ob/sprint
1
0
Fork 0
mirror of https://github.com/hex248/sprint.git synced 2026-02-08 02:33:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

backend routes with zod schemas

Browse Source
This commit is contained in:
Oliver Bryan
2026-01-13 15:32:31 +00:00
parent e2cbe6bab3
commit 1ab5c80691
31 changed files with 345 additions and 609 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
packages/backend/src/routes/organisation/create.ts
View File

@@ -1,37 +1,20 @@
import { OrgCreateRequestSchema } from "@issue/shared";
import type { AuthedRequest } from "../../auth/middleware";
import { createOrganisationWithOwner, getOrganisationBySlug } from "../../db/queries";
import { errorResponse, parseJsonBody } from "../../validation";
// /organisation/create?name=Org%20Name&slug=org-name&userId=1&description=Optional%20description
export default async function organisationCreate(req: AuthedRequest) {
const url = new URL(req.url);
const name = url.searchParams.get("name");
const slug = url.searchParams.get("slug");
const userId = url.searchParams.get("userId");
const description = url.searchParams.get("description") || undefined;
const parsed = await parseJsonBody(req, OrgCreateRequestSchema);
if ("error" in parsed) return parsed.error;
if (!name || !slug || !userId) {
return new Response(
`missing parameters: ${!name ? "name " : ""}${!slug ? "slug " : ""}${!userId ? "userId" : ""}`,
{ status: 400 },
);
}
const userIdNumber = Number(userId);
if (!Number.isInteger(userIdNumber)) {
return new Response("userId must be an integer", { status: 400 });
}
// users can only create organisations for themselves (userId cannot be spoofed)
if (req.userId !== userIdNumber) {
return new Response("access denied: you can only create organisations for yourself", { status: 403 });
}
const { name, slug, description } = parsed.data;
const existingOrganisation = await getOrganisationBySlug(slug);
if (existingOrganisation) {
return new Response(`organisation with slug "${slug}" already exists`, { status: 409 });
return errorResponse(`organisation with slug "${slug}" already exists`, "SLUG_TAKEN", 409);
}
const organisation = await createOrganisationWithOwner(name, slug, userIdNumber, description);
const organisation = await createOrganisationWithOwner(name, slug, req.userId, description);
return Response.json(organisation);
}