adminpepe/Lageplan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v1.0.2: Fix PDF generation (react-pdf v4), fix Next.js 15 async params in all API routes

Browse Source
This commit is contained in:
Pepe Ziberi
2026-02-21 13:56:44 +01:00
parent 10464d34ff
commit 2b7a89174a
22 changed files with 263 additions and 348 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/app/api/projects/[id]/features/route.ts
View File

@@ -6,21 +6,22 @@ import { getProjectWithTenantCheck } from '@/lib/tenant'
export async function GET(
request: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
}
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) {
return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
}
const features = await (prisma as any).feature.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: { createdAt: 'asc' },
})
@@ -33,9 +34,10 @@ export async function GET(
export async function POST(
request: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
@@ -45,7 +47,7 @@ export async function POST(
return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
}
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) {
return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
}
@@ -66,7 +68,7 @@ export async function POST(
const feature = await (prisma as any).feature.create({
data: {
projectId: params.id,
projectId: id,
type: validated.data.type,
geometry: validated.data.geometry,
properties: validated.data.properties || {},
@@ -82,9 +84,10 @@ export async function POST(
export async function PUT(
request: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
@@ -94,11 +97,11 @@ export async function PUT(
return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
}
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) {
const exists = await (prisma as any).project.findUnique({ where: { id: params.id }, select: { id: true, tenantId: true, ownerId: true } })
const exists = await (prisma as any).project.findUnique({ where: { id }, select: { id: true, tenantId: true, ownerId: true } })
if (!exists) {
console.warn(`[Features PUT] Project ${params.id} not in DB`)
console.warn(`[Features PUT] Project ${id} not in DB`)
return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
}
console.warn(`[Features PUT] Access denied: user=${user.id} tenant=${user.tenantId}, project owner=${exists.ownerId} tenant=${exists.tenantId}`)
@@ -113,13 +116,13 @@ export async function PUT(
const { features } = body as { features: Array<{ id?: string; type: string; geometry: object; properties?: object }> }
await (prisma as any).feature.deleteMany({
where: { projectId: params.id },
where: { projectId: id },
})
if (features && features.length > 0) {
await (prisma as any).feature.createMany({
data: features.map((f: any) => ({
projectId: params.id,
projectId: id,
type: f.type,
geometry: f.geometry,
properties: f.properties || {},
@@ -128,7 +131,7 @@ export async function PUT(
}
const updatedFeatures = await (prisma as any).feature.findMany({
where: { projectId: params.id },
where: { projectId: id },
})
return NextResponse.json({ features: updatedFeatures })

18
src/app/api/projects/[id]/journal/check-items/[itemId]/route.ts
View File

@@ -4,18 +4,19 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// PUT: Toggle confirmed/ok on a check item
export async function PUT(req: NextRequest, { params }: { params: { id: string; itemId: string } }) {
export async function PUT(req: NextRequest, { params }: { params: Promise<{ id: string; itemId: string }> }) {
try {
const { id, itemId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
// Verify item belongs to this project
const existing = await (prisma as any).journalCheckItem.findFirst({
where: { id: params.itemId, projectId: params.id },
where: { id: itemId, projectId: id },
})
if (!existing) return NextResponse.json({ error: 'Element nicht gefunden' }, { status: 404 })
@@ -32,7 +33,7 @@ export async function PUT(req: NextRequest, { params }: { params: { id: string;
}
const item = await (prisma as any).journalCheckItem.update({
where: { id: params.itemId },
where: { id: itemId },
data,
})
return NextResponse.json(item)
@@ -43,22 +44,23 @@ export async function PUT(req: NextRequest, { params }: { params: { id: string;
}
// DELETE
export async function DELETE(req: NextRequest, { params }: { params: { id: string; itemId: string } }) {
export async function DELETE(req: NextRequest, { params }: { params: Promise<{ id: string; itemId: string }> }) {
try {
const { id, itemId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
// Verify item belongs to this project
const existing = await (prisma as any).journalCheckItem.findFirst({
where: { id: params.itemId, projectId: params.id },
where: { id: itemId, projectId: id },
})
if (!existing) return NextResponse.json({ error: 'Element nicht gefunden' }, { status: 404 })
await (prisma as any).journalCheckItem.delete({ where: { id: params.itemId } })
await (prisma as any).journalCheckItem.delete({ where: { id: itemId } })
return NextResponse.json({ ok: true })
} catch (error) {
console.error('Error deleting check item:', error)

11
src/app/api/projects/[id]/journal/check-items/route.ts
View File

@@ -4,13 +4,14 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// POST: Add check item (or initialize from templates)
export async function POST(req: NextRequest, { params }: { params: { id: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const body = await req.json()
@@ -18,7 +19,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
// If 'initFromTemplates' is true, create check items from templates (only if none exist)
if (body.initFromTemplates) {
const existing = await (prisma as any).journalCheckItem.findMany({
where: { projectId: params.id },
where: { projectId: id },
})
if (existing.length > 0) {
return NextResponse.json(existing)
@@ -31,7 +32,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
templates.map((tpl: any, i: number) =>
(prisma as any).journalCheckItem.create({
data: {
projectId: params.id,
projectId: id,
label: tpl.label,
sortOrder: i,
},
@@ -44,7 +45,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
// Single item creation
const item = await (prisma as any).journalCheckItem.create({
data: {
projectId: params.id,
projectId: id,
label: body.label || '',
sortOrder: body.sortOrder || 0,
},

20
src/app/api/projects/[id]/journal/entries/[entryId]/route.ts
View File

@@ -4,17 +4,18 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// PUT: Update a journal entry — only toggle done status allowed directly
export async function PUT(req: NextRequest, { params }: { params: { id: string; entryId: string } }) {
export async function PUT(req: NextRequest, { params }: { params: Promise<{ id: string; entryId: string }> }) {
try {
const { id, entryId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const existing = await (prisma as any).journalEntry.findFirst({
where: { id: params.entryId, projectId: params.id },
where: { id: entryId, projectId: id },
})
if (!existing) return NextResponse.json({ error: 'Eintrag nicht gefunden' }, { status: 404 })
@@ -23,7 +24,7 @@ export async function PUT(req: NextRequest, { params }: { params: { id: string;
// Only done toggle is allowed as direct edit
if (body.done !== undefined) {
const entry = await (prisma as any).journalEntry.update({
where: { id: params.entryId },
where: { id: entryId },
data: { done: body.done, doneAt: body.done ? new Date() : null },
})
return NextResponse.json(entry)
@@ -38,17 +39,18 @@ export async function PUT(req: NextRequest, { params }: { params: { id: string;
// POST: Create a correction for a journal entry (replaces DELETE)
// Marks the original as corrected (strikethrough) and creates a new correction entry below it
export async function POST(req: NextRequest, { params }: { params: { id: string; entryId: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string; entryId: string }> }) {
try {
const { id, entryId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const existing = await (prisma as any).journalEntry.findFirst({
where: { id: params.entryId, projectId: params.id },
where: { id: entryId, projectId: id },
})
if (!existing) return NextResponse.json({ error: 'Eintrag nicht gefunden' }, { status: 404 })
@@ -69,7 +71,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string;
// Mark original as corrected
await (prisma as any).journalEntry.update({
where: { id: params.entryId },
where: { id: entryId },
data: { isCorrected: true },
})
@@ -81,7 +83,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string;
who: body.who || existing.who || user.name,
sortOrder: existing.sortOrder + 1,
correctionOfId: existing.id,
projectId: params.id,
projectId: id,
},
})

7
src/app/api/projects/[id]/journal/entries/route.ts
View File

@@ -4,19 +4,20 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// POST: Add a new journal entry
export async function POST(req: NextRequest, { params }: { params: { id: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const body = await req.json()
const entry = await (prisma as any).journalEntry.create({
data: {
projectId: params.id,
projectId: id,
time: body.time ? new Date(body.time) : new Date(),
what: body.what || '',
who: body.who || null,

18
src/app/api/projects/[id]/journal/pendenzen/[pendenzId]/route.ts
View File

@@ -4,18 +4,19 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// PUT: Update a pendenz
export async function PUT(req: NextRequest, { params }: { params: { id: string; pendenzId: string } }) {
export async function PUT(req: NextRequest, { params }: { params: Promise<{ id: string; pendenzId: string }> }) {
try {
const { id, pendenzId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
// Verify pendenz belongs to this project
const existing = await (prisma as any).journalPendenz.findFirst({
where: { id: params.pendenzId, projectId: params.id },
where: { id: pendenzId, projectId: id },
})
if (!existing) return NextResponse.json({ error: 'Pendenz nicht gefunden' }, { status: 404 })
@@ -30,7 +31,7 @@ export async function PUT(req: NextRequest, { params }: { params: { id: string;
}
const item = await (prisma as any).journalPendenz.update({
where: { id: params.pendenzId },
where: { id: pendenzId },
data,
})
return NextResponse.json(item)
@@ -41,22 +42,23 @@ export async function PUT(req: NextRequest, { params }: { params: { id: string;
}
// DELETE
export async function DELETE(req: NextRequest, { params }: { params: { id: string; pendenzId: string } }) {
export async function DELETE(req: NextRequest, { params }: { params: Promise<{ id: string; pendenzId: string }> }) {
try {
const { id, pendenzId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
// Verify pendenz belongs to this project
const existing = await (prisma as any).journalPendenz.findFirst({
where: { id: params.pendenzId, projectId: params.id },
where: { id: pendenzId, projectId: id },
})
if (!existing) return NextResponse.json({ error: 'Pendenz nicht gefunden' }, { status: 404 })
await (prisma as any).journalPendenz.delete({ where: { id: params.pendenzId } })
await (prisma as any).journalPendenz.delete({ where: { id: pendenzId } })
return NextResponse.json({ ok: true })
} catch (error) {
console.error('Error deleting pendenz:', error)

7
src/app/api/projects/[id]/journal/pendenzen/route.ts
View File

@@ -4,19 +4,20 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// POST: Add a new pendenz
export async function POST(req: NextRequest, { params }: { params: { id: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const body = await req.json()
const item = await (prisma as any).journalPendenz.create({
data: {
projectId: params.id,
projectId: id,
what: body.what || '',
who: body.who || null,
whenHow: body.whenHow || null,

11
src/app/api/projects/[id]/journal/route.ts
View File

@@ -4,25 +4,26 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
// GET all journal data for a project (entries, check items, pendenzen)
export async function GET(req: NextRequest, { params }: { params: { id: string } }) {
export async function GET(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const [entries, checkItems, pendenzen] = await Promise.all([
(prisma as any).journalEntry.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: [{ time: 'asc' }, { sortOrder: 'asc' }, { createdAt: 'asc' }],
}),
(prisma as any).journalCheckItem.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: { sortOrder: 'asc' },
}),
(prisma as any).journalPendenz.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: { sortOrder: 'asc' },
}),
])

11
src/app/api/projects/[id]/journal/send-report/route.ts
View File

@@ -4,12 +4,13 @@ import { getSession } from '@/lib/auth'
import { getProjectWithTenantCheck } from '@/lib/tenant'
import { sendEmail } from '@/lib/email'
export async function POST(req: NextRequest, { params }: { params: { id: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
// Load tenant logo
@@ -32,17 +33,17 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
// Load journal data
const entries = await (prisma as any).journalEntry.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: [{ time: 'asc' }, { sortOrder: 'asc' }],
})
const checkItems = await (prisma as any).journalCheckItem.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: { sortOrder: 'asc' },
})
const pendenzen = await (prisma as any).journalPendenz.findMany({
where: { projectId: params.id },
where: { projectId: id },
orderBy: { sortOrder: 'asc' },
})

23
src/app/api/projects/[id]/plan-image/route.ts
View File

@@ -5,13 +5,14 @@ import { getProjectWithTenantCheck } from '@/lib/tenant'
import { uploadFile, deleteFile, getFileUrl } from '@/lib/minio'
// POST: Upload a plan image for a project
export async function POST(req: NextRequest, { params }: { params: { id: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const formData = await req.formData()
@@ -37,7 +38,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
// Upload to MinIO
const buffer = Buffer.from(await file.arrayBuffer())
const ext = file.name.split('.').pop() || 'png'
const fileKey = `plans/${params.id}/${Date.now()}.${ext}`
const fileKey = `plans/${id}/${Date.now()}.${ext}`
await uploadFile(fileKey, buffer, file.type)
// Parse bounds or use default (current map view)
@@ -48,7 +49,7 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
// Update project
await (prisma as any).project.update({
where: { id: params.id },
where: { id },
data: {
planImageKey: fileKey,
planBounds: bounds,
@@ -70,13 +71,14 @@ export async function POST(req: NextRequest, { params }: { params: { id: string
}
// DELETE: Remove the plan image
export async function DELETE(req: NextRequest, { params }: { params: { id: string } }) {
export async function DELETE(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
if (user.role === 'VIEWER') return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const p = project as any
@@ -85,7 +87,7 @@ export async function DELETE(req: NextRequest, { params }: { params: { id: strin
}
await (prisma as any).project.update({
where: { id: params.id },
where: { id },
data: { planImageKey: null, planBounds: null },
})
@@ -97,19 +99,20 @@ export async function DELETE(req: NextRequest, { params }: { params: { id: strin
}
// PATCH: Update plan bounds (repositioning)
export async function PATCH(req: NextRequest, { params }: { params: { id: string } }) {
export async function PATCH(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
const project = await getProjectWithTenantCheck(params.id, user)
const project = await getProjectWithTenantCheck(id, user)
if (!project) return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
const body = await req.json()
if (!body.bounds) return NextResponse.json({ error: 'Bounds erforderlich' }, { status: 400 })
await (prisma as any).project.update({
where: { id: params.id },
where: { id },
data: { planBounds: body.bounds },
})

5
src/app/api/projects/[id]/plan-image/serve/route.ts
View File

@@ -4,13 +4,14 @@ import { getSession } from '@/lib/auth'
import { getFileStream } from '@/lib/minio'
// Serve plan image (authenticated users only)
export async function GET(req: NextRequest, { params }: { params: { id: string } }) {
export async function GET(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
try {
const { id } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
const project = await (prisma as any).project.findUnique({
where: { id: params.id },
where: { id },
select: { planImageKey: true },
})

21
src/app/api/projects/[id]/route.ts
View File

@@ -6,22 +6,23 @@ import { getProjectWithTenantCheck } from '@/lib/tenant'
export async function GET(
request: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
}
const projectBase = await getProjectWithTenantCheck(params.id, user)
const projectBase = await getProjectWithTenantCheck(id, user)
if (!projectBase) {
return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
}
// Re-fetch with includes
const project = await (prisma as any).project.findUnique({
where: { id: params.id },
where: { id },
include: {
owner: {
select: { id: true, name: true, email: true },
@@ -39,9 +40,10 @@ export async function GET(
export async function PATCH(
request: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
@@ -51,7 +53,7 @@ export async function PATCH(
return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
}
const existingProject = await getProjectWithTenantCheck(params.id, user)
const existingProject = await getProjectWithTenantCheck(id, user)
if (!existingProject) {
return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
}
@@ -67,7 +69,7 @@ export async function PATCH(
}
const project = await (prisma as any).project.update({
where: { id: params.id },
where: { id },
data: validated.data,
})
@@ -80,15 +82,16 @@ export async function PATCH(
export async function DELETE(
request: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
}
const existingProject = await getProjectWithTenantCheck(params.id, user)
const existingProject = await getProjectWithTenantCheck(id, user)
if (!existingProject) {
return NextResponse.json({ error: 'Projekt nicht gefunden' }, { status: 404 })
}
@@ -99,7 +102,7 @@ export async function DELETE(
}
await (prisma as any).project.delete({
where: { id: params.id },
where: { id },
})
return NextResponse.json({ success: true })

9
src/app/api/rapports/[token]/pdf/route.ts
View File

@@ -40,10 +40,11 @@ async function resolveLogoDataUri(rapport: any): Promise<string> {
}
// GET: Generate and serve PDF for a rapport (public, token-based)
export async function GET(req: NextRequest, { params }: { params: { token: string } }) {
export async function GET(req: NextRequest, { params }: { params: Promise<{ token: string }> }) {
try {
const { token } = await params
const rapport = await (prisma as any).rapport.findUnique({
where: { token: params.token },
where: { token },
include: {
tenant: { select: { name: true } },
},
@@ -68,10 +69,10 @@ export async function GET(req: NextRequest, { params }: { params: { token: strin
const { RapportDocument } = await import('@/lib/rapport-pdf')
const buffer = await renderToBuffer(
React.createElement(RapportDocument, { data: pdfData })
React.createElement(RapportDocument, { data: pdfData }) as any
)
return new NextResponse(buffer, {
return new NextResponse(Buffer.from(buffer) as any, {
headers: {
'Content-Type': 'application/pdf',
'Content-Disposition': `inline; filename="Rapport-${rapport.reportNumber}.pdf"`,

5
src/app/api/rapports/[token]/route.ts
View File

@@ -37,10 +37,11 @@ async function resolveLogoForClient(rapport: any): Promise<string> {
}
// GET: Public access to rapport by token (no auth required)
export async function GET(req: NextRequest, { params }: { params: { token: string } }) {
export async function GET(req: NextRequest, { params }: { params: Promise<{ token: string }> }) {
try {
const { token } = await params
const rapport = await (prisma as any).rapport.findUnique({
where: { token: params.token },
where: { token },
include: {
project: { select: { title: true, location: true } },
tenant: { select: { name: true } },

5
src/app/api/rapports/[token]/send/route.ts
View File

@@ -4,8 +4,9 @@ import { getSession } from '@/lib/auth'
import { sendEmail } from '@/lib/email'
// POST: Send rapport link via email
export async function POST(req: NextRequest, { params }: { params: { token: string } }) {
export async function POST(req: NextRequest, { params }: { params: Promise<{ token: string }> }) {
try {
const { token } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
@@ -13,7 +14,7 @@ export async function POST(req: NextRequest, { params }: { params: { token: stri
if (!email) return NextResponse.json({ error: 'E-Mail-Adresse erforderlich' }, { status: 400 })
const rapport = await (prisma as any).rapport.findUnique({
where: { token: params.token },
where: { token },
include: {
tenant: { select: { name: true } },
project: { select: { title: true, location: true } },

14
src/app/api/tenants/[tenantId]/suggestions/route.ts
View File

@@ -5,9 +5,10 @@ import { getSession, isAdmin } from '@/lib/auth'
// GET: Fetch journal suggestions for a tenant (global + tenant dictionary merged)
export async function GET(
req: NextRequest,
{ params }: { params: { tenantId: string } }
{ params }: { params: Promise<{ tenantId: string }> }
) {
try {
const { tenantId } = await params
const user = await getSession()
if (!user) return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 401 })
@@ -18,11 +19,11 @@ export async function GET(
select: { word: true },
}).catch(() => []),
(prisma as any).dictionaryEntry.findMany({
where: { scope: 'TENANT', tenantId: params.tenantId },
where: { scope: 'TENANT', tenantId },
select: { word: true },
}).catch(() => []),
(prisma as any).tenant.findUnique({
where: { id: params.tenantId },
where: { id: tenantId },
select: { journalSuggestions: true },
}),
])
@@ -46,16 +47,17 @@ export async function GET(
// PUT: Replace all journal suggestions for a tenant (admin only)
export async function PUT(
req: NextRequest,
{ params }: { params: { tenantId: string } }
{ params }: { params: Promise<{ tenantId: string }> }
) {
try {
const { tenantId } = await params
const user = await getSession()
if (!user || !isAdmin(user.role)) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 403 })
}
// TENANT_ADMIN can only edit their own tenant
if (user.role !== 'SERVER_ADMIN' && user.tenantId !== params.tenantId) {
if (user.role !== 'SERVER_ADMIN' && user.tenantId !== tenantId) {
return NextResponse.json({ error: 'Keine Berechtigung' }, { status: 403 })
}
@@ -65,7 +67,7 @@ export async function PUT(
: []
await (prisma as any).tenant.update({
where: { id: params.tenantId },
where: { id: tenantId },
data: { journalSuggestions: suggestions },
})

5
src/app/api/tenants/by-slug/[slug]/route.ts
View File

@@ -4,11 +4,12 @@ import { prisma } from '@/lib/db'
// Public endpoint: get tenant info by slug (logo, name)
export async function GET(
req: NextRequest,
{ params }: { params: { slug: string } }
{ params }: { params: Promise<{ slug: string }> }
) {
try {
const { slug } = await params
const tenant = await (prisma as any).tenant.findUnique({
where: { slug: params.slug },
where: { slug },
select: {
id: true,
name: true,

11
src/app/api/upgrade-requests/[id]/route.ts
View File

@@ -15,9 +15,10 @@ const processSchema = z.object({
// PATCH: Approve or reject an upgrade request (SERVER_ADMIN only)
export async function PATCH(
req: NextRequest,
{ params }: { params: { id: string } }
{ params }: { params: Promise<{ id: string }> }
) {
try {
const { id } = await params
const user = await getSession()
if (!user || !isServerAdmin(user.role)) {
return NextResponse.json({ error: 'Nicht autorisiert' }, { status: 403 })
@@ -31,7 +32,7 @@ export async function PATCH(
// Get the request
const upgradeReq = await (prisma as any).upgradeRequest.findUnique({
where: { id: params.id },
where: { id },
include: {
tenant: { select: { id: true, name: true, plan: true, contactEmail: true } },
requestedBy: { select: { name: true, email: true } },
@@ -71,7 +72,7 @@ export async function PATCH(
// Update request status
await (prisma as any).upgradeRequest.update({
where: { id: params.id },
where: { id },
data: {
status: 'APPROVED',
adminNote: validated.data.adminNote || null,
@@ -127,7 +128,7 @@ export async function PATCH(
} else {
// Reject
await (prisma as any).upgradeRequest.update({
where: { id: params.id },
where: { id },
data: {
status: 'REJECTED',
adminNote: validated.data.adminNote || null,
@@ -170,7 +171,7 @@ export async function PATCH(
// Return updated request
const updated = await (prisma as any).upgradeRequest.findUnique({
where: { id: params.id },
where: { id },
include: {
tenant: { select: { name: true, slug: true, plan: true, subscriptionStatus: true } },
requestedBy: { select: { name: true, email: true } },