klbr/dockhand
1
0
Fork 0
mirror of https://github.com/khoaliber/dockhand.git synced 2026-03-03 21:19:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
53d60fdddd0f27d8fe6cfeb22499c0fc90b85c21
dockhand/routes/api/roles/[id]/+server.ts
Jarek Krochmalski 62e3c6439e Initial commit
2025-12-28 21:16:03 +01:00

127 lines
3.5 KiB
TypeScript
Raw Blame History

import { json } from '@sveltejs/kit';
import type { RequestHandler } from '@sveltejs/kit';
import {
getRole,
updateRole as dbUpdateRole,
deleteRole as dbDeleteRole
} from '$lib/server/db';
import { authorize } from '$lib/server/authorize';
// GET /api/roles/[id] - Get a specific role
export const GET: RequestHandler = async ({ params, cookies }) => {
const auth = await authorize(cookies);
// Allow viewing roles when auth is disabled (setup mode) or with enterprise license
if (auth.authEnabled && !auth.isEnterprise) {
return json({ error: 'Enterprise license required' }, { status: 403 });
}
if (!params.id) {
return json({ error: 'Role ID is required' }, { status: 400 });
}
try {
const id = parseInt(params.id);
const role = await getRole(id);
if (!role) {
return json({ error: 'Role not found' }, { status: 404 });
}
return json(role);
} catch (error) {
console.error('Failed to get role:', error);
return json({ error: 'Failed to get role' }, { status: 500 });
}
};
// PUT /api/roles/[id] - Update a role
export const PUT: RequestHandler = async ({ params, request, cookies }) => {
const auth = await authorize(cookies);
// Check enterprise license
if (!auth.isEnterprise) {
return json({ error: 'Enterprise license required' }, { status: 403 });
}
// When auth is disabled, allow all operations (setup mode)
// When auth is enabled, require admin access
if (auth.authEnabled && !auth.isAdmin) {
return json({ error: 'Admin access required' }, { status: 403 });
}
if (!params.id) {
return json({ error: 'Role ID is required' }, { status: 400 });
}
try {
const id = parseInt(params.id);
const data = await request.json();
const existingRole = await getRole(id);
if (!existingRole) {
return json({ error: 'Role not found' }, { status: 404 });
}
if (existingRole.isSystem) {
return json({ error: 'Cannot modify system roles' }, { status: 400 });
}
const role = await dbUpdateRole(id, data);
if (!role) {
return json({ error: 'Failed to update role' }, { status: 500 });
}
return json(role);
} catch (error: any) {
console.error('Failed to update role:', error);
if (error.message?.includes('UNIQUE constraint failed')) {
return json({ error: 'Role name already exists' }, { status: 409 });
}
return json({ error: 'Failed to update role' }, { status: 500 });
}
};
// DELETE /api/roles/[id] - Delete a role
export const DELETE: RequestHandler = async ({ params, cookies }) => {
const auth = await authorize(cookies);
// Check enterprise license
if (!auth.isEnterprise) {
return json({ error: 'Enterprise license required' }, { status: 403 });
}
// When auth is disabled, allow all operations (setup mode)
// When auth is enabled, require admin access
if (auth.authEnabled && !auth.isAdmin) {
return json({ error: 'Admin access required' }, { status: 403 });
}
if (!params.id) {
return json({ error: 'Role ID is required' }, { status: 400 });
}
try {
const id = parseInt(params.id);
const role = await getRole(id);
if (!role) {
return json({ error: 'Role not found' }, { status: 404 });
}
if (role.isSystem) {
return json({ error: 'Cannot delete system roles' }, { status: 400 });
}
const deleted = await dbDeleteRole(id);
if (!deleted) {
return json({ error: 'Failed to delete role' }, { status: 500 });
}
return json({ success: true });
} catch (error) {
console.error('Failed to delete role:', error);
return json({ error: 'Failed to delete role' }, { status: 500 });
}
};
Reference in New Issue View Git Blame Copy Permalink