RiseUP/riseup-squad18
2
0
Fork 1
Code Issues Pull Requests Actions 1 Packages Projects 1 Releases Wiki Activity
riseup-squad18/MEDICONNECT 2/netlify/functions/user-roles.ts
guisilvagomes 376e344506 Atualizando
2025-10-21 13:02:56 -03:00

162 lines
4.2 KiB
TypeScript
Raw Blame History

/**
* Netlify Function: User Roles
* GET /rest/v1/user_roles - Lista roles de usuários
* POST /rest/v1/user_roles - Adiciona role a um usuário
* DELETE /rest/v1/user_roles - Remove role de um usuário
*/
import type { Handler, HandlerEvent } from "@netlify/functions";
const SUPABASE_URL = "https://yuanqfswhberkoevtmfr.supabase.co";
const SUPABASE_ANON_KEY =
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Inl1YW5xZnN3aGJlcmtvZXZ0bWZyIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NTQ5NTQzNjksImV4cCI6MjA3MDUzMDM2OX0.g8Fm4XAvtX46zifBZnYVH4tVuQkqUH6Ia9CXQj4DztQ";
export const handler: Handler = async (event: HandlerEvent) => {
const headers = {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Headers": "Content-Type, Authorization",
"Access-Control-Allow-Methods": "GET, POST, DELETE, OPTIONS",
};
if (event.httpMethod === "OPTIONS") {
return {
statusCode: 200,
headers,
body: "",
};
}
try {
const authHeader =
event.headers.authorization || event.headers.Authorization;
if (!authHeader) {
return {
statusCode: 401,
headers,
body: JSON.stringify({ error: "Token não fornecido" }),
};
}
if (event.httpMethod === "GET") {
let url = `${SUPABASE_URL}/rest/v1/user_roles?select=*`;
if (event.queryStringParameters) {
const params = new URLSearchParams(
event.queryStringParameters as Record<string, string>
);
const paramsStr = params.toString();
if (paramsStr) {
url += `&${paramsStr}`;
}
}
const response = await fetch(url, {
method: "GET",
headers: {
apikey: SUPABASE_ANON_KEY,
Authorization: authHeader,
},
});
const data = await response.json();
return {
statusCode: response.status,
headers: {
...headers,
"Content-Type": "application/json",
},
body: JSON.stringify(data),
};
}
if (event.httpMethod === "POST") {
// Adicionar nova role para um usuário
const body = JSON.parse(event.body || "{}");
if (!body.user_id || !body.role) {
return {
statusCode: 400,
headers,
body: JSON.stringify({ error: "user_id e role são obrigatórios" }),
};
}
const response = await fetch(`${SUPABASE_URL}/rest/v1/user_roles`, {
method: "POST",
headers: {
apikey: SUPABASE_ANON_KEY,
Authorization: authHeader,
"Content-Type": "application/json",
Prefer: "return=representation",
},
body: JSON.stringify({
user_id: body.user_id,
role: body.role,
}),
});
const data = await response.json();
return {
statusCode: response.status,
headers: {
...headers,
"Content-Type": "application/json",
},
body: JSON.stringify(data),
};
}
if (event.httpMethod === "DELETE") {
// Remover role de um usuário
const params = event.queryStringParameters;
if (!params?.user_id || !params?.role) {
return {
statusCode: 400,
headers,
body: JSON.stringify({ error: "user_id e role são obrigatórios" }),
};
}
const url = `${SUPABASE_URL}/rest/v1/user_roles?user_id=eq.${params.user_id}&role=eq.${params.role}`;
const response = await fetch(url, {
method: "DELETE",
headers: {
apikey: SUPABASE_ANON_KEY,
Authorization: authHeader,
},
});
return {
statusCode: response.status,
headers: {
...headers,
"Content-Type": "application/json",
},
body: JSON.stringify({ success: true }),
};
}
return {
statusCode: 405,
headers,
body: JSON.stringify({ error: "Method Not Allowed" }),
};
} catch (error) {
console.error("Erro na API de user roles:", error);
return {
statusCode: 500,
headers,
body: JSON.stringify({
error: "Erro interno no servidor",
message: error instanceof Error ? error.message : "Erro desconhecido",
}),
};
}
};
Reference in New Issue View Git Blame Copy Permalink