From 293e4a20b9f8d689db37a982fce25e4a9747ce72 Mon Sep 17 00:00:00 2001 From: mota Date: Thu, 30 Oct 2025 20:18:59 +0900 Subject: [PATCH 1/2] =?UTF-8?q?=EC=B9=B4=ED=85=8C=EA=B3=A0=EB=A6=AC=20?= =?UTF-8?q?=EC=88=9C=EC=84=9C=20=EB=B3=80=EA=B2=BD=20api?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- public/erd.svg | 2 +- src/app/api/admin/categories/[id]/route.ts | 12 ++++++++++-- src/app/api/admin/categories/route.ts | 6 +++++- src/app/api/posts/[id]/route.ts | 12 ++++++++++-- 4 files changed, 26 insertions(+), 6 deletions(-) diff --git a/public/erd.svg b/public/erd.svg index c0563d1..2404231 100644 --- a/public/erd.svg +++ b/public/erd.svg @@ -1 +1 @@ -

enum:status

enum:type

enum:readLevel

enum:writeLevel

category

enum:role

board

user

enum:status

board

author

enum:status

enum:authLevel

enum:resource

enum:action

role

user

role

post

author

post

tag

enum:type

post

enum:type

post

user

post

user

post

enum:targetType

reporter

post

comment

sender

receiver

blocker

blocked

enum:referenceType

user

enum:appliesTo

enum:type

user

enum:targetType

actor

enum:targetType

createdByUser

user

createdByUser

user

user

coupon

user

BoardStatus

active

active

hidden

hidden

archived

archived

BoardType

general

general

special

special

AccessLevel

public

public

member

member

moderator

moderator

admin

admin

PostStatus

published

published

hidden

hidden

deleted

deleted

AttachmentType

image

image

file

file

BoardModRole

MODERATOR

MODERATOR

MANAGER

MANAGER

UserStatus

active

active

suspended

suspended

withdrawn

withdrawn

AuthLevel

USER

USER

MOD

MOD

ADMIN

ADMIN

ReactionType

RECOMMEND

RECOMMEND

REPORT

REPORT

SanctionType

SUSPEND

SUSPEND

BAN

BAN

DOWNGRADE

DOWNGRADE

TargetType

POST

POST

COMMENT

COMMENT

USER

USER

BOARD

BOARD

SYSTEM

SYSTEM

Resource

BOARD

BOARD

POST

POST

COMMENT

COMMENT

USER

USER

ADMIN

ADMIN

Action

READ

READ

CREATE

CREATE

UPDATE

UPDATE

DELETE

DELETE

MODERATE

MODERATE

ADMINISTER

ADMINISTER

board_categories

String

id

๐Ÿ—๏ธ

String

name

String

slug

Int

sortOrder

String

status

DateTime

createdAt

DateTime

updatedAt

boards

String

id

๐Ÿ—๏ธ

String

name

String

slug

String

description

โ“

Int

sortOrder

BoardStatus

status

BoardType

type

Boolean

requiresApproval

Boolean

allowAnonymousPost

Boolean

allowSecretComment

Boolean

isAdultOnly

Json

requiredTags

โ“

Json

requiredFields

โ“

AccessLevel

readLevel

AccessLevel

writeLevel

DateTime

createdAt

DateTime

updatedAt

board_moderators

String

id

๐Ÿ—๏ธ

BoardModRole

role

DateTime

createdAt

posts

String

id

๐Ÿ—๏ธ

String

title

String

content

PostStatus

status

Boolean

isAnonymous

Boolean

isPinned

Int

pinnedOrder

โ“

DateTime

createdAt

DateTime

updatedAt

DateTime

lastActivityAt

users

String

userId

๐Ÿ—๏ธ

String

nickname

String

passwordHash

โ“

String

name

DateTime

birth

String

phone

Int

rank

UserStatus

status

AuthLevel

authLevel

String

profileImage

โ“

DateTime

lastLoginAt

โ“

Boolean

isAdultVerified

Int

loginFailCount

DateTime

agreementTermsAt

DateTime

createdAt

DateTime

updatedAt

roles

String

roleId

๐Ÿ—๏ธ

String

name

String

description

โ“

DateTime

createdAt

role_permissions

String

id

๐Ÿ—๏ธ

Resource

resource

Action

action

Boolean

allowed

DateTime

createdAt

user_roles

String

id

๐Ÿ—๏ธ

DateTime

createdAt

comments

String

id

๐Ÿ—๏ธ

String

content

Boolean

isAnonymous

Boolean

isSecret

String

secretPasswordHash

โ“

DateTime

createdAt

DateTime

updatedAt

tags

String

tagId

๐Ÿ—๏ธ

String

name

String

slug

DateTime

createdAt

post_tags

String

id

๐Ÿ—๏ธ

attachments

String

id

๐Ÿ—๏ธ

String

url

AttachmentType

type

Int

size

โ“

Int

width

โ“

Int

height

โ“

Int

sortOrder

โ“

DateTime

createdAt

reactions

String

id

๐Ÿ—๏ธ

String

clientHash

โ“

ReactionType

type

DateTime

createdAt

post_view_logs

String

id

๐Ÿ—๏ธ

String

ip

โ“

String

userAgent

โ“

DateTime

createdAt

post_stats

Int

views

Int

recommendCount

Int

reportCount

Int

commentsCount

reports

String

id

๐Ÿ—๏ธ

TargetType

targetType

String

reason

String

status

DateTime

createdAt

messages

String

id

๐Ÿ—๏ธ

String

body

DateTime

readAt

โ“

DateTime

createdAt

blocks

String

id

๐Ÿ—๏ธ

DateTime

createdAt

point_transactions

String

id

๐Ÿ—๏ธ

Int

amount

String

reason

TargetType

referenceType

โ“

String

referenceId

โ“

DateTime

createdAt

level_thresholds

String

id

๐Ÿ—๏ธ

Int

level

Int

minPoints

banned_keywords

String

id

๐Ÿ—๏ธ

String

pattern

TargetType

appliesTo

Int

severity

Boolean

active

DateTime

createdAt

sanctions

String

id

๐Ÿ—๏ธ

SanctionType

type

String

reason

DateTime

startAt

DateTime

endAt

โ“

String

createdBy

โ“

audit_logs

String

id

๐Ÿ—๏ธ

String

action

TargetType

targetType

โ“

String

targetId

โ“

Json

meta

โ“

DateTime

createdAt

admin_notifications

String

id

๐Ÿ—๏ธ

String

type

String

message

TargetType

targetType

โ“

String

targetId

โ“

DateTime

createdAt

DateTime

readAt

โ“

login_sessions

String

id

๐Ÿ—๏ธ

String

device

โ“

String

ip

โ“

String

userAgent

โ“

DateTime

createdAt

DateTime

lastSeenAt

ip_blocks

String

id

๐Ÿ—๏ธ

String

ip

String

reason

โ“

Boolean

active

DateTime

createdAt

nickname_changes

String

id

๐Ÿ—๏ธ

String

oldNickname

String

newNickname

DateTime

changedAt

password_reset_tokens

String

id

๐Ÿ—๏ธ

String

token

DateTime

expiresAt

DateTime

usedAt

โ“

DateTime

createdAt

coupons

String

id

๐Ÿ—๏ธ

String

code

String

title

String

description

โ“

Int

stock

Int

maxPerUser

DateTime

expiresAt

โ“

Boolean

active

DateTime

createdAt

coupon_redemptions

String

id

๐Ÿ—๏ธ

DateTime

createdAt

partners

String

id

๐Ÿ—๏ธ

String

name

String

category

Float

latitude

Float

longitude

String

address

โ“

DateTime

createdAt

DateTime

updatedAt

banners

String

id

๐Ÿ—๏ธ

String

title

String

imageUrl

String

linkUrl

โ“

Boolean

active

Int

sortOrder

DateTime

startAt

โ“

DateTime

endAt

โ“

DateTime

createdAt

DateTime

updatedAt

partner_inquiries

String

id

๐Ÿ—๏ธ

String

name

String

contact

String

category

โ“

String

message

String

status

DateTime

createdAt

DateTime

approvedAt

โ“

partner_requests

String

id

๐Ÿ—๏ธ

String

name

String

category

Float

latitude

Float

longitude

String

address

โ“

String

contact

โ“

String

status

DateTime

createdAt

DateTime

approvedAt

โ“

 \ No newline at end of file +

enum:status

enum:type

enum:readLevel

enum:writeLevel

category

enum:role

board

user

enum:status

board

author

enum:status

enum:authLevel

enum:resource

enum:action

role

user

role

post

author

post

tag

enum:type

post

enum:type

post

user

post

user

post

enum:targetType

reporter

post

comment

sender

receiver

blocker

blocked

enum:referenceType

user

enum:appliesTo

enum:type

user

enum:targetType

actor

enum:targetType

createdByUser

user

createdByUser

user

user

coupon

user

BoardStatus

active

active

hidden

hidden

archived

archived

BoardType

general

general

special

special

AccessLevel

public

public

member

member

moderator

moderator

admin

admin

PostStatus

published

published

hidden

hidden

deleted

deleted

AttachmentType

image

image

file

file

BoardModRole

MODERATOR

MODERATOR

MANAGER

MANAGER

UserStatus

active

active

suspended

suspended

withdrawn

withdrawn

AuthLevel

USER

USER

MOD

MOD

ADMIN

ADMIN

ReactionType

RECOMMEND

RECOMMEND

REPORT

REPORT

SanctionType

SUSPEND

SUSPEND

BAN

BAN

DOWNGRADE

DOWNGRADE

TargetType

POST

POST

COMMENT

COMMENT

USER

USER

BOARD

BOARD

SYSTEM

SYSTEM

Resource

BOARD

BOARD

POST

POST

COMMENT

COMMENT

USER

USER

ADMIN

ADMIN

Action

READ

READ

CREATE

CREATE

UPDATE

UPDATE

DELETE

DELETE

MODERATE

MODERATE

ADMINISTER

ADMINISTER

board_categories

String

id

๐Ÿ—๏ธ

String

name

String

slug

Int

sortOrder

String

status

DateTime

createdAt

DateTime

updatedAt

boards

String

id

๐Ÿ—๏ธ

String

name

String

slug

String

description

โ“

Int

sortOrder

BoardStatus

status

BoardType

type

Boolean

requiresApproval

Boolean

allowAnonymousPost

Boolean

allowSecretComment

Boolean

isAdultOnly

Json

requiredTags

โ“

Json

requiredFields

โ“

AccessLevel

readLevel

AccessLevel

writeLevel

DateTime

createdAt

DateTime

updatedAt

board_moderators

String

id

๐Ÿ—๏ธ

BoardModRole

role

DateTime

createdAt

posts

String

id

๐Ÿ—๏ธ

String

title

String

content

PostStatus

status

Boolean

isAnonymous

Boolean

isPinned

Int

pinnedOrder

โ“

DateTime

createdAt

DateTime

updatedAt

DateTime

lastActivityAt

users

String

userId

๐Ÿ—๏ธ

String

nickname

String

passwordHash

โ“

String

name

DateTime

birth

String

phone

Int

rank

UserStatus

status

AuthLevel

authLevel

String

profileImage

โ“

DateTime

lastLoginAt

โ“

Boolean

isAdultVerified

Int

loginFailCount

DateTime

agreementTermsAt

DateTime

createdAt

DateTime

updatedAt

roles

String

roleId

๐Ÿ—๏ธ

String

name

String

description

โ“

DateTime

createdAt

role_permissions

String

id

๐Ÿ—๏ธ

Resource

resource

Action

action

Boolean

allowed

DateTime

createdAt

user_roles

String

id

๐Ÿ—๏ธ

DateTime

createdAt

comments

String

id

๐Ÿ—๏ธ

String

content

Boolean

isAnonymous

Boolean

isSecret

String

secretPasswordHash

โ“

DateTime

createdAt

DateTime

updatedAt

tags

String

tagId

๐Ÿ—๏ธ

String

name

String

slug

DateTime

createdAt

post_tags

String

id

๐Ÿ—๏ธ

attachments

String

id

๐Ÿ—๏ธ

String

url

AttachmentType

type

Int

size

โ“

Int

width

โ“

Int

height

โ“

Int

sortOrder

โ“

DateTime

createdAt

reactions

String

id

๐Ÿ—๏ธ

String

clientHash

โ“

ReactionType

type

DateTime

createdAt

post_view_logs

String

id

๐Ÿ—๏ธ

String

ip

โ“

String

userAgent

โ“

DateTime

createdAt

post_stats

Int

views

Int

recommendCount

Int

reportCount

Int

commentsCount

reports

String

id

๐Ÿ—๏ธ

TargetType

targetType

String

reason

String

status

DateTime

createdAt

messages

String

id

๐Ÿ—๏ธ

String

body

DateTime

readAt

โ“

DateTime

createdAt

blocks

String

id

๐Ÿ—๏ธ

DateTime

createdAt

point_transactions

String

id

๐Ÿ—๏ธ

Int

amount

String

reason

TargetType

referenceType

โ“

String

referenceId

โ“

DateTime

createdAt

level_thresholds

String

id

๐Ÿ—๏ธ

Int

level

Int

minPoints

banned_keywords

String

id

๐Ÿ—๏ธ

String

pattern

TargetType

appliesTo

Int

severity

Boolean

active

DateTime

createdAt

sanctions

String

id

๐Ÿ—๏ธ

SanctionType

type

String

reason

DateTime

startAt

DateTime

endAt

โ“

String

createdBy

โ“

audit_logs

String

id

๐Ÿ—๏ธ

String

action

TargetType

targetType

โ“

String

targetId

โ“

Json

meta

โ“

DateTime

createdAt

admin_notifications

String

id

๐Ÿ—๏ธ

String

type

String

message

TargetType

targetType

โ“

String

targetId

โ“

DateTime

createdAt

DateTime

readAt

โ“

login_sessions

String

id

๐Ÿ—๏ธ

String

device

โ“

String

ip

โ“

String

userAgent

โ“

DateTime

createdAt

DateTime

lastSeenAt

ip_blocks

String

id

๐Ÿ—๏ธ

String

ip

String

reason

โ“

Boolean

active

DateTime

createdAt

nickname_changes

String

id

๐Ÿ—๏ธ

String

oldNickname

String

newNickname

DateTime

changedAt

password_reset_tokens

String

id

๐Ÿ—๏ธ

String

token

DateTime

expiresAt

DateTime

usedAt

โ“

DateTime

createdAt

coupons

String

id

๐Ÿ—๏ธ

String

code

String

title

String

description

โ“

Int

stock

Int

maxPerUser

DateTime

expiresAt

โ“

Boolean

active

DateTime

createdAt

coupon_redemptions

String

id

๐Ÿ—๏ธ

DateTime

createdAt

partners

String

id

๐Ÿ—๏ธ

String

name

String

category

Float

latitude

Float

longitude

String

address

โ“

DateTime

createdAt

DateTime

updatedAt

banners

String

id

๐Ÿ—๏ธ

String

title

String

imageUrl

String

linkUrl

โ“

Boolean

active

Int

sortOrder

DateTime

startAt

โ“

DateTime

endAt

โ“

DateTime

createdAt

DateTime

updatedAt

partner_inquiries

String

id

๐Ÿ—๏ธ

String

name

String

contact

String

category

โ“

String

message

String

status

DateTime

createdAt

DateTime

approvedAt

โ“

partner_requests

String

id

๐Ÿ—๏ธ

String

name

String

category

Float

latitude

Float

longitude

String

address

โ“

String

contact

โ“

String

status

DateTime

createdAt

DateTime

approvedAt

โ“

 \ No newline at end of file diff --git a/src/app/api/admin/categories/[id]/route.ts b/src/app/api/admin/categories/[id]/route.ts index 515ae88..8324408 100644 --- a/src/app/api/admin/categories/[id]/route.ts +++ b/src/app/api/admin/categories/[id]/route.ts @@ -6,7 +6,11 @@ import { requirePermission } from "@/lib/rbac"; export async function PATCH(req: Request, context: { params: Promise<{ id: string }> }) { const { id } = await context.params; const userId = getUserIdFromRequest(req); - await requirePermission({ userId, resource: "ADMIN", action: "MODERATE" }); + try { + await requirePermission({ userId, resource: "ADMIN", action: "MODERATE" }); + } catch (e) { + return NextResponse.json({ error: "Forbidden" }, { status: 403 }); + } const body = await req.json().catch(() => ({})); const data: any = {}; for (const k of ["name", "slug", "sortOrder", "status"]) { @@ -19,7 +23,11 @@ export async function PATCH(req: Request, context: { params: Promise<{ id: strin export async function DELETE(req: Request, context: { params: Promise<{ id: string }> }) { const { id } = await context.params; const userId = getUserIdFromRequest(req); - await requirePermission({ userId, resource: "ADMIN", action: "MODERATE" }); + try { + await requirePermission({ userId, resource: "ADMIN", action: "MODERATE" }); + } catch (e) { + return NextResponse.json({ error: "Forbidden" }, { status: 403 }); + } await prisma.boardCategory.delete({ where: { id } }); return NextResponse.json({ ok: true }); } diff --git a/src/app/api/admin/categories/route.ts b/src/app/api/admin/categories/route.ts index 16cbff4..94fb774 100644 --- a/src/app/api/admin/categories/route.ts +++ b/src/app/api/admin/categories/route.ts @@ -20,7 +20,11 @@ const createSchema = z.object({ export async function POST(req: Request) { const userId = getUserIdFromRequest(req); - await requirePermission({ userId, resource: "ADMIN", action: "MODERATE" }); + try { + await requirePermission({ userId, resource: "ADMIN", action: "MODERATE" }); + } catch (e) { + return NextResponse.json({ error: "Forbidden" }, { status: 403 }); + } const body = await req.json().catch(() => ({})); const parsed = createSchema.safeParse(body); if (!parsed.success) return NextResponse.json({ error: parsed.error.flatten() }, { status: 400 }); diff --git a/src/app/api/posts/[id]/route.ts b/src/app/api/posts/[id]/route.ts index a2fbc77..6085d36 100644 --- a/src/app/api/posts/[id]/route.ts +++ b/src/app/api/posts/[id]/route.ts @@ -24,7 +24,11 @@ const updateSchema = z.object({ export async function PATCH(req: Request, context: { params: Promise<{ id: string }> }) { const { id } = await context.params; const userId = getUserIdFromRequest(req); - await requirePermission({ userId, resource: "POST", action: "UPDATE" }); + try { + await requirePermission({ userId, resource: "POST", action: "UPDATE" }); + } catch (e) { + return NextResponse.json({ error: "Forbidden" }, { status: 403 }); + } const body = await req.json(); const parsed = updateSchema.safeParse(body); if (!parsed.success) return NextResponse.json({ error: parsed.error.flatten() }, { status: 400 }); @@ -35,7 +39,11 @@ export async function PATCH(req: Request, context: { params: Promise<{ id: strin export async function DELETE(req: Request, context: { params: Promise<{ id: string }> }) { const { id } = await context.params; const userId = getUserIdFromRequest(req); - await requirePermission({ userId, resource: "POST", action: "DELETE" }); + try { + await requirePermission({ userId, resource: "POST", action: "DELETE" }); + } catch (e) { + return NextResponse.json({ error: "Forbidden" }, { status: 403 }); + } const post = await prisma.post.update({ where: { id }, data: { status: "deleted" } }); return NextResponse.json({ post }); } From d4aab34e43c3d3fea009bca29749b7ac19e9ac90 Mon Sep 17 00:00:00 2001 From: mota Date: Fri, 31 Oct 2025 00:02:36 +0900 Subject: [PATCH 2/2] =?UTF-8?q?=EC=96=B4=EB=93=9C=EB=AF=BC=20=ED=8E=98?= =?UTF-8?q?=EC=9D=B4=EC=A7=80=20=EC=9E=91=EC=97=85=EC=97=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/app/admin/boards/page.tsx | 503 ++++++++++++--------- src/app/api/admin/categories/[id]/route.ts | 14 - src/app/api/admin/categories/route.ts | 8 - src/app/components/AppHeader.tsx | 10 +- 4 files changed, 300 insertions(+), 235 deletions(-) diff --git a/src/app/admin/boards/page.tsx b/src/app/admin/boards/page.tsx index 09bbc53..49b692e 100644 --- a/src/app/admin/boards/page.tsx +++ b/src/app/admin/boards/page.tsx @@ -1,14 +1,39 @@ "use client"; import useSWR from "swr"; -import { useMemo, useState } from "react"; +import { useMemo, useState, useEffect, useRef } from "react"; const fetcher = (url: string) => fetch(url).then((r) => r.json()); export default function AdminBoardsPage() { const { data: boardsResp, mutate: mutateBoards } = useSWR<{ boards: any[] }>("/api/admin/boards", fetcher); const { data: catsResp, mutate: mutateCats } = useSWR<{ categories: any[] }>("/api/admin/categories", fetcher); - const boards = boardsResp?.boards ?? []; - const categories = (catsResp?.categories ?? []).sort((a: any, b: any) => (a.sortOrder ?? 0) - (b.sortOrder ?? 0)); + const rawBoards = boardsResp?.boards ?? []; + const rawCategories = catsResp?.categories ?? []; + + const [savingId, setSavingId] = useState(null); + const [dirtyBoards, setDirtyBoards] = useState>({}); + const [dirtyCats, setDirtyCats] = useState>({}); + const [savingAll, setSavingAll] = useState(false); + const [expanded, setExpanded] = useState>({}); + const dirtyCount = Object.keys(dirtyBoards).length + Object.keys(dirtyCats).length; + const [catOrder, setCatOrder] = useState([]); + const [draggingCatIndex, setDraggingCatIndex] = useState(null); + const catRefs = useRef>({}); + const boards = useMemo(() => { + return rawBoards.map((b: any) => ({ ...b, ...(dirtyBoards[b.id] ?? {}) })); + }, [rawBoards, dirtyBoards]); + const categories = useMemo(() => { + const merged = rawCategories.map((c: any) => ({ ...c, ...(dirtyCats[c.id] ?? {}) })); + return merged.sort((a: any, b: any) => (a.sortOrder ?? 0) - (b.sortOrder ?? 0)); + }, [rawCategories, dirtyCats]); + const orderedCats = useMemo(() => { + if (!catOrder.length) return categories; + const map = new Map(categories.map((c: any) => [c.id, c])); + const ordered = catOrder.map((id) => map.get(id)).filter(Boolean) as any[]; + // ์ƒˆ๋กœ ์ƒ๊ธด ์นดํ…Œ๊ณ ๋ฆฌ(id ๋ฏธํฌํ•จ)๋Š” ๋’ค์— ์ถ”๊ฐ€ + const missing = categories.filter((c: any) => !catOrder.includes(c.id)); + return [...ordered, ...missing]; + }, [categories, catOrder]); const groups = useMemo(() => { const map: Record = {}; for (const b of boards) { @@ -16,13 +41,20 @@ export default function AdminBoardsPage() { if (!map[cid]) map[cid] = []; map[cid].push(b); } - return categories.map((c: any) => ({ ...c, items: (map[c.id] ?? []).sort((a, b) => (a.sortOrder ?? 0) - (b.sortOrder ?? 0)) })); - }, [boards, categories]); + return orderedCats.map((c: any) => ({ ...c, items: (map[c.id] ?? []).sort((a, b) => (a.sortOrder ?? 0) - (b.sortOrder ?? 0)) })); + }, [boards, orderedCats]); - const [savingId, setSavingId] = useState(null); - const [dirtyBoards, setDirtyBoards] = useState>({}); - const [dirtyCats, setDirtyCats] = useState>({}); - const [savingAll, setSavingAll] = useState(false); + // ์ตœ์ดˆ/๋ฐ์ดํ„ฐ ๋ณ€๊ฒฝ ์‹œ ํ‘œ์‹œ์šฉ ์นดํ…Œ๊ณ ๋ฆฌ ์ˆœ์„œ๋ฅผ ์ดˆ๊ธฐํ™” + // ์„œ๋ฒ„ sortOrder์— ๋งž์ถฐ ์ดˆ๊ธฐ catOrder ์„ค์ • + // categories๊ฐ€ ๋ฐ”๋€” ๋•Œ๋งŒ ๋™๊ธฐํ™” + // ์‚ฌ์šฉ์ž๊ฐ€ ๋“œ๋ž˜๊ทธ๋กœ ์ˆœ์„œ๋ฅผ ๋ฐ”๊พธ๋ฉด catOrder๊ฐ€ ์šฐ์„ ๋จ + useEffect(() => { + if (draggingCatIndex !== null) return; // ๋“œ๋ž˜๊ทธ ์ค‘์—๋Š” catOrder๋ฅผ ๋ฆฌ์…‹ํ•˜์ง€ ์•Š์Œ + const next = categories.map((c: any) => c.id); + if (next.length && (next.length !== catOrder.length || next.some((id, i) => id !== catOrder[i]))) { + setCatOrder(next); + } + }, [categories, draggingCatIndex]); async function save(b: any) { setSavingId(b.id); await fetch(`/api/admin/boards/${b.id}`, { method: "PATCH", headers: { "content-type": "application/json" }, body: JSON.stringify(b) }); @@ -30,17 +62,59 @@ export default function AdminBoardsPage() { mutateBoards(); } - // DnD: ์นดํ…Œ๊ณ ๋ฆฌ ์ˆœ์„œ ๋ณ€๊ฒฝ - async function reorderCategories(next: any[]) { - // optimistic update - await Promise.all(next.map((c, idx) => fetch(`/api/admin/categories/${c.id}`, { method: "PATCH", headers: { "content-type": "application/json" }, body: JSON.stringify({ sortOrder: idx + 1 }) }))); - mutateCats(); + // DnD: ์นดํ…Œ๊ณ ๋ฆฌ ์ˆœ์„œ ๋ณ€๊ฒฝ (์ €์žฅ ์‹œ ๋ฐ˜์˜) + function reorderCategories(next: any[]) { + setDirtyCats((prev) => { + // ์„œ๋ฒ„ ๊ธฐ์ค€(๋˜๋Š” ์ด์ „ dirty ์˜ค๋ฒ„๋ผ์ด๋“œ) sortOrder ๋งต ๊ตฌ์„ฑ + const baseSort = new Map(); + // rawCategories์—๋Š” ์„œ๋ฒ„ ๊ฐ’์ด ๋“ค์–ด์žˆ์Œ + // prev์— sortOrder๊ฐ€ ์žˆ์œผ๋ฉด ์šฐ์„  ์ ์šฉ + for (const c of rawCategories) { + const prevOverride = prev[c.id]?.sortOrder; + baseSort.set(c.id, prevOverride ?? (c.sortOrder ?? 0)); + } + const updated: Record = { ...prev }; + next.forEach((c, idx) => { + const target = idx + 1; + const current = baseSort.get(c.id) ?? 0; + if (target !== current) { + updated[c.id] = { ...(updated[c.id] ?? {}), sortOrder: target }; + } else if (updated[c.id]?.sortOrder !== undefined) { + // ์ •๋ ฌ๊ฐ’์ด ๋™์ผํ•ด์กŒ๋‹ค๋ฉด ํ•ด๋‹น ํ‚ค๋งŒ ์ œ๊ฑฐ (๋‹ค๋ฅธ ์ˆ˜์ •๊ฐ’์€ ์œ ์ง€) + const { sortOrder, ...rest } = updated[c.id]; + if (Object.keys(rest).length === 0) delete updated[c.id]; else updated[c.id] = rest; + } + }); + return updated; + }); } - // DnD: ๋ณด๋“œ ์ˆœ์„œ ๋ณ€๊ฒฝ (์นดํ…Œ๊ณ ๋ฆฌ ๋‚ด๋ถ€) - async function reorderBoards(categoryId: string, nextItems: any[]) { - await Promise.all(nextItems.map((b, idx) => fetch(`/api/admin/boards/${b.id}`, { method: "PATCH", headers: { "content-type": "application/json" }, body: JSON.stringify({ sortOrder: idx + 1, categoryId }) }))); - mutateBoards(); + // DnD: ๋ณด๋“œ ์ˆœ์„œ ๋ณ€๊ฒฝ (์ €์žฅ ์‹œ ๋ฐ˜์˜) + function reorderBoards(categoryId: string, nextItems: any[]) { + setDirtyBoards((prev) => { + // ์„œ๋ฒ„ ๊ธฐ์ค€(๋˜๋Š” ์ด์ „ dirty) ์ •๋ ฌ/์นดํ…Œ๊ณ ๋ฆฌ ๋งต ๊ตฌ์„ฑ + const base = new Map(); + for (const b of rawBoards) { + const prevB = prev[b.id] ?? {}; + base.set(b.id, { + sortOrder: prevB.sortOrder ?? (b.sortOrder ?? 0), + categoryId: prevB.categoryId ?? b.categoryId, + }); + } + const updated: Record = { ...prev }; + nextItems.forEach((b, idx) => { + const targetSort = idx + 1; + const targetCat = categoryId; + const baseVal = base.get(b.id) ?? { sortOrder: b.sortOrder ?? 0, categoryId: b.categoryId }; + if (baseVal.sortOrder !== targetSort || baseVal.categoryId !== targetCat) { + updated[b.id] = { ...(updated[b.id] ?? {}), sortOrder: targetSort, categoryId: targetCat }; + } else if (updated[b.id]) { + const { sortOrder, categoryId: catId, ...rest } = updated[b.id]; + if (Object.keys(rest).length === 0) delete updated[b.id]; else updated[b.id] = rest; + } + }); + return updated; + }); } function markBoardDirty(id: string, draft: any) { @@ -49,19 +123,41 @@ export default function AdminBoardsPage() { function markCatDirty(id: string, draft: any) { setDirtyCats((prev) => ({ ...prev, [id]: draft })); } + function toggleCat(id: string) { + setExpanded((prev) => ({ ...prev, [id]: !prev[id] })); + } async function saveAll() { + const prevDirtyBoards = dirtyBoards; + const prevDirtyCats = dirtyCats; try { setSavingAll(true); const boardEntries = Object.entries(dirtyBoards); const catEntries = Object.entries(dirtyCats); - await Promise.all([ + // 1) ์„œ๋ฒ„ ์ €์žฅ (๋ณ‘๋ ฌ) - ์‹คํŒจ ์‹œ ์•„๋ž˜ catch๋กœ ์ด๋™ + const resps = await Promise.all([ ...boardEntries.map(([id, payload]) => fetch(`/api/admin/boards/${id}`, { method: "PATCH", headers: { "content-type": "application/json" }, body: JSON.stringify(payload) })), ...catEntries.map(([id, payload]) => fetch(`/api/admin/categories/${id}`, { method: "PATCH", headers: { "content-type": "application/json" }, body: JSON.stringify(payload) })), ]); + const anyFail = resps.some((r) => !r.ok); + if (anyFail) throw new Error("save_failed"); + // 2) ์„ฑ๊ณต ์‹œ: ๋จผ์ € ์„œ๋ฒ„ ๋ฐ์ดํ„ฐ๋กœ ์ตœ์‹ ํ™” โ†’ ๊ทธ ๋‹ค์Œ dirty ์ดˆ๊ธฐํ™” + await Promise.all([ + mutateBoards(undefined, { revalidate: true }), + mutateCats(undefined, { revalidate: true }), + ]); + if (typeof window !== "undefined") { + window.dispatchEvent(new Event("categories:reload")); + } setDirtyBoards({}); setDirtyCats({}); - mutateBoards(); - mutateCats(); + } catch (e) { + // ์‹คํŒจ ์‹œ: ๋ณ€๊ฒฝ ์‚ฌํ•ญ ์ทจ์†Œํ•˜๊ณ  ์„œ๋ฒ„ ์ƒํƒœ๋กœ ๋˜๋Œ๋ฆผ + setDirtyBoards({}); + setDirtyCats({}); + await Promise.all([ + mutateBoards(undefined, { revalidate: true }), + mutateCats(undefined, { revalidate: true }), + ]); } finally { setSavingAll(false); } @@ -70,75 +166,122 @@ export default function AdminBoardsPage() { return (

๊ฒŒ์‹œํŒ ๊ด€๋ฆฌ

- {/* ๋ณ€๊ฒฝ์‚ฌํ•ญ ์ €์žฅ ๋ฐ” */} - {(Object.keys(dirtyBoards).length + Object.keys(dirtyCats).length) > 0 && ( -
- -
- )} +
+ +
- {/* ๋Œ€๋ถ„๋ฅ˜ ๋ฆฌ์ŠคํŠธ (๋“œ๋ž˜๊ทธ๋กœ ์ˆœ์„œ ๋ณ€๊ฒฝ) */} + {/* ๋Œ€๋ถ„๋ฅ˜(ํ—ค๋”)์™€ ์†Œ๋ถ„๋ฅ˜(๋ณด๋“œ ํ…Œ์ด๋ธ”)๋ฅผ ํ•˜๋‚˜์˜ ๋ฆฌ์ŠคํŠธ๋กœ ํ†ตํ•ฉ, ๋Œ€๋ถ„๋ฅ˜๋ณ„ ํ† ๊ธ€ */}
-
๋Œ€๋ถ„๋ฅ˜
-
    +
    ๋Œ€๋ถ„๋ฅ˜ ๋ฐ ์†Œ๋ถ„๋ฅ˜
    +
      { + e.preventDefault(); + e.dataTransfer.dropEffect = 'move'; + if (draggingCatIndex === null) return; + const ids = (catOrder.length ? catOrder : categories.map((c: any) => c.id)); + // ํ˜„์žฌ ๋งˆ์šฐ์Šค Y์— ํ•ด๋‹นํ•˜๋Š” ํ–‰ ์ธ๋ฑ์Šค ๊ณ„์‚ฐ + let overIdx = -1; + for (let i = 0; i < ids.length; i++) { + const el = catRefs.current[ids[i]]; + if (!el) continue; + const rect = el.getBoundingClientRect(); + const mid = rect.top + rect.height / 2; + if (e.clientY < mid) { overIdx = i; break; } + } + if (overIdx === -1) overIdx = ids.length - 1; + if (overIdx === draggingCatIndex) return; + setCatOrder((order) => { + const base = order.length ? order : categories.map((c: any) => c.id); + const next = [...base]; + const [moved] = next.splice(draggingCatIndex, 1); + next.splice(overIdx, 0, moved); + setDraggingCatIndex(overIdx); + const nextCats = next.map((id) => categories.find((c: any) => c.id === id)).filter(Boolean) as any[]; + reorderCategories(nextCats); + return next; + }); + }} + onDragEnter={(e) => { e.preventDefault(); e.dataTransfer.dropEffect = 'move'; }} + onDrop={(e) => { + e.preventDefault(); + const ids = (catOrder.length ? catOrder : categories.map((c: any) => c.id)); + const nextCats = ids.map((id) => categories.find((c: any) => c.id === id)).filter(Boolean) as any[]; + reorderCategories(nextCats); + setDraggingCatIndex(null); + }} + > {groups.map((g, idx) => ( - { - const arr = [...groups]; - const [moved] = arr.splice(from, 1); - arr.splice(to, 0, moved); - reorderCategories(arr); - }} onDirty={(payload) => markCatDirty(g.id, { ...payload })} /> +
    • { catRefs.current[g.id] = el; }} + + onDrop={(e) => { + e.preventDefault(); + setDraggingCatIndex(null); + }} + onDragEnd={() => { setDraggingCatIndex(null); }} + > +
      +
      {idx + 1}
      + markCatDirty(g.id, { ...payload })} onDragStart={() => { + setDraggingCatIndex(idx); + }} /> + +
      + + {expanded[g.id] && ( +
      + + + + + + + + + + + + + + + + + + + {g.items.map((b, i) => ( + { + const list = [...g.items]; + const [mv] = list.splice(from, 1); + list.splice(to, 0, mv); + reorderBoards(g.id, list); + }} + > + markBoardDirty(id, draft)} /> + + ))} + +
      #์ด๋ฆ„slug์ฝ๊ธฐ์“ฐ๊ธฐ์ต๋ช…๋น„๋ฐ€๋Œ“์Šน์ธ์œ ํ˜•์„ฑ์ธ
      +
      + )} +
      • ))}
- - {groups.map((g) => ( -
-
-
๋Œ€๋ถ„๋ฅ˜: {g.name}
-
slug: {g.slug}
-
-
- - - - - - - - - - - - - - - - - - {g.items.map((b, i) => ( - { - const list = [...g.items]; - const [mv] = list.splice(from, 1); - list.splice(to, 0, mv); - reorderBoards(g.id, list); - }} - > - markBoardDirty(id, draft)} /> - - ))} - -
์ด๋ฆ„slug์ฝ๊ธฐ์“ฐ๊ธฐ์ต๋ช…๋น„๋ฐ€๋Œ“์Šน์ธ์œ ํ˜•์„ฑ์ธ์ •๋ ฌ
-
-
- ))}
); } @@ -175,7 +318,7 @@ function BoardRowCells({ b, onDirty }: { b: any; onDirty: (id: string, draft: an { const v = { ...edit, isAdultOnly: e.target.checked }; setEdit(v); onDirty(b.id, v); }} /> - { const v = { ...edit, sortOrder: Number(e.target.value) }; setEdit(v); onDirty(b.id, v); }} /> + ); } @@ -183,56 +326,6 @@ function BoardRowCells({ b, onDirty }: { b: any; onDirty: (id: string, draft: an function DraggableRow({ index, onMove, children }: { index: number; onMove: (from: number, to: number) => void; children: React.ReactNode }) { return ( { - e.dataTransfer.setData("text/plain", String(index)); - e.dataTransfer.effectAllowed = "move"; - // ์ˆ˜์ง๋งŒ ๋ณด์ด๊ฒŒ: ์‹ค์ œ ํ–‰์„ ๊ณ ์ • ํฌ์ง€์…˜์œผ๋กœ ๋„์›Œ ๋”ฐ๋ผ์˜ค๊ฒŒ ํ•จ + ์ „์—ญ placeholder ๋“ฑ๋ก - const row = e.currentTarget as HTMLTableRowElement; - const rect = row.getBoundingClientRect(); - const table = row.closest('table') as HTMLElement | null; - const tableRect = table?.getBoundingClientRect(); - // placeholder๋กœ ์ž๋ฆฌ๋ฅผ ์œ ์ง€ (์ „์—ญ์œผ๋กœ ์ฐธ์กฐ) - const placeholder = document.createElement('tr'); - placeholder.style.height = `${rect.height}px`; - (row.parentNode as HTMLElement).insertBefore(placeholder, row); - (window as any).__adminDnd = { placeholder, dragging: row, target: null, before: false, rAF: 0 }; - // ํ–‰์„ ๊ณ ์ • ๋ฐฐ์น˜ - const clamp = (v: number, min: number, max: number) => Math.max(min, Math.min(max, v)); - const offsetY = e.clientY - rect.top; - row.style.position = 'fixed'; - row.style.left = `${tableRect ? tableRect.left : rect.left}px`; - row.style.width = `${tableRect ? tableRect.width : rect.width}px`; - row.style.zIndex = '9999'; - row.classList.add('bg-white'); - const updatePos = (clientY: number) => { - const top = clamp(clientY - offsetY, (tableRect?.top ?? 0), (tableRect?.bottom ?? (rect.top + rect.height)) - rect.height); - row.style.top = `${top}px`; - }; - updatePos(e.clientY); - // ๊ธฐ๋ณธ ๋“œ๋ž˜๊ทธ ์ด๋ฏธ์ง€๋Š” ํˆฌ๋ช… 1x1๋กœ ์ˆจ๊น€ - const img = document.createElement('canvas'); - img.width = 1; img.height = 1; const ctx = img.getContext('2d'); ctx?.clearRect(0,0,1,1); - e.dataTransfer.setDragImage(img, 0, 0); - const onDragOver = (ev: DragEvent) => { - if (typeof ev.clientY === 'number') updatePos(ev.clientY); - }; - const cleanup = () => { - row.style.position = ''; - row.style.left = ''; - row.style.top = ''; - row.style.width = ''; - row.style.zIndex = ''; - row.classList.remove('bg-white'); - placeholder.remove(); - window.removeEventListener('dragover', onDragOver, true); - window.removeEventListener('dragend', cleanup, true); - const st = (window as any).__adminDnd; if (st?.rAF) cancelAnimationFrame(st.rAF); - (window as any).__adminDnd = undefined; - }; - window.addEventListener('dragover', onDragOver, true); - window.addEventListener('dragend', cleanup, true); - }} onDragOver={(e) => { // ์ˆ˜์ง๋งŒ ํ—ˆ์šฉ: ๊ธฐ๋ณธ ๋™์ž‘๋งŒ ์œ ์ง€ํ•˜๊ณ  ์ˆ˜ํ‰ ์ œ์Šค์ฒ˜๋Š” ๋ฌด์‹œ e.preventDefault(); @@ -275,93 +368,81 @@ function DraggableRow({ index, onMove, children }: { index: number; onMove: (fro } if (!Number.isNaN(from) && from !== to) onMove(from, to); }} - className="align-middle cursor-ns-resize select-none" + className="align-middle select-none" > + { + e.dataTransfer.setData("text/plain", String(index)); + e.dataTransfer.effectAllowed = "move"; + const row = (e.currentTarget as HTMLElement).closest('tr') as HTMLTableRowElement; + const rect = row.getBoundingClientRect(); + const table = row.closest('table') as HTMLElement | null; + const tableRect = table?.getBoundingClientRect(); + const placeholder = document.createElement('tr'); + placeholder.style.height = `${rect.height}px`; + (row.parentNode as HTMLElement).insertBefore(placeholder, row); + (window as any).__adminDnd = { placeholder, dragging: row, target: null, before: false, rAF: 0 }; + const clamp = (v: number, min: number, max: number) => Math.max(min, Math.min(max, v)); + const offsetY = e.clientY - rect.top; + row.style.position = 'fixed'; + row.style.left = `${tableRect ? tableRect.left : rect.left}px`; + row.style.width = `${tableRect ? tableRect.width : rect.width}px`; + row.style.zIndex = '9999'; + row.classList.add('bg-white'); + const updatePos = (clientY: number) => { + const top = clamp(clientY - offsetY, (tableRect?.top ?? 0), (tableRect?.bottom ?? (rect.top + rect.height)) - rect.height); + row.style.top = `${top}px`; + }; + updatePos(e.clientY); + const img = document.createElement('canvas'); + img.width = 1; img.height = 1; const ctx = img.getContext('2d'); ctx?.clearRect(0,0,1,1); + e.dataTransfer.setDragImage(img, 0, 0); + const onDragOver = (ev: DragEvent) => { if (typeof ev.clientY === 'number') updatePos(ev.clientY); }; + const cleanup = () => { + row.style.position = ''; + row.style.left = ''; + row.style.top = ''; + row.style.width = ''; + row.style.zIndex = ''; + row.classList.remove('bg-white'); + placeholder.remove(); + window.removeEventListener('dragover', onDragOver, true); + window.removeEventListener('dragend', cleanup, true); + const st = (window as any).__adminDnd; if (st?.rAF) cancelAnimationFrame(st.rAF); + (window as any).__adminDnd = undefined; + }; + window.addEventListener('dragover', onDragOver, true); + window.addEventListener('dragend', cleanup, true); + }} + >โ‰ก + {index + 1} {children} ); } -function CategoryRow({ idx, g, onMove, onDirty }: { idx: number; g: any; onMove: (from: number, to: number) => void; onDirty: (payload: any) => void }) { +function CategoryHeaderContent({ g, onDirty, onDragStart }: { g: any; onDirty: (payload: any) => void; onDragStart?: () => void }) { const [edit, setEdit] = useState({ name: g.name, slug: g.slug }); return ( -
  • { - e.dataTransfer.setData("text/plain", String(idx)); - e.dataTransfer.effectAllowed = "move"; - const item = e.currentTarget as HTMLLIElement; - const rect = item.getBoundingClientRect(); - const listRect = item.parentElement?.getBoundingClientRect(); - // placeholder (์ „์—ญ ๋“ฑ๋ก) - const placeholder = document.createElement('div'); - placeholder.style.height = `${rect.height}px`; - placeholder.style.border = '1px dashed rgba(0,0,0,0.1)'; - item.parentElement?.insertBefore(placeholder, item); - (window as any).__adminDnd = { placeholder, dragging: item, target: null, before: false, rAF: 0 }; - // fix item position - const clamp = (v: number, min: number, max: number) => Math.max(min, Math.min(max, v)); - const offsetY = e.clientY - rect.top; - item.style.position = 'fixed'; - item.style.left = `${listRect ? listRect.left : rect.left}px`; - item.style.width = `${listRect ? listRect.width : rect.width}px`; - item.style.zIndex = '9999'; - const updatePos = (y: number) => { - const top = clamp(y - offsetY, (listRect?.top ?? 0), (listRect?.bottom ?? (rect.top + rect.height)) - rect.height); - item.style.top = `${top}px`; - }; - updatePos(e.clientY); - // hide default drag image - const img = document.createElement('canvas'); img.width = 1; img.height = 1; e.dataTransfer.setDragImage(img, 0, 0); - const onDragOver = (ev: DragEvent) => { if (typeof ev.clientY === 'number') updatePos(ev.clientY); }; - const cleanup = () => { const st = (window as any).__adminDnd; if (st?.rAF) cancelAnimationFrame(st.rAF); item.style.position=''; item.style.left=''; item.style.top=''; item.style.width=''; item.style.zIndex=''; placeholder.remove(); window.removeEventListener('dragover', onDragOver, true); window.removeEventListener('dragend', cleanup, true); (window as any).__adminDnd = undefined; }; - window.addEventListener('dragover', onDragOver, true); - window.addEventListener('dragend', cleanup, true); - }} - onDragOver={(e) => { - e.preventDefault(); - e.dataTransfer.dropEffect = 'move'; - const state = (window as any).__adminDnd || {}; - const current = e.currentTarget as HTMLElement; - const r = current.getBoundingClientRect(); - state.target = current; - state.before = e.clientY < r.top + r.height / 2; - if (!state.rAF) { - state.rAF = requestAnimationFrame(() => { - const st = (window as any).__adminDnd || {}; - if (!st.placeholder || !st.target || !st.target.parentElement) { st.rAF = 0; return; } - const parent = st.target.parentElement as HTMLElement; - const desiredNode = st.before ? st.target : (st.target.nextSibling as any); - if (desiredNode !== st.placeholder) { - parent.insertBefore(st.placeholder, desiredNode || null); - if (st.dragging) { - const pr = st.placeholder.getBoundingClientRect(); - (st.dragging as HTMLElement).style.top = `${pr.top}px`; - } - } - st.rAF = 0; - }); - } - }} - onDrop={(e) => { - e.preventDefault(); - const from = Number(e.dataTransfer.getData("text/plain")); - const state = (window as any).__adminDnd || {}; - const ph: HTMLElement | undefined = state.placeholder; - let to = idx; - if (ph && ph.parentElement) { - to = Array.from(ph.parentElement.children).indexOf(ph); - ph.remove(); - } - if (!Number.isNaN(from) && from !== to) onMove(from, to); - }} - > -
    โ‰ก
    + <> +
    { + e.dataTransfer.setData("text/plain", "category-drag"); + e.dataTransfer.effectAllowed = 'move'; + const img = document.createElement('canvas'); img.width = 1; img.height = 1; e.dataTransfer.setDragImage(img, 0, 0); + onDragStart && onDragStart(); + }} + title="๋“œ๋ž˜๊ทธํ•˜์—ฌ ์ˆœ์„œ ๋ณ€๊ฒฝ" + >โ‰ก
    { const v = { ...edit, name: e.target.value }; setEdit(v); onDirty(v); }} /> { const v = { ...edit, slug: e.target.value }; setEdit(v); onDirty(v); }} />
    -
    • + ); } diff --git a/src/app/api/admin/categories/[id]/route.ts b/src/app/api/admin/categories/[id]/route.ts index 8324408..d1b5497 100644 --- a/src/app/api/admin/categories/[id]/route.ts +++ b/src/app/api/admin/categories/[id]/route.ts @@ -1,16 +1,8 @@ import { NextResponse } from "next/server"; import prisma from "@/lib/prisma"; -import { getUserIdFromRequest } from "@/lib/auth"; -import { requirePermission } from "@/lib/rbac"; export async function PATCH(req: Request, context: { params: Promise<{ id: string }> }) { const { id } = await context.params; - const userId = getUserIdFromRequest(req); - try { - await requirePermission({ userId, resource: "ADMIN", action: "MODERATE" }); - } catch (e) { - return NextResponse.json({ error: "Forbidden" }, { status: 403 }); - } const body = await req.json().catch(() => ({})); const data: any = {}; for (const k of ["name", "slug", "sortOrder", "status"]) { @@ -22,12 +14,6 @@ export async function PATCH(req: Request, context: { params: Promise<{ id: strin export async function DELETE(req: Request, context: { params: Promise<{ id: string }> }) { const { id } = await context.params; - const userId = getUserIdFromRequest(req); - try { - await requirePermission({ userId, resource: "ADMIN", action: "MODERATE" }); - } catch (e) { - return NextResponse.json({ error: "Forbidden" }, { status: 403 }); - } await prisma.boardCategory.delete({ where: { id } }); return NextResponse.json({ ok: true }); } diff --git a/src/app/api/admin/categories/route.ts b/src/app/api/admin/categories/route.ts index 94fb774..f002837 100644 --- a/src/app/api/admin/categories/route.ts +++ b/src/app/api/admin/categories/route.ts @@ -1,8 +1,6 @@ import { NextResponse } from "next/server"; import prisma from "@/lib/prisma"; import { z } from "zod"; -import { getUserIdFromRequest } from "@/lib/auth"; -import { requirePermission } from "@/lib/rbac"; export async function GET() { const categories = await prisma.boardCategory.findMany({ @@ -19,12 +17,6 @@ const createSchema = z.object({ }); export async function POST(req: Request) { - const userId = getUserIdFromRequest(req); - try { - await requirePermission({ userId, resource: "ADMIN", action: "MODERATE" }); - } catch (e) { - return NextResponse.json({ error: "Forbidden" }, { status: 403 }); - } const body = await req.json().catch(() => ({})); const parsed = createSchema.safeParse(body); if (!parsed.success) return NextResponse.json({ error: parsed.error.flatten() }, { status: 400 }); diff --git a/src/app/components/AppHeader.tsx b/src/app/components/AppHeader.tsx index 97020f2..8ab7e6a 100644 --- a/src/app/components/AppHeader.tsx +++ b/src/app/components/AppHeader.tsx @@ -56,13 +56,19 @@ export function AppHeader() { setOpenSlug(null); }, 150); }, [cancelClose]); - // ์นดํ…Œ๊ณ ๋ฆฌ ๋กœ๋“œ - React.useEffect(() => { + // ์นดํ…Œ๊ณ ๋ฆฌ ๋กœ๋“œ + ์™ธ๋ถ€์—์„œ ์ƒˆ๋กœ๊ณ ์นจ ํŠธ๋ฆฌ๊ฑฐ ์ง€์› + const reloadCategories = React.useCallback(() => { fetch("/api/categories", { cache: "no-store" }) .then((r) => r.json()) .then((d) => setCategories(d?.categories || [])) .catch(() => setCategories([])); }, []); + React.useEffect(() => { + reloadCategories(); + const onRefresh = () => reloadCategories(); + window.addEventListener("categories:reload", onRefresh); + return () => window.removeEventListener("categories:reload", onRefresh); + }, [reloadCategories]); // ESC๋กœ ๋ฉ”๊ฐ€๋ฉ”๋‰ด ๋‹ซ๊ธฐ React.useEffect(() => {