fieles neues
This commit is contained in:
KNSONWS
@@ -125,6 +125,98 @@ app.post('/api/admin/create-user', requireAdminSecret, async (req, res) => {
|
||||
}
|
||||
});
|
||||
|
||||
app.patch('/api/admin/update-user', requireAdminSecret, async (req, res) => {
|
||||
try {
|
||||
const { userId: targetUserId, userName, locationId, role: newRole } = req.body || {};
|
||||
if (!targetUserId) {
|
||||
return res.status(400).json({ error: 'userId erforderlich' });
|
||||
}
|
||||
if (!ENDPOINT || !PROJECT_ID || !API_KEY) {
|
||||
return res.status(500).json({ error: 'Server-Konfiguration unvollständig' });
|
||||
}
|
||||
|
||||
const client = new Client().setEndpoint(ENDPOINT).setProject(PROJECT_ID).setKey(API_KEY);
|
||||
const users = new Users(client);
|
||||
const teams = new Teams(client);
|
||||
const db = new Databases(client);
|
||||
|
||||
const metaRes = await db.listDocuments(DATABASE_ID, 'users_meta', [
|
||||
Query.equal('userId', [targetUserId]),
|
||||
Query.limit(1),
|
||||
]);
|
||||
const metaDoc = metaRes.documents[0];
|
||||
if (!metaDoc) {
|
||||
return res.status(404).json({ error: 'Benutzer nicht gefunden' });
|
||||
}
|
||||
|
||||
const updates = {};
|
||||
const newUserName = userName !== undefined ? String(userName).trim() : null;
|
||||
if (newUserName !== null) updates.userName = newUserName;
|
||||
if (locationId !== undefined) updates.locationId = locationId || '';
|
||||
|
||||
if (newUserName && newUserName !== metaDoc.userName) {
|
||||
const assetsRes = await db.listDocuments(DATABASE_ID, 'assets', [
|
||||
Query.equal('zustaendig', [metaDoc.userName]),
|
||||
Query.limit(500),
|
||||
]);
|
||||
for (const a of assetsRes.documents) {
|
||||
await db.updateDocument(DATABASE_ID, 'assets', a.$id, { zustaendig: newUserName });
|
||||
}
|
||||
}
|
||||
|
||||
if (newRole !== undefined) {
|
||||
if (!TEAM_ROLES.includes(newRole)) {
|
||||
return res.status(400).json({ error: 'Ungültige Rolle', allowed: TEAM_ROLES });
|
||||
}
|
||||
updates.role = newRole;
|
||||
|
||||
const appUser = await users.get(targetUserId);
|
||||
const email = appUser.email;
|
||||
|
||||
for (const teamId of TEAM_ROLES) {
|
||||
try {
|
||||
const list = await teams.listMemberships(teamId, [Query.limit(100)]);
|
||||
const membership = list.memberships.find((m) => m.userId === targetUserId);
|
||||
if (membership) {
|
||||
await teams.deleteMembership(teamId, membership.$id);
|
||||
}
|
||||
} catch (e) {
|
||||
if (e.code !== 404) console.warn('deleteMembership:', e.message);
|
||||
}
|
||||
}
|
||||
try {
|
||||
await teams.createMembership(newRole, [], email, targetUserId, undefined, `${ENDPOINT}/auth/confirm`);
|
||||
} catch (err) {
|
||||
if (err.code !== 409) console.warn('createMembership:', err.message);
|
||||
}
|
||||
}
|
||||
|
||||
if (Object.keys(updates).length > 0) {
|
||||
if (updates.userName && metaDoc.userName) {
|
||||
try {
|
||||
const assetsRes = await db.listDocuments(DATABASE_ID, 'assets', [
|
||||
Query.equal('zustaendig', [metaDoc.userName]),
|
||||
Query.limit(500),
|
||||
]);
|
||||
for (const a of assetsRes.documents) {
|
||||
await db.updateDocument(DATABASE_ID, 'assets', a.$id, {
|
||||
zustaendig: updates.userName,
|
||||
});
|
||||
}
|
||||
} catch (e) {
|
||||
console.warn('Asset zustaendig-Update:', e.message);
|
||||
}
|
||||
}
|
||||
await db.updateDocument(DATABASE_ID, 'users_meta', metaDoc.$id, updates);
|
||||
}
|
||||
|
||||
return res.status(200).json({ userId: targetUserId, ...updates });
|
||||
} catch (err) {
|
||||
console.error('update-user error:', err);
|
||||
return res.status(500).json({ error: err.message || 'Interner Serverfehler' });
|
||||
}
|
||||
});
|
||||
|
||||
const PORT = process.env.API_PORT || 3001;
|
||||
app.listen(PORT, () => {
|
||||
console.log(`API server http://localhost:${PORT}`);
|
||||
|
||||
Reference in New Issue
Block a user