streaper2/maaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

membership functions - split and compose router functions - schema changes

Browse Source
This commit is contained in:
Michael Dausmann
2023-02-08 23:14:46 +11:00
parent 087526eb50
commit de976ab43b
10 changed files with 282 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
README.md
View File

@@ -91,4 +91,13 @@ Then I manually hand coded the schema.prisma file based on something else I alre
npx prisma db push npx prisma db push
npm install @prisma/client --save-dev npm install @prisma/client --save-dev
npx prisma generate npx prisma generate
``` ```
# TODO
- add role to membership and have methods for changing role, making sure one owner etc (done)
- remove @unique so users can have multiple accounts (done)
- add concept of 'current' account for user.. maybe put account on context or session. maybe just on DB...'current' boolean on membership?
- add max_notes property to plan and account as an example of a 'limit' property (done)
- add spinup script somehow to create plans???.... should I use some sort of generator like sidebase?
- team invitation thingy
- integration with stripe including web hooks.

158
lib/services/user.account.service.ts Normal file
View File

@@ -0,0 +1,158 @@
import { ACCOUNT_ACCESS, PrismaClient } from '@prisma/client';
import { UtilService } from './util.service';
const TRIAL_PLAN_NAME = '3 Month Trial'; // TODO - some sort of config.. this will change for every use of the boilerplate
export default class UserAccountService {
private prisma: PrismaClient;
constructor( prisma: PrismaClient) {
this.prisma = prisma;
}
async getUserBySupabaseId(supabase_uid: string) {
return this.prisma.user.findFirst({ where: { supabase_uid }, include: { memberships: true } });
}
async getUserById(user_id: number) {
return this.prisma.user.findFirstOrThrow({ where: { id: user_id }, include: { memberships: true } });
}
async createUser( supabase_uid: string, display_name: string ) {
const trialPlan = await this.prisma.plan.findFirstOrThrow({ where: { name: TRIAL_PLAN_NAME}});
return this.prisma.user.create({
data:{
supabase_uid: supabase_uid,
display_name: display_name,
memberships: {
create: {
account: {
create: {
plan_id: trialPlan.id,
name: display_name,
features: trialPlan.features, //copy in features from the plan, plan_id is a loose association and settings can change independently
current_period_ends: UtilService.addMonths(new Date(),3),
max_notes: trialPlan.max_notes,
}
},
access: ACCOUNT_ACCESS.OWNER
}
}
},
include: { memberships: true },
});
}
async deleteUser(user_id: number) {
return this.prisma.user.delete({ where: { id: user_id } });
}
async joinUserToAccount(user_id: number, account_id: number) {
return this.prisma.membership.create({
data: {
user_id: user_id,
account_id: account_id
}
});
}
async changeAccountPlan(account_id: number, plan_id: number) {
const plan = await this.prisma.plan.findFirstOrThrow({ where: {id: plan_id}});
return this.prisma.account.update({
where: { id: account_id},
data: {
plan_id: plan_id,
features: plan.features,
max_notes: plan.max_notes,
}
});
}
// Claim ownership of an account.
// User must already be an ADMIN for the Account
// Existing OWNER memberships are downgraded to ADMIN
// In future, some sort of Billing/Stripe tie in here e.g. changing email details on the Account, not sure.
async claimOwnershipOfAccount(user_id: number, account_id: number) {
const membership = await this.prisma.membership.findUniqueOrThrow({
where: {
user_id_account_id: {
user_id: user_id,
account_id: account_id,
}
},
});
if (membership.access === ACCOUNT_ACCESS.OWNER) {
return; // already owner
} else if (membership.access !== ACCOUNT_ACCESS.ADMIN) {
throw new Error('UNAUTHORISED: only Admins can claim ownership');
}
const existing_owner_memberships = await this.prisma.membership.findMany({
where: {
account_id: account_id,
access: ACCOUNT_ACCESS.OWNER,
},
});
for(const existing_owner_membership of existing_owner_memberships) {
await this.prisma.membership.update({
where: {
user_id_account_id: {
user_id: existing_owner_membership.user_id,
account_id: account_id,
}
},
data: {
access: ACCOUNT_ACCESS.ADMIN, // Downgrade OWNER to ADMIN
}
});
}
// finally update the ADMIN member to OWNER
return this.prisma.membership.update({
where: {
user_id_account_id: {
user_id: user_id,
account_id: account_id,
}
},
data: {
access: ACCOUNT_ACCESS.OWNER,
}
});
}
// Upgrade access of a membership. Cannot use this method to upgrade to or downgrade from OWNER access
async changeUserAccessWithinAccount(user_id: number, account_id: number, access: ACCOUNT_ACCESS) {
if (access === ACCOUNT_ACCESS.OWNER) {
throw new Error('UNABLE TO UPDATE MEMBERSHIP: use claimOwnershipOfAccount method to change ownership');
}
const membership = await this.prisma.membership.findUniqueOrThrow({
where: {
user_id_account_id: {
user_id: user_id,
account_id: account_id,
}
},
});
if (membership.access === ACCOUNT_ACCESS.OWNER) {
throw new Error('UNABLE TO UPDATE MEMBERSHIP: use claimOwnershipOfAccount method to change ownership');
}
return this.prisma.membership.update({
where: {
user_id_account_id: {
user_id: user_id,
account_id: account_id,
}
},
data: {
access: access,
}
});
}
}

47
lib/services/user.service.ts
View File

@@ -1,47 +0,0 @@
import { PrismaClient } from '@prisma/client';
import { UtilService } from './util.service';
const TRIAL_PLAN_NAME = '3 Month Trial'; // TODO - some sort of config.. this will change for every use of the boilerplate
export default class UserService {
private prisma: PrismaClient;
constructor( prisma: PrismaClient) {
this.prisma = prisma;
}
async getUserBySupabaseId(supabase_uid: string) {
return this.prisma.user.findFirst({ where: { supabase_uid }, include: { membership: true } });
}
async getUserById(id: number) {
return this.prisma.user.findFirstOrThrow({ where: { id }, include: { membership: true } });
}
async createUser( supabase_uid: string, display_name: string ) {
const trialPlan = await this.prisma.plan.findFirstOrThrow({ where: { name: TRIAL_PLAN_NAME}});
return this.prisma.user.create({
data:{
supabase_uid: supabase_uid,
display_name: display_name,
membership: {
create: {
account: {
create: {
plan_id: trialPlan.id,
name: display_name,
features: trialPlan.features, //copy in features from the plan, plan_id is a loose association and settings can change independently
current_period_ends: UtilService.addMonths(new Date(),3),
}
}
}
}
},
include: { membership: true },
});
}
async deleteUser(id: number) {
return this.prisma.user.delete({ where: { id } });
}
}

29
pages/dashboard.vue
View File

@@ -4,13 +4,38 @@
middleware: ['auth'], middleware: ['auth'],
}); });
const { $client } = useNuxtApp() const { $client } = useNuxtApp();
const { data: notes } = await $client.notes.useQuery({ text: 'client' }) const { data: notes } = await $client.notes.getForCurrentUser.useQuery();
async function changeAccountPlan(){
const { data: account } = await $client.userAccount.changeAccountPlan.useQuery();
console.log(`account with updated plan: ${JSON.stringify(account)}`);
}
async function joinUserToAccount(){
const { data: membership } = await $client.userAccount.joinUserToAccount.useQuery();
console.log(`added membership on current account: ${JSON.stringify(membership)}`);
}
async function changeUserAccessWithinAccount(){
const { data: membership } = await $client.userAccount.changeUserAccessWithinAccount.useQuery();
console.log(`updated membership on current account: ${JSON.stringify(membership)}`);
}
async function claimOwnershipOfAccount(){
const { data: membership } = await $client.userAccount.claimOwnershipOfAccount.useQuery();
console.log(`updated membership on current account: ${JSON.stringify(membership)}`);
}
</script> </script>
<template> <template>
<div> <div>
<h3>{{ user?.user_metadata.full_name }}'s Notes Dashboard</h3> <h3>{{ user?.user_metadata.full_name }}'s Notes Dashboard</h3>
<p v-for="note in notes?.notes">{{ note.note_text }}</p> <p v-for="note in notes?.notes">{{ note.note_text }}</p>
<button @click.prevent="changeAccountPlan()">Change Account Plan</button>
<button @click.prevent="joinUserToAccount()">Join user to account</button>
<button @click.prevent="changeUserAccessWithinAccount()">Change user access within account</button>
<button @click.prevent="claimOwnershipOfAccount()">Claim Account Ownership</button>
</div> </div>
</template> </template>

15
prisma/schema.prisma
View File

@@ -15,19 +15,28 @@ model User {
supabase_uid String supabase_uid String
display_name String? display_name String?
membership Membership? memberships Membership[]
@@map("users") @@map("users")
} }
enum ACCOUNT_ACCESS {
READ_ONLY
READ_WRITE
ADMIN
OWNER
}
model Membership { model Membership {
id Int @id @default(autoincrement()) id Int @id @default(autoincrement())
user_id Int @unique user_id Int
account_id Int account_id Int
account Account @relation(fields: [account_id], references: [id]) account Account @relation(fields: [account_id], references: [id])
user User @relation(fields: [user_id], references: [id]) user User @relation(fields: [user_id], references: [id])
access ACCOUNT_ACCESS @default(READ_ONLY)
@@map("membership") @@map("membership")
@@unique([user_id, account_id])
} }
model Account { model Account {
@@ -39,6 +48,7 @@ model Account {
plan Plan @relation(fields: [plan_id], references: [id]) plan Plan @relation(fields: [plan_id], references: [id])
members Membership[] members Membership[]
notes Note[] notes Note[]
max_notes Int @default(100)
@@map("account") @@map("account")
} }
@@ -48,6 +58,7 @@ model Plan {
name String name String
features String[] features String[]
accounts Account[] accounts Account[]
max_notes Int @default(100)
@@map("plan") @@map("plan")
} }

19
server/api/trpc/[trpc].ts
View File

@@ -3,26 +3,15 @@
* On a bigger app, you will probably want to split this file up into multiple files. * On a bigger app, you will probably want to split this file up into multiple files.
*/ */
import { createNuxtApiHandler } from 'trpc-nuxt' import { createNuxtApiHandler } from 'trpc-nuxt'
import { z } from 'zod'
import { publicProcedure, router } from '~/server/trpc/trpc' import { publicProcedure, router } from '~/server/trpc/trpc'
import { createContext } from '~~/server/trpc/context'; import { createContext } from '~~/server/trpc/context';
import NotesService from '~~/lib/services/notes.service'; import { notesRouter } from '~~/server/trpc/routers/notes.router';
import { userAccountRouter } from '~~/server/trpc/routers/user.account.router';
export const appRouter = router({ export const appRouter = router({
notes: publicProcedure notes: notesRouter,
.input( userAccount: userAccountRouter,
z.object({
text: z.string().nullish(),
}),
)
.query(async ({ ctx, input }) => {
const notesService = new NotesService(ctx.prisma);
const notes = await notesService.getNotesForAccountId(ctx.dbUser.membership?.account_id);
return {
notes,
}
}),
}) })
// export only the type definition of the API // export only the type definition of the API

4
server/trpc/context.ts
View File

@@ -4,7 +4,7 @@ import { H3Event } from 'h3';
import { serverSupabaseClient } from '#supabase/server'; import { serverSupabaseClient } from '#supabase/server';
import SupabaseClient from '@supabase/supabase-js/dist/module/SupabaseClient'; import SupabaseClient from '@supabase/supabase-js/dist/module/SupabaseClient';
import { User } from '@supabase/supabase-js'; import { User } from '@supabase/supabase-js';
import UserService from '~~/lib/services/user.service'; import UserAccountService from '~~/lib/services/user.account.service';
let prisma: PrismaClient | undefined let prisma: PrismaClient | undefined
let supabase: SupabaseClient | undefined let supabase: SupabaseClient | undefined
@@ -22,7 +22,7 @@ export async function createContext(event: H3Event){
prisma = new PrismaClient() prisma = new PrismaClient()
} }
if (!dbUser && user) { if (!dbUser && user) {
const userService = new UserService(prisma); const userService = new UserAccountService(prisma);
dbUser = await userService.getUserBySupabaseId(user.id); dbUser = await userService.getUserBySupabaseId(user.id);
if (!dbUser && user) { if (!dbUser && user) {

14
server/trpc/routers/notes.router.ts Normal file
View File

@@ -0,0 +1,14 @@
import NotesService from '~~/lib/services/notes.service';
import { protectedProcedure, router } from '../trpc'
export const notesRouter = router({
getForCurrentUser: protectedProcedure
.query(async ({ ctx }) => {
const notesService = new NotesService(ctx.prisma);
console.log(`fetching notes for account_id: ${ctx.dbUser.memberships[0].account_id}`);
const notes = await notesService.getNotesForAccountId(ctx.dbUser.memberships[0].account_id);
return {
notes,
}
}),
})

38
server/trpc/routers/user.account.router.ts Normal file
View File

@@ -0,0 +1,38 @@
import UserAccountService from '~~/lib/services/user.account.service';
import { protectedProcedure, router } from '../trpc'
import { ACCOUNT_ACCESS } from '@prisma/client';
export const userAccountRouter = router({
changeAccountPlan: protectedProcedure
.query(async ({ ctx }) => {
const uaService = new UserAccountService(ctx.prisma);
const account = await uaService.changeAccountPlan(ctx.dbUser.memberships[0].account_id, 2); // todo - plan should be an in put param
return {
account,
}
}),
joinUserToAccount: protectedProcedure
.query(async ({ ctx }) => {
const uaService = new UserAccountService(ctx.prisma);
const membership = await uaService.joinUserToAccount(ctx.dbUser.id, 5); // todo - account should be an input param
return {
membership,
}
}),
changeUserAccessWithinAccount: protectedProcedure // TODO - should be protectedAdmin (i.e. ctx.dbUser.id should be admin within the session account)
.query(async ({ ctx }) => {
const uaService = new UserAccountService(ctx.prisma);
const membership = await uaService.changeUserAccessWithinAccount(3, 5, ACCOUNT_ACCESS.ADMIN); // todo - member and access should be an input param (from UI) account should be the session account
return {
membership,
}
}),
claimOwnershipOfAccount: protectedProcedure // TODO - should be protectedAdmin (i.e. ctx.dbUser.id should be admin within the session account)
.query(async ({ ctx }) => {
const uaService = new UserAccountService(ctx.prisma);
const membership = await uaService.claimOwnershipOfAccount(3, 5); // todo - member should be an input param (from UI) account should be the session account
return {
membership,
}
}),
})

18
server/trpc/trpc.ts
View File

@@ -7,15 +7,29 @@
* @see https://trpc.io/docs/v10/router * @see https://trpc.io/docs/v10/router
* @see https://trpc.io/docs/v10/procedures * @see https://trpc.io/docs/v10/procedures
*/ */
import { initTRPC } from '@trpc/server' import { initTRPC, TRPCError } from '@trpc/server'
import { Context } from './context'; import { Context } from './context';
const t = initTRPC.context<Context>().create() const t = initTRPC.context<Context>().create()
/**
* auth middleware
**/
const isAuthed = t.middleware(({ next, ctx }) => {
if (!ctx.user) {
throw new TRPCError({ code: 'UNAUTHORIZED' });
}
return next({
ctx: {
user: ctx.user,
},
});
});
/** /**
* Unprotected procedure * Unprotected procedure
**/ **/
export const publicProcedure = t.procedure; export const publicProcedure = t.procedure;
export const protectedProcedure = t.procedure.use(isAuthed);
export const router = t.router; export const router = t.router;
export const middleware = t.middleware; export const middleware = t.middleware;