121 lines
3.8 KiB
TypeScript
121 lines
3.8 KiB
TypeScript
import { db } from "@/db";
|
|
import { serviceRequests, services, user, userServices } from "@/db/schema";
|
|
import { auth } from "@/util/auth";
|
|
import { eq, and } from "drizzle-orm";
|
|
import { NextRequest } from "next/server";
|
|
import { nanoid } from "nanoid";
|
|
|
|
export async function GET(request: NextRequest) {
|
|
try {
|
|
const session = await auth.api.getSession({
|
|
headers: request.headers
|
|
});
|
|
|
|
if (!session || session.user.role !== 'admin') {
|
|
return Response.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
const allRequests = await db.select({
|
|
id: serviceRequests.id,
|
|
reason: serviceRequests.reason,
|
|
status: serviceRequests.status,
|
|
adminNotes: serviceRequests.adminNotes,
|
|
reviewedAt: serviceRequests.reviewedAt,
|
|
createdAt: serviceRequests.createdAt,
|
|
updatedAt: serviceRequests.updatedAt,
|
|
userId: serviceRequests.userId,
|
|
userName: user.name,
|
|
userEmail: user.email,
|
|
serviceName: services.name,
|
|
serviceDescription: services.description
|
|
})
|
|
.from(serviceRequests)
|
|
.innerJoin(services, eq(serviceRequests.serviceId, services.id))
|
|
.innerJoin(user, eq(serviceRequests.userId, user.id))
|
|
.orderBy(serviceRequests.createdAt);
|
|
|
|
return Response.json({ requests: allRequests });
|
|
} catch (error) {
|
|
console.error("Error fetching admin requests:", error);
|
|
return Response.json({ error: "Internal server error" }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
export async function PUT(request: NextRequest) {
|
|
try {
|
|
const session = await auth.api.getSession({
|
|
headers: request.headers
|
|
});
|
|
|
|
if (!session || session.user.role !== 'admin') {
|
|
return Response.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
const { requestId, status, adminNotes } = await request.json();
|
|
|
|
if (!requestId || !status) {
|
|
return Response.json({ error: "Request ID and status are required" }, { status: 400 });
|
|
}
|
|
|
|
if (!['pending', 'approved', 'denied'].includes(status)) {
|
|
return Response.json({ error: "Invalid status" }, { status: 400 });
|
|
}
|
|
|
|
const serviceRequest = await db.select({
|
|
userId: serviceRequests.userId,
|
|
serviceId: serviceRequests.serviceId,
|
|
currentStatus: serviceRequests.status
|
|
})
|
|
.from(serviceRequests)
|
|
.where(eq(serviceRequests.id, requestId))
|
|
.limit(1);
|
|
|
|
if (serviceRequest.length === 0) {
|
|
return Response.json({ error: "Request not found" }, { status: 404 });
|
|
}
|
|
|
|
await db.update(serviceRequests)
|
|
.set({
|
|
status,
|
|
adminNotes,
|
|
reviewedBy: session.user.id,
|
|
reviewedAt: new Date(),
|
|
updatedAt: new Date()
|
|
})
|
|
.where(eq(serviceRequests.id, requestId));
|
|
|
|
if (status === 'approved' && serviceRequest[0].currentStatus !== 'approved') {
|
|
const existingAccess = await db.select()
|
|
.from(userServices)
|
|
.where(and(
|
|
eq(userServices.userId, serviceRequest[0].userId),
|
|
eq(userServices.serviceId, serviceRequest[0].serviceId)
|
|
))
|
|
.limit(1);
|
|
|
|
if (existingAccess.length === 0) {
|
|
await db.insert(userServices).values({
|
|
id: nanoid(),
|
|
userId: serviceRequest[0].userId,
|
|
serviceId: serviceRequest[0].serviceId,
|
|
grantedBy: session.user.id,
|
|
grantedAt: new Date(),
|
|
createdAt: new Date()
|
|
});
|
|
}
|
|
}
|
|
|
|
if (status === 'denied' && serviceRequest[0].currentStatus === 'approved') {
|
|
await db.delete(userServices)
|
|
.where(and(
|
|
eq(userServices.userId, serviceRequest[0].userId),
|
|
eq(userServices.serviceId, serviceRequest[0].serviceId)
|
|
));
|
|
}
|
|
|
|
return Response.json({ success: true });
|
|
} catch (error) {
|
|
console.error("Error updating request:", error);
|
|
return Response.json({ error: "Internal server error" }, { status: 500 });
|
|
}
|
|
}
|