djalim
9368e68622
refactor: add withRules wrapper to API routes Use withRules to enforce permissions instead of manual checks. Remove FORBIDDEN constant, simplify handlers, import withRules, adjust GET/POST/PUT/DELETE handlers. Centralizes auth logic. refactor: replace manual auth checks with withRules wrapper for routes refactor(student routes): replace manual employee checks with withRules wrapper
34 lines
983 B
TypeScript
34 lines
983 B
TypeScript
import { Handlers } from "$fresh/server.ts";
|
|
import { db } from "../../../../databases/db.ts";
|
|
import { ues } from "../../../../databases/schema.ts";
|
|
import { withRules } from "$root/defaults/withRules.ts";
|
|
|
|
export const handler: Handlers = {
|
|
// #32 GET /ues
|
|
GET: withRules(["note_read"])(async (_request, _context) => {
|
|
const result = await db.select().from(ues);
|
|
|
|
return new Response(JSON.stringify(result), {
|
|
status: 200,
|
|
headers: { "Content-Type": "application/json" },
|
|
});
|
|
}),
|
|
|
|
// #33 POST /ues
|
|
POST: withRules(["note_write"])(async (request, _context) => {
|
|
const body = await request.json();
|
|
const { nom } = body;
|
|
|
|
if (!nom || !nom.trim()) {
|
|
return new Response("Champ 'nom' manquant", { status: 400 });
|
|
}
|
|
|
|
const result = await db.insert(ues).values({ nom }).returning();
|
|
|
|
return new Response(JSON.stringify(result[0]), {
|
|
status: 201,
|
|
headers: { "Content-Type": "application/json" },
|
|
});
|
|
}),
|
|
};
|