ob/sprint
1
0
Fork 0
mirror of https://github.com/hex248/sprint.git synced 2026-02-07 18:23:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

"/projects/by-organisation" route

Browse Source
This commit is contained in:
Oliver Bryan
2025-12-23 16:17:37 +00:00
parent 925617f493
commit cb80e75c2a
3 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
packages/backend/src/index.ts
View File

@@ -37,6 +37,7 @@ const main = async () => {
"/project/update": withCors(withAuth(routes.projectUpdate)),
"/project/delete": withCors(withAuth(routes.projectDelete)),
"/projects/by-creator": withCors(withAuth(routes.projectsByCreator)),
"/projects/by-organisation": withCors(withAuth(routes.projectsByOrganisation)),
"/projects/all": withCors(withAuth(routes.projectsAll)),
"/projects/with-creators": withCors(withAuth(routes.projectsWithCreators)),
"/project/with-creator": withCors(withAuth(routes.projectWithCreator)),

2
packages/backend/src/routes/index.ts
View File

@@ -17,6 +17,7 @@ import organisationUpdate from "./organisation/update";
import organisationUpdateMemberRole from "./organisation/update-member-role";
import projectsAll from "./project/all";
import projectsByCreator from "./project/by-creator";
import projectsByOrganisation from "./project/by-organisation";
import projectCreate from "./project/create";
import projectDelete from "./project/delete";
import projectUpdate from "./project/update";
@@ -45,6 +46,7 @@ export const routes = {
projectUpdate,
projectDelete,
projectsByCreator,
projectsByOrganisation,
projectsAll,
projectsWithCreators,
projectWithCreator,

33
packages/backend/src/routes/project/by-organisation.ts Normal file
View File

@@ -0,0 +1,33 @@
import type { AuthedRequest } from "../../auth/middleware";
import { getOrganisationById, getOrganisationsByUserId, getProjectsByOrganisationId } from "../../db/queries";
// /projects/by-organisation?organisationId=1
export default async function projectsByOrganisation(req: AuthedRequest) {
const url = new URL(req.url);
const organisationId = url.searchParams.get("organisationId");
if (!organisationId) {
return new Response("organisationId is required", { status: 400 });
}
const orgIdNumber = Number(organisationId);
if (!Number.isInteger(orgIdNumber)) {
return new Response("organisationId must be an integer", { status: 400 });
}
const organisation = await getOrganisationById(orgIdNumber);
if (!organisation) {
return new Response(`organisation with id ${organisationId} not found`, { status: 404 });
}
// Check if user has access to this organisation
const userOrganisations = await getOrganisationsByUserId(req.userId);
const hasAccess = userOrganisations.some((item) => item.Organisation.id === orgIdNumber);
if (!hasAccess) {
return new Response("Access denied: you are not a member of this organisation", { status: 403 });
}
const projects = await getProjectsByOrganisationId(orgIdNumber);
return Response.json(projects);
}