feat(views): add unique constraint to filterBySource for each user

node_common/data/index.js

@@ -111,6 +111,7 @@ import createSurvey from "~/node_common/data/methods/create-survey";
 // Views
 import getViewById from "~/node_common/data/methods/get-view-by-id";
 import getViewsByUserId from "~/node_common/data/methods/get-views-by-user-id";
+import getViewByUserIdAndSource from "~/node_common/data/methods/get-view-by-user-id-and-source";
 import createView from "~/node_common/data/methods/create-view";
 import deleViewById from "~/node_common/data/methods/delete-view-by-id";
 
@@ -200,6 +201,7 @@ export {
   createSurvey,
   //NOTE(amine): Views
   getViewsByUserId,
+  getViewByUserIdAndSource,
   getViewById,
   createView,
   deleViewById,

node_common/data/methods/get-view-by-user-id-and-source.js

@@ -0,0 +1,22 @@
+import { runQuery } from "~/node_common/data/utilities";
+
+export default async ({ ownerId, filterBySource }) => {
+  return await runQuery({
+    label: "GET_VIEW_BY_USER_ID_AND_SOURCE",
+    queryFn: async (DB) => {
+      const query = await DB.select("*").from("views").where({ ownerId, filterBySource }).first();
+
+      if (!query || query.error) {
+        return null;
+      }
+
+      return JSON.parse(JSON.stringify(query));
+    },
+    errorFn: async (e) => {
+      return {
+        error: true,
+        decorator: "GET_VIEW_BY_USER_ID_AND_SOURCE",
+      };
+    },
+  });
+};

pages/api/views/create.js

@@ -9,6 +9,11 @@ export default async (req, res) => {
     return res.status(403).send({ decorator: "SERVER_CREATE_VIEW_NOT_ALLOWED", error: true });
   }
 
+  const userInfo = await RequestUtilities.checkAuthorizationInternal(req, res);
+  if (!userInfo) {
+    return res.status(403).send({ decorator: "SERVER_CREATE_VIEW_NOT_ALLOWED", error: true });
+  }
+
   const name = req?.body?.data?.name;
   const filterBySource = req?.body?.data?.filterBySource;
   const filterBySlateId = req?.body?.data?.filterBySlateId;
@@ -18,12 +23,19 @@ export default async (req, res) => {
     return res.status(403).send({ decorator: "SERVER_CREATE_VIEW_INVALID_DATA", error: true });
   }
 
+  const { id } = userInfo;
+
   if (filterBySource) {
     try {
       new URL(filterBySource);
     } catch (e) {
       return res.status(403).send({ decorator: "SERVER_CREATE_VIEW_INVALID_DATA", error: true });
     }
+
+    const existingView = await Data.getViewByUserIdAndSource({ ownerId: id, filterBySource });
+    if (existingView) {
+      return res.status(403).send({ decorator: "SERVER_CREATE_VIEW_INVALID_DATA", error: true });
+    }
   }
 
   if (filterBySlateId) {
@@ -33,11 +45,6 @@ export default async (req, res) => {
     }
   }
 
-  const userInfo = await RequestUtilities.checkAuthorizationInternal(req, res);
-  if (!userInfo) return;
-
-  const { id } = userInfo;
-
   const response = await Data.createView({
     ownerId: id,
     name,

scripts/seed-database.js

@@ -221,7 +221,7 @@ const createViewsTable = createTableIfNotExists("views", function (table) {
 
   table.string("name").notNullable();
   table.timestamp("createdAt").notNullable().defaultTo(db.raw("now()"));
-  table.string("filterBySource").unique().nullable();
+  table.string("filterBySource").nullable();
   table.uuid("filterBySlateId").references("id").inTable("slates").unique().nullable();
   table.jsonb("metadata").notNullable().defaultTo(JSON.stringify({}));
 });