Admin/panel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0dd988730f20b43e96a44237045152352d1f5c2a
panel/src/app/api/task-notes/[id]/route.js
RKWojs 0dd988730f feat: Implement internationalization for task management components 
- Added translation support for task-related strings in ProjectTaskForm and ProjectTasksSection components.
- Integrated translation for navigation items in the Navigation component.
- Created ProjectCalendarWidget component with Polish translations for project statuses and deadlines.
- Developed Tooltip component for enhanced user experience with tooltips.
- Established a field change history logging system in the database with associated queries.
- Enhanced task update logging to include translated status and priority changes.
- Introduced server-side translations for system messages to improve localization.
2025-09-11 15:49:07 +02:00

49 lines
1.5 KiB
JavaScript
Raw Blame History

import { deleteNote } from "@/lib/queries/notes";
import { NextResponse } from "next/server";
import { withUserAuth } from "@/lib/middleware/auth";
import db from "@/lib/db";
// DELETE: Delete a specific task note
async function deleteTaskNoteHandler(req, { params }) {
try {
const { id } = await params;
if (!id) {
return NextResponse.json({ error: "Note ID is required" }, { status: 400 });
}
// Get note data before deletion for permission checking
const note = db.prepare("SELECT * FROM notes WHERE note_id = ?").get(id);
if (!note) {
return NextResponse.json({ error: "Note not found" }, { status: 404 });
}
// Check if user has permission to delete this note
// Users can delete their own notes, or admins can delete any note
const userRole = req.user?.role;
const userId = req.user?.id;
if (userRole !== 'admin' && note.created_by !== userId) {
return NextResponse.json({ error: "Unauthorized to delete this note" }, { status: 403 });
}
// Don't allow deletion of system notes by regular users
if (note.is_system && userRole !== 'admin') {
return NextResponse.json({ error: "Cannot delete system notes" }, { status: 403 });
}
deleteNote(id);
return NextResponse.json({ success: true });
} catch (error) {
console.error("Error deleting task note:", error);
return NextResponse.json(
{ error: "Failed to delete task note" },
{ status: 500 }
);
}
}
// Protected route - require user authentication
export const DELETE = withUserAuth(deleteTaskNoteHandler);
Reference in New Issue View Git Blame Copy Permalink