server/api/api/v1/statuses/:id/unpin.ts

import { apiRoute, applyConfig, auth } from "@/api";
import { createRoute } from "@hono/zod-openapi";
import { z } from "zod";
import { Note } from "~/classes/database/note";
import { RolePermissions } from "~/drizzle/schema";
import { ErrorSchema } from "~/types/api";

export const meta = applyConfig({
    ratelimits: {
        max: 100,
        duration: 60,
    },
    route: "/api/v1/statuses/:id/unpin",
    auth: {
        required: true,
    },
    permissions: {
        required: [RolePermissions.ManageOwnNotes, RolePermissions.ViewNotes],
    },
});

export const schemas = {
    param: z.object({
        id: z.string().uuid(),
    }),
};

const route = createRoute({
    method: "post",
    path: "/api/v1/statuses/{id}/unpin",
    summary: "Unpin a status",
    middleware: [auth(meta.auth, meta.permissions)],
    request: {
        params: schemas.param,
    },
    responses: {
        200: {
            description: "Unpinned status",
            content: {
                "application/json": {
                    schema: Note.schema,
                },
            },
        },
        401: {
            description: "Unauthorized",
            content: {
                "application/json": {
                    schema: ErrorSchema,
                },
            },
        },
        404: {
            description: "Record not found",
            content: {
                "application/json": {
                    schema: ErrorSchema,
                },
            },
        },
    },
});

export default apiRoute((app) =>
    app.openapi(route, async (context) => {
        const { id } = context.req.valid("param");
        const { user } = context.get("auth");

        if (!user) {
            return context.json({ error: "Unauthorized" }, 401);
        }

        const status = await Note.fromId(id, user.id);

        if (!status) {
            return context.json({ error: "Record not found" }, 404);
        }

        if (status.author.id !== user.id) {
            return context.json({ error: "Unauthorized" }, 401);
        }

        await user.unpin(status);

        if (!status) {
            return context.json({ error: "Record not found" }, 404);
        }

        return context.json(await status.toApi(user), 200);
    }),
);
refactor(api): :recycle: Finish first pass of OpenAPI refactor 2024-09-27 13:00:12 +02:00			`import { apiRoute, applyConfig, auth } from "@/api";`
			`import { createRoute } from "@hono/zod-openapi";`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00			`import { z } from "zod";`
refactor(database): :truck: Move database ORM code to classes/database The old directory, packages/database-interface, was confusingly named so it was better to move it here 2024-10-24 16:28:38 +02:00			`import { Note } from "~/classes/database/note";`
feat(api): :sparkles: Add permissions to every route and permission config 2024-06-08 06:57:29 +02:00			`import { RolePermissions } from "~/drizzle/schema";`
refactor(api): :recycle: Finish first pass of OpenAPI refactor 2024-09-27 13:00:12 +02:00			`import { ErrorSchema } from "~/types/api";`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00
			`export const meta = applyConfig({`
			`ratelimits: {`
			`max: 100,`
			`duration: 60,`
			`},`
			`route: "/api/v1/statuses/:id/unpin",`
			`auth: {`
			`required: true,`
			`},`
feat(api): :sparkles: Add permissions to every route and permission config 2024-06-08 06:57:29 +02:00			`permissions: {`
refactor: :rotating_light: Turn every linter rule on and fix issues (there were a LOT :3) 2024-06-13 04:26:43 +02:00			`required: [RolePermissions.ManageOwnNotes, RolePermissions.ViewNotes],`
feat(api): :sparkles: Add permissions to every route and permission config 2024-06-08 06:57:29 +02:00			`},`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00			`});`

			`export const schemas = {`
			`param: z.object({`
			`id: z.string().uuid(),`
			`}),`
			`};`

refactor(api): :recycle: Finish first pass of OpenAPI refactor 2024-09-27 13:00:12 +02:00			`const route = createRoute({`
			`method: "post",`
			`path: "/api/v1/statuses/{id}/unpin",`
			`summary: "Unpin a status",`
			`middleware: [auth(meta.auth, meta.permissions)],`
			`request: {`
			`params: schemas.param,`
			`},`
			`responses: {`
			`200: {`
			`description: "Unpinned status",`
			`content: {`
			`"application/json": {`
			`schema: Note.schema,`
			`},`
			`},`
			`},`
			`401: {`
			`description: "Unauthorized",`
			`content: {`
			`"application/json": {`
			`schema: ErrorSchema,`
			`},`
			`},`
			`},`
			`404: {`
			`description: "Record not found",`
			`content: {`
			`"application/json": {`
			`schema: ErrorSchema,`
			`},`
			`},`
			`},`
			`},`
			`});`

refactor: :recycle: Use a typed wrapper for all API endpoints 2024-08-19 20:06:38 +02:00			`export default apiRoute((app) =>`
refactor(api): :recycle: Finish first pass of OpenAPI refactor 2024-09-27 13:00:12 +02:00			`app.openapi(route, async (context) => {`
			`const { id } = context.req.valid("param");`
			`const { user } = context.get("auth");`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00
refactor(api): :recycle: Finish first pass of OpenAPI refactor 2024-09-27 13:00:12 +02:00			`if (!user) {`
			`return context.json({ error: "Unauthorized" }, 401);`
			`}`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00
refactor(api): :recycle: Finish first pass of OpenAPI refactor 2024-09-27 13:00:12 +02:00			`const status = await Note.fromId(id, user.id);`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00
refactor(api): :recycle: Finish first pass of OpenAPI refactor 2024-09-27 13:00:12 +02:00			`if (!status) {`
			`return context.json({ error: "Record not found" }, 404);`
			`}`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00
refactor(api): :recycle: Finish first pass of OpenAPI refactor 2024-09-27 13:00:12 +02:00			`if (status.author.id !== user.id) {`
			`return context.json({ error: "Unauthorized" }, 401);`
			`}`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00
refactor(api): :recycle: Finish first pass of OpenAPI refactor 2024-09-27 13:00:12 +02:00			`await user.unpin(status);`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00
refactor(api): :recycle: Finish first pass of OpenAPI refactor 2024-09-27 13:00:12 +02:00			`if (!status) {`
			`return context.json({ error: "Record not found" }, 404);`
			`}`
refactor(api): :recycle: Move to Hono for HTTP 2024-05-06 09:16:33 +02:00
refactor(api): :recycle: Finish first pass of OpenAPI refactor 2024-09-27 13:00:12 +02:00			`return context.json(await status.toApi(user), 200);`
			`}),`
refactor: :recycle: Use a typed wrapper for all API endpoints 2024-08-19 20:06:38 +02:00			`);`