36 lines
1.2 KiB
TypeScript
36 lines
1.2 KiB
TypeScript
import { NextResponse } from "next/server";
|
|
import prisma from "@/lib/prisma";
|
|
import { z } from "zod";
|
|
import { getUserIdFromRequest } from "@/lib/auth";
|
|
import { requirePermission } from "@/lib/rbac";
|
|
|
|
export async function GET() {
|
|
const categories = await prisma.boardCategory.findMany({
|
|
orderBy: [{ sortOrder: "asc" }, { createdAt: "asc" }],
|
|
});
|
|
return NextResponse.json({ categories });
|
|
}
|
|
|
|
const createSchema = z.object({
|
|
name: z.string().min(1),
|
|
slug: z.string().min(1),
|
|
sortOrder: z.coerce.number().int().optional(),
|
|
status: z.enum(["active", "hidden"]).optional(),
|
|
});
|
|
|
|
export async function POST(req: Request) {
|
|
const userId = getUserIdFromRequest(req);
|
|
try {
|
|
await requirePermission({ userId, resource: "ADMIN", action: "MODERATE" });
|
|
} catch (e) {
|
|
return NextResponse.json({ error: "Forbidden" }, { status: 403 });
|
|
}
|
|
const body = await req.json().catch(() => ({}));
|
|
const parsed = createSchema.safeParse(body);
|
|
if (!parsed.success) return NextResponse.json({ error: parsed.error.flatten() }, { status: 400 });
|
|
const category = await prisma.boardCategory.create({ data: parsed.data });
|
|
return NextResponse.json({ category }, { status: 201 });
|
|
}
|
|
|
|
|