diff --git a/src/app/api/projects/[id]/route.js b/src/app/api/projects/[id]/route.js index 115f5f2..2a25cfb 100644 --- a/src/app/api/projects/[id]/route.js +++ b/src/app/api/projects/[id]/route.js @@ -11,7 +11,7 @@ import { logFieldChange } from "@/lib/queries/fieldHistory"; import { addNoteToProject } from "@/lib/queries/notes"; import initializeDatabase from "@/lib/init-db"; import { NextResponse } from "next/server"; -import { withReadAuth, withUserAuth } from "@/lib/middleware/auth"; +import { withReadAuth, withUserAuth, withTeamLeadAuth } from "@/lib/middleware/auth"; import { logApiActionSafe, AUDIT_ACTIONS, @@ -155,4 +155,4 @@ async function deleteProjectHandler(req, { params }) { // Protected routes - require authentication export const GET = withReadAuth(getProjectHandler); export const PUT = withUserAuth(updateProjectHandler); -export const DELETE = withUserAuth(deleteProjectHandler); +export const DELETE = withTeamLeadAuth(deleteProjectHandler); diff --git a/src/app/projects/[id]/edit/page.js b/src/app/projects/[id]/edit/page.js index 0bff6de..fe53639 100644 --- a/src/app/projects/[id]/edit/page.js +++ b/src/app/projects/[id]/edit/page.js @@ -1,7 +1,7 @@ "use client"; import { useEffect, useState, useRef } from "react"; -import { useParams } from "next/navigation"; +import { useParams, useRouter } from "next/navigation"; import ProjectForm from "@/components/ProjectForm"; import PageContainer from "@/components/ui/PageContainer"; import PageHeader from "@/components/ui/PageHeader"; @@ -9,16 +9,44 @@ import Button from "@/components/ui/Button"; import Link from "next/link"; import { LoadingState } from "@/components/ui/States"; import { useTranslation } from "@/lib/i18n"; +import { useSession } from "next-auth/react"; export default function EditProjectPage() { const params = useParams(); + const router = useRouter(); const id = params.id; const [project, setProject] = useState(null); const [loading, setLoading] = useState(true); const [error, setError] = useState(null); + const [showDeleteModal, setShowDeleteModal] = useState(false); + const [deleting, setDeleting] = useState(false); const { t } = useTranslation(); + const { data: session } = useSession(); const formRef = useRef(); + const handleDelete = async () => { + setDeleting(true); + try { + const res = await fetch(`/api/projects/${id}`, { + method: 'DELETE', + }); + + if (res.ok) { + router.push('/projects'); + } else { + const data = await res.json(); + alert(data.error || 'Błąd podczas usuwania projektu'); + setDeleting(false); + setShowDeleteModal(false); + } + } catch (error) { + console.error('Error deleting project:', error); + alert('Błąd podczas usuwania projektu'); + setDeleting(false); + setShowDeleteModal(false); + } + }; + useEffect(() => { const fetchProject = async () => { try { @@ -130,7 +158,159 @@ export default function EditProjectPage() { />
+ + {/* Delete Button - Only for team_lead */} + {session?.user?.role === 'team_lead' && ( +
+
+
+

+ Usuwanie projektu +

+

+ Operacja nieodwracalna. Wszystkie powiązane dane zostaną trwale usunięte. +

+
+ +
+
+ )}
+ + {/* Delete Confirmation Modal */} + {showDeleteModal && ( +
e.target === e.currentTarget && !deleting && setShowDeleteModal(false)} + > +
+
+
+
+ + + +
+

+ Potwierdź usunięcie +

+
+ {!deleting && ( + + )} +
+ +
+

+ Czy na pewno chcesz usunąć projekt "{project?.project_name}"? +

+

+ Ta operacja jest nieodwracalna. Zostaną usunięte wszystkie powiązane dane, w tym: +

+
    +
  • Notatki projektu
    • +
  • Załączone pliki
    • +
  • Zadania projektu
    • +
  • Historia zmian
    • +
+
+ +
+ + +
+
+
+ )} ); } diff --git a/src/lib/middleware/auth.js b/src/lib/middleware/auth.js index 5efd9a2..551c844 100644 --- a/src/lib/middleware/auth.js +++ b/src/lib/middleware/auth.js @@ -75,3 +75,8 @@ export function withAdminAuth(handler) { export function withManagerAuth(handler) { return withAuth(handler, { requiredRole: 'project_manager' }) } + +// Helper for team lead operations +export function withTeamLeadAuth(handler) { + return withAuth(handler, { requiredRole: 'team_lead' }) +}