feat(18-02): PATCH and DELETE handlers at /api/templates/[id]
- PATCH accepts name and signatureFields for rename and field save per D-10 - PATCH sets updatedAt: new Date() explicitly per D-05 - PATCH returns 404 for archived or missing templates - DELETE soft-deletes by setting archivedAt: new Date() per D-07 (no hard delete) - DELETE sets updatedAt: new Date() per D-05, returns 204 No Content - Both handlers auth-gated with auth() per D-11
This commit is contained in:
Chandler Copeland
69
teressa-copeland-homes/src/app/api/templates/[id]/route.ts
Normal file
69
teressa-copeland-homes/src/app/api/templates/[id]/route.ts
Normal file
@@ -0,0 +1,69 @@
|
|||||||
|
import { auth } from '@/lib/auth';
|
||||||
|
import { db } from '@/lib/db';
|
||||||
|
import { documentTemplates } from '@/lib/db/schema';
|
||||||
|
import type { SignatureFieldData } from '@/lib/db/schema';
|
||||||
|
import { and, eq, isNull } from 'drizzle-orm';
|
||||||
|
|
||||||
|
export async function PATCH(
|
||||||
|
req: Request,
|
||||||
|
{ params }: { params: Promise<{ id: string }> }
|
||||||
|
) {
|
||||||
|
const session = await auth();
|
||||||
|
if (!session) return new Response('Unauthorized', { status: 401 });
|
||||||
|
|
||||||
|
const { id } = await params;
|
||||||
|
const body = await req.json() as {
|
||||||
|
name?: string;
|
||||||
|
signatureFields?: SignatureFieldData[];
|
||||||
|
};
|
||||||
|
|
||||||
|
// Only update non-archived templates
|
||||||
|
const existing = await db.query.documentTemplates.findFirst({
|
||||||
|
where: and(eq(documentTemplates.id, id), isNull(documentTemplates.archivedAt)),
|
||||||
|
});
|
||||||
|
if (!existing) {
|
||||||
|
return Response.json({ error: 'Not found' }, { status: 404 });
|
||||||
|
}
|
||||||
|
|
||||||
|
const updates: Partial<typeof documentTemplates.$inferInsert> = {
|
||||||
|
updatedAt: new Date(), // per D-05: explicit updatedAt on every UPDATE
|
||||||
|
};
|
||||||
|
if (body.name !== undefined) updates.name = body.name;
|
||||||
|
if (body.signatureFields !== undefined) updates.signatureFields = body.signatureFields;
|
||||||
|
|
||||||
|
const [updated] = await db
|
||||||
|
.update(documentTemplates)
|
||||||
|
.set(updates)
|
||||||
|
.where(eq(documentTemplates.id, id))
|
||||||
|
.returning();
|
||||||
|
|
||||||
|
return Response.json(updated);
|
||||||
|
}
|
||||||
|
|
||||||
|
export async function DELETE(
|
||||||
|
_req: Request,
|
||||||
|
{ params }: { params: Promise<{ id: string }> }
|
||||||
|
) {
|
||||||
|
const session = await auth();
|
||||||
|
if (!session) return new Response('Unauthorized', { status: 401 });
|
||||||
|
|
||||||
|
const { id } = await params;
|
||||||
|
|
||||||
|
// Only soft-delete non-archived templates (idempotent)
|
||||||
|
const existing = await db.query.documentTemplates.findFirst({
|
||||||
|
where: and(eq(documentTemplates.id, id), isNull(documentTemplates.archivedAt)),
|
||||||
|
});
|
||||||
|
if (!existing) {
|
||||||
|
return Response.json({ error: 'Not found' }, { status: 404 });
|
||||||
|
}
|
||||||
|
|
||||||
|
await db
|
||||||
|
.update(documentTemplates)
|
||||||
|
.set({
|
||||||
|
archivedAt: new Date(), // per D-07: soft-delete sets archivedAt
|
||||||
|
updatedAt: new Date(), // per D-05: explicit updatedAt
|
||||||
|
})
|
||||||
|
.where(eq(documentTemplates.id, id));
|
||||||
|
|
||||||
|
return new Response(null, { status: 204 });
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user