feat(user notifications): added the ability for users to sub to notifications and add multi email

2026-04-06 09:29:46 -05:00
parent 3ecf5fb916
commit 637de857f9
7 changed files with 207 additions and 16 deletions
--- a/backend/notification/notificationSub.delete.route.ts
+++ b/backend/notification/notificationSub.delete.route.ts
@@ -3,12 +3,12 @@ import { type Response, Router } from "express";
 import z from "zod";
 import { db } from "../db/db.controller.js";
 import { notificationSub } from "../db/schema/notifications.sub.schema.js";
+import { auth } from "../utils/auth.utils.js";
 import { apiReturn } from "../utils/returnHelper.utils.js";
 import { tryCatch } from "../utils/trycatch.utils.js";
 import { modifiedNotification } from "./notification.controller.js";

 const newSubscribe = z.object({
-	emails: z.email().array().describe("An array of emails"),
 	userId: z.string().describe("User id."),
 	notificationId: z.string().describe("Notification id"),
 });
@@ -16,14 +16,26 @@ const newSubscribe = z.object({
 const r = Router();

 r.delete("/", async (req, res: Response) => {
+	const hasPermissions = await auth.api.userHasPermission({
+		body: {
+			//userId: req?.user?.id,
+			role: req.user?.roles as any,
+			permissions: {
+				notifications: ["readAll"], // This must match the structure in your access control
+			},
+		},
+	});
+
 	try {
 		const validated = newSubscribe.parse(req.body);
+
 		const { data, error } = await tryCatch(
 			db
 				.delete(notificationSub)
 				.where(
 					and(
-						eq(notificationSub.userId, validated.userId),
+						//eq(notificationSub.userId, hasPermissions ? validated.userId : req?.user?.id ?? ""), // allows the admin to delete this
+						eq(notificationSub.userId, req?.user?.id ?? ""),
 						eq(notificationSub.notificationId, validated.notificationId),
 					),
 				)
@@ -44,6 +56,18 @@ r.delete("/", async (req, res: Response) => {
 			});
 		}

+		if (data.length <= 0) {
+			return apiReturn(res, {
+				success: false,
+				level: "info",
+				module: "notification",
+				subModule: "post",
+				message: `Subscription was not deleted invalid data sent over`,
+				data: data ?? [],
+				status: 200,
+			});
+		}
+
 		return apiReturn(res, {
 			success: true,
 			level: "info",