Revert "undo commit"

This reverts commit 9103f67db5.

lib/api/controllers/users/userId/updateUserById.ts

@@ -6,27 +6,42 @@ import createFile from "@/lib/api/storage/createFile";
 import createFolder from "@/lib/api/storage/createFolder";
 import sendChangeEmailVerificationRequest from "@/lib/api/sendChangeEmailVerificationRequest";
 import { i18n } from "next-i18next.config";
-import { UpdateUserSchema } from "@/lib/shared/schemaValidation";
 
 const emailEnabled =
   process.env.EMAIL_FROM && process.env.EMAIL_SERVER ? true : false;
 
 export default async function updateUserById(
   userId: number,
-  body: AccountSettings
+  data: AccountSettings
 ) {
-  const dataValidation = UpdateUserSchema().safeParse(body);
-
-  if (!dataValidation.success) {
+  if (emailEnabled && !data.email)
     return {
-      response: `Error: ${
-        dataValidation.error.issues[0].message
-      } [${dataValidation.error.issues[0].path.join(", ")}]`,
+      response: "Email invalid.",
+      status: 400,
+    };
+  else if (!data.username)
+    return {
+      response: "Username invalid.",
       status: 400,
     };
-  }
 
-  const data = dataValidation.data;
+  // Check email (if enabled)
+  const checkEmail =
+    /^(([^<>()[\]\.,;:\s@\"]+(\.[^<>()[\]\.,;:\s@\"]+)*)|(\".+\"))@(([^<>()[\]\.,;:\s@\"]+\.)+[^<>()[\]\.,;:\s@\"]{2,})$/i;
+  if (emailEnabled && !checkEmail.test(data.email?.toLowerCase() || ""))
+    return {
+      response: "Please enter a valid email.",
+      status: 400,
+    };
+
+  const checkUsername = RegExp("^[a-z0-9_-]{3,31}$");
+
+  if (!checkUsername.test(data.username.toLowerCase()))
+    return {
+      response:
+        "Username has to be between 3-30 characters, no spaces and special characters are allowed.",
+      status: 400,
+    };
 
   const userIsTaken = await prisma.user.findFirst({
     where: {
@@ -101,6 +116,7 @@ export default async function updateUserById(
 
   const user = await prisma.user.findUnique({
     where: { id: userId },
+    select: { email: true, password: true },
   });
 
   if (user && user.email && data.email && data.email !== user.email) {
@@ -132,7 +148,7 @@ export default async function updateUserById(
     sendChangeEmailVerificationRequest(
       user.email,
       data.email,
-      data.name?.trim() || user.name || "Linkwarden User"
+      data.name.trim()
     );
   }
 
@@ -169,28 +185,16 @@ export default async function updateUserById(
 
   // Other settings / Apply changes
 
-  const isInvited =
-    user?.name === null && user.parentSubscriptionId && !user.password;
-
-  if (isInvited && data.password === "")
-    return {
-      response: "Password is required.",
-      status: 400,
-    };
-
   const saltRounds = 10;
-  const newHashedPassword = bcrypt.hashSync(
-    data.newPassword || data.password || "",
-    saltRounds
-  );
+  const newHashedPassword = bcrypt.hashSync(data.newPassword || "", saltRounds);
 
   const updatedUser = await prisma.user.update({
     where: {
       id: userId,
     },
     data: {
-      name: data.name,
-      username: data.username,
+      name: data.name.trim(),
+      username: data.username?.toLowerCase().trim(),
       isPrivate: data.isPrivate,
       image:
         data.image && data.image.startsWith("http")
@@ -198,10 +202,10 @@ export default async function updateUserById(
           : data.image
             ? `uploads/avatar/${userId}.jpg`
             : "",
-      collectionOrder: data.collectionOrder?.filter(
+      collectionOrder: data.collectionOrder.filter(
         (value, index, self) => self.indexOf(value) === index
       ),
-      locale: i18n.locales.includes(data.locale || "") ? data.locale : "en",
+      locale: i18n.locales.includes(data.locale) ? data.locale : "en",
       archiveAsScreenshot: data.archiveAsScreenshot,
       archiveAsMonolith: data.archiveAsMonolith,
       archiveAsPDF: data.archiveAsPDF,
@@ -209,28 +213,18 @@ export default async function updateUserById(
       linksRouteTo: data.linksRouteTo,
       preventDuplicateLinks: data.preventDuplicateLinks,
       password:
-        isInvited || (data.newPassword && data.newPassword !== "")
+        data.newPassword && data.newPassword !== ""
           ? newHashedPassword
           : undefined,
     },
     include: {
       whitelistedUsers: true,
       subscriptions: true,
-      parentSubscription: {
-        include: {
-          user: true,
-        },
-      },
     },
   });
 
-  const {
-    whitelistedUsers,
-    password,
-    subscriptions,
-    parentSubscription,
-    ...userInfo
-  } = updatedUser;
+  const { whitelistedUsers, password, subscriptions, ...userInfo } =
+    updatedUser;
 
   // If user.whitelistedUsers is not provided, we will assume the whitelistedUsers should be removed
   const newWhitelistedUsernames: string[] = data.whitelistedUsers || [];
@@ -271,20 +265,11 @@ export default async function updateUserById(
     });
   }
 
-  const response = {
+  const response: Omit<AccountSettings, "password"> = {
     ...userInfo,
     whitelistedUsers: newWhitelistedUsernames,
     image: userInfo.image ? `${userInfo.image}?${Date.now()}` : "",
-    subscription: {
-      active: subscriptions?.active,
-      quantity: subscriptions?.quantity,
-    },
-    parentSubscription: {
-      active: parentSubscription?.active,
-      user: {
-        email: parentSubscription?.user.email,
-      },
-    },
+    subscription: { active: subscriptions?.active },
   };
 
   return { response, status: 200 };