From a478621730149d6365e0cdabcb207612dff3893c Mon Sep 17 00:00:00 2001 From: Finley Ge <32237950+FinleyGe@users.noreply.github.com> Date: Wed, 24 Jul 2024 11:11:36 +0800 Subject: [PATCH] refactor openapikey and outlink apis (#2134) * refactor: OpenAPIKey refactor * refactor: outlink api refactor fix: list return wrong data * chore: remove deprecated type definition * chore: remove throw Error. instead of Promise.reject * fix: auth openapikey's owner * fix: manager could read all keys --- packages/global/common/error/code/openapi.ts | 7 +- packages/global/support/permission/type.d.ts | 10 --- .../support/permission/auth/openapi.ts | 45 +++++----- .../pages/api/core/dataset/folder/create.ts | 88 +++++++++++++++++++ .../src/pages/api/support/openapi/create.ts | 80 ++++++++++------- .../src/pages/api/support/openapi/delete.ts | 3 +- .../app/src/pages/api/support/openapi/list.ts | 61 ++++++------- .../src/pages/api/support/openapi/update.ts | 31 +++---- .../src/pages/api/support/outLink/create.ts | 70 +++++++-------- .../src/pages/api/support/outLink/delete.ts | 41 ++++----- .../app/src/pages/api/support/outLink/list.ts | 59 ++++++------- .../src/pages/api/support/outLink/update.ts | 49 +++++------ 12 files changed, 300 insertions(+), 244 deletions(-) create mode 100644 projects/app/src/pages/api/core/dataset/folder/create.ts diff --git a/packages/global/common/error/code/openapi.ts b/packages/global/common/error/code/openapi.ts index c64f51b32..f4acb46de 100644 --- a/packages/global/common/error/code/openapi.ts +++ b/packages/global/common/error/code/openapi.ts @@ -3,7 +3,8 @@ import { ErrType } from '../errorCode'; /* dataset: 506000 */ export enum OpenApiErrEnum { unExist = 'openapiUnExist', - unAuth = 'openapiUnAuth' + unAuth = 'openapiUnAuth', + exceedLimit = 'openapiExceedLimit' } const errList = [ { @@ -13,6 +14,10 @@ const errList = [ { statusText: OpenApiErrEnum.unAuth, message: '无权操作该 Api Key' + }, + { + statusText: OpenApiErrEnum.exceedLimit, + message: '最多 10 组 API 密钥' } ]; export default errList.reduce((acc, cur, index) => { diff --git a/packages/global/support/permission/type.d.ts b/packages/global/support/permission/type.d.ts index cc51f9a2d..8a6ea45a8 100644 --- a/packages/global/support/permission/type.d.ts +++ b/packages/global/support/permission/type.d.ts @@ -18,16 +18,6 @@ export type PermissionListType = Record< } >; -export type AuthResponseType = { - teamId: string; - tmbId: string; - isOwner: boolean; - canWrite: boolean; - authType?: `${AuthUserTypeEnum}`; - appId?: string; - apikey?: string; -}; - export type ResourcePermissionType = { teamId: string; tmbId: string; diff --git a/packages/service/support/permission/auth/openapi.ts b/packages/service/support/permission/auth/openapi.ts index 75e081a88..2908c2eb4 100644 --- a/packages/service/support/permission/auth/openapi.ts +++ b/packages/service/support/permission/auth/openapi.ts @@ -1,16 +1,12 @@ -import { AuthResponseType } from '@fastgpt/global/support/permission/type'; -import { AuthModeType } from '../type'; +import { AuthModeType, AuthResponseType } from '../type'; import { OpenApiSchema } from '@fastgpt/global/support/openapi/type'; import { parseHeaderCert } from '../controller'; import { getTmbInfoByTmbId } from '../../user/team/controller'; import { MongoOpenApi } from '../../openapi/schema'; import { OpenApiErrEnum } from '@fastgpt/global/common/error/code/openapi'; -import { TeamMemberRoleEnum } from '@fastgpt/global/support/user/team/constant'; -import { - OwnerPermissionVal, - ReadPermissionVal, - WritePermissionVal -} from '@fastgpt/global/support/permission/constant'; +import { OwnerPermissionVal } from '@fastgpt/global/support/permission/constant'; +import { authAppByTmbId } from '../app/auth'; +import { Permission } from '@fastgpt/global/support/permission/controller'; export async function authOpenApiKeyCrud({ id, @@ -26,39 +22,38 @@ export async function authOpenApiKeyCrud({ const result = await parseHeaderCert(props); const { tmbId, teamId } = result; - const { role, permission: tmbPer } = await getTmbInfoByTmbId({ tmbId }); - - const { openapi, isOwner, canWrite } = await (async () => { + const { openapi, permission } = await (async () => { const openapi = await MongoOpenApi.findOne({ _id: id, teamId }); - if (!openapi) { throw new Error(OpenApiErrEnum.unExist); } - const isOwner = String(openapi.tmbId) === tmbId || role === TeamMemberRoleEnum.owner; - const canWrite = isOwner || (String(openapi.tmbId) === tmbId && tmbPer.hasWritePer); + if (!!openapi.appId) { + // if is not global openapi, then auth app + const { app } = await authAppByTmbId({ appId: openapi.appId!, tmbId, per }); + return { + permission: app.permission, + openapi + }; + } + // if is global openapi, then auth openapi + const { permission: tmbPer } = await getTmbInfoByTmbId({ tmbId }); - if (per === ReadPermissionVal && !canWrite) { - return Promise.reject(OpenApiErrEnum.unAuth); - } - if (per === WritePermissionVal && !canWrite) { - return Promise.reject(OpenApiErrEnum.unAuth); - } - if (per === OwnerPermissionVal && !isOwner) { + if (!tmbPer.checkPer(per) && tmbId !== String(openapi.tmbId)) { return Promise.reject(OpenApiErrEnum.unAuth); } return { openapi, - isOwner, - canWrite + permission: new Permission({ + per + }) }; })(); return { ...result, openapi, - isOwner, - canWrite + permission }; } diff --git a/projects/app/src/pages/api/core/dataset/folder/create.ts b/projects/app/src/pages/api/core/dataset/folder/create.ts new file mode 100644 index 000000000..f6ca7d16a --- /dev/null +++ b/projects/app/src/pages/api/core/dataset/folder/create.ts @@ -0,0 +1,88 @@ +import type { ApiRequestProps, ApiResponseType } from '@fastgpt/service/type/next'; +import { NextAPI } from '@/service/middleware/entry'; +import { MongoDataset } from '@fastgpt/service/core/dataset/schema'; +import { CommonErrEnum } from '@fastgpt/global/common/error/code/common'; +import { authUserPer } from '@fastgpt/service/support/permission/user/auth'; +import { + PerResourceTypeEnum, + WritePermissionVal +} from '@fastgpt/global/support/permission/constant'; +import { authDataset } from '@fastgpt/service/support/permission/dataset/auth'; +import { mongoSessionRun } from '@fastgpt/service/common/mongo/sessionRun'; +import { parseParentIdInMongo } from '@fastgpt/global/common/parentFolder/utils'; +import { FolderImgUrl } from '@fastgpt/global/common/file/image/constants'; +import { DatasetTypeEnum } from '@fastgpt/global/core/dataset/constants'; +import { DatasetDefaultPermissionVal } from '@fastgpt/global/support/permission/dataset/constant'; +import { getResourceAllClbs } from '@fastgpt/service/support/permission/controller'; +import { syncCollaborators } from '@fastgpt/service/support/permission/inheritPermission'; +export type DatasetFolderCreateQuery = {}; +export type DatasetFolderCreateBody = { + parentId?: string; + name: string; + intro: string; +}; +export type DatasetFolderCreateResponse = {}; +async function handler( + req: ApiRequestProps, + _res: ApiResponseType +): Promise { + const { parentId, name, intro } = req.body; + + if (!name) { + return Promise.reject(CommonErrEnum.missingParams); + } + + const { tmbId, teamId } = await authUserPer({ + req, + per: WritePermissionVal, + authToken: true + }); + + const parentFolder = await (async () => { + if (parentId) { + return ( + await authDataset({ + datasetId: parentId, + per: WritePermissionVal, + req, + authToken: true + }) + ).dataset; + } + })(); + + await mongoSessionRun(async (session) => { + const app = await MongoDataset.create({ + ...parseParentIdInMongo(parentId), + avatar: FolderImgUrl, + name, + intro, + teamId, + tmbId, + type: DatasetTypeEnum.folder, + defaultPermission: !!parentFolder + ? parentFolder.defaultPermission + : DatasetDefaultPermissionVal + }); + + if (parentId) { + const parentClbs = await getResourceAllClbs({ + teamId, + resourceId: parentId, + resourceType: PerResourceTypeEnum.dataset, + session + }); + + await syncCollaborators({ + resourceType: PerResourceTypeEnum.dataset, + teamId, + resourceId: app._id, + collaborators: parentClbs, + session + }); + } + }); + + return {}; +} +export default NextAPI(handler); diff --git a/projects/app/src/pages/api/support/openapi/create.ts b/projects/app/src/pages/api/support/openapi/create.ts index 89100bb18..720122578 100644 --- a/projects/app/src/pages/api/support/openapi/create.ts +++ b/projects/app/src/pages/api/support/openapi/create.ts @@ -1,44 +1,56 @@ -import type { NextApiRequest, NextApiResponse } from 'next'; -import { jsonRes } from '@fastgpt/service/common/response'; -import { connectToDatabase } from '@/service/mongo'; import { MongoOpenApi } from '@fastgpt/service/support/openapi/schema'; -import { customAlphabet } from 'nanoid'; import type { EditApiKeyProps } from '@/global/support/openapi/api'; import { authUserPer } from '@fastgpt/service/support/permission/user/auth'; -import { WritePermissionVal } from '@fastgpt/global/support/permission/constant'; import { getNanoid } from '@fastgpt/global/common/string/tools'; +import type { ApiRequestProps } from '@fastgpt/service/type/next'; +import { NextAPI } from '@/service/middleware/entry'; +import { + ManagePermissionVal, + WritePermissionVal +} from '@fastgpt/global/support/permission/constant'; +import { authApp } from '@fastgpt/service/support/permission/app/auth'; +import { OpenApiErrEnum } from '@fastgpt/global/common/error/code/openapi'; -export default async function handler(req: NextApiRequest, res: NextApiResponse) { - try { - await connectToDatabase(); - const { appId, name, limit } = req.body as EditApiKeyProps; - const { teamId, tmbId } = await authUserPer({ req, authToken: true, per: WritePermissionVal }); - - const count = await MongoOpenApi.find({ tmbId, appId }).countDocuments(); - - if (count >= 10) { - throw new Error('最多 10 组 API 秘钥'); +async function handler(req: ApiRequestProps): Promise { + const { appId, name, limit } = req.body; + const { tmbId, teamId } = await (async () => { + if (!appId) { + // global apikey is being created, auth the tmb + const { teamId, tmbId } = await authUserPer({ + req, + authToken: true, + per: WritePermissionVal + }); + return { teamId, tmbId }; + } else { + const { teamId, tmbId } = await authApp({ + req, + per: ManagePermissionVal, + appId, + authToken: true + }); + return { teamId, tmbId }; } + })(); - const nanoid = getNanoid(Math.floor(Math.random() * 14) + 52); - const apiKey = `${global.systemEnv?.openapiPrefix || 'fastgpt'}-${nanoid}`; + const count = await MongoOpenApi.find({ tmbId, appId }).countDocuments(); - await MongoOpenApi.create({ - teamId, - tmbId, - apiKey, - appId, - name, - limit - }); - - jsonRes(res, { - data: apiKey - }); - } catch (err) { - jsonRes(res, { - code: 500, - error: err - }); + if (count >= 10) { + return Promise.reject(OpenApiErrEnum.exceedLimit); } + + const nanoid = getNanoid(Math.floor(Math.random() * 14) + 52); + const apiKey = `${global.systemEnv?.openapiPrefix || 'fastgpt'}-${nanoid}`; + + await MongoOpenApi.create({ + teamId, + tmbId, + apiKey, + appId, + name, + limit + }); + return apiKey; } + +export default NextAPI(handler); diff --git a/projects/app/src/pages/api/support/openapi/delete.ts b/projects/app/src/pages/api/support/openapi/delete.ts index 7a5e452c1..9ea1ce039 100644 --- a/projects/app/src/pages/api/support/openapi/delete.ts +++ b/projects/app/src/pages/api/support/openapi/delete.ts @@ -4,6 +4,7 @@ import { connectToDatabase } from '@/service/mongo'; import { MongoOpenApi } from '@fastgpt/service/support/openapi/schema'; import { authOpenApiKeyCrud } from '@fastgpt/service/support/permission/auth/openapi'; import { OwnerPermissionVal } from '@fastgpt/global/support/permission/constant'; +import { CommonErrEnum } from '@fastgpt/global/common/error/code/common'; export default async function handler(req: NextApiRequest, res: NextApiResponse) { try { @@ -11,7 +12,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) const { id } = req.query as { id: string }; if (!id) { - throw new Error('缺少参数'); + return Promise.reject(CommonErrEnum.missingParams); } await authOpenApiKeyCrud({ req, authToken: true, id, per: OwnerPermissionVal }); diff --git a/projects/app/src/pages/api/support/openapi/list.ts b/projects/app/src/pages/api/support/openapi/list.ts index 8d804828d..da3f321d0 100644 --- a/projects/app/src/pages/api/support/openapi/list.ts +++ b/projects/app/src/pages/api/support/openapi/list.ts @@ -1,53 +1,42 @@ -import type { NextApiRequest, NextApiResponse } from 'next'; -import { jsonRes } from '@fastgpt/service/common/response'; -import { connectToDatabase } from '@/service/mongo'; import { MongoOpenApi } from '@fastgpt/service/support/openapi/schema'; import type { GetApiKeyProps } from '@/global/support/openapi/api'; import { authUserPer } from '@fastgpt/service/support/permission/user/auth'; import { authApp } from '@fastgpt/service/support/permission/app/auth'; import { ManagePermissionVal } from '@fastgpt/global/support/permission/constant'; +import type { ApiRequestProps } from '@fastgpt/service/type/next'; +import { NextAPI } from '@/service/middleware/entry'; -export default async function handler(req: NextApiRequest, res: NextApiResponse) { - try { - await connectToDatabase(); - const { appId } = req.query as GetApiKeyProps; +async function handler(req: ApiRequestProps) { + const { appId } = req.query; - if (appId) { - await authApp({ - req, - authToken: true, - appId, - per: ManagePermissionVal - }); - - const findResponse = await MongoOpenApi.find({ - appId - }).sort({ _id: -1 }); - - return jsonRes(res, { - data: findResponse.map((item) => item.toObject()) - }); - } - - const { teamId, tmbId, permission } = await authUserPer({ + if (appId) { + // app-level apikey + await authApp({ req, authToken: true, + appId, per: ManagePermissionVal }); const findResponse = await MongoOpenApi.find({ - appId, - teamId, - ...(!permission.isOwner && { tmbId }) + appId }).sort({ _id: -1 }); - return jsonRes(res, { - data: findResponse.map((item) => item.toObject()) - }); - } catch (err) { - jsonRes(res, { - code: 500, - error: err - }); + return findResponse.map((item) => item.toObject()); } + // global apikey + const { teamId, tmbId, permission } = await authUserPer({ + req, + authToken: true + }); + + const findResponse = await MongoOpenApi.find({ + appId, + teamId, + ...(!permission.hasManagePer && { tmbId }) // if not manager, read own key + }).sort({ _id: -1 }); + + return findResponse.map((item) => item.toObject()); } + +export default NextAPI(handler); diff --git a/projects/app/src/pages/api/support/openapi/update.ts b/projects/app/src/pages/api/support/openapi/update.ts index a5c22b08e..079ea71a7 100644 --- a/projects/app/src/pages/api/support/openapi/update.ts +++ b/projects/app/src/pages/api/support/openapi/update.ts @@ -1,28 +1,19 @@ -import type { NextApiRequest, NextApiResponse } from 'next'; -import { jsonRes } from '@fastgpt/service/common/response'; -import { connectToDatabase } from '@/service/mongo'; import { MongoOpenApi } from '@fastgpt/service/support/openapi/schema'; import type { EditApiKeyProps } from '@/global/support/openapi/api.d'; import { authOpenApiKeyCrud } from '@fastgpt/service/support/permission/auth/openapi'; import { OwnerPermissionVal } from '@fastgpt/global/support/permission/constant'; +import type { ApiRequestProps } from '@fastgpt/service/type/next'; +import { NextAPI } from '@/service/middleware/entry'; -export default async function handler(req: NextApiRequest, res: NextApiResponse) { - try { - await connectToDatabase(); - const { _id, name, limit } = req.body as EditApiKeyProps & { _id: string }; +async function handler(req: ApiRequestProps): Promise { + const { _id, name, limit } = req.body; - await authOpenApiKeyCrud({ req, authToken: true, id: _id, per: OwnerPermissionVal }); + await authOpenApiKeyCrud({ req, authToken: true, id: _id, per: OwnerPermissionVal }); - await MongoOpenApi.findByIdAndUpdate(_id, { - ...(name && { name }), - ...(limit && { limit }) - }); - - jsonRes(res); - } catch (err) { - jsonRes(res, { - code: 500, - error: err - }); - } + await MongoOpenApi.findByIdAndUpdate(_id, { + ...(name && { name }), + ...(limit && { limit }) + }); } + +export default NextAPI(handler); diff --git a/projects/app/src/pages/api/support/outLink/create.ts b/projects/app/src/pages/api/support/outLink/create.ts index ee3d5530d..48a782c00 100644 --- a/projects/app/src/pages/api/support/outLink/create.ts +++ b/projects/app/src/pages/api/support/outLink/create.ts @@ -1,47 +1,45 @@ -import type { NextApiRequest, NextApiResponse } from 'next'; -import { jsonRes } from '@fastgpt/service/common/response'; -import { connectToDatabase } from '@/service/mongo'; import { MongoOutLink } from '@fastgpt/service/support/outLink/schema'; import { authApp } from '@fastgpt/service/support/permission/app/auth'; import type { OutLinkEditType } from '@fastgpt/global/support/outLink/type.d'; import { customAlphabet } from 'nanoid'; import { PublishChannelEnum } from '@fastgpt/global/support/outLink/constant'; -import { WritePermissionVal } from '@fastgpt/global/support/permission/constant'; -const nanoid = customAlphabet('abcdefghijklmnopqrstuvwxyz1234567890', 24); +import { ManagePermissionVal } from '@fastgpt/global/support/permission/constant'; +import type { ApiRequestProps } from '@fastgpt/service/type/next'; +import { NextAPI } from '@/service/middleware/entry'; /* create a shareChat */ -export default async function handler(req: NextApiRequest, res: NextApiResponse) { - try { - await connectToDatabase(); - const { appId, ...props } = req.body as OutLinkEditType & - OutLinkEditType & { - appId: string; - type: PublishChannelEnum; - }; +const nanoid = customAlphabet('abcdefghijklmnopqrstuvwxyz1234567890', 24); - const { teamId, tmbId } = await authApp({ - req, - authToken: true, - appId, - per: WritePermissionVal - }); +export type OutLinkCreateQuery = {}; +export type OutLinkCreateBody = OutLinkEditType & + OutLinkEditType & { + appId: string; + type: PublishChannelEnum; + }; +export type OutLinkCreateResponse = string; - const shareId = nanoid(); - await MongoOutLink.create({ - shareId, - teamId, - tmbId, - appId, - ...props - }); +async function handler( + req: ApiRequestProps +): Promise { + const { appId, ...props } = req.body; - jsonRes(res, { - data: shareId - }); - } catch (err) { - jsonRes(res, { - code: 500, - error: err - }); - } + const { teamId, tmbId } = await authApp({ + req, + authToken: true, + appId, + per: ManagePermissionVal + }); + + const shareId = nanoid(); + await MongoOutLink.create({ + shareId, + teamId, + tmbId, + appId, + ...props + }); + + return shareId; } + +export default NextAPI(handler); diff --git a/projects/app/src/pages/api/support/outLink/delete.ts b/projects/app/src/pages/api/support/outLink/delete.ts index 18b0d7401..343678df3 100644 --- a/projects/app/src/pages/api/support/outLink/delete.ts +++ b/projects/app/src/pages/api/support/outLink/delete.ts @@ -1,28 +1,23 @@ -import type { NextApiRequest, NextApiResponse } from 'next'; -import { jsonRes } from '@fastgpt/service/common/response'; -import { connectToDatabase } from '@/service/mongo'; import { MongoOutLink } from '@fastgpt/service/support/outLink/schema'; import { authOutLinkCrud } from '@fastgpt/service/support/permission/publish/authLink'; -import { ManagePermissionVal } from '@fastgpt/global/support/permission/constant'; +import { OwnerPermissionVal } from '@fastgpt/global/support/permission/constant'; +import type { ApiRequestProps } from '@fastgpt/service/type/next'; +import { NextAPI } from '@/service/middleware/entry'; + +export type OutLinkDeleteQuery = { + id: string; +}; +export type OutLinkDeleteBody = {}; +export type OutLinkDeleteResponse = {}; /* delete a shareChat by shareChatId */ -export default async function handler(req: NextApiRequest, res: NextApiResponse) { - try { - await connectToDatabase(); - - const { id } = req.query as { - id: string; - }; - - await authOutLinkCrud({ req, outLinkId: id, authToken: true, per: ManagePermissionVal }); - - await MongoOutLink.findByIdAndRemove(id); - - jsonRes(res); - } catch (err) { - jsonRes(res, { - code: 500, - error: err - }); - } +async function handler( + req: ApiRequestProps +): Promise { + const { id } = req.query; + await authOutLinkCrud({ req, outLinkId: id, authToken: true, per: OwnerPermissionVal }); + await MongoOutLink.findByIdAndRemove(id); + return {}; } + +export default NextAPI(handler); diff --git a/projects/app/src/pages/api/support/outLink/list.ts b/projects/app/src/pages/api/support/outLink/list.ts index 5db35e451..ca6d566dc 100644 --- a/projects/app/src/pages/api/support/outLink/list.ts +++ b/projects/app/src/pages/api/support/outLink/list.ts @@ -1,39 +1,34 @@ -import type { NextApiRequest, NextApiResponse } from 'next'; -import { jsonRes } from '@fastgpt/service/common/response'; -import { connectToDatabase } from '@/service/mongo'; import { MongoOutLink } from '@fastgpt/service/support/outLink/schema'; import { authApp } from '@fastgpt/service/support/permission/app/auth'; import { ManagePermissionVal } from '@fastgpt/global/support/permission/constant'; +import type { ApiRequestProps } from '@fastgpt/service/type/next'; +import { NextAPI } from '@/service/middleware/entry'; +import { OutLinkSchema } from '@fastgpt/global/support/outLink/type'; +export type OutLinkListQuery = { + appId: string; + type: string; +}; +export type OutLinkListBody = {}; +export type OutLinkListResponse = OutLinkSchema[]; -/* get shareChat list by appId */ -export default async function handler(req: NextApiRequest, res: NextApiResponse) { - try { - await connectToDatabase(); +async function handler( + req: ApiRequestProps +): Promise { + const { appId, type } = req.query; + await authApp({ + req, + authToken: true, + appId, + per: ManagePermissionVal + }); - const { appId, type } = req.query as { - appId: string; - type: string; - }; + const data = await MongoOutLink.find({ + appId, + type: type + }).sort({ + _id: -1 + }); - await authApp({ - req, - authToken: true, - appId, - per: ManagePermissionVal - }); - - const data = await MongoOutLink.find({ - appId, - type: type - }).sort({ - _id: -1 - }); - - jsonRes(res, { data }); - } catch (err) { - jsonRes(res, { - code: 500, - error: err - }); - } + return data; } +export default NextAPI(handler); diff --git a/projects/app/src/pages/api/support/outLink/update.ts b/projects/app/src/pages/api/support/outLink/update.ts index 069b30e55..d535615c0 100644 --- a/projects/app/src/pages/api/support/outLink/update.ts +++ b/projects/app/src/pages/api/support/outLink/update.ts @@ -1,34 +1,31 @@ -import type { NextApiRequest, NextApiResponse } from 'next'; -import { jsonRes } from '@fastgpt/service/common/response'; -import { connectToDatabase } from '@/service/mongo'; import { MongoOutLink } from '@fastgpt/service/support/outLink/schema'; import type { OutLinkEditType } from '@fastgpt/global/support/outLink/type.d'; import { authOutLinkCrud } from '@fastgpt/service/support/permission/publish/authLink'; -import { ManagePermissionVal } from '@fastgpt/global/support/permission/constant'; +import { OwnerPermissionVal } from '@fastgpt/global/support/permission/constant'; +import type { ApiRequestProps } from '@fastgpt/service/type/next'; +import { NextAPI } from '@/service/middleware/entry'; +import { CommonErrEnum } from '@fastgpt/global/common/error/code/common'; -export default async function handler(req: NextApiRequest, res: NextApiResponse) { - try { - await connectToDatabase(); +export type OutLinkUpdateQuery = {}; +export type OutLinkUpdateBody = OutLinkEditType & {}; +export type OutLinkUpdateResponse = {}; - const { _id, name, responseDetail, limit } = req.body as OutLinkEditType & {}; +async function handler( + req: ApiRequestProps +): Promise { + const { _id, name, responseDetail, limit } = req.body; - if (!_id) { - throw new Error('_id is required'); - } - - await authOutLinkCrud({ req, outLinkId: _id, authToken: true, per: ManagePermissionVal }); - - await MongoOutLink.findByIdAndUpdate(_id, { - name, - responseDetail, - limit - }); - - jsonRes(res); - } catch (err) { - jsonRes(res, { - code: 500, - error: err - }); + if (!_id) { + return Promise.reject(CommonErrEnum.missingParams); } + + await authOutLinkCrud({ req, outLinkId: _id, authToken: true, per: OwnerPermissionVal }); + + await MongoOutLink.findByIdAndUpdate(_id, { + name, + responseDetail, + limit + }); + return {}; } +export default NextAPI(handler);