catch (e) {
+    if (e instanceof Prisma.PrismaClientKnownRequestError) {
+      if (e.code === "P2025") {
+        return ctx.text("User not found", 404);
+      }
+    }
+    throw e;
+  }
+  return ctx.text("User role updated successfully", 201);
+});
 export default userRouter;
diff --git a/src/routes/user/routes.ts b/src/routes/user/routes.ts
@@ -1,5 +1,6 @@
 import { z, createRoute } from "@hono/zod-openapi";
 import { UserSchema } from "../../schemas/user.js";
+import { Role } from "@prisma/client";
 
 export const getUser = createRoute({
   method: "get",
@@ -114,3 +115,97 @@ export const deleteUserById = createRoute({
     },
   },
 });
+
+export const promoteUser = createRoute({
+  method: "post",
+  path: "/promote/{id}",
+  security: [
+    {
+      Bearer: [],
+    },
+  ],
+  request: {
+    params: z.object({
+      id: z
+        .string()
+        .uuid()
+        .openapi({ example: "123e4567-e89b-12d3-a456-426614174000" }),
+    }),
+    body: {
+      content: {
+        "application/json": {
+          schema: z.object({
+            role: z.nativeEnum(Role).openapi({ example: "ADMIN" }),
+          }),
+        },
+      },
+    },
+  },
+  responses: {
+    200: {
+      description: "User role updated successfully",
+    },
+    403: {
+      description: "Forbidden",
+    },
+    404: {
+      description: "User not found",
+    },
+  },
+});
+
+export const updateUser = createRoute({
+  method: "post",
+  path: "/{id}",
+  security: [
+    {
+      Bearer: [],
+    },
+  ],
+  request: {
+    params: z.object({
+      id: z
+        .string()
+        .uuid()
+        .openapi({ example: "123e4567-e89b-12d3-a456-426614174000" }),
+    }),
+    body: {
+      content: {
+        "application/json": {
+          schema: z.object({
+            name: z.string().optional().openapi({ example: "Example Name" }),
+            regNum: z.string().optional().openapi({ example: "23BRS1369" }),
+            phone: z.string().optional().openapi({ example: "1234567890" }),
+            college: z
+              .string()
+              .optional()
+              .openapi({ example: "Example College" }),
+            github: z
+              .string()
+              .optional()
+              .openapi({ example: "https://github.com/libkush" }),
+            imageId: z
+              .string()
+              .optional()
+              .openapi({ example: "123e4567-e89b-12d3-a456-426614174000" }),
+          }),
+        },
+      },
+    },
+  },
+
+  responses: {
+    201: {
+      description: "User updated successfully",
+    },
+    403: {
+      description: "Forbidden",
+    },
+    409: {
+      description: "One or more field(s) conflict(s) with other users.",
+    },
+    500: {
+      description: "JWT secret not set",
+    },
+  },
+});