162 lines
5.0 KiB
TypeScript
162 lines
5.0 KiB
TypeScript
import { PrismaClientKnownRequestError } from "@prisma/client/runtime/library";
|
|
import { NextResponse } from "next/server";
|
|
|
|
import { serializeBank } from "@/features/banks/lib/serialize-bank";
|
|
import { bankInputSchema } from "@/features/banks/schemas/bank.schema";
|
|
import { createAuditTrailSafe } from "@/lib/audit-trail";
|
|
import { buildAuditChangeMetadata } from "@/lib/audit-trail-diff";
|
|
import { prisma } from "@/lib/prisma";
|
|
import { requireApiAccess } from "@/lib/authorization";
|
|
|
|
type RouteContext = { params: Promise<{ id: string }> };
|
|
|
|
function parseId(rawId: string) {
|
|
try {
|
|
return BigInt(rawId);
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
async function countBankUsage(bankName: string) {
|
|
const customerCount = await prisma.buyer.count({ where: { bankName } });
|
|
|
|
return customerCount;
|
|
}
|
|
|
|
export async function GET(request: Request, context: RouteContext) {
|
|
const auth = requireApiAccess(request);
|
|
if (!auth.ok) return auth.response;
|
|
|
|
const parsedId = parseId((await context.params).id);
|
|
if (parsedId === null) return NextResponse.json({ message: "Invalid id" }, { status: 400 });
|
|
|
|
const bank = await prisma.bank.findUnique({ where: { id: parsedId } });
|
|
if (!bank) return NextResponse.json({ message: "Bank not found" }, { status: 404 });
|
|
|
|
return NextResponse.json({ data: serializeBank(bank) });
|
|
}
|
|
|
|
export async function PUT(request: Request, context: RouteContext) {
|
|
const auth = requireApiAccess(request);
|
|
if (!auth.ok) return auth.response;
|
|
|
|
const parsedId = parseId((await context.params).id);
|
|
if (parsedId === null) return NextResponse.json({ message: "Invalid id" }, { status: 400 });
|
|
|
|
const parsed = bankInputSchema.safeParse(await request.json());
|
|
if (!parsed.success) {
|
|
return NextResponse.json(
|
|
{ message: "Validasi gagal", errors: parsed.error.flatten().fieldErrors },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
try {
|
|
const existing = await prisma.bank.findUnique({ where: { id: parsedId } });
|
|
if (!existing) return NextResponse.json({ message: "Bank not found" }, { status: 404 });
|
|
|
|
const usageCount = await countBankUsage(existing.name);
|
|
if (usageCount > 0 && existing.name !== parsed.data.name) {
|
|
return NextResponse.json(
|
|
{ message: "Nama bank sedang dipakai di buyer dan tidak bisa diubah." },
|
|
{ status: 409 }
|
|
);
|
|
}
|
|
|
|
const bank = await prisma.bank.update({
|
|
where: { id: parsedId },
|
|
data: {
|
|
code: parsed.data.code,
|
|
name: parsed.data.name,
|
|
address: parsed.data.address || null,
|
|
status: parsed.data.status
|
|
}
|
|
});
|
|
|
|
await createAuditTrailSafe({
|
|
userId: auth.user.id,
|
|
action: "BANK_UPDATED",
|
|
entityType: "BANK",
|
|
entityId: bank.id,
|
|
method: request.method,
|
|
pathname: new URL(request.url).pathname,
|
|
statusCode: 200,
|
|
summary: `Bank ${bank.code} diubah`,
|
|
metadata: buildAuditChangeMetadata(
|
|
{
|
|
code: existing.code,
|
|
name: existing.name,
|
|
address: existing.address,
|
|
status: existing.status
|
|
},
|
|
{
|
|
code: bank.code,
|
|
name: bank.name,
|
|
address: bank.address,
|
|
status: bank.status
|
|
}
|
|
)
|
|
});
|
|
|
|
return NextResponse.json({ data: serializeBank(bank) });
|
|
} catch (error) {
|
|
if (error instanceof PrismaClientKnownRequestError && error.code === "P2025") {
|
|
return NextResponse.json({ message: "Bank not found" }, { status: 404 });
|
|
}
|
|
if (error instanceof PrismaClientKnownRequestError && error.code === "P2002") {
|
|
return NextResponse.json(
|
|
{
|
|
message: "Validasi gagal",
|
|
errors: {
|
|
code: ["Kode atau nama bank sudah dipakai"]
|
|
}
|
|
},
|
|
{ status: 409 }
|
|
);
|
|
}
|
|
throw error;
|
|
}
|
|
}
|
|
|
|
export async function DELETE(request: Request, context: RouteContext) {
|
|
const auth = requireApiAccess(request);
|
|
if (!auth.ok) return auth.response;
|
|
|
|
const parsedId = parseId((await context.params).id);
|
|
if (parsedId === null) return NextResponse.json({ message: "Invalid id" }, { status: 400 });
|
|
|
|
try {
|
|
const existing = await prisma.bank.findUnique({ where: { id: parsedId } });
|
|
if (!existing) return NextResponse.json({ message: "Bank not found" }, { status: 404 });
|
|
|
|
const usageCount = await countBankUsage(existing.name);
|
|
if (usageCount > 0) {
|
|
return NextResponse.json(
|
|
{ message: "Bank sedang dipakai di buyer dan tidak bisa dihapus." },
|
|
{ status: 409 }
|
|
);
|
|
}
|
|
|
|
await prisma.bank.delete({ where: { id: parsedId } });
|
|
|
|
await createAuditTrailSafe({
|
|
userId: auth.user.id,
|
|
action: "BANK_DELETED",
|
|
entityType: "BANK",
|
|
entityId: parsedId,
|
|
method: request.method,
|
|
pathname: new URL(request.url).pathname,
|
|
statusCode: 200,
|
|
summary: `Bank ${existing.code} dihapus`
|
|
});
|
|
|
|
return NextResponse.json({ success: true });
|
|
} catch (error) {
|
|
if (error instanceof PrismaClientKnownRequestError && error.code === "P2025") {
|
|
return NextResponse.json({ message: "Bank not found" }, { status: 404 });
|
|
}
|
|
throw error;
|
|
}
|
|
}
|