packages/trpc/routers/prompts.ts


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114

import { experimental_trpcMiddleware, TRPCError } from "@trpc/server";
import { and, eq } from "drizzle-orm";
import { z } from "zod";

import { customPrompts } from "@karakeep/db/schema";
import {
  zNewPromptSchema,
  zPromptSchema,
  zUpdatePromptSchema,
} from "@karakeep/shared/types/prompts";

import { authedProcedure, Context, router } from "../index";

export const ensurePromptOwnership = experimental_trpcMiddleware<{
  ctx: Context;
  input: { promptId: string };
}>().create(async (opts) => {
  const prompt = await opts.ctx.db.query.customPrompts.findFirst({
    where: eq(customPrompts.id, opts.input.promptId),
    columns: {
      userId: true,
    },
  });
  if (!opts.ctx.user) {
    throw new TRPCError({
      code: "UNAUTHORIZED",
      message: "User is not authorized",
    });
  }
  if (!prompt) {
    throw new TRPCError({
      code: "NOT_FOUND",
      message: "Prompt not found",
    });
  }
  if (prompt.userId != opts.ctx.user.id) {
    throw new TRPCError({
      code: "FORBIDDEN",
      message: "User is not allowed to access resource",
    });
  }

  return opts.next();
});

export const promptsAppRouter = router({
  create: authedProcedure
    .input(zNewPromptSchema)
    .output(zPromptSchema)
    .mutation(async ({ input, ctx }) => {
      const [prompt] = await ctx.db
        .insert(customPrompts)
        .values({
          text: input.text,
          appliesTo: input.appliesTo,
          userId: ctx.user.id,
          enabled: true,
        })
        .returning();
      return prompt;
    }),
  update: authedProcedure
    .input(zUpdatePromptSchema)
    .output(zPromptSchema)
    .use(ensurePromptOwnership)
    .mutation(async ({ input, ctx }) => {
      const res = await ctx.db
        .update(customPrompts)
        .set({
          text: input.text,
          appliesTo: input.appliesTo,
          enabled: input.enabled,
        })
        .where(
          and(
            eq(customPrompts.userId, ctx.user.id),
            eq(customPrompts.id, input.promptId),
          ),
        )
        .returning();
      if (res.length == 0) {
        throw new TRPCError({ code: "NOT_FOUND" });
      }
      return res[0];
    }),
  list: authedProcedure
    .output(z.array(zPromptSchema))
    .query(async ({ ctx }) => {
      const prompts = await ctx.db.query.customPrompts.findMany({
        where: eq(customPrompts.userId, ctx.user.id),
      });
      return prompts;
    }),
  delete: authedProcedure
    .input(
      z.object({
        promptId: z.string(),
      }),
    )
    .use(ensurePromptOwnership)
    .mutation(async ({ input, ctx }) => {
      const res = await ctx.db
        .delete(customPrompts)
        .where(
          and(
            eq(customPrompts.userId, ctx.user.id),
            eq(customPrompts.id, input.promptId),
          ),
        );
      if (res.changes == 0) {
        throw new TRPCError({ code: "NOT_FOUND" });
      }
    }),
});