40 lines
1.2 KiB
JavaScript
40 lines
1.2 KiB
JavaScript
import { createError, getRouterParam, readBody } from 'h3'
|
|
import { z } from 'zod'
|
|
import { requireAdminSession } from '../../../../../utils/admin-auth'
|
|
import { updateMemberRoleByAdmin } from '../../../../../repositories/member-repository'
|
|
|
|
const roleSchema = z.object({
|
|
role: z.enum(['owner', 'admin', 'vip', 'member'])
|
|
})
|
|
|
|
/**
|
|
* 관리자 회원 권한 변경 API
|
|
* @param {import('h3').H3Event} event - 요청 이벤트
|
|
* @returns {Promise<{ id: string, roleCode: string, role: string, isAdmin: boolean }>} 변경 결과
|
|
*/
|
|
export default defineEventHandler(async (event) => {
|
|
const session = requireAdminSession(event)
|
|
const memberId = String(getRouterParam(event, 'id') || '')
|
|
const parsedBody = roleSchema.safeParse(await readBody(event))
|
|
|
|
if (!memberId) {
|
|
throw createError({
|
|
statusCode: 400,
|
|
message: '대상 회원 ID가 필요합니다.'
|
|
})
|
|
}
|
|
|
|
if (!parsedBody.success) {
|
|
throw createError({
|
|
statusCode: 400,
|
|
message: '권한 변경 요청 형식이 올바르지 않습니다.'
|
|
})
|
|
}
|
|
|
|
return updateMemberRoleByAdmin({
|
|
actorUserId: session.userId,
|
|
targetUserId: memberId,
|
|
role: parsedBody.data.role
|
|
})
|
|
})
|