Initial commit - ERP System

app/api/roles/route.ts

@@ -0,0 +1,82 @@
+// /opt/erp-system/app/api/roles/route.ts
+import { NextResponse } from 'next/server';
+import prisma from '../../../lib/prisma';
+import { getServerSession } from "next-auth/next";
+import { authOptions } from "../auth/[...nextauth]/route";
+
+async function checkAccess() {
+  const session = await getServerSession(authOptions);
+  const perms = (session?.user as any)?.permissions || [];
+  return perms.includes('TEAM_MANAGE');
+}
+
+export async function GET() {
+  if (!await checkAccess()) return NextResponse.json({ error: 'Access denied' }, { status: 403 });
+  
+  try {
+    const roles = await prisma.role.findMany({
+      include: { _count: { select: { users: true } } },
+      orderBy: { id: 'asc' }
+    });
+    return NextResponse.json(roles);
+  } catch (error) {
+    return NextResponse.json({ error: 'Fehler beim Laden' }, { status: 500 });
+  }
+}
+
+export async function POST(request: Request) {
+  if (!await checkAccess()) return NextResponse.json({ error: 'Access denied' }, { status: 403 });
+
+  try {
+    const body = await request.json();
+    const newRole = await prisma.role.create({
+      data: { name: body.name, permissions: body.permissions }
+    });
+    return NextResponse.json(newRole, { status: 201 });
+  } catch (error: any) {
+    if (error.code === 'P2002') return NextResponse.json({ error: 'Rollenname existiert bereits.' }, { status: 400 });
+    return NextResponse.json({ error: 'Fehler beim Speichern' }, { status: 500 });
+  }
+}
+
+export async function PUT(request: Request) {
+  if (!await checkAccess()) return NextResponse.json({ error: 'Access denied' }, { status: 403 });
+
+  try {
+    const body = await request.json();
+    const updatedRole = await prisma.role.update({
+      where: { id: body.id },
+      data: { name: body.name, permissions: body.permissions }
+    });
+    return NextResponse.json(updatedRole, { status: 200 });
+  } catch (error) {
+    return NextResponse.json({ error: 'Fehler beim Speichern' }, { status: 500 });
+  }
+}
+
+export async function DELETE(request: Request) {
+  const session = await getServerSession(authOptions);
+  const perms = (session?.user as any)?.permissions || [];
+  if (!perms.includes('DATA_DELETE')) return NextResponse.json({ error: 'Keine Löschberechtigung' }, { status: 403 });
+
+  try {
+    const { searchParams } = new URL(request.url);
+    const id = searchParams.get('id');
+    if (!id) return NextResponse.json({ error: 'ID fehlt' }, { status: 400 });
+
+    const roleId = parseInt(id);
+
+    // Check if users are still assigned
+    const usersWithRole = await prisma.user.count({ where: { roleId } });
+    if (usersWithRole > 0) {
+      return NextResponse.json({ error: `Diese Gruppe ist noch ${usersWithRole} Nutzer(n) zugeordnet. Bitte weise sie zuerst einer anderen Gruppe zu.` }, { status: 400 });
+    }
+
+    await prisma.role.delete({ where: { id: roleId } });
+
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    console.error(error);
+    return NextResponse.json({ error: 'Löschen fehlgeschlagen' }, { status: 500 });
+  }
+}