70 lines
2.0 KiB
TypeScript
70 lines
2.0 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server';
|
|
import { PrismaClient } from '@prisma/client';
|
|
import { requireStaffAuth } from '@/lib/auth';
|
|
|
|
const prisma = new PrismaClient();
|
|
|
|
export async function PUT(
|
|
request: NextRequest,
|
|
{ params }: { params: Promise<{ id: string }> }
|
|
) {
|
|
const { error, context } = await requireStaffAuth(request);
|
|
if (error || !context) return error!;
|
|
|
|
if (context.role !== 'curator') {
|
|
return NextResponse.json(
|
|
{ error: 'Only curators can access this endpoint' },
|
|
{ status: 403 }
|
|
);
|
|
}
|
|
|
|
try {
|
|
const { id } = await params;
|
|
const specialId = Number(id);
|
|
const { songId, startTime, order } = await request.json();
|
|
|
|
if (!specialId || Number.isNaN(specialId)) {
|
|
return NextResponse.json({ error: 'Invalid special id' }, { status: 400 });
|
|
}
|
|
|
|
if (!songId || typeof startTime !== 'number') {
|
|
return NextResponse.json({ error: 'Missing songId or startTime' }, { status: 400 });
|
|
}
|
|
|
|
// Prüfen, ob dieses Special dem Kurator zugeordnet ist
|
|
const assignment = await prisma.curatorSpecial.findFirst({
|
|
where: { curatorId: context.curator.id, specialId },
|
|
});
|
|
|
|
if (!assignment) {
|
|
return NextResponse.json(
|
|
{ error: 'Forbidden: You are not allowed to edit this special' },
|
|
{ status: 403 }
|
|
);
|
|
}
|
|
|
|
const specialSong = await prisma.specialSong.update({
|
|
where: {
|
|
specialId_songId: {
|
|
specialId,
|
|
songId,
|
|
},
|
|
},
|
|
data: {
|
|
startTime,
|
|
order,
|
|
},
|
|
include: {
|
|
song: true,
|
|
},
|
|
});
|
|
|
|
return NextResponse.json(specialSong);
|
|
} catch (e) {
|
|
console.error('Error updating curator special song:', e);
|
|
return NextResponse.json({ error: 'Internal Server Error' }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
|