hermes-web/app/api/account/impersonate/route.ts

91 lines
2.8 KiB
TypeScript
Raw Permalink Normal View History

2024-01-04 16:57:32 -05:00
import { db } from "@/lib/db"
import { NextResponse } from "next/server";
import fetchUser from "@/lib/fetch-user";
export async function GET(req: Request) {
try {
const user = await fetchUser(req)
if (!user || user.role != "ADMIN") {
2024-08-25 17:35:46 -04:00
return NextResponse.json({ message: 'Unauthorized.', error: null, value: null }, { status: 401 });
2024-01-04 16:57:32 -05:00
}
const impersonation = await db.impersonation.findFirst({
where: {
sourceId: user.id
}
});
return NextResponse.json(impersonation);
} catch (error) {
console.log("[AUTH/ACCOUNT/IMPERSONATION]", error);
2024-08-25 17:35:46 -04:00
return NextResponse.json({ message: 'Something went wrong', error: error, value: null }, { status: 500 })
2024-01-04 16:57:32 -05:00
}
}
export async function POST(req: Request) {
try {
const user = await fetchUser(req)
if (!user || user.role != "ADMIN") {
2024-08-25 17:35:46 -04:00
return NextResponse.json({ message: 'Unauthorized.', error: null, value: null }, { status: 401 });
2024-01-04 16:57:32 -05:00
}
const { targetId } = await req.json();
const impersonation = await db.impersonation.create({
data: {
sourceId: user.id,
targetId
}
});
return NextResponse.json(impersonation);
} catch (error) {
console.log("[AUTH/ACCOUNT/IMPERSONATION]", error);
2024-08-25 17:35:46 -04:00
return NextResponse.json({ message: 'Something went wrong', error: error, value: null }, { status: 500 })
2024-01-04 16:57:32 -05:00
}
}
export async function PUT(req: Request) {
try {
const user = await fetchUser(req)
if (!user || user.role != "ADMIN") {
2024-08-25 17:35:46 -04:00
return NextResponse.json({ message: 'Unauthorized.', error: null, value: null }, { status: 401 });
2024-01-04 16:57:32 -05:00
}
const { targetId } = await req.json();
const impersonation = await db.impersonation.update({
where: {
sourceId: user.id,
},
data: {
targetId
}
});
return NextResponse.json(impersonation);
} catch (error) {
console.log("[AUTH/ACCOUNT/IMPERSONATION]", error);
2024-08-25 17:35:46 -04:00
return NextResponse.json({ message: 'Something went wrong', error: error, value: null }, { status: 500 })
2024-01-04 16:57:32 -05:00
}
}
export async function DELETE(req: Request) {
try {
const user = await fetchUser(req)
if (!user || user.role != "ADMIN") {
2024-08-25 17:35:46 -04:00
return NextResponse.json({ message: 'Unauthorized.', error: null, value: null }, { status: 401 });
2024-01-04 16:57:32 -05:00
}
const impersonation = await db.impersonation.delete({
where: {
sourceId: user.id
}
});
return NextResponse.json(impersonation)
} catch (error) {
console.log("[AUTH/ACCOUNT/IMPERSONATION]", error);
2024-08-25 17:35:46 -04:00
return NextResponse.json({ message: 'Something went wrong.', error: null, value: null }, { status: 500 })
2024-01-04 16:57:32 -05:00
}
}