next/server/api/review/[id]/index.put.ts

import san from "sanitize-html";
import { messages } from "@server/constants";
import { log } from "@server/logger";
import { isLoggedIn } from "@server/middlewareButNotReally";
import { Review } from "@models/stories/review";

export default eventHandler(async (ev) => {
	isLoggedIn(ev);
	const revid = parseInt(getRouterParam(ev, "revid")!);
	let c = await Review.findById(revid);
	if (!c) {
		throw createError({
			statusCode: 404,
			message: messages[404],
		});
	}
	log.silly(`${ev.context.currentUser!._id!} || ${c.author}`, {
		label: "what the fuck",
	});
	if (c?.author._id != ev.context.currentUser?._id) {
		throw createError({
			message: messages[403],
			statusCode: 403,
		});
	}
	const body = await readBody(ev);
	await Review.findByIdAndUpdate(revid, {
		$set: {
			text: san(body.content),
		},
	});
	return {
		success: true,
		data: await Review.findById(revid)
			.populate("author", "username _id")
			.exec(),
	};
});
feat(api): create review endpoints for creating, editing, deletion and replying 2023-10-03 00:21:14 -04:00			`import san from "sanitize-html";`
refactor(*): refactor tsconfig paths looks/feels nicer 2023-12-20 17:23:31 -05:00			`import { messages } from "@server/constants";`
			`import { log } from "@server/logger";`
refactor(server/utils): make paths and imports more concise and correct 2023-12-29 16:32:32 -05:00			`import { isLoggedIn } from "@server/middlewareButNotReally";`
refactor(*): refactor tsconfig paths looks/feels nicer 2023-12-20 17:23:31 -05:00			`import { Review } from "@models/stories/review";`
feat(api): create review endpoints for creating, editing, deletion and replying 2023-10-03 00:21:14 -04:00
			`export default eventHandler(async (ev) => {`
			`isLoggedIn(ev);`
			`const revid = parseInt(getRouterParam(ev, "revid")!);`
			`let c = await Review.findById(revid);`
			`if (!c) {`
			`throw createError({`
			`statusCode: 404,`
			`message: messages[404],`
			`});`
			`}`
fix(api): update review editing endpoint when checking for whether the requester is the author, treat the author field as an object rather than a number (id) 2023-12-06 21:48:29 -05:00			log.silly(`${ev.context.currentUser!._id!} \|\| ${c.author}`, {
			`label: "what the fuck",`
			`});`
			`if (c?.author._id != ev.context.currentUser?._id) {`
feat(api): create review endpoints for creating, editing, deletion and replying 2023-10-03 00:21:14 -04:00			`throw createError({`
			`message: messages[403],`
			`statusCode: 403,`
			`});`
			`}`
			`const body = await readBody(ev);`
			`await Review.findByIdAndUpdate(revid, {`
			`$set: {`
			`text: san(body.content),`
			`},`
			`});`
			`return {`
			`success: true,`
			`data: await Review.findById(revid)`
			`.populate("author", "username _id")`
			`.exec(),`
			`};`
			`});`