1 files changed, 74 insertions, 0 deletions
diff --git a/app/api/data-room/[projectId]/permissions/route.ts b/app/api/data-room/[projectId]/permissions/route.ts
new file mode 100644
index 00000000..94401826
--- /dev/null
+++ b/app/api/data-room/[projectId]/permissions/route.ts
@@ -0,0 +1,74 @@
+// app/api/files/[projectId]/permissions/route.ts
+import { NextRequest, NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth/next';
+import { authOptions } from '@/app/api/auth/[...nextauth]/route'
+import { FileService, type FileAccessContext } from '@/lib/services/fileService';
+import { z } from 'zod';
+
+const grantPermissionSchema = z.object({
+  fileId: z.string().uuid(),
+  targetUserId: z.number().optional().nullable(),
+  targetDomain: z.string().optional().nullable(),
+  permissions: z.object({
+    canView: z.boolean().optional(),
+    canDownload: z.boolean().optional(),
+    canEdit: z.boolean().optional(),
+    canDelete: z.boolean().optional(),
+    canShare: z.boolean().optional(),
+  }),
+});
+
+// 권한 부여
+export async function POST(
+  request: NextRequest,
+  { params }: { params: { projectId: string } }
+) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session?.user) {
+      return NextResponse.json({ error: '인증이 필요합니다' }, { status: 401 });
+    }
+
+    const body = await request.json();
+    const validatedData = grantPermissionSchema.parse(body);
+
+    const context: FileAccessContext = {
+      userId: session.user.id,
+      userDomain: session.user.domain || 'partners',
+      userEmail: session.user.email,
+      ipAddress: request.ip || request.headers.get('x-forwarded-for') || undefined,
+      userAgent: request.headers.get('user-agent') || undefined,
+    };
+
+    const fileService = new FileService();
+    await fileService.grantPermission(
+      validatedData.fileId,
+      validatedData.targetUserId,
+      validatedData.targetDomain,
+      validatedData.permissions,
+      context
+    );
+
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    if (error instanceof z.ZodError) {
+      return NextResponse.json(
+        { error: '잘못된 요청 데이터', details: error.errors },
+        { status: 400 }
+      );
+    }
+
+    if (error instanceof Error && error.message.includes('권한')) {
+      return NextResponse.json(
+        { error: error.message },
+        { status: 403 }
+      );
+    }
+
+    console.error('권한 부여 오류:', error);
+    return NextResponse.json(
+      { error: '권한 부여에 실패했습니다' },
+      { status: 500 }
+    );
+  }
+}