feat: implement core platform features including business directory, admin dashboard, authentication, and API infrastructure
Some checks failed
Build and Push App / build (push) Failing after 16m2s
Some checks failed
Build and Push App / build (push) Failing after 16m2s
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import prisma from '../../../../lib/prisma'
|
||||
import prisma from '@/lib/prisma'
|
||||
|
||||
type Params = { params: Promise<{ id: string }> }
|
||||
|
||||
@@ -49,12 +49,48 @@ export async function PATCH(
|
||||
|
||||
// DELETE /api/businesses/[id]
|
||||
export async function DELETE(
|
||||
_request: NextRequest,
|
||||
request: NextRequest,
|
||||
context: { params: Promise<{ id: string }> }
|
||||
): Promise<Response> {
|
||||
try {
|
||||
const { id } = await context.params
|
||||
const headerUserId = request.headers.get('x-user-id')
|
||||
|
||||
// 1. Find business to check owner
|
||||
const business = await prisma.business.findUnique({
|
||||
where: { id },
|
||||
select: { ownerId: true }
|
||||
})
|
||||
|
||||
if (!business) {
|
||||
return NextResponse.json({ error: 'Boutique non trouvée' }, { status: 404 })
|
||||
}
|
||||
|
||||
// 2. Auth check (Owner or Admin)
|
||||
const user = headerUserId ? await prisma.user.findUnique({ where: { id: headerUserId } }) : null
|
||||
const isAdmin = user?.role === 'ADMIN'
|
||||
const isOwner = business.ownerId === headerUserId
|
||||
|
||||
if (!isOwner && !isAdmin) {
|
||||
return NextResponse.json({ error: 'Non autorisé' }, { status: 403 })
|
||||
}
|
||||
|
||||
// 3. Delete business
|
||||
await prisma.business.delete({ where: { id } })
|
||||
|
||||
// 4. Update user role if they don't have other businesses
|
||||
if (headerUserId && !isAdmin) {
|
||||
const otherBusinesses = await prisma.business.findFirst({
|
||||
where: { ownerId: headerUserId }
|
||||
})
|
||||
if (!otherBusinesses) {
|
||||
await prisma.user.update({
|
||||
where: { id: headerUserId },
|
||||
data: { role: 'VISITOR' }
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
return NextResponse.json({ success: true })
|
||||
} catch (error) {
|
||||
console.error('DELETE /api/businesses/[id] error:', error)
|
||||
|
||||
Reference in New Issue
Block a user