feat(users): gestione utenti /admin/users con guardie self/ultimo-admin
This commit is contained in:
@@ -0,0 +1,19 @@
|
||||
import type { APIRoute } from 'astro';
|
||||
import { getDb } from '../../../../../lib/db';
|
||||
import { getUserById, deleteUser, countAdmins } from '../../../../../lib/auth';
|
||||
export const prerender = false;
|
||||
|
||||
const json = (status: number, body: object) =>
|
||||
new Response(JSON.stringify(body), { status, headers: { 'Content-Type': 'application/json' } });
|
||||
|
||||
export const DELETE: APIRoute = ({ params, locals }) => {
|
||||
const id = Number(params.id);
|
||||
const target = getUserById(getDb(), id);
|
||||
if (!target) return json(404, { error: 'Utente inesistente.' });
|
||||
if (id === locals.user!.id) return json(400, { error: 'Non puoi eliminare te stesso.' });
|
||||
if (target.role === 'admin' && countAdmins(getDb()) <= 1) {
|
||||
return json(400, { error: 'Deve restare almeno un admin.' });
|
||||
}
|
||||
deleteUser(getDb(), id);
|
||||
return json(200, { ok: true });
|
||||
};
|
||||
Reference in New Issue
Block a user