f1efc97c86
- Add database migration for staff features (announcements, expenses, courses, reviews, knowledge base, projects, marketplace, handbook) - Add 8 new API endpoints: announcements, expenses, courses, reviews, knowledge-base, projects, marketplace, handbook - Update StaffAnnouncements.tsx to use real API with read tracking - Update StaffExpenseReports.tsx to use real API with submit dialog More staff pages to be updated in next commit.
96 lines
3.3 KiB
TypeScript
96 lines
3.3 KiB
TypeScript
import { supabase } from "../_supabase.js";
|
|
|
|
export default async (req: Request) => {
|
|
const token = req.headers.get("Authorization")?.replace("Bearer ", "");
|
|
if (!token) {
|
|
return new Response(JSON.stringify({ error: "Unauthorized" }), { status: 401, headers: { "Content-Type": "application/json" } });
|
|
}
|
|
|
|
const { data: userData } = await supabase.auth.getUser(token);
|
|
if (!userData.user) {
|
|
return new Response(JSON.stringify({ error: "Unauthorized" }), { status: 401, headers: { "Content-Type": "application/json" } });
|
|
}
|
|
|
|
const userId = userData.user.id;
|
|
|
|
try {
|
|
if (req.method === "GET") {
|
|
const { data: expenses, error } = await supabase
|
|
.from("staff_expense_reports")
|
|
.select("*")
|
|
.eq("user_id", userId)
|
|
.order("created_at", { ascending: false });
|
|
|
|
if (error) throw error;
|
|
|
|
const stats = {
|
|
total: expenses?.length || 0,
|
|
pending: expenses?.filter(e => e.status === "pending").length || 0,
|
|
approved: expenses?.filter(e => e.status === "approved").length || 0,
|
|
reimbursed: expenses?.filter(e => e.status === "reimbursed").length || 0,
|
|
total_amount: expenses?.reduce((sum, e) => sum + parseFloat(e.amount), 0) || 0,
|
|
pending_amount: expenses?.filter(e => e.status === "pending").reduce((sum, e) => sum + parseFloat(e.amount), 0) || 0
|
|
};
|
|
|
|
return new Response(JSON.stringify({ expenses: expenses || [], stats }), { headers: { "Content-Type": "application/json" } });
|
|
}
|
|
|
|
if (req.method === "POST") {
|
|
const body = await req.json();
|
|
const { title, description, amount, category, receipt_url } = body;
|
|
|
|
const { data, error } = await supabase
|
|
.from("staff_expense_reports")
|
|
.insert({
|
|
user_id: userId,
|
|
title,
|
|
description,
|
|
amount,
|
|
category,
|
|
receipt_url,
|
|
status: "pending",
|
|
submitted_at: new Date().toISOString()
|
|
})
|
|
.select()
|
|
.single();
|
|
|
|
if (error) throw error;
|
|
return new Response(JSON.stringify({ expense: data }), { status: 201, headers: { "Content-Type": "application/json" } });
|
|
}
|
|
|
|
if (req.method === "PATCH") {
|
|
const body = await req.json();
|
|
const { id, ...updates } = body;
|
|
|
|
const { data, error } = await supabase
|
|
.from("staff_expense_reports")
|
|
.update(updates)
|
|
.eq("id", id)
|
|
.eq("user_id", userId)
|
|
.select()
|
|
.single();
|
|
|
|
if (error) throw error;
|
|
return new Response(JSON.stringify({ expense: data }), { headers: { "Content-Type": "application/json" } });
|
|
}
|
|
|
|
if (req.method === "DELETE") {
|
|
const url = new URL(req.url);
|
|
const id = url.searchParams.get("id");
|
|
|
|
const { error } = await supabase
|
|
.from("staff_expense_reports")
|
|
.delete()
|
|
.eq("id", id)
|
|
.eq("user_id", userId)
|
|
.in("status", ["draft", "pending"]);
|
|
|
|
if (error) throw error;
|
|
return new Response(JSON.stringify({ success: true }), { headers: { "Content-Type": "application/json" } });
|
|
}
|
|
|
|
return new Response(JSON.stringify({ error: "Method not allowed" }), { status: 405, headers: { "Content-Type": "application/json" } });
|
|
} catch (err: any) {
|
|
return new Response(JSON.stringify({ error: err.message }), { status: 500, headers: { "Content-Type": "application/json" } });
|
|
}
|
|
};
|