root
79 lines
2.7 KiB
TypeScript
79 lines
2.7 KiB
TypeScript
// /opt/erp-system/app/api/customers/[id]/route.ts
|
|
import { NextResponse } from 'next/server';
|
|
import prisma from '../../../../lib/prisma';
|
|
import bcrypt from 'bcryptjs';
|
|
import { getServerSession } from "next-auth/next";
|
|
import { authOptions } from "../../auth/[...nextauth]/route";
|
|
|
|
async function getPerms() {
|
|
const session = await getServerSession(authOptions);
|
|
if (!session) return null;
|
|
return (session.user as any)?.permissions || [];
|
|
}
|
|
|
|
export async function GET(request: Request, context: { params: Promise<{ id: string }> }) {
|
|
const perms = await getPerms();
|
|
if (!perms) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 });
|
|
|
|
try {
|
|
const params = await context.params;
|
|
const customer = await prisma.customer.findUnique({
|
|
where: { id: parseInt(params.id) },
|
|
include: {
|
|
contacts: { orderBy: { createdAt: 'desc' } },
|
|
tickets: { orderBy: { createdAt: 'desc' } },
|
|
contracts: { orderBy: { createdAt: 'desc' } },
|
|
documents: { orderBy: { createdAt: 'desc' } },
|
|
credentials: { orderBy: { createdAt: 'desc' } }
|
|
}
|
|
});
|
|
|
|
if (!customer) return NextResponse.json({ error: 'Nicht gefunden' }, { status: 404 });
|
|
return NextResponse.json(customer);
|
|
} catch (error) {
|
|
console.error('Customer GET Error:', error);
|
|
return NextResponse.json({ error: 'Ladefehler' }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
export async function PUT(request: Request, context: { params: Promise<{ id: string }> }) {
|
|
const perms = await getPerms();
|
|
if (!perms || (!perms.includes('CUSTOMERS_MANAGE') && !perms.includes('CUSTOMERS_EDIT'))) {
|
|
return NextResponse.json({ error: 'Keine Berechtigung zum Bearbeiten von Kundendaten' }, { status: 403 });
|
|
}
|
|
|
|
try {
|
|
const params = await context.params;
|
|
const body = await request.json();
|
|
|
|
const updateData: any = {
|
|
companyName: body.companyName,
|
|
firstName: body.firstName,
|
|
lastName: body.lastName,
|
|
email: body.email,
|
|
phone: body.phone,
|
|
address: body.address,
|
|
zipCode: body.zipCode,
|
|
city: body.city,
|
|
additionalEmails: body.additionalEmails || [],
|
|
};
|
|
|
|
// Nur ein neues Passwort hashen und speichern, wenn das Feld ausgefüllt wurde
|
|
if (body.password && body.password.trim() !== '') {
|
|
updateData.passwordHash = await bcrypt.hash(body.password, 10);
|
|
}
|
|
|
|
const customer = await prisma.customer.update({
|
|
where: { id: parseInt(params.id) },
|
|
data: updateData,
|
|
include: { contacts: true }
|
|
});
|
|
|
|
return NextResponse.json(customer);
|
|
} catch (error) {
|
|
console.error(error);
|
|
return NextResponse.json({ error: 'Update fehlgeschlagen' }, { status: 500 });
|
|
}
|
|
}
|
|
|