50 lines
1.3 KiB
TypeScript
50 lines
1.3 KiB
TypeScript
import { NextRequest, NextResponse } from "next/server";
|
|
import { apiAuthMiddleware } from "@utils/apiAuthMiddleware";
|
|
import { prisma } from "@utils/prisma";
|
|
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const body = await request.json();
|
|
const { palletNote, warehouseArea } = body;
|
|
|
|
const authResult = await apiAuthMiddleware();
|
|
if ("user" in authResult === false) return authResult; // Handle error response
|
|
|
|
const { user } = authResult;
|
|
|
|
if (user.role !== "ADMIN" && user.role !== "SCIENTIST") {
|
|
return NextResponse.json({ error: "Not authorized" }, { status: 401 });
|
|
}
|
|
|
|
if (user.role === "SCIENTIST") {
|
|
const scientist = await prisma.scientist.findUnique({
|
|
where: {
|
|
userId: user.id,
|
|
},
|
|
include: {
|
|
subordinates: true,
|
|
},
|
|
});
|
|
|
|
if (!scientist || scientist.level !== "SENIOR") {
|
|
return NextResponse.json({ message: "Not authorised" }, { status: 401 });
|
|
}
|
|
}
|
|
|
|
if (!palletNote || !warehouseArea) {
|
|
return NextResponse.json({ error: "Missing fields" }, { status: 400 });
|
|
}
|
|
|
|
await prisma.pallet.create({
|
|
data: {
|
|
palletNote,
|
|
warehouseArea,
|
|
},
|
|
});
|
|
|
|
return NextResponse.json({ message: "Pallet logged successfully" }, { status: 200 });
|
|
} catch (e: any) {
|
|
return NextResponse.json({ error: e.message }, { status: 500 });
|
|
}
|
|
}
|