// app/api/projects/[projectId]/members/[memberId]/route.ts import { NextRequest, NextResponse } from 'next/server'; import { getServerSession } from 'next-auth/next'; import { authOptions } from '@/app/api/auth/[...nextauth]/route' import { ProjectService } from '@/lib/services/projectService'; // 멤버 역할 수정 export async function PATCH( request: NextRequest, { params }: { params: { projectId: string; memberId: string } } ) { try { const session = await getServerSession(authOptions); if (!session?.user) { return NextResponse.json({ error: '인증이 필요합니다' }, { status: 401 }); } const { role } = await request.json(); const projectService = new ProjectService(); // Owner 또는 Admin만 가능 const access = await projectService.checkProjectAccess( params.projectId, session.user.id, 'admin' ); if (!access.hasAccess && !access.isOwner) { return NextResponse.json( { error: '멤버 역할을 변경할 권한이 없습니다' }, { status: 403 } ); } // 멤버 역할 업데이트 await projectService.updateMemberRole( params.projectId, params.memberId, role ); return NextResponse.json({ success: true }); } catch (error) { console.error('멤버 역할 변경 오류:', error); return NextResponse.json( { error: '역할 변경에 실패했습니다' }, { status: 500 } ); } } // 멤버 제거 export async function DELETE( request: NextRequest, { params }: { params: { projectId: string; memberId: string } } ) { try { const session = await getServerSession(authOptions); if (!session?.user) { return NextResponse.json({ error: '인증이 필요합니다' }, { status: 401 }); } const projectService = new ProjectService(); // Owner만 멤버 제거 가능 const isOwner = await projectService.isProjectOwner( params.projectId, session.user.id ); if (!isOwner) { return NextResponse.json( { error: '멤버를 제거할 권한이 없습니다' }, { status: 403 } ); } // 멤버 제거 await projectService.removeMember(params.projectId, params.memberId); return NextResponse.json({ success: true }); } catch (error) { console.error('멤버 제거 오류:', error); return NextResponse.json( { error: '멤버 제거에 실패했습니다' }, { status: 500 } ); } }