88 lines
No EOL
2.9 KiB
TypeScript
88 lines
No EOL
2.9 KiB
TypeScript
// app/api/staff/salaries/update/route.ts
|
|
export const dynamic = "force-dynamic";
|
|
import { NextResponse, NextRequest } from "next/server";
|
|
import { createSbServer } from "@/lib/supabaseServer";
|
|
|
|
export async function POST(req: NextRequest) {
|
|
try {
|
|
const sb = createSbServer();
|
|
|
|
const {
|
|
data: { user },
|
|
error: authError,
|
|
} = await sb.auth.getUser();
|
|
if (authError || !user) {
|
|
return NextResponse.json({ error: "Non authentifié" }, { status: 401 });
|
|
}
|
|
|
|
// Check if user is staff
|
|
const { data: staffData } = await sb
|
|
.from("staff_users")
|
|
.select("is_staff")
|
|
.eq("user_id", user.id)
|
|
.maybeSingle();
|
|
|
|
if (!staffData?.is_staff) {
|
|
return NextResponse.json({ error: "Accès refusé" }, { status: 403 });
|
|
}
|
|
|
|
const body = await req.json();
|
|
const { id, ...updates } = body;
|
|
|
|
if (!id) {
|
|
return NextResponse.json({ error: "ID requis" }, { status: 400 });
|
|
}
|
|
|
|
console.log("🔄 Staff updating salarie:", { id, updates, user_id: user.id });
|
|
|
|
// List of allowed fields that can be updated
|
|
const allowedFields = [
|
|
'code_salarie', 'salarie', 'nom', 'nom_de_naissance', 'prenom', 'civilite',
|
|
'pseudonyme', 'compte_transat', 'topaze', 'justificatifs_personnels',
|
|
'rf_au_sens_fiscal', 'intermittent_mineur_16', 'adresse_mail', 'nir',
|
|
'conges_spectacles', 'tel', 'adresse', 'date_naissance', 'lieu_de_naissance',
|
|
'iban', 'bic', 'abattement_2024', 'infos_caisses_organismes', 'num_salarie',
|
|
'notif_nouveau_salarie', 'notif_employeur', 'derniere_profession', 'notes'
|
|
];
|
|
|
|
// Filter updates to only include allowed fields
|
|
const filteredUpdates: any = {};
|
|
for (const [key, value] of Object.entries(updates)) {
|
|
if (allowedFields.includes(key)) {
|
|
filteredUpdates[key] = value;
|
|
}
|
|
}
|
|
|
|
if (Object.keys(filteredUpdates).length === 0) {
|
|
return NextResponse.json({ error: "Aucun champ valide à mettre à jour" }, { status: 400 });
|
|
}
|
|
|
|
// Add updated_at timestamp
|
|
filteredUpdates.updated_at = new Date().toISOString();
|
|
|
|
// Perform the update
|
|
const { data, error } = await sb
|
|
.from("salaries")
|
|
.update(filteredUpdates)
|
|
.eq("id", id)
|
|
.select()
|
|
.single();
|
|
|
|
if (error) {
|
|
console.error("💥 [API /staff/salaries/update] Supabase error:", error.message);
|
|
return NextResponse.json({ error: "supabase_error", detail: error.message }, { status: 500 });
|
|
}
|
|
|
|
console.log("✅ Staff salarie updated successfully:", { id, updatedFields: Object.keys(filteredUpdates) });
|
|
|
|
return NextResponse.json({
|
|
success: true,
|
|
data,
|
|
message: `Salarié mis à jour (${Object.keys(filteredUpdates).length} champs)`
|
|
});
|
|
|
|
} catch (e: any) {
|
|
console.error("💥 [API /staff/salaries/update] Unexpected error:", e?.message);
|
|
return NextResponse.json({ error: "server_error", message: e?.message || "unknown" }, { status: 500 });
|
|
}
|
|
} |