UNPKG

datacops-cms

Version:

A modern, extensible CMS built with Next.js and Prisma.

github.com/TryDataCops/DataCops-CMS

TryDataCops/DataCops-CMS

128 lines (110 loc) 4.15 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
/* eslint-disable @typescript-eslint/no-explicit-any */ /* eslint-disable @typescript-eslint/ban-ts-comment */ import { modelName } from "@/lib/modelName"; import { PrismaClient } from "@prisma/client"; import { NextRequest, NextResponse } from "next/server"; import { checkAllowed } from "../route"; const prisma = new PrismaClient(); // GET /api/content/[type]/[id] export async function GET( req: NextRequest, { params }: { params: { type: string; id: string } } ) { const { type, id } = await params; const model = modelName(type); const allowed = await checkAllowed(type, "GET", req); if (!allowed) { return NextResponse.json({ error: "You are not allowed to perform this action" }, { status: 403 }); } try { // @ts-ignore let item = await prisma[model].findUnique({ where: { id } }); if (!item) return NextResponse.json({ error: "Not found" }, { status: 404 }); // Auto-promote scheduled-to-published if due (optional, can remove) if ( item.status === "Scheduled" && item.schedule && new Date(item.schedule) <= new Date() ) { // @ts-ignore item = await prisma[model].update({ where: { id }, data: { status: "Published", schedule: null }, }); } return NextResponse.json(item); } catch (e: any) { return NextResponse.json({ error: e.message }, { status: 400 }); } } // PUT /api/content/[type]/[id] export async function PATCH( req: NextRequest, { params }: { params: { type: string; id: string } } ) { const { type, id } = await params; const model = modelName(type); const allowed = await checkAllowed(type, "PATCH", req); if (!allowed) { return NextResponse.json({ error: "You are not allowed to perform this action" }, { status: 403 }); } try { const data = await req.json(); // Don't allow updating id, createdAt, updatedAt fields ["id", "createdAt", "updatedAt"].forEach(f => { if (f in data) delete data[f]; }); // Fix schedule field for Prisma if ("schedule" in data) { if (!data.schedule) { data.schedule = null; } else if (data.status === "Scheduled" && typeof data.schedule === "string") { if (!data.schedule) { return NextResponse.json( { error: "Schedule date is required for Scheduled status." }, { status: 400 } ); } const scheduleDate = new Date(data.schedule); if (isNaN(scheduleDate.getTime()) || scheduleDate <= new Date()) { return NextResponse.json( { error: "Schedule date must be a valid future date/time." }, { status: 400 } ); } data.schedule = scheduleDate.toISOString(); } } // @ts-ignore const updated = await prisma[model].update({ where: { id }, data, }); return NextResponse.json(updated); } catch (e: any) { return NextResponse.json({ error: e.message }, { status: 400 }); } } // Optionally: DELETE export async function DELETE( req: NextRequest, { params }: { params: { type: string; id: string } } ) { const { type, id } = await params; const model = modelName(type); const allowed = await checkAllowed(type, "DELETE", req); if (!allowed) { return NextResponse.json({ error: "You are not allowed to perform this action" }, { status: 403 }); } try { // @ts-ignore const deleted = await prisma[model].delete({ where: { id } }); return NextResponse.json(deleted); } catch (e: any) { return NextResponse.json({ error: e.message }, { status: 400 }); } }