Initial commit

2026-03-07 13:22:54 +00:00 · 2025-12-28 21:16:03 +01:00
commit 62e3c6439e
552 changed files with 104858 additions and 0 deletions
--- a/routes/api/users/[id]/roles/+server.ts
+++ b/routes/api/users/[id]/roles/+server.ts
@@ -0,0 +1,110 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from '@sveltejs/kit';
+import { isEnterprise } from '$lib/server/license';
+import { validateSession } from '$lib/server/auth';
+import {
+	getUserRoles,
+	assignUserRole,
+	removeUserRole,
+	getUser
+} from '$lib/server/db';
+
+// GET /api/users/[id]/roles - Get roles assigned to a user
+export const GET: RequestHandler = async ({ params, cookies }) => {
+	// Check enterprise license
+	if (!(await isEnterprise())) {
+		return json({ error: 'Enterprise license required' }, { status: 403 });
+	}
+
+	if (!params.id) {
+		return json({ error: 'User ID is required' }, { status: 400 });
+	}
+
+	try {
+		const userId = parseInt(params.id);
+		const user = await getUser(userId);
+
+		if (!user) {
+			return json({ error: 'User not found' }, { status: 404 });
+		}
+
+		const userRoles = await getUserRoles(userId);
+		return json(userRoles);
+	} catch (error) {
+		console.error('Failed to get user roles:', error);
+		return json({ error: 'Failed to get user roles' }, { status: 500 });
+	}
+};
+
+// POST /api/users/[id]/roles - Assign a role to a user
+export const POST: RequestHandler = async ({ params, request, cookies }) => {
+	// Check enterprise license
+	if (!(await isEnterprise())) {
+		return json({ error: 'Enterprise license required' }, { status: 403 });
+	}
+
+	const currentUser = await validateSession(cookies);
+	if (!currentUser || !currentUser.isAdmin) {
+		return json({ error: 'Admin access required' }, { status: 403 });
+	}
+
+	if (!params.id) {
+		return json({ error: 'User ID is required' }, { status: 400 });
+	}
+
+	try {
+		const userId = parseInt(params.id);
+		const { roleId, environmentId } = await request.json();
+
+		if (!roleId) {
+			return json({ error: 'Role ID is required' }, { status: 400 });
+		}
+
+		const user = await getUser(userId);
+		if (!user) {
+			return json({ error: 'User not found' }, { status: 404 });
+		}
+
+		const userRole = await assignUserRole(userId, roleId, environmentId);
+		return json(userRole, { status: 201 });
+	} catch (error) {
+		console.error('Failed to assign role:', error);
+		return json({ error: 'Failed to assign role' }, { status: 500 });
+	}
+};
+
+// DELETE /api/users/[id]/roles - Remove a role from a user
+export const DELETE: RequestHandler = async ({ params, request, cookies }) => {
+	// Check enterprise license
+	if (!(await isEnterprise())) {
+		return json({ error: 'Enterprise license required' }, { status: 403 });
+	}
+
+	const currentUser = await validateSession(cookies);
+	if (!currentUser || !currentUser.isAdmin) {
+		return json({ error: 'Admin access required' }, { status: 403 });
+	}
+
+	if (!params.id) {
+		return json({ error: 'User ID is required' }, { status: 400 });
+	}
+
+	try {
+		const userId = parseInt(params.id);
+		const { roleId, environmentId } = await request.json();
+
+		if (!roleId) {
+			return json({ error: 'Role ID is required' }, { status: 400 });
+		}
+
+		const deleted = await removeUserRole(userId, roleId, environmentId);
+		if (!deleted) {
+			return json({ error: 'Role assignment not found' }, { status: 404 });
+		}
+
+		return json({ success: true });
+	} catch (error) {
+		console.error('Failed to remove role:', error);
+		return json({ error: 'Failed to remove role' }, { status: 500 });
+	}
+};