@studious-lms/server 1.0.2 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -6
- package/prisma/schema.prisma +228 -0
- package/src/exportType.ts +9 -0
- package/src/index.ts +94 -0
- package/src/lib/fileUpload.ts +163 -0
- package/src/lib/googleCloudStorage.ts +94 -0
- package/src/lib/prisma.ts +16 -0
- package/src/lib/thumbnailGenerator.ts +185 -0
- package/src/logger.ts +163 -0
- package/src/middleware/auth.ts +191 -0
- package/src/middleware/logging.ts +54 -0
- package/src/routers/_app.ts +34 -0
- package/src/routers/agenda.ts +79 -0
- package/src/routers/announcement.ts +134 -0
- package/src/routers/assignment.ts +1614 -0
- package/src/routers/attendance.ts +284 -0
- package/src/routers/auth.ts +286 -0
- package/src/routers/class.ts +753 -0
- package/src/routers/event.ts +509 -0
- package/src/routers/file.ts +96 -0
- package/src/routers/section.ts +138 -0
- package/src/routers/user.ts +82 -0
- package/src/socket/handlers.ts +143 -0
- package/src/trpc.ts +90 -0
- package/src/types/trpc.ts +15 -0
- package/src/utils/email.ts +11 -0
- package/src/utils/generateInviteCode.ts +8 -0
- package/src/utils/logger.ts +156 -0
- package/tsconfig.json +17 -0
- package/generated/prisma/client.d.ts +0 -1
- package/generated/prisma/client.js +0 -4
- package/generated/prisma/default.d.ts +0 -1
- package/generated/prisma/default.js +0 -4
- package/generated/prisma/edge.d.ts +0 -1
- package/generated/prisma/edge.js +0 -389
- package/generated/prisma/index-browser.js +0 -375
- package/generated/prisma/index.d.ts +0 -34865
- package/generated/prisma/index.js +0 -410
- package/generated/prisma/libquery_engine-darwin-arm64.dylib.node +0 -0
- package/generated/prisma/package.json +0 -140
- package/generated/prisma/runtime/edge-esm.js +0 -34
- package/generated/prisma/runtime/edge.js +0 -34
- package/generated/prisma/runtime/index-browser.d.ts +0 -370
- package/generated/prisma/runtime/index-browser.js +0 -16
- package/generated/prisma/runtime/library.d.ts +0 -3647
- package/generated/prisma/runtime/library.js +0 -146
- package/generated/prisma/runtime/react-native.js +0 -83
- package/generated/prisma/runtime/wasm.js +0 -35
- package/generated/prisma/schema.prisma +0 -304
- package/generated/prisma/wasm.d.ts +0 -1
- package/generated/prisma/wasm.js +0 -375
|
@@ -0,0 +1,509 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import { createTRPCRouter, protectedProcedure } from "../trpc";
|
|
3
|
+
import { TRPCError } from "@trpc/server";
|
|
4
|
+
import { prisma } from "../lib/prisma";
|
|
5
|
+
import { parseISO } from "date-fns";
|
|
6
|
+
|
|
7
|
+
const eventSchema = z.object({
|
|
8
|
+
name: z.string().optional(),
|
|
9
|
+
location: z.string().optional(),
|
|
10
|
+
remarks: z.string().optional(),
|
|
11
|
+
startTime: z.string(),
|
|
12
|
+
endTime: z.string(),
|
|
13
|
+
classId: z.string().optional(),
|
|
14
|
+
color: z.string().optional(),
|
|
15
|
+
});
|
|
16
|
+
|
|
17
|
+
export const eventRouter = createTRPCRouter({
|
|
18
|
+
get: protectedProcedure
|
|
19
|
+
.input(z.object({
|
|
20
|
+
id: z.string(),
|
|
21
|
+
}))
|
|
22
|
+
.query(async ({ ctx, input }) => {
|
|
23
|
+
if (!ctx.user) {
|
|
24
|
+
throw new TRPCError({
|
|
25
|
+
code: "UNAUTHORIZED",
|
|
26
|
+
message: "You must be logged in to get an event",
|
|
27
|
+
});
|
|
28
|
+
}
|
|
29
|
+
|
|
30
|
+
const event = await prisma.event.findUnique({
|
|
31
|
+
where: { id: input.id },
|
|
32
|
+
include: {
|
|
33
|
+
class: true,
|
|
34
|
+
user: true,
|
|
35
|
+
assignmentsAttached: {
|
|
36
|
+
select: {
|
|
37
|
+
id: true,
|
|
38
|
+
title: true,
|
|
39
|
+
instructions: true,
|
|
40
|
+
dueDate: true,
|
|
41
|
+
type: true,
|
|
42
|
+
graded: true,
|
|
43
|
+
maxGrade: true,
|
|
44
|
+
weight: true,
|
|
45
|
+
attachments: {
|
|
46
|
+
select: {
|
|
47
|
+
id: true,
|
|
48
|
+
name: true,
|
|
49
|
+
type: true,
|
|
50
|
+
}
|
|
51
|
+
},
|
|
52
|
+
section: {
|
|
53
|
+
select: {
|
|
54
|
+
id: true,
|
|
55
|
+
name: true
|
|
56
|
+
}
|
|
57
|
+
},
|
|
58
|
+
teacher: {
|
|
59
|
+
select: {
|
|
60
|
+
id: true,
|
|
61
|
+
username: true
|
|
62
|
+
}
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
},
|
|
67
|
+
});
|
|
68
|
+
|
|
69
|
+
if (!event) {
|
|
70
|
+
throw new TRPCError({
|
|
71
|
+
code: "NOT_FOUND",
|
|
72
|
+
message: "Event not found",
|
|
73
|
+
});
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
if (event.userId !== ctx.user.id) {
|
|
77
|
+
throw new TRPCError({
|
|
78
|
+
code: "UNAUTHORIZED",
|
|
79
|
+
message: "You are not authorized to view this event",
|
|
80
|
+
});
|
|
81
|
+
}
|
|
82
|
+
|
|
83
|
+
return { event };
|
|
84
|
+
}),
|
|
85
|
+
|
|
86
|
+
create: protectedProcedure
|
|
87
|
+
.input(eventSchema)
|
|
88
|
+
.mutation(async ({ ctx, input }) => {
|
|
89
|
+
if (!ctx.user) {
|
|
90
|
+
throw new TRPCError({
|
|
91
|
+
code: "UNAUTHORIZED",
|
|
92
|
+
message: "You must be logged in to create an event",
|
|
93
|
+
});
|
|
94
|
+
}
|
|
95
|
+
|
|
96
|
+
// If classId is provided, check if user is a teacher of the class
|
|
97
|
+
if (input.classId) {
|
|
98
|
+
const classData = await prisma.class.findUnique({
|
|
99
|
+
where: {
|
|
100
|
+
id: input.classId,
|
|
101
|
+
teachers: {
|
|
102
|
+
some: {
|
|
103
|
+
id: ctx.user.id,
|
|
104
|
+
},
|
|
105
|
+
},
|
|
106
|
+
},
|
|
107
|
+
});
|
|
108
|
+
|
|
109
|
+
if (!classData) {
|
|
110
|
+
throw new TRPCError({
|
|
111
|
+
code: "UNAUTHORIZED",
|
|
112
|
+
message: "You are not authorized to create events for this class",
|
|
113
|
+
});
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
|
|
117
|
+
const event = await prisma.event.create({
|
|
118
|
+
data: {
|
|
119
|
+
name: input.name,
|
|
120
|
+
location: input.location,
|
|
121
|
+
remarks: input.remarks,
|
|
122
|
+
startTime: parseISO(input.startTime),
|
|
123
|
+
endTime: parseISO(input.endTime),
|
|
124
|
+
userId: ctx.user.id,
|
|
125
|
+
color: input.color,
|
|
126
|
+
...(input.classId ? { classId: input.classId } : {}),
|
|
127
|
+
},
|
|
128
|
+
select: {
|
|
129
|
+
id: true,
|
|
130
|
+
name: true,
|
|
131
|
+
location: true,
|
|
132
|
+
remarks: true,
|
|
133
|
+
startTime: true,
|
|
134
|
+
endTime: true,
|
|
135
|
+
color: true,
|
|
136
|
+
classId: true,
|
|
137
|
+
userId: true,
|
|
138
|
+
class: {
|
|
139
|
+
select: {
|
|
140
|
+
id: true,
|
|
141
|
+
name: true
|
|
142
|
+
}
|
|
143
|
+
},
|
|
144
|
+
}
|
|
145
|
+
});
|
|
146
|
+
|
|
147
|
+
return { event };
|
|
148
|
+
}),
|
|
149
|
+
|
|
150
|
+
update: protectedProcedure
|
|
151
|
+
.input(z.object({
|
|
152
|
+
id: z.string(),
|
|
153
|
+
data: eventSchema,
|
|
154
|
+
}))
|
|
155
|
+
.mutation(async ({ ctx, input }) => {
|
|
156
|
+
if (!ctx.user) {
|
|
157
|
+
throw new TRPCError({
|
|
158
|
+
code: "UNAUTHORIZED",
|
|
159
|
+
message: "You must be logged in to update an event",
|
|
160
|
+
});
|
|
161
|
+
}
|
|
162
|
+
|
|
163
|
+
const event = await prisma.event.findUnique({
|
|
164
|
+
where: { id: input.id },
|
|
165
|
+
});
|
|
166
|
+
|
|
167
|
+
if (!event) {
|
|
168
|
+
throw new TRPCError({
|
|
169
|
+
code: "NOT_FOUND",
|
|
170
|
+
message: "Event not found",
|
|
171
|
+
});
|
|
172
|
+
}
|
|
173
|
+
|
|
174
|
+
if (event.userId !== ctx.user.id) {
|
|
175
|
+
throw new TRPCError({
|
|
176
|
+
code: "UNAUTHORIZED",
|
|
177
|
+
message: "You are not authorized to update this event",
|
|
178
|
+
});
|
|
179
|
+
}
|
|
180
|
+
|
|
181
|
+
const updatedEvent = await prisma.event.update({
|
|
182
|
+
where: { id: input.id },
|
|
183
|
+
data: {
|
|
184
|
+
name: input.data.name,
|
|
185
|
+
location: input.data.location,
|
|
186
|
+
remarks: input.data.remarks,
|
|
187
|
+
startTime: parseISO(input.data.startTime),
|
|
188
|
+
endTime: parseISO(input.data.endTime),
|
|
189
|
+
color: input.data.color,
|
|
190
|
+
...(input.data.classId ? { classId: input.data.classId } : {}),
|
|
191
|
+
},
|
|
192
|
+
});
|
|
193
|
+
|
|
194
|
+
return { event: updatedEvent };
|
|
195
|
+
}),
|
|
196
|
+
|
|
197
|
+
delete: protectedProcedure
|
|
198
|
+
.input(z.object({
|
|
199
|
+
id: z.string(),
|
|
200
|
+
}))
|
|
201
|
+
.mutation(async ({ ctx, input }) => {
|
|
202
|
+
if (!ctx.user) {
|
|
203
|
+
throw new TRPCError({
|
|
204
|
+
code: "UNAUTHORIZED",
|
|
205
|
+
message: "You must be logged in to delete an event",
|
|
206
|
+
});
|
|
207
|
+
}
|
|
208
|
+
|
|
209
|
+
const event = await prisma.event.findUnique({
|
|
210
|
+
where: { id: input.id },
|
|
211
|
+
});
|
|
212
|
+
|
|
213
|
+
if (!event) {
|
|
214
|
+
throw new TRPCError({
|
|
215
|
+
code: "NOT_FOUND",
|
|
216
|
+
message: "Event not found",
|
|
217
|
+
});
|
|
218
|
+
}
|
|
219
|
+
|
|
220
|
+
if (event.userId !== ctx.user.id) {
|
|
221
|
+
throw new TRPCError({
|
|
222
|
+
code: "UNAUTHORIZED",
|
|
223
|
+
message: "You are not authorized to delete this event",
|
|
224
|
+
});
|
|
225
|
+
}
|
|
226
|
+
|
|
227
|
+
await prisma.event.delete({
|
|
228
|
+
where: { id: input.id },
|
|
229
|
+
});
|
|
230
|
+
|
|
231
|
+
return { success: true };
|
|
232
|
+
}),
|
|
233
|
+
|
|
234
|
+
attachAssignment: protectedProcedure
|
|
235
|
+
.input(z.object({
|
|
236
|
+
eventId: z.string(),
|
|
237
|
+
assignmentId: z.string(),
|
|
238
|
+
}))
|
|
239
|
+
.mutation(async ({ ctx, input }) => {
|
|
240
|
+
if (!ctx.user || !ctx.user.id) {
|
|
241
|
+
throw new TRPCError({
|
|
242
|
+
code: "UNAUTHORIZED",
|
|
243
|
+
message: "You must be logged in to attach an assignment",
|
|
244
|
+
});
|
|
245
|
+
}
|
|
246
|
+
|
|
247
|
+
// Check if user owns the event
|
|
248
|
+
const event = await prisma.event.findUnique({
|
|
249
|
+
where: { id: input.eventId },
|
|
250
|
+
include: {
|
|
251
|
+
class: {
|
|
252
|
+
include: {
|
|
253
|
+
teachers: {
|
|
254
|
+
select: { id: true }
|
|
255
|
+
}
|
|
256
|
+
}
|
|
257
|
+
}
|
|
258
|
+
}
|
|
259
|
+
});
|
|
260
|
+
|
|
261
|
+
if (!event) {
|
|
262
|
+
throw new TRPCError({
|
|
263
|
+
code: "NOT_FOUND",
|
|
264
|
+
message: "Event not found",
|
|
265
|
+
});
|
|
266
|
+
}
|
|
267
|
+
|
|
268
|
+
// Check if user is the event owner or a teacher of the class
|
|
269
|
+
if (event.userId !== ctx.user.id &&
|
|
270
|
+
!event.class?.teachers.some(teacher => teacher.id === ctx.user!.id)) {
|
|
271
|
+
throw new TRPCError({
|
|
272
|
+
code: "UNAUTHORIZED",
|
|
273
|
+
message: "You are not authorized to modify this event",
|
|
274
|
+
});
|
|
275
|
+
}
|
|
276
|
+
|
|
277
|
+
// Check if assignment exists and belongs to the same class
|
|
278
|
+
const assignment = await prisma.assignment.findUnique({
|
|
279
|
+
where: { id: input.assignmentId },
|
|
280
|
+
include: {
|
|
281
|
+
class: {
|
|
282
|
+
include: {
|
|
283
|
+
teachers: {
|
|
284
|
+
select: { id: true }
|
|
285
|
+
}
|
|
286
|
+
}
|
|
287
|
+
}
|
|
288
|
+
}
|
|
289
|
+
});
|
|
290
|
+
|
|
291
|
+
if (!assignment) {
|
|
292
|
+
throw new TRPCError({
|
|
293
|
+
code: "NOT_FOUND",
|
|
294
|
+
message: "Assignment not found",
|
|
295
|
+
});
|
|
296
|
+
}
|
|
297
|
+
|
|
298
|
+
// Check if user is a teacher of the assignment's class
|
|
299
|
+
if (!assignment.class.teachers.some(teacher => teacher.id === ctx.user!.id)) {
|
|
300
|
+
throw new TRPCError({
|
|
301
|
+
code: "UNAUTHORIZED",
|
|
302
|
+
message: "You are not authorized to modify this assignment",
|
|
303
|
+
});
|
|
304
|
+
}
|
|
305
|
+
|
|
306
|
+
// Check if event and assignment belong to the same class
|
|
307
|
+
if (event.classId !== assignment.classId) {
|
|
308
|
+
throw new TRPCError({
|
|
309
|
+
code: "BAD_REQUEST",
|
|
310
|
+
message: "Event and assignment must belong to the same class",
|
|
311
|
+
});
|
|
312
|
+
}
|
|
313
|
+
|
|
314
|
+
// Attach assignment to event
|
|
315
|
+
const updatedAssignment = await prisma.assignment.update({
|
|
316
|
+
where: { id: input.assignmentId },
|
|
317
|
+
data: {
|
|
318
|
+
eventAttached: {
|
|
319
|
+
connect: { id: input.eventId }
|
|
320
|
+
}
|
|
321
|
+
},
|
|
322
|
+
include: {
|
|
323
|
+
attachments: {
|
|
324
|
+
select: {
|
|
325
|
+
id: true,
|
|
326
|
+
name: true,
|
|
327
|
+
type: true,
|
|
328
|
+
}
|
|
329
|
+
},
|
|
330
|
+
section: {
|
|
331
|
+
select: {
|
|
332
|
+
id: true,
|
|
333
|
+
name: true
|
|
334
|
+
}
|
|
335
|
+
},
|
|
336
|
+
teacher: {
|
|
337
|
+
select: {
|
|
338
|
+
id: true,
|
|
339
|
+
username: true
|
|
340
|
+
}
|
|
341
|
+
}
|
|
342
|
+
}
|
|
343
|
+
});
|
|
344
|
+
|
|
345
|
+
return { assignment: updatedAssignment };
|
|
346
|
+
}),
|
|
347
|
+
|
|
348
|
+
detachAssignment: protectedProcedure
|
|
349
|
+
.input(z.object({
|
|
350
|
+
eventId: z.string(),
|
|
351
|
+
assignmentId: z.string(),
|
|
352
|
+
}))
|
|
353
|
+
.mutation(async ({ ctx, input }) => {
|
|
354
|
+
if (!ctx.user) {
|
|
355
|
+
throw new TRPCError({
|
|
356
|
+
code: "UNAUTHORIZED",
|
|
357
|
+
message: "You must be logged in to detach an assignment",
|
|
358
|
+
});
|
|
359
|
+
}
|
|
360
|
+
|
|
361
|
+
// Check if user owns the event
|
|
362
|
+
const event = await prisma.event.findUnique({
|
|
363
|
+
where: { id: input.eventId },
|
|
364
|
+
include: {
|
|
365
|
+
class: {
|
|
366
|
+
include: {
|
|
367
|
+
teachers: {
|
|
368
|
+
select: { id: true }
|
|
369
|
+
}
|
|
370
|
+
}
|
|
371
|
+
}
|
|
372
|
+
}
|
|
373
|
+
});
|
|
374
|
+
|
|
375
|
+
if (!event) {
|
|
376
|
+
throw new TRPCError({
|
|
377
|
+
code: "NOT_FOUND",
|
|
378
|
+
message: "Event not found",
|
|
379
|
+
});
|
|
380
|
+
}
|
|
381
|
+
|
|
382
|
+
// Check if user is the event owner or a teacher of the class
|
|
383
|
+
if (event.userId !== ctx.user.id &&
|
|
384
|
+
!event.class?.teachers.some(teacher => teacher.id === ctx.user!.id)) {
|
|
385
|
+
throw new TRPCError({
|
|
386
|
+
code: "UNAUTHORIZED",
|
|
387
|
+
message: "You are not authorized to modify this event",
|
|
388
|
+
});
|
|
389
|
+
}
|
|
390
|
+
|
|
391
|
+
// Detach assignment from event
|
|
392
|
+
const updatedAssignment = await prisma.assignment.update({
|
|
393
|
+
where: { id: input.assignmentId },
|
|
394
|
+
data: {
|
|
395
|
+
eventAttached: {
|
|
396
|
+
disconnect: true
|
|
397
|
+
}
|
|
398
|
+
},
|
|
399
|
+
include: {
|
|
400
|
+
attachments: {
|
|
401
|
+
select: {
|
|
402
|
+
id: true,
|
|
403
|
+
name: true,
|
|
404
|
+
type: true,
|
|
405
|
+
}
|
|
406
|
+
},
|
|
407
|
+
section: {
|
|
408
|
+
select: {
|
|
409
|
+
id: true,
|
|
410
|
+
name: true
|
|
411
|
+
}
|
|
412
|
+
},
|
|
413
|
+
teacher: {
|
|
414
|
+
select: {
|
|
415
|
+
id: true,
|
|
416
|
+
username: true
|
|
417
|
+
}
|
|
418
|
+
}
|
|
419
|
+
}
|
|
420
|
+
});
|
|
421
|
+
|
|
422
|
+
return { assignment: updatedAssignment };
|
|
423
|
+
}),
|
|
424
|
+
|
|
425
|
+
getAvailableAssignments: protectedProcedure
|
|
426
|
+
.input(z.object({
|
|
427
|
+
eventId: z.string(),
|
|
428
|
+
}))
|
|
429
|
+
.query(async ({ ctx, input }) => {
|
|
430
|
+
if (!ctx.user) {
|
|
431
|
+
throw new TRPCError({
|
|
432
|
+
code: "UNAUTHORIZED",
|
|
433
|
+
message: "You must be logged in to get available assignments",
|
|
434
|
+
});
|
|
435
|
+
}
|
|
436
|
+
|
|
437
|
+
// Get the event to find the class
|
|
438
|
+
const event = await prisma.event.findUnique({
|
|
439
|
+
where: { id: input.eventId },
|
|
440
|
+
include: {
|
|
441
|
+
class: {
|
|
442
|
+
include: {
|
|
443
|
+
teachers: {
|
|
444
|
+
select: { id: true }
|
|
445
|
+
}
|
|
446
|
+
}
|
|
447
|
+
}
|
|
448
|
+
}
|
|
449
|
+
});
|
|
450
|
+
|
|
451
|
+
if (!event || !event.classId) {
|
|
452
|
+
throw new TRPCError({
|
|
453
|
+
code: "NOT_FOUND",
|
|
454
|
+
message: "Event not found",
|
|
455
|
+
});
|
|
456
|
+
}
|
|
457
|
+
|
|
458
|
+
// Check if user is authorized to access this event/class
|
|
459
|
+
if (event.userId !== ctx.user.id &&
|
|
460
|
+
!event.class?.teachers.some(teacher => teacher.id === ctx.user!.id)) {
|
|
461
|
+
throw new TRPCError({
|
|
462
|
+
code: "UNAUTHORIZED",
|
|
463
|
+
message: "You are not authorized to access this event",
|
|
464
|
+
});
|
|
465
|
+
}
|
|
466
|
+
|
|
467
|
+
// Get all assignments for the class that are not already attached to an event
|
|
468
|
+
const assignments = await prisma.assignment.findMany({
|
|
469
|
+
where: {
|
|
470
|
+
classId: event.classId,
|
|
471
|
+
eventId: null, // Not already attached to any event
|
|
472
|
+
},
|
|
473
|
+
select: {
|
|
474
|
+
id: true,
|
|
475
|
+
title: true,
|
|
476
|
+
instructions: true,
|
|
477
|
+
dueDate: true,
|
|
478
|
+
type: true,
|
|
479
|
+
graded: true,
|
|
480
|
+
maxGrade: true,
|
|
481
|
+
weight: true,
|
|
482
|
+
section: {
|
|
483
|
+
select: {
|
|
484
|
+
id: true,
|
|
485
|
+
name: true
|
|
486
|
+
}
|
|
487
|
+
},
|
|
488
|
+
attachments: {
|
|
489
|
+
select: {
|
|
490
|
+
id: true,
|
|
491
|
+
name: true,
|
|
492
|
+
type: true,
|
|
493
|
+
}
|
|
494
|
+
},
|
|
495
|
+
teacher: {
|
|
496
|
+
select: {
|
|
497
|
+
id: true,
|
|
498
|
+
username: true
|
|
499
|
+
}
|
|
500
|
+
}
|
|
501
|
+
},
|
|
502
|
+
orderBy: {
|
|
503
|
+
createdAt: 'desc'
|
|
504
|
+
}
|
|
505
|
+
});
|
|
506
|
+
|
|
507
|
+
return { assignments };
|
|
508
|
+
}),
|
|
509
|
+
});
|
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import { createTRPCRouter, protectedProcedure } from "../trpc";
|
|
3
|
+
import { TRPCError } from "@trpc/server";
|
|
4
|
+
import { getSignedUrl } from "../lib/googleCloudStorage";
|
|
5
|
+
import type { User } from "@prisma/client";
|
|
6
|
+
import { prisma } from "../lib/prisma";
|
|
7
|
+
|
|
8
|
+
export const fileRouter = createTRPCRouter({
|
|
9
|
+
getSignedUrl: protectedProcedure
|
|
10
|
+
.input(z.object({
|
|
11
|
+
fileId: z.string(),
|
|
12
|
+
}))
|
|
13
|
+
.mutation(async ({ ctx, input }) => {
|
|
14
|
+
const { fileId } = input;
|
|
15
|
+
const userId = ctx.user?.id;
|
|
16
|
+
|
|
17
|
+
if (!userId) {
|
|
18
|
+
throw new TRPCError({
|
|
19
|
+
code: "UNAUTHORIZED",
|
|
20
|
+
message: "You must be logged in to access files",
|
|
21
|
+
});
|
|
22
|
+
}
|
|
23
|
+
|
|
24
|
+
// Get file metadata from database
|
|
25
|
+
const file = await prisma.file.findUnique({
|
|
26
|
+
where: { id: fileId },
|
|
27
|
+
include: {
|
|
28
|
+
assignment: {
|
|
29
|
+
include: {
|
|
30
|
+
class: {
|
|
31
|
+
include: {
|
|
32
|
+
students: true,
|
|
33
|
+
teachers: true
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
},
|
|
38
|
+
submission: {
|
|
39
|
+
include: {
|
|
40
|
+
student: true,
|
|
41
|
+
assignment: {
|
|
42
|
+
include: {
|
|
43
|
+
class: {
|
|
44
|
+
include: {
|
|
45
|
+
teachers: true
|
|
46
|
+
}
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
}
|
|
53
|
+
});
|
|
54
|
+
|
|
55
|
+
if (!file) {
|
|
56
|
+
throw new TRPCError({
|
|
57
|
+
code: "NOT_FOUND",
|
|
58
|
+
message: "File does not exist",
|
|
59
|
+
});
|
|
60
|
+
}
|
|
61
|
+
|
|
62
|
+
// Check if user has access to the file
|
|
63
|
+
const hasAccess =
|
|
64
|
+
// File owner
|
|
65
|
+
file.userId === userId ||
|
|
66
|
+
// Assignment file - student in class or teacher
|
|
67
|
+
(file.assignment && (
|
|
68
|
+
file.assignment.class.students.some((s: User) => s.id === userId) ||
|
|
69
|
+
file.assignment.class.teachers.some((t: User) => t.id === userId)
|
|
70
|
+
)) ||
|
|
71
|
+
// Submission file - student who submitted or teacher of class
|
|
72
|
+
(file.submission && (
|
|
73
|
+
file.submission.student.id === userId ||
|
|
74
|
+
file.submission.assignment.class.teachers.some((t: User) => t.id === userId)
|
|
75
|
+
));
|
|
76
|
+
|
|
77
|
+
if (!hasAccess) {
|
|
78
|
+
throw new TRPCError({
|
|
79
|
+
code: "FORBIDDEN",
|
|
80
|
+
message: "You do not have access to this file",
|
|
81
|
+
});
|
|
82
|
+
}
|
|
83
|
+
|
|
84
|
+
try {
|
|
85
|
+
// Generate a signed URL with short expiration
|
|
86
|
+
const signedUrl = await getSignedUrl(file.path);
|
|
87
|
+
return { signedUrl };
|
|
88
|
+
} catch (error) {
|
|
89
|
+
console.error('Error generating signed URL:', error);
|
|
90
|
+
throw new TRPCError({
|
|
91
|
+
code: "INTERNAL_SERVER_ERROR",
|
|
92
|
+
message: "Failed to generate signed URL",
|
|
93
|
+
});
|
|
94
|
+
}
|
|
95
|
+
}),
|
|
96
|
+
});
|