Enhance CSV saving functionality by adding token retrieval from authorization header if not present in cookies. Update tests to validate CSV saving for users with 'vorstand' role.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 56s
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 56s
This commit is contained in:
Torsten Schulz (local)
@@ -4,7 +4,15 @@ import { getUserFromToken, hasAnyRole } from '../../utils/auth.js'
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
try {
|
||||
const token = getCookie(event, 'auth_token')
|
||||
let token = getCookie(event, 'auth_token')
|
||||
|
||||
if (!token) {
|
||||
const authHeader = getHeader(event, 'authorization')
|
||||
if (authHeader && authHeader.startsWith('Bearer ')) {
|
||||
token = authHeader.substring(7).trim()
|
||||
}
|
||||
}
|
||||
|
||||
const currentUser = token ? await getUserFromToken(token) : null
|
||||
|
||||
if (!currentUser) {
|
||||
@@ -49,16 +57,7 @@ export default defineEventHandler(async (event) => {
|
||||
// damit keine direkten Schreibzugriffe auf `public/` stattfinden.
|
||||
// Später kann ein kontrollierter Deploy-/Sync-Prozess die Daten aus `server/data/public-data`
|
||||
// in die öffentlich ausgelieferte `public/`-Location übernehmen.
|
||||
const cwd = process.cwd()
|
||||
|
||||
const pathExists = async (p) => {
|
||||
try {
|
||||
await fs.access(p)
|
||||
return true
|
||||
} catch {
|
||||
return false
|
||||
}
|
||||
}
|
||||
const cwd = process.cwd()
|
||||
|
||||
const writeFileAtomicAndVerify = async (targetPath, data) => {
|
||||
const dataDir = path.dirname(targetPath)
|
||||
@@ -99,33 +98,19 @@ export default defineEventHandler(async (event) => {
|
||||
path.join(cwd, '../server/data/public-data', filename)
|
||||
]
|
||||
|
||||
// Behalte legacy `.output` write nur als optionalen, nicht-standardisierten Pfad
|
||||
// (wird NICHT automatisch gefordert). Hauptsächlich schreiben wir intern.
|
||||
const uniquePaths = [...new Set([...internalPaths])]
|
||||
const writeResults = []
|
||||
const writeErrors = []
|
||||
let wrotePreferred = false
|
||||
|
||||
for (const targetPath of uniquePaths) {
|
||||
try {
|
||||
await writeFileAtomicAndVerify(targetPath, content)
|
||||
writeResults.push(targetPath)
|
||||
if (preferredPaths.includes(targetPath)) wrotePreferred = true
|
||||
} catch (e) {
|
||||
writeErrors.push({ targetPath, error: e?.message || String(e) })
|
||||
}
|
||||
}
|
||||
|
||||
// Wenn wir ein `.output/public` gefunden haben, MUSS auch dorthin geschrieben worden sein.
|
||||
// Sonst melden wir nicht "Erfolg", weil die laufende Instanz dann weiterhin alte/defekte Daten ausliefert.
|
||||
if (preferredPaths.length > 0 && !wrotePreferred) {
|
||||
console.error('CSV wurde NICHT in .output/public geschrieben. Errors:', writeErrors)
|
||||
throw createError({
|
||||
statusCode: 500,
|
||||
statusMessage: 'CSV konnte nicht in das ausgelieferte Verzeichnis geschrieben werden'
|
||||
})
|
||||
}
|
||||
|
||||
if (writeResults.length === 0) {
|
||||
console.error('Konnte CSV-Datei in keinen Zielpfad schreiben:', writeErrors)
|
||||
throw createError({
|
||||
|
||||
Reference in New Issue
Block a user