feat: board post + channel API routes
Implements Phase 2a of board classifieds redesign: - GET/POST /api/board/posts (list with tag/author filters, create) - PATCH/DELETE /api/board/posts/:id (author-only) - GET /api/board/channels (member) - POST /api/admin/board-channels (admin) - PATCH/DELETE /api/admin/board-channels/:id (admin) Adds board_post_created activity type.
This commit is contained in:
parent
8e5f4a2d7c
commit
6a440a846d
9 changed files with 218 additions and 0 deletions
10
server/api/board/channels.get.js
Normal file
10
server/api/board/channels.get.js
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
import BoardChannel from '../../models/boardChannel.js'
|
||||
import { requireAuth } from '../../utils/auth.js'
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
await requireAuth(event)
|
||||
|
||||
const channels = await BoardChannel.find({}).sort({ name: 1 }).lean()
|
||||
|
||||
return { channels }
|
||||
})
|
||||
24
server/api/board/posts.get.js
Normal file
24
server/api/board/posts.get.js
Normal file
|
|
@ -0,0 +1,24 @@
|
|||
import BoardPost from '../../models/boardPost.js'
|
||||
import { requireAuth } from '../../utils/auth.js'
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const member = await requireAuth(event)
|
||||
|
||||
const query = getQuery(event)
|
||||
const dbQuery = {}
|
||||
|
||||
if (query.tag) {
|
||||
dbQuery.tags = query.tag
|
||||
}
|
||||
|
||||
if (query.author) {
|
||||
dbQuery.author = query.author === 'me' ? member._id : query.author
|
||||
}
|
||||
|
||||
const posts = await BoardPost.find(dbQuery)
|
||||
.sort({ createdAt: -1 })
|
||||
.populate('author', 'name avatar circle board.slackHandle')
|
||||
.lean()
|
||||
|
||||
return { posts }
|
||||
})
|
||||
28
server/api/board/posts.post.js
Normal file
28
server/api/board/posts.post.js
Normal file
|
|
@ -0,0 +1,28 @@
|
|||
import BoardPost from '../../models/boardPost.js'
|
||||
import { requireAuth } from '../../utils/auth.js'
|
||||
import { validateBody } from '../../utils/validateBody.js'
|
||||
import { boardPostCreateSchema } from '../../utils/schemas.js'
|
||||
import { logActivity, ACTIVITY_TYPES } from '../../utils/activityLog.js'
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const member = await requireAuth(event)
|
||||
|
||||
const body = await validateBody(event, boardPostCreateSchema)
|
||||
|
||||
const post = new BoardPost({
|
||||
author: member._id,
|
||||
title: body.title,
|
||||
seeking: body.seeking,
|
||||
offering: body.offering,
|
||||
note: body.note,
|
||||
tags: body.tags || []
|
||||
})
|
||||
|
||||
await post.save()
|
||||
await post.populate('author', 'name avatar circle board.slackHandle')
|
||||
|
||||
logActivity(member._id, ACTIVITY_TYPES.BOARD_POST_CREATED, { postId: post._id, title: post.title })
|
||||
|
||||
setResponseStatus(event, 201)
|
||||
return { post: post.toObject() }
|
||||
})
|
||||
20
server/api/board/posts/[id].delete.js
Normal file
20
server/api/board/posts/[id].delete.js
Normal file
|
|
@ -0,0 +1,20 @@
|
|||
import BoardPost from '../../../models/boardPost.js'
|
||||
import { requireAuth } from '../../../utils/auth.js'
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const member = await requireAuth(event)
|
||||
const id = getRouterParam(event, 'id')
|
||||
|
||||
const post = await BoardPost.findById(id)
|
||||
if (!post) {
|
||||
throw createError({ statusCode: 404, statusMessage: 'Post not found' })
|
||||
}
|
||||
|
||||
if (post.author.toString() !== member._id.toString()) {
|
||||
throw createError({ statusCode: 403, statusMessage: 'Not authorized to delete this post' })
|
||||
}
|
||||
|
||||
await post.deleteOne()
|
||||
|
||||
return { success: true }
|
||||
})
|
||||
52
server/api/board/posts/[id].patch.js
Normal file
52
server/api/board/posts/[id].patch.js
Normal file
|
|
@ -0,0 +1,52 @@
|
|||
import BoardPost from '../../../models/boardPost.js'
|
||||
import { requireAuth } from '../../../utils/auth.js'
|
||||
import { validateBody } from '../../../utils/validateBody.js'
|
||||
import { boardPostUpdateSchema } from '../../../utils/schemas.js'
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const member = await requireAuth(event)
|
||||
const id = getRouterParam(event, 'id')
|
||||
|
||||
const body = await validateBody(event, boardPostUpdateSchema)
|
||||
|
||||
const post = await BoardPost.findById(id)
|
||||
if (!post) {
|
||||
throw createError({ statusCode: 404, statusMessage: 'Post not found' })
|
||||
}
|
||||
|
||||
if (post.author.toString() !== member._id.toString()) {
|
||||
throw createError({ statusCode: 403, statusMessage: 'Not authorized to edit this post' })
|
||||
}
|
||||
|
||||
if (body.title !== undefined) post.title = body.title
|
||||
if (body.seeking !== undefined) post.seeking = body.seeking
|
||||
if (body.offering !== undefined) post.offering = body.offering
|
||||
if (body.note !== undefined) post.note = body.note
|
||||
if (body.tags !== undefined) post.tags = body.tags
|
||||
|
||||
const seeking = (post.seeking || '').trim()
|
||||
const offering = (post.offering || '').trim()
|
||||
if (!seeking && !offering) {
|
||||
throw createError({
|
||||
statusCode: 400,
|
||||
statusMessage: 'At least one of seeking or offering must be provided'
|
||||
})
|
||||
}
|
||||
|
||||
try {
|
||||
await post.save()
|
||||
} catch (err) {
|
||||
if (err.name === 'ValidationError') {
|
||||
throw createError({
|
||||
statusCode: 400,
|
||||
statusMessage: 'Validation failed',
|
||||
data: err.errors
|
||||
})
|
||||
}
|
||||
throw err
|
||||
}
|
||||
|
||||
await post.populate('author', 'name avatar circle board.slackHandle')
|
||||
|
||||
return { post: post.toObject() }
|
||||
})
|
||||
Loading…
Add table
Add a link
Reference in a new issue