Update dependencies to include TinyMCE and Quill, enhance Navigation component with a new Newsletter submenu, and implement role-based access control for CMS features. Refactor user role handling to support multiple roles and improve user management functionality across various API endpoints.
This commit is contained in:
Torsten Schulz (local)
84
server/api/newsletter/groups/[id]/subscribers/remove.post.js
Normal file
84
server/api/newsletter/groups/[id]/subscribers/remove.post.js
Normal file
@@ -0,0 +1,84 @@
|
||||
import { getUserFromToken, hasAnyRole } from '../../../../../utils/auth.js'
|
||||
import { readSubscribers, writeSubscribers } from '../../../../../utils/newsletter.js'
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
try {
|
||||
// Authentifizierung prüfen
|
||||
const token = getCookie(event, 'auth_token') || getHeader(event, 'authorization')?.replace('Bearer ', '')
|
||||
|
||||
if (!token) {
|
||||
throw createError({
|
||||
statusCode: 401,
|
||||
statusMessage: 'Nicht authentifiziert'
|
||||
})
|
||||
}
|
||||
|
||||
const user = await getUserFromToken(token)
|
||||
if (!user || !hasAnyRole(user, 'admin', 'vorstand', 'newsletter')) {
|
||||
throw createError({
|
||||
statusCode: 403,
|
||||
statusMessage: 'Keine Berechtigung'
|
||||
})
|
||||
}
|
||||
|
||||
const groupId = getRouterParam(event, 'id')
|
||||
const body = await readBody(event)
|
||||
const { subscriberId } = body
|
||||
|
||||
if (!subscriberId) {
|
||||
throw createError({
|
||||
statusCode: 400,
|
||||
statusMessage: 'Abonnenten-ID ist erforderlich'
|
||||
})
|
||||
}
|
||||
|
||||
const subscribers = await readSubscribers()
|
||||
const subscriber = subscribers.find(s => s.id === subscriberId)
|
||||
|
||||
if (!subscriber) {
|
||||
throw createError({
|
||||
statusCode: 404,
|
||||
statusMessage: 'Abonnent nicht gefunden'
|
||||
})
|
||||
}
|
||||
|
||||
// Stelle sicher, dass groupIds existiert
|
||||
if (!subscriber.groupIds || !Array.isArray(subscriber.groupIds)) {
|
||||
subscriber.groupIds = []
|
||||
}
|
||||
|
||||
// Entferne Gruppe aus groupIds
|
||||
const index = subscriber.groupIds.indexOf(groupId)
|
||||
if (index === -1) {
|
||||
throw createError({
|
||||
statusCode: 400,
|
||||
statusMessage: 'Abonnent ist nicht für diese Gruppe angemeldet'
|
||||
})
|
||||
}
|
||||
|
||||
subscriber.groupIds.splice(index, 1)
|
||||
|
||||
// Wenn keine Gruppen mehr vorhanden, als abgemeldet markieren
|
||||
if (subscriber.groupIds.length === 0) {
|
||||
subscriber.unsubscribedAt = new Date().toISOString()
|
||||
subscriber.confirmed = false
|
||||
}
|
||||
|
||||
await writeSubscribers(subscribers)
|
||||
|
||||
return {
|
||||
success: true,
|
||||
message: 'Abonnent erfolgreich entfernt'
|
||||
}
|
||||
} catch (error) {
|
||||
console.error('Fehler beim Entfernen des Abonnenten:', error)
|
||||
if (error.statusCode) {
|
||||
throw error
|
||||
}
|
||||
throw createError({
|
||||
statusCode: 500,
|
||||
statusMessage: 'Fehler beim Entfernen des Abonnenten'
|
||||
})
|
||||
}
|
||||
})
|
||||
|
||||
Reference in New Issue
Block a user