// app/api/files/[projectId]/permissions/route.ts import { NextRequest, NextResponse } from 'next/server'; import { getServerSession } from 'next-auth/next'; import { authOptions } from '@/app/api/auth/[...nextauth]/route' import { FileService, type FileAccessContext } from '@/lib/services/fileService'; import { z } from 'zod'; const grantPermissionSchema = z.object({ fileId: z.string().uuid(), targetUserId: z.number().optional().nullable(), targetDomain: z.string().optional().nullable(), permissions: z.object({ canView: z.boolean().optional(), canDownload: z.boolean().optional(), canEdit: z.boolean().optional(), canDelete: z.boolean().optional(), canShare: z.boolean().optional(), }), }); // 권한 부여 export async function POST( request: NextRequest, { params }: { params: { projectId: string } } ) { try { const session = await getServerSession(authOptions); if (!session?.user) { return NextResponse.json({ error: '인증이 필요합니다' }, { status: 401 }); } const body = await request.json(); const validatedData = grantPermissionSchema.parse(body); const context: FileAccessContext = { userId: session.user.id, userDomain: session.user.domain || 'partners', userEmail: session.user.email, ipAddress: request.ip || request.headers.get('x-forwarded-for') || undefined, userAgent: request.headers.get('user-agent') || undefined, }; const fileService = new FileService(); await fileService.grantPermission( validatedData.fileId, validatedData.targetUserId, validatedData.targetDomain, validatedData.permissions, context ); return NextResponse.json({ success: true }); } catch (error) { if (error instanceof z.ZodError) { return NextResponse.json( { error: '잘못된 요청 데이터', details: error.errors }, { status: 400 } ); } if (error instanceof Error && error.message.includes('권한')) { return NextResponse.json( { error: error.message }, { status: 403 } ); } console.error('권한 부여 오류:', error); return NextResponse.json( { error: '권한 부여에 실패했습니다' }, { status: 500 } ); } }