// app/api/document-reviews/[id]/route.ts import { NextRequest, NextResponse } from "next/server" import db from "@/db/db" import { rfqLastTbeDocumentReviews } from "@/db/schema" import { eq } from "drizzle-orm" import { getServerSession } from "next-auth" import { authOptions } from "@/app/api/auth/[...nextauth]/route" import { revalidateTag } from "next/cache" // PATCH - 문서 리뷰 업데이트 export async function PATCH( request: NextRequest, { params }: { params: { id: string } } ) { try { const session = await getServerSession(authOptions) if (!session?.user) { return NextResponse.json({ error: "인증이 필요합니다." }, { status: 401 }) } const reviewId = parseInt(params.id) if (!reviewId) { return NextResponse.json({ error: "Invalid review ID" }, { status: 400 }) } const body = await request.json() const { reviewStatus, reviewComments } = body // 현재 문서 리뷰 조회 const [currentReview] = await db .select() .from(rfqLastTbeDocumentReviews) .where(eq(rfqLastTbeDocumentReviews.id, reviewId)) .limit(1) if (!currentReview) { return NextResponse.json({ error: "Review not found" }, { status: 404 }) } // 권한 체크 - 구매자만 리뷰 가능 (또는 admin) const userId = typeof session.user.id === 'string' ? parseInt(session.user.id) : session.user.id const isAdmin = (session.user as any).roles?.includes('admin') || false // 여기서는 구매자 권한 체크를 간단히 처리 // 실제로는 세션의 role이나 type을 확인해야 함 // 업데이트할 데이터 준비 const updateData: any = { updatedAt: new Date() } if (reviewStatus !== undefined) { updateData.reviewStatus = reviewStatus } if (reviewComments !== undefined) { updateData.reviewComments = reviewComments } // 리뷰 상태가 변경되면 관련 필드도 업데이트 if (reviewStatus && reviewStatus !== currentReview.reviewStatus) { updateData.reviewedBy = userId updateData.reviewedAt = new Date() // 상태에 따른 추가 필드 설정 switch (reviewStatus) { case "승인": updateData.technicalCompliance = true updateData.qualityAcceptable = true updateData.requiresRevision = false break case "반려": updateData.technicalCompliance = false updateData.qualityAcceptable = false updateData.requiresRevision = true break case "보류": updateData.requiresRevision = true break } } // 업데이트 실행 const [updated] = await db .update(rfqLastTbeDocumentReviews) .set(updateData) .where(eq(rfqLastTbeDocumentReviews.id, reviewId)) .returning() // 캐시 초기화 if (currentReview.tbeSessionId) { revalidateTag(`tbe-session-${currentReview.tbeSessionId}`) } return NextResponse.json(updated) } catch (error) { console.error("Failed to update document review:", error) return NextResponse.json({ error: "Failed to update document review" }, { status: 500 }) } } // GET - 문서 리뷰 조회 export async function GET( request: NextRequest, { params }: { params: { id: string } } ) { try { const session = await getServerSession(authOptions) if (!session?.user) { return NextResponse.json({ error: "인증이 필요합니다." }, { status: 401 }) } const reviewId = parseInt(params.id) if (!reviewId) { return NextResponse.json({ error: "Invalid review ID" }, { status: 400 }) } const [review] = await db .select() .from(rfqLastTbeDocumentReviews) .where(eq(rfqLastTbeDocumentReviews.id, reviewId)) .limit(1) if (!review) { return NextResponse.json({ error: "Review not found" }, { status: 404 }) } return NextResponse.json(review) } catch (error) { console.error("Failed to fetch document review:", error) return NextResponse.json({ error: "Failed to fetch document review" }, { status: 500 }) } }