f1efc97c86
- Add database migration for staff features (announcements, expenses, courses, reviews, knowledge base, projects, marketplace, handbook) - Add 8 new API endpoints: announcements, expenses, courses, reviews, knowledge-base, projects, marketplace, handbook - Update StaffAnnouncements.tsx to use real API with read tracking - Update StaffExpenseReports.tsx to use real API with submit dialog More staff pages to be updated in next commit.
60 lines
2.3 KiB
TypeScript
60 lines
2.3 KiB
TypeScript
import { supabase } from "../_supabase.js";
|
|
|
|
export default async (req: Request) => {
|
|
const token = req.headers.get("Authorization")?.replace("Bearer ", "");
|
|
if (!token) {
|
|
return new Response(JSON.stringify({ error: "Unauthorized" }), { status: 401, headers: { "Content-Type": "application/json" } });
|
|
}
|
|
|
|
const { data: userData } = await supabase.auth.getUser(token);
|
|
if (!userData.user) {
|
|
return new Response(JSON.stringify({ error: "Unauthorized" }), { status: 401, headers: { "Content-Type": "application/json" } });
|
|
}
|
|
|
|
const userId = userData.user.id;
|
|
|
|
try {
|
|
if (req.method === "GET") {
|
|
const { data: reviews, error } = await supabase
|
|
.from("staff_performance_reviews")
|
|
.select(`
|
|
*,
|
|
reviewer:profiles!staff_performance_reviews_reviewer_id_fkey(full_name, avatar_url)
|
|
`)
|
|
.eq("employee_id", userId)
|
|
.order("created_at", { ascending: false });
|
|
|
|
if (error) throw error;
|
|
|
|
const stats = {
|
|
total: reviews?.length || 0,
|
|
pending: reviews?.filter(r => r.status === "pending").length || 0,
|
|
completed: reviews?.filter(r => r.status === "completed").length || 0,
|
|
average_rating: reviews?.filter(r => r.overall_rating).reduce((sum, r) => sum + r.overall_rating, 0) / (reviews?.filter(r => r.overall_rating).length || 1) || 0
|
|
};
|
|
|
|
return new Response(JSON.stringify({ reviews: reviews || [], stats }), { headers: { "Content-Type": "application/json" } });
|
|
}
|
|
|
|
if (req.method === "POST") {
|
|
const body = await req.json();
|
|
const { review_id, employee_comments } = body;
|
|
|
|
// Employee can only add their comments
|
|
const { data, error } = await supabase
|
|
.from("staff_performance_reviews")
|
|
.update({ employee_comments })
|
|
.eq("id", review_id)
|
|
.eq("employee_id", userId)
|
|
.select()
|
|
.single();
|
|
|
|
if (error) throw error;
|
|
return new Response(JSON.stringify({ review: data }), { headers: { "Content-Type": "application/json" } });
|
|
}
|
|
|
|
return new Response(JSON.stringify({ error: "Method not allowed" }), { status: 405, headers: { "Content-Type": "application/json" } });
|
|
} catch (err: any) {
|
|
return new Response(JSON.stringify({ error: err.message }), { status: 500, headers: { "Content-Type": "application/json" } });
|
|
}
|
|
};
|