hermes-web/app/api/settings/redemptions/actions/route.ts

import { db } from "@/lib/db"
import { NextResponse } from "next/server";
import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation";
import { ActionType, Prisma } from "@prisma/client";
import { z } from "zod";
import { redirect } from "next/dist/server/api-utils";

export async function GET(req: Request) {
    try {
        const user = await fetchUserWithImpersonation(req)
        if (!user) {
            return NextResponse.json({ message: 'Unauthorized.', error: null, value: null }, { status: 401 });
        }

        const actions = await db.action.findMany({
            where: {
                userId: user.id
            }
        })

        return NextResponse.json(actions.map(({ userId, ...attrs }) => attrs));
    } catch (error: any) {
        return NextResponse.json({ message: null, error: error, value: null }, { status: 500 });
    }
}

const nameSchema = z.string({
    required_error: "Name is required.",
    invalid_type_error: "Name must be a string"
}).regex(/^[\w\-\s]{1,32}$/, "Name must contain only letters, numbers, spaces, dashes, and underscores.")

async function common(req: Request, action: (id: string, name: string, type: ActionType, values: any) => void) {
    try {
        const user = await fetchUserWithImpersonation(req)
        if (!user) {
            return NextResponse.json({ message: 'Unauthorized.', error: null, value: null }, { status: 401 });
        }

        const { name, type, data }: { name: string, type: ActionType, data: any } = await req.json();
        
        if (!name)
            return NextResponse.json({ message: 'name is required.', error: null, value: null }, { status: 400 });
        const nameValidation = nameSchema.safeParse(name)
        if (!nameValidation.success)
            return NextResponse.json({ message: 'name must follow some requirements.', error: nameValidation.error, value: null }, { status: 400 });
        if (!type)
            return NextResponse.json({ message: 'type is required', error: null, value: null }, { status: 400 });
        if (type == ActionType.OBS_TRANSFORM && (!data.scene_name || !data.scene_item_name || !data.rotation && !data.position_x && !data.position_y))
            return NextResponse.json({ message: '"scene_name", "scene_item_name" and one of "rotation", "position_x", "position_y" are required.', error: null, value: null }, { status: 400 });
        if ((type == ActionType.WRITE_TO_FILE || type == ActionType.APPEND_TO_FILE) && (!data.file_path || !data.file_content))
            return NextResponse.json({ message: '"scene_name", "scene_item_name", "file_path" & "file_content" are required.', error: null, value: null }, { status: 400 });
        if (type == ActionType.AUDIO_FILE && !data.file_path)
            return NextResponse.json({ message: '"scene_name", "scene_item_name" & "file_path" are required.', error: null, value: null }, { status: 400 });
        if ([ActionType.OAUTH, ActionType.NIGHTBOT_PLAY, ActionType.NIGHTBOT_PAUSE, ActionType.NIGHTBOT_SKIP, ActionType.NIGHTBOT_CLEAR_PLAYLIST, ActionType.NIGHTBOT_CLEAR_QUEUE, ActionType.TWITCH_OAUTH].some(t => t == type) && (!data.oauth_name || !data.oauth_type))
            return NextResponse.json({ message: '"oauth_name" & "oauth_type" are required.', error: null, value: null }, { status: 400 });
        if ([ActionType.VEADOTUBE_POP_STATE, ActionType.VEADOTUBE_PUSH_STATE, ActionType.VEADOTUBE_SET_STATE].some(t => t == type) && !data.state)
            return NextResponse.json({ message: '"state" is required.', error: null, value: null }, { status: 400 });

        let d: any = {}
        if (type == ActionType.WRITE_TO_FILE || type == ActionType.APPEND_TO_FILE) {
            d = { file_path: data.file_path, file_content: data.file_content }
        } else if (type == ActionType.OBS_TRANSFORM) {
            d = { scene_name: data.scene_name, scene_item_name: data.scene_item_name }
            if (!!data.rotation)
                d = { rotation: data.rotation, ...data }
            if (!!data.position_x)
                d = { position_x: data.position_x, ...data }
            if (!!data.position_y)
                d = { position_y: data.position_y, ...data }
        } else if (type == ActionType.AUDIO_FILE) {
            d = { file_path: data.file_path }
        } else if (type == ActionType.SPECIFIC_TTS_VOICE) {
            d = { tts_voice: data.tts_voice }
        } else if (type == ActionType.TOGGLE_OBS_VISIBILITY) {
            d = { scene_name: data.scene_name, scene_item_name: data.scene_item_name }
        } else if (type == ActionType.SPECIFIC_OBS_VISIBILITY) {
            d = { scene_name: data.scene_name, scene_item_name: data.scene_item_name, obs_visible: data.obs_visible }
        } else if (type == ActionType.SPECIFIC_OBS_INDEX) {
            d = { scene_name: data.scene_name, scene_item_name: data.scene_item_name, obs_index: data.obs_index }
        } else if (type == ActionType.SLEEP) {
            d = { sleep: data.sleep }
        } else if ([ActionType.OAUTH, ActionType.NIGHTBOT_PLAY, ActionType.NIGHTBOT_PAUSE, ActionType.NIGHTBOT_SKIP, ActionType.NIGHTBOT_CLEAR_PLAYLIST, ActionType.NIGHTBOT_CLEAR_QUEUE, ActionType.TWITCH_OAUTH].some(t => t == type)) {
            d = {
                oauth_name: data.oauth_name,
                oauth_type: data.oauth_type
            }
        } else if ([ActionType.VEADOTUBE_POP_STATE, ActionType.VEADOTUBE_PUSH_STATE, ActionType.VEADOTUBE_SET_STATE].some(t => t == type)) {
            d = { state: data.state }
        }

        const dd = action(user.id, name, type, d)
        return NextResponse.json({ message: null, error: null, value: dd }, { status: 200 });
    } catch (error: any) {
        return NextResponse.json({ message: null, error: error, value: null }, { status: 500 });
    }
}

export async function POST(req: Request) {
    return common(req, async (id, name, type, data) => {
        return await db.action.create({
            data: {
                userId: id,
                name,
                type,
                data: data as Prisma.JsonObject
            }
        });
    })
}

export async function PUT(req: Request) {
    return common(req, async (id, name, type, data) => {
        return await db.action.update({
            where: {
                userId_name: {
                    userId: id,
                    name
                }
            },
            data: {
                type,
                data: data as Prisma.JsonObject
            }
        })
    })
}

export async function DELETE(req: Request) {
    try {
        const user = await fetchUserWithImpersonation(req)
        if (!user) {
            return NextResponse.json({ message: 'Unauthorized.', error: null, value: null }, { status: 401 });
        }

        const { searchParams } = new URL(req.url)
        const name = searchParams.get('action_name') as string
        const redemptions = await db.action.delete({
            where: {
                userId_name: {
                    userId: user.id,
                    name
                }
            }
        })

        return NextResponse.json(redemptions);
    } catch (error: any) {
        return NextResponse.json({ message: null, error: error, value: null }, { status: 500 });
    }
}