root
95 lines
3.2 KiB
TypeScript
95 lines
3.2 KiB
TypeScript
// /opt/erp-system/app/api/tickets/[id]/attachments/route.ts
|
|
import { NextResponse } from 'next/server';
|
|
import prisma from '../../../../../lib/prisma';
|
|
import { getServerSession } from "next-auth/next";
|
|
import { authOptions } from "../../../auth/[...nextauth]/route";
|
|
import { writeFile, readFile } from 'fs/promises';
|
|
import { join } from 'path';
|
|
|
|
const UPLOAD_DIR = join(process.cwd(), 'uploads');
|
|
|
|
// POST: Datei hochladen
|
|
export async function POST(request: Request, context: { params: Promise<{ id: string }> }) {
|
|
const session = await getServerSession(authOptions);
|
|
if (!session) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 });
|
|
|
|
try {
|
|
const params = await context.params;
|
|
const ticketId = parseInt(params.id);
|
|
const formData = await request.formData();
|
|
|
|
const file = formData.get('file') as File;
|
|
if (!file) return NextResponse.json({ error: 'Keine Datei gefunden' }, { status: 400 });
|
|
|
|
const bytes = await file.arrayBuffer();
|
|
const buffer = Buffer.from(bytes);
|
|
|
|
// Dateinamen bereinigen und eindeutig machen
|
|
const safeOriginalName = file.name.replace(/[^a-zA-Z0-9.-]/g, '_');
|
|
const savedName = `${Date.now()}-${safeOriginalName}`;
|
|
const filepath = join(UPLOAD_DIR, savedName);
|
|
|
|
await writeFile(filepath, buffer);
|
|
|
|
const attachment = await prisma.attachment.create({
|
|
data: {
|
|
fileName: file.name,
|
|
savedName: savedName,
|
|
fileSize: file.size,
|
|
fileType: file.type,
|
|
ticketId: ticketId
|
|
}
|
|
});
|
|
|
|
return NextResponse.json(attachment, { status: 201 });
|
|
} catch (error) {
|
|
console.error("Upload Fehler:", error);
|
|
return NextResponse.json({ error: 'Fehler beim Upload' }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
// GET: Datei-Liste abrufen oder einzelne Datei herunterladen
|
|
export async function GET(request: Request, context: { params: Promise<{ id: string }> }) {
|
|
const session = await getServerSession(authOptions);
|
|
if (!session) return new NextResponse('Nicht autorisiert', { status: 401 });
|
|
|
|
const { searchParams } = new URL(request.url);
|
|
const downloadId = searchParams.get('download');
|
|
|
|
try {
|
|
const params = await context.params;
|
|
const ticketId = parseInt(params.id);
|
|
|
|
// Modus 1: Einzelne Datei herunterladen
|
|
if (downloadId) {
|
|
const attachment = await prisma.attachment.findUnique({
|
|
where: { id: parseInt(downloadId) }
|
|
});
|
|
|
|
if (!attachment || attachment.ticketId !== ticketId) {
|
|
return new NextResponse('Datei nicht gefunden', { status: 404 });
|
|
}
|
|
|
|
const filepath = join(UPLOAD_DIR, attachment.savedName);
|
|
const fileBuffer = await readFile(filepath);
|
|
|
|
return new NextResponse(fileBuffer, {
|
|
headers: {
|
|
'Content-Type': attachment.fileType,
|
|
'Content-Disposition': `attachment; filename="${attachment.fileName}"`
|
|
}
|
|
});
|
|
}
|
|
|
|
// Modus 2: Liste aller Anhänge des Tickets zurückgeben
|
|
const attachments = await prisma.attachment.findMany({
|
|
where: { ticketId: ticketId },
|
|
orderBy: { createdAt: 'desc' }
|
|
});
|
|
return NextResponse.json(attachments);
|
|
|
|
} catch (error) {
|
|
return new NextResponse('Fehler beim Abrufen der Datei', { status: 500 });
|
|
}
|
|
}
|