| 1234567891011121314151617181920212223242526272829303132333435363738 |
- // app/api/branches/route.js
- import { NextResponse } from "next/server";
- import { listBranches } from "@/lib/storage";
- import { getSession } from "@/lib/auth/session";
- import { filterBranchesForSession } from "@/lib/auth/permissions";
- /**
- * GET /api/branches
- *
- * Returns the list of branches (e.g. ["NL01", "NL02", ...]) based on the
- * directory names under NAS_ROOT_PATH.
- *
- * RBAC:
- * - 401 if no session
- * - branch role: only returns its own branch
- * - admin/dev: returns all branches
- */
- export async function GET() {
- const session = await getSession();
- if (!session) {
- return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
- }
- try {
- const branches = await listBranches();
- const visibleBranches = filterBranchesForSession(session, branches);
- return NextResponse.json({ branches: visibleBranches });
- } catch (error) {
- console.error("[api/branches] Error reading branches:", error);
- return NextResponse.json(
- { error: "Fehler beim Lesen der Niederlassungen" },
- { status: 500 }
- );
- }
- }
|
