147 lines
3.7 KiB
TypeScript
147 lines
3.7 KiB
TypeScript
// API Route für einzelne ACL Regel
|
|
import { NextRequest, NextResponse } from 'next/server';
|
|
import { auth } from '@/lib/auth';
|
|
import { mqttAclRuleDb } from '@/lib/mqtt-db';
|
|
import { deviceDb } from '@/lib/db';
|
|
|
|
/**
|
|
* PATCH /api/mqtt/acl/[id]
|
|
* Aktualisiere eine ACL Regel
|
|
*/
|
|
export async function PATCH(
|
|
request: NextRequest,
|
|
{ params }: { params: Promise<{ id: string }> }
|
|
) {
|
|
try {
|
|
const session = await auth();
|
|
if (!session?.user || (session.user as any).role !== 'ADMIN') {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
|
|
}
|
|
|
|
const { id: idParam } = await params;
|
|
const id = parseInt(idParam);
|
|
if (isNaN(id)) {
|
|
return NextResponse.json(
|
|
{ error: 'Invalid ACL rule ID' },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
const body = await request.json();
|
|
const { topic_pattern, permission } = body;
|
|
|
|
// Validation
|
|
if (permission && !['read', 'write', 'readwrite'].includes(permission)) {
|
|
return NextResponse.json(
|
|
{ error: 'Permission must be read, write, or readwrite' },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// Get current ACL rule to check device ownership
|
|
const userId = (session.user as any).id;
|
|
const currentRule = mqttAclRuleDb.findByDeviceId(''); // We need to get by ID first
|
|
const aclRules = mqttAclRuleDb.findAll();
|
|
const rule = aclRules.find(r => r.id === id);
|
|
|
|
if (!rule) {
|
|
return NextResponse.json(
|
|
{ error: 'ACL rule not found' },
|
|
{ status: 404 }
|
|
);
|
|
}
|
|
|
|
// Check if device belongs to user
|
|
const device = deviceDb.findById(rule.device_id);
|
|
if (!device || device.ownerId !== userId) {
|
|
return NextResponse.json(
|
|
{ error: 'Access denied' },
|
|
{ status: 403 }
|
|
);
|
|
}
|
|
|
|
const updated = mqttAclRuleDb.update(id, {
|
|
topic_pattern,
|
|
permission
|
|
});
|
|
|
|
if (!updated) {
|
|
return NextResponse.json(
|
|
{ error: 'Failed to update ACL rule' },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
|
|
return NextResponse.json(updated);
|
|
} catch (error) {
|
|
console.error('Failed to update ACL rule:', error);
|
|
return NextResponse.json(
|
|
{ error: 'Failed to update ACL rule' },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* DELETE /api/mqtt/acl/[id]
|
|
* Lösche eine ACL Regel
|
|
*/
|
|
export async function DELETE(
|
|
request: NextRequest,
|
|
{ params }: { params: Promise<{ id: string }> }
|
|
) {
|
|
try {
|
|
const session = await auth();
|
|
if (!session?.user || (session.user as any).role !== 'ADMIN') {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
|
|
}
|
|
|
|
const { id: idParam } = await params;
|
|
const id = parseInt(idParam);
|
|
if (isNaN(id)) {
|
|
return NextResponse.json(
|
|
{ error: 'Invalid ACL rule ID' },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// Get current ACL rule to check device ownership
|
|
const userId = (session.user as any).id;
|
|
const aclRules = mqttAclRuleDb.findAll();
|
|
const rule = aclRules.find(r => r.id === id);
|
|
|
|
if (!rule) {
|
|
return NextResponse.json(
|
|
{ error: 'ACL rule not found' },
|
|
{ status: 404 }
|
|
);
|
|
}
|
|
|
|
// Check if device belongs to user
|
|
const device = deviceDb.findById(rule.device_id);
|
|
if (!device || device.ownerId !== userId) {
|
|
return NextResponse.json(
|
|
{ error: 'Access denied' },
|
|
{ status: 403 }
|
|
);
|
|
}
|
|
|
|
const deleted = mqttAclRuleDb.delete(id);
|
|
|
|
if (!deleted) {
|
|
return NextResponse.json(
|
|
{ error: 'Failed to delete ACL rule' },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
|
|
return NextResponse.json({ success: true });
|
|
} catch (error) {
|
|
console.error('Failed to delete ACL rule:', error);
|
|
return NextResponse.json(
|
|
{ error: 'Failed to delete ACL rule' },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|