2023-10-23 14:24:22 -05:00
|
|
|
import { prisma } from "@/lib/api/db";
|
|
|
|
|
import bcrypt from "bcrypt";
|
|
|
|
|
import removeFolder from "@/lib/api/storage/removeFolder";
|
|
|
|
|
import Stripe from "stripe";
|
2023-10-24 14:57:37 -05:00
|
|
|
import { DeleteUserBody } from "@/types/global";
|
|
|
|
|
import removeFile from "@/lib/api/storage/removeFile";
|
2024-10-29 17:08:47 -05:00
|
|
|
import updateSeats from "@/lib/api/stripe/updateSeats";
|
2023-10-23 14:24:22 -05:00
|
|
|
|
|
|
|
|
export default async function deleteUserById(
|
|
|
|
|
userId: number,
|
2024-05-02 08:17:56 -05:00
|
|
|
body: DeleteUserBody,
|
2024-10-29 17:08:47 -05:00
|
|
|
isServerAdmin: boolean,
|
|
|
|
|
queryId: number
|
2023-10-23 14:24:22 -05:00
|
|
|
) {
|
|
|
|
|
const user = await prisma.user.findUnique({
|
|
|
|
|
where: { id: userId },
|
2024-10-29 17:08:47 -05:00
|
|
|
include: {
|
2024-10-30 15:47:40 -05:00
|
|
|
subscriptions: {
|
|
|
|
|
include: {
|
|
|
|
|
user: true,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
parentSubscription: {
|
|
|
|
|
include: {
|
|
|
|
|
user: true,
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-10-29 17:08:47 -05:00
|
|
|
},
|
2023-10-23 14:24:22 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (!user) {
|
|
|
|
|
return {
|
2023-10-24 14:57:37 -05:00
|
|
|
response: "Invalid credentials.",
|
2023-10-23 14:24:22 -05:00
|
|
|
status: 404,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2024-05-12 21:28:34 -05:00
|
|
|
if (!isServerAdmin) {
|
2024-10-29 17:08:47 -05:00
|
|
|
if (queryId === userId) {
|
|
|
|
|
if (user.password) {
|
|
|
|
|
const isPasswordValid = bcrypt.compareSync(
|
|
|
|
|
body.password,
|
|
|
|
|
user.password
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (!isPasswordValid && !isServerAdmin) {
|
|
|
|
|
return {
|
|
|
|
|
response: "Invalid credentials.",
|
|
|
|
|
status: 401,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2024-05-12 21:28:34 -05:00
|
|
|
return {
|
2024-10-29 17:08:47 -05:00
|
|
|
response:
|
|
|
|
|
"User has no password. Please reset your password from the forgot password page.",
|
|
|
|
|
status: 401,
|
2024-05-12 21:28:34 -05:00
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2024-10-29 17:08:47 -05:00
|
|
|
if (user.parentSubscriptionId) {
|
|
|
|
|
console.log(userId, user.parentSubscriptionId);
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
response: "Permission denied.",
|
|
|
|
|
status: 401,
|
|
|
|
|
};
|
|
|
|
|
} else {
|
|
|
|
|
if (!user.subscriptions) {
|
|
|
|
|
return {
|
|
|
|
|
response: "User has no subscription.",
|
|
|
|
|
status: 401,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const findChild = await prisma.user.findFirst({
|
|
|
|
|
where: { id: queryId, parentSubscriptionId: user.subscriptions?.id },
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (!findChild)
|
|
|
|
|
return {
|
|
|
|
|
response: "Permission denied.",
|
|
|
|
|
status: 401,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const removeUser = await prisma.user.update({
|
|
|
|
|
where: { id: findChild.id },
|
|
|
|
|
data: {
|
|
|
|
|
parentSubscription: {
|
|
|
|
|
disconnect: true,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
select: {
|
|
|
|
|
id: true,
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
await updateSeats(
|
|
|
|
|
user.subscriptions.stripeSubscriptionId,
|
|
|
|
|
user.subscriptions.quantity - 1
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
response: removeUser,
|
|
|
|
|
status: 200,
|
|
|
|
|
};
|
|
|
|
|
}
|
2023-11-19 07:56:03 -06:00
|
|
|
}
|
2023-10-23 14:24:22 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Delete the user and all related data within a transaction
|
2023-11-07 07:03:35 -06:00
|
|
|
await prisma
|
|
|
|
|
.$transaction(
|
|
|
|
|
async (prisma) => {
|
2024-05-02 08:17:56 -05:00
|
|
|
// Delete Access Tokens
|
|
|
|
|
await prisma.accessToken.deleteMany({
|
2024-10-29 17:08:47 -05:00
|
|
|
where: { userId: queryId },
|
2024-05-02 08:17:56 -05:00
|
|
|
});
|
|
|
|
|
|
2023-11-07 07:03:35 -06:00
|
|
|
// Delete whitelisted users
|
|
|
|
|
await prisma.whitelistedUser.deleteMany({
|
2024-10-29 17:08:47 -05:00
|
|
|
where: { userId: queryId },
|
2023-11-07 07:03:35 -06:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Delete links
|
|
|
|
|
await prisma.link.deleteMany({
|
2024-10-29 17:08:47 -05:00
|
|
|
where: { collection: { ownerId: queryId } },
|
2023-11-07 07:03:35 -06:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Delete tags
|
|
|
|
|
await prisma.tag.deleteMany({
|
2024-10-29 17:08:47 -05:00
|
|
|
where: { ownerId: queryId },
|
2023-11-07 07:03:35 -06:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Find collections that the user owns
|
|
|
|
|
const collections = await prisma.collection.findMany({
|
2024-10-29 17:08:47 -05:00
|
|
|
where: { ownerId: queryId },
|
2023-11-07 07:03:35 -06:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
for (const collection of collections) {
|
|
|
|
|
// Delete related users and collections relations
|
|
|
|
|
await prisma.usersAndCollections.deleteMany({
|
|
|
|
|
where: { collectionId: collection.id },
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Delete archive folders
|
2024-06-28 08:39:31 -05:00
|
|
|
await removeFolder({ filePath: `archives/${collection.id}` });
|
2024-04-08 18:35:06 -05:00
|
|
|
|
|
|
|
|
await removeFolder({
|
|
|
|
|
filePath: `archives/preview/${collection.id}`,
|
|
|
|
|
});
|
2023-11-07 07:03:35 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Delete collections after cleaning up related data
|
|
|
|
|
await prisma.collection.deleteMany({
|
2024-10-29 17:08:47 -05:00
|
|
|
where: { ownerId: queryId },
|
2023-11-07 07:03:35 -06:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Delete subscription
|
|
|
|
|
if (process.env.STRIPE_SECRET_KEY)
|
2024-05-24 16:12:47 -05:00
|
|
|
await prisma.subscription
|
|
|
|
|
.delete({
|
2024-10-29 17:08:47 -05:00
|
|
|
where: { userId: queryId },
|
2024-05-24 16:12:47 -05:00
|
|
|
})
|
|
|
|
|
.catch((err) => console.log(err));
|
2023-11-07 07:03:35 -06:00
|
|
|
|
2023-12-20 01:49:07 -06:00
|
|
|
await prisma.usersAndCollections.deleteMany({
|
|
|
|
|
where: {
|
2024-10-29 17:08:47 -05:00
|
|
|
OR: [{ userId: queryId }, { collection: { ownerId: queryId } }],
|
2023-12-20 01:49:07 -06:00
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
2023-11-07 07:03:35 -06:00
|
|
|
// Delete user's avatar
|
2024-10-29 17:08:47 -05:00
|
|
|
await removeFile({ filePath: `uploads/avatar/${queryId}.jpg` });
|
2023-11-07 07:03:35 -06:00
|
|
|
|
|
|
|
|
// Finally, delete the user
|
|
|
|
|
await prisma.user.delete({
|
2024-10-29 17:08:47 -05:00
|
|
|
where: { id: queryId },
|
2023-11-07 07:03:35 -06:00
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
{ timeout: 20000 }
|
|
|
|
|
)
|
|
|
|
|
.catch((err) => console.log(err));
|
2023-10-23 14:24:22 -05:00
|
|
|
|
|
|
|
|
if (process.env.STRIPE_SECRET_KEY) {
|
|
|
|
|
const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
|
|
|
|
|
apiVersion: "2022-11-15",
|
|
|
|
|
});
|
|
|
|
|
|
2023-10-24 14:57:37 -05:00
|
|
|
try {
|
2024-10-30 15:47:40 -05:00
|
|
|
if (user.subscriptions?.id) {
|
|
|
|
|
const listByEmail = await stripe.customers.list({
|
|
|
|
|
email: user.email?.toLowerCase(),
|
|
|
|
|
expand: ["data.subscriptions"],
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (listByEmail.data[0].subscriptions?.data[0].id) {
|
|
|
|
|
const deleted = await stripe.subscriptions.cancel(
|
|
|
|
|
listByEmail.data[0].subscriptions?.data[0].id,
|
|
|
|
|
{
|
|
|
|
|
cancellation_details: {
|
|
|
|
|
comment: body.cancellation_details?.comment,
|
|
|
|
|
feedback: body.cancellation_details?.feedback,
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
response: deleted,
|
|
|
|
|
status: 200,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
} else if (user.parentSubscription?.id) {
|
|
|
|
|
await updateSeats(
|
|
|
|
|
user.parentSubscription.stripeSubscriptionId,
|
|
|
|
|
user.parentSubscription.quantity - 1
|
2023-10-24 14:57:37 -05:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return {
|
2024-10-30 15:47:40 -05:00
|
|
|
response: "User account and all related data deleted successfully.",
|
2023-10-24 14:57:37 -05:00
|
|
|
status: 200,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
} catch (err) {
|
|
|
|
|
console.log(err);
|
2023-10-23 14:24:22 -05:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
response: "User account and all related data deleted successfully.",
|
|
|
|
|
status: 200,
|
|
|
|
|
};
|
|
|
|
|
}
|
