mirror of
https://github.com/khoaliber/dockhand.git
synced 2026-03-05 05:39:04 +00:00
111 lines
3.1 KiB
TypeScript
111 lines
3.1 KiB
TypeScript
import { json } from '@sveltejs/kit';
|
|
import type { RequestHandler } from '@sveltejs/kit';
|
|
import { isEnterprise } from '$lib/server/license';
|
|
import { validateSession } from '$lib/server/auth';
|
|
import {
|
|
getUserRoles,
|
|
assignUserRole,
|
|
removeUserRole,
|
|
getUser
|
|
} from '$lib/server/db';
|
|
|
|
// GET /api/users/[id]/roles - Get roles assigned to a user
|
|
export const GET: RequestHandler = async ({ params, cookies }) => {
|
|
// Check enterprise license
|
|
if (!(await isEnterprise())) {
|
|
return json({ error: 'Enterprise license required' }, { status: 403 });
|
|
}
|
|
|
|
if (!params.id) {
|
|
return json({ error: 'User ID is required' }, { status: 400 });
|
|
}
|
|
|
|
try {
|
|
const userId = parseInt(params.id);
|
|
const user = await getUser(userId);
|
|
|
|
if (!user) {
|
|
return json({ error: 'User not found' }, { status: 404 });
|
|
}
|
|
|
|
const userRoles = await getUserRoles(userId);
|
|
return json(userRoles);
|
|
} catch (error) {
|
|
console.error('Failed to get user roles:', error);
|
|
return json({ error: 'Failed to get user roles' }, { status: 500 });
|
|
}
|
|
};
|
|
|
|
// POST /api/users/[id]/roles - Assign a role to a user
|
|
export const POST: RequestHandler = async ({ params, request, cookies }) => {
|
|
// Check enterprise license
|
|
if (!(await isEnterprise())) {
|
|
return json({ error: 'Enterprise license required' }, { status: 403 });
|
|
}
|
|
|
|
const currentUser = await validateSession(cookies);
|
|
if (!currentUser || !currentUser.isAdmin) {
|
|
return json({ error: 'Admin access required' }, { status: 403 });
|
|
}
|
|
|
|
if (!params.id) {
|
|
return json({ error: 'User ID is required' }, { status: 400 });
|
|
}
|
|
|
|
try {
|
|
const userId = parseInt(params.id);
|
|
const { roleId, environmentId } = await request.json();
|
|
|
|
if (!roleId) {
|
|
return json({ error: 'Role ID is required' }, { status: 400 });
|
|
}
|
|
|
|
const user = await getUser(userId);
|
|
if (!user) {
|
|
return json({ error: 'User not found' }, { status: 404 });
|
|
}
|
|
|
|
const userRole = await assignUserRole(userId, roleId, environmentId);
|
|
return json(userRole, { status: 201 });
|
|
} catch (error) {
|
|
console.error('Failed to assign role:', error);
|
|
return json({ error: 'Failed to assign role' }, { status: 500 });
|
|
}
|
|
};
|
|
|
|
// DELETE /api/users/[id]/roles - Remove a role from a user
|
|
export const DELETE: RequestHandler = async ({ params, request, cookies }) => {
|
|
// Check enterprise license
|
|
if (!(await isEnterprise())) {
|
|
return json({ error: 'Enterprise license required' }, { status: 403 });
|
|
}
|
|
|
|
const currentUser = await validateSession(cookies);
|
|
if (!currentUser || !currentUser.isAdmin) {
|
|
return json({ error: 'Admin access required' }, { status: 403 });
|
|
}
|
|
|
|
if (!params.id) {
|
|
return json({ error: 'User ID is required' }, { status: 400 });
|
|
}
|
|
|
|
try {
|
|
const userId = parseInt(params.id);
|
|
const { roleId, environmentId } = await request.json();
|
|
|
|
if (!roleId) {
|
|
return json({ error: 'Role ID is required' }, { status: 400 });
|
|
}
|
|
|
|
const deleted = await removeUserRole(userId, roleId, environmentId);
|
|
if (!deleted) {
|
|
return json({ error: 'Role assignment not found' }, { status: 404 });
|
|
}
|
|
|
|
return json({ success: true });
|
|
} catch (error) {
|
|
console.error('Failed to remove role:', error);
|
|
return json({ error: 'Failed to remove role' }, { status: 500 });
|
|
}
|
|
};
|