Initial commit - ERP System

2026-05-20 18:58:23 +00:00
commit e174936997
2697 changed files with 1628427 additions and 0 deletions
@@ -0,0 +1,94 @@
+// /opt/erp-system/app/api/tickets/[id]/attachments/route.ts
+import { NextResponse } from 'next/server';
+import prisma from '../../../../../lib/prisma';
+import { getServerSession } from "next-auth/next";
+import { authOptions } from "../../../auth/[...nextauth]/route";
+import { writeFile, readFile } from 'fs/promises';
+import { join } from 'path';
+
+const UPLOAD_DIR = join(process.cwd(), 'uploads');
+
+// POST: Datei hochladen
+export async function POST(request: Request, context: { params: Promise<{ id: string }> }) {
+  const session = await getServerSession(authOptions);
+  if (!session) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 });
+
+  try {
+    const params = await context.params;
+    const ticketId = parseInt(params.id);
+    const formData = await request.formData();
+    
+    const file = formData.get('file') as File;
+    if (!file) return NextResponse.json({ error: 'Keine Datei gefunden' }, { status: 400 });
+
+    const bytes = await file.arrayBuffer();
+    const buffer = Buffer.from(bytes);
+
+    // Dateinamen bereinigen und eindeutig machen
+    const safeOriginalName = file.name.replace(/[^a-zA-Z0-9.-]/g, '_');
+    const savedName = `${Date.now()}-${safeOriginalName}`;
+    const filepath = join(UPLOAD_DIR, savedName);
+
+    await writeFile(filepath, buffer);
+
+    const attachment = await prisma.attachment.create({
+      data: {
+        fileName: file.name,
+        savedName: savedName,
+        fileSize: file.size,
+        fileType: file.type,
+        ticketId: ticketId
+      }
+    });
+
+    return NextResponse.json(attachment, { status: 201 });
+  } catch (error) {
+    console.error("Upload Fehler:", error);
+    return NextResponse.json({ error: 'Fehler beim Upload' }, { status: 500 });
+  }
+}
+
+// GET: Datei-Liste abrufen oder einzelne Datei herunterladen
+export async function GET(request: Request, context: { params: Promise<{ id: string }> }) {
+  const session = await getServerSession(authOptions);
+  if (!session) return new NextResponse('Nicht autorisiert', { status: 401 });
+
+  const { searchParams } = new URL(request.url);
+  const downloadId = searchParams.get('download');
+
+  try {
+    const params = await context.params;
+    const ticketId = parseInt(params.id);
+
+    // Modus 1: Einzelne Datei herunterladen
+    if (downloadId) {
+      const attachment = await prisma.attachment.findUnique({
+        where: { id: parseInt(downloadId) }
+      });
+
+      if (!attachment || attachment.ticketId !== ticketId) {
+        return new NextResponse('Datei nicht gefunden', { status: 404 });
+      }
+
+      const filepath = join(UPLOAD_DIR, attachment.savedName);
+      const fileBuffer = await readFile(filepath);
+
+      return new NextResponse(fileBuffer, {
+        headers: {
+          'Content-Type': attachment.fileType,
+          'Content-Disposition': `attachment; filename="${attachment.fileName}"`
+        }
+      });
+    }
+
+    // Modus 2: Liste aller Anhänge des Tickets zurückgeben
+    const attachments = await prisma.attachment.findMany({
+      where: { ticketId: ticketId },
+      orderBy: { createdAt: 'desc' }
+    });
+    return NextResponse.json(attachments);
+
+  } catch (error) {
+    return new NextResponse('Fehler beim Abrufen der Datei', { status: 500 });
+  }
+}