Initial commit - ERP System
This commit is contained in:
root
@@ -0,0 +1,78 @@
|
||||
// /opt/erp-system/app/api/customers/[id]/route.ts
|
||||
import { NextResponse } from 'next/server';
|
||||
import prisma from '../../../../lib/prisma';
|
||||
import bcrypt from 'bcryptjs';
|
||||
import { getServerSession } from "next-auth/next";
|
||||
import { authOptions } from "../../auth/[...nextauth]/route";
|
||||
|
||||
async function getPerms() {
|
||||
const session = await getServerSession(authOptions);
|
||||
if (!session) return null;
|
||||
return (session.user as any)?.permissions || [];
|
||||
}
|
||||
|
||||
export async function GET(request: Request, context: { params: Promise<{ id: string }> }) {
|
||||
const perms = await getPerms();
|
||||
if (!perms) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 });
|
||||
|
||||
try {
|
||||
const params = await context.params;
|
||||
const customer = await prisma.customer.findUnique({
|
||||
where: { id: parseInt(params.id) },
|
||||
include: {
|
||||
contacts: { orderBy: { createdAt: 'desc' } },
|
||||
tickets: { orderBy: { createdAt: 'desc' } },
|
||||
contracts: { orderBy: { createdAt: 'desc' } },
|
||||
documents: { orderBy: { createdAt: 'desc' } },
|
||||
credentials: { orderBy: { createdAt: 'desc' } }
|
||||
}
|
||||
});
|
||||
|
||||
if (!customer) return NextResponse.json({ error: 'Nicht gefunden' }, { status: 404 });
|
||||
return NextResponse.json(customer);
|
||||
} catch (error) {
|
||||
console.error('Customer GET Error:', error);
|
||||
return NextResponse.json({ error: 'Ladefehler' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
|
||||
export async function PUT(request: Request, context: { params: Promise<{ id: string }> }) {
|
||||
const perms = await getPerms();
|
||||
if (!perms || (!perms.includes('CUSTOMERS_MANAGE') && !perms.includes('CUSTOMERS_EDIT'))) {
|
||||
return NextResponse.json({ error: 'Keine Berechtigung zum Bearbeiten von Kundendaten' }, { status: 403 });
|
||||
}
|
||||
|
||||
try {
|
||||
const params = await context.params;
|
||||
const body = await request.json();
|
||||
|
||||
const updateData: any = {
|
||||
companyName: body.companyName,
|
||||
firstName: body.firstName,
|
||||
lastName: body.lastName,
|
||||
email: body.email,
|
||||
phone: body.phone,
|
||||
address: body.address,
|
||||
zipCode: body.zipCode,
|
||||
city: body.city,
|
||||
additionalEmails: body.additionalEmails || [],
|
||||
};
|
||||
|
||||
// Nur ein neues Passwort hashen und speichern, wenn das Feld ausgefüllt wurde
|
||||
if (body.password && body.password.trim() !== '') {
|
||||
updateData.passwordHash = await bcrypt.hash(body.password, 10);
|
||||
}
|
||||
|
||||
const customer = await prisma.customer.update({
|
||||
where: { id: parseInt(params.id) },
|
||||
data: updateData,
|
||||
include: { contacts: true }
|
||||
});
|
||||
|
||||
return NextResponse.json(customer);
|
||||
} catch (error) {
|
||||
console.error(error);
|
||||
return NextResponse.json({ error: 'Update fehlgeschlagen' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user