feat: board post + channel API routes
Implements Phase 2a of board classifieds redesign: - GET/POST /api/board/posts (list with tag/author filters, create) - PATCH/DELETE /api/board/posts/:id (author-only) - GET /api/board/channels (member) - POST /api/admin/board-channels (admin) - PATCH/DELETE /api/admin/board-channels/:id (admin) Adds board_post_created activity type.
This commit is contained in:
parent
8e5f4a2d7c
commit
6a440a846d
9 changed files with 218 additions and 0 deletions
20
server/api/board/posts/[id].delete.js
Normal file
20
server/api/board/posts/[id].delete.js
Normal file
|
|
@ -0,0 +1,20 @@
|
|||
import BoardPost from '../../../models/boardPost.js'
|
||||
import { requireAuth } from '../../../utils/auth.js'
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const member = await requireAuth(event)
|
||||
const id = getRouterParam(event, 'id')
|
||||
|
||||
const post = await BoardPost.findById(id)
|
||||
if (!post) {
|
||||
throw createError({ statusCode: 404, statusMessage: 'Post not found' })
|
||||
}
|
||||
|
||||
if (post.author.toString() !== member._id.toString()) {
|
||||
throw createError({ statusCode: 403, statusMessage: 'Not authorized to delete this post' })
|
||||
}
|
||||
|
||||
await post.deleteOne()
|
||||
|
||||
return { success: true }
|
||||
})
|
||||
52
server/api/board/posts/[id].patch.js
Normal file
52
server/api/board/posts/[id].patch.js
Normal file
|
|
@ -0,0 +1,52 @@
|
|||
import BoardPost from '../../../models/boardPost.js'
|
||||
import { requireAuth } from '../../../utils/auth.js'
|
||||
import { validateBody } from '../../../utils/validateBody.js'
|
||||
import { boardPostUpdateSchema } from '../../../utils/schemas.js'
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const member = await requireAuth(event)
|
||||
const id = getRouterParam(event, 'id')
|
||||
|
||||
const body = await validateBody(event, boardPostUpdateSchema)
|
||||
|
||||
const post = await BoardPost.findById(id)
|
||||
if (!post) {
|
||||
throw createError({ statusCode: 404, statusMessage: 'Post not found' })
|
||||
}
|
||||
|
||||
if (post.author.toString() !== member._id.toString()) {
|
||||
throw createError({ statusCode: 403, statusMessage: 'Not authorized to edit this post' })
|
||||
}
|
||||
|
||||
if (body.title !== undefined) post.title = body.title
|
||||
if (body.seeking !== undefined) post.seeking = body.seeking
|
||||
if (body.offering !== undefined) post.offering = body.offering
|
||||
if (body.note !== undefined) post.note = body.note
|
||||
if (body.tags !== undefined) post.tags = body.tags
|
||||
|
||||
const seeking = (post.seeking || '').trim()
|
||||
const offering = (post.offering || '').trim()
|
||||
if (!seeking && !offering) {
|
||||
throw createError({
|
||||
statusCode: 400,
|
||||
statusMessage: 'At least one of seeking or offering must be provided'
|
||||
})
|
||||
}
|
||||
|
||||
try {
|
||||
await post.save()
|
||||
} catch (err) {
|
||||
if (err.name === 'ValidationError') {
|
||||
throw createError({
|
||||
statusCode: 400,
|
||||
statusMessage: 'Validation failed',
|
||||
data: err.errors
|
||||
})
|
||||
}
|
||||
throw err
|
||||
}
|
||||
|
||||
await post.populate('author', 'name avatar circle board.slackHandle')
|
||||
|
||||
return { post: post.toObject() }
|
||||
})
|
||||
Loading…
Add table
Add a link
Reference in a new issue