insights/frontend/server/api/collection/community/index.post.ts at 958e7025b596754dd83451ad8b0c3434c51cb2e5 · linuxfoundation/insights · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
// Copyright (c) 2025 The Linux Foundation and each contributor.
// SPDX-License-Identifier: MIT
import type { Pool } from 'pg';
import {
  CommunityCollectionRepository,
  type CommunityCollection,
  type CreateCommunityCollectionInput,
} from '~~/server/repo/communityCollection.repo';
import { InsightsSsoUserRepository } from '~~/server/repo/insightsSsoUser.repo';
import type { DecodedOidcToken } from '~~/types/auth/auth-jwt.types';
import { getAuthUsername } from '~~/server/utils/common';

/**
 * API Endpoint: POST /api/collection/community
 * Description: Creates a new community collection for the authenticated user.
 *
 * Request Body:
 * - name (string, required): Collection name
 * - description (string, optional): Collection description
 * - isPrivate (boolean, optional): Whether the collection is private (default: false)
 * - projects (string[], optional): List of project IDs
 *
 * Response:
 * - 201: Created collection
 * - 400: Validation error
 * - 401: Unauthorized
 * - 500: Internal Server Error
 */
export default defineEventHandler(async (event): Promise<CommunityCollection | Error> => {
  const user = event.context.user as DecodedOidcToken | undefined;

  if (!user?.sub) {
    throw createError({ statusCode: 401, statusMessage: 'Unauthorized' });
  }

  const body = await readBody<Partial<CreateCommunityCollectionInput>>(event);

  if (!body?.name?.trim()) {
    throw createError({ statusCode: 400, statusMessage: 'Name is required' });
  }

  const cmDbPool = event.context.cmDbPool as Pool | undefined;

  if (!cmDbPool) {
    throw createError({ statusCode: 503, statusMessage: 'Database not available' });
  }

  try {
    // Derive username from Auth0 sub (e.g. "auth0|abc123" -> "abc123")
    const username = getAuthUsername(user.sub);

    // Upsert SSO user
    const ssoUserRepo = new InsightsSsoUserRepository(cmDbPool);
    const ssoUser = await ssoUserRepo.upsert({
      id: user.sub,
      displayName: user.name,
      avatarUrl: user.picture,
      email: user.email,
      username,
    });

    const repo = new CommunityCollectionRepository(cmDbPool);
    const collection = await repo.create({
      name: body.name.trim(),
      description: body.description?.trim(),
      isPrivate: body.isPrivate,
      ssoUserId: ssoUser.id,
      projects: body.projects,
    });

    setResponseStatus(event, 201);
    return collection;
  } catch (error: unknown) {
    if (error && typeof error === 'object' && 'statusCode' in error) {
      throw error;
    }
    console.error('Error creating community collection:', error);
    throw createError({ statusCode: 500, statusMessage: 'Internal Server Error' });
  }
});