-
Notifications
You must be signed in to change notification settings - Fork 2k
/
abdicate.ts
76 lines (75 loc) · 3.16 KB
/
abdicate.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
import { authSession } from '@/services/backend/auth';
import { changeOwnerBinding, queryUsersByNamespace } from '@/services/backend/db/userToNamespace';
import { jsonRes } from '@/services/backend/response';
import { modifyBinding, modifyTeamRole, unbindingRole } from '@/services/backend/team';
import { InvitedStatus, NSType, UserRole } from '@/types/team';
import { NextApiRequest, NextApiResponse } from 'next';
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
try {
const payload = await authSession(req.headers);
if (!payload) return jsonRes(res, { code: 401, message: 'token verify error' });
const { ns_uid, targetUsername, targetUserId } = req.body as {
ns_uid?: string;
targetUserId?: string;
targetUsername?: string;
};
if (!ns_uid) return jsonRes(res, { code: 400, message: 'ns_uid is required' });
if (!targetUsername) return jsonRes(res, { code: 400, message: 'targetUsername is required' });
if (!targetUserId) return jsonRes(res, { code: 400, message: 'targetUserId is required' });
if (targetUserId === payload.user.uid)
return jsonRes(res, { code: 409, message: "the targetUserId can't be self" });
// 校检自身user
const utns = await queryUsersByNamespace({ namespaceId: ns_uid });
const ownUtn = utns.find((utn) => utn.userId === payload.user.uid);
if (!ownUtn) return jsonRes(res, { code: 404, message: 'you are not in namespace' });
if (ownUtn)
if (ownUtn.role !== UserRole.Owner)
return jsonRes(res, { code: 403, message: 'you are not owner' });
if (ownUtn.namespace.nstype === NSType.Private)
return jsonRes(res, { code: 403, message: "you can't abdicate private " });
// 校检目标user
const targetUtn = utns.find(
(utn) => utn.userId === targetUserId && utn.k8s_username === targetUsername
);
if (!targetUtn || targetUtn.status !== InvitedStatus.Accepted)
return jsonRes(res, { code: 404, message: 'the targetUser is not in namespace' });
await modifyTeamRole({
action: 'Change',
pre_k8s_username: payload.user.k8s_username,
k8s_username: targetUsername,
userId: targetUserId,
role: UserRole.Owner,
namespace: ownUtn.namespace
});
// 升级为 owner
// const bindResult = await modifyBinding({
// k8s_username: targetUsername,
// namespaceId: ns_uid,
// role: UserRole.Owner,
// userId: targetUserId
// });
// if (!bindResult) throw new Error('fail to binding role');
// // 降级为 developer
// const unbindResult = await modifyBinding({
// k8s_username: payload.user.k8s_username,
// role: UserRole.Developer,
// userId: payload.user.uid,
// namespaceId: ns_uid
// });
// if (!unbindResult) throw new Error('fail to unbinding role');
await changeOwnerBinding({
userId: payload.user.uid,
k8s_username: payload.user.k8s_username,
namespaceId: ns_uid,
tUserId: targetUserId,
tK8sUsername: targetUsername
});
jsonRes(res, {
code: 200,
message: 'Successfully'
});
} catch (e) {
console.log(e);
jsonRes(res, { code: 500, message: 'adbication error' });
}
}