Files
dickendock/backend/src/tools/bestellungen/routes.js

102 lines
4.8 KiB
JavaScript
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
const express = require('express');
const db = require('../../db');
const { authenticate } = require('../../middleware/auth');
const router = express.Router();
const uid = req => req.user.id;
// Hilfsfunktion: Bestellung mit Items laden
const loadOrder = (id, userId) => {
const order = db.prepare('SELECT * FROM orders WHERE id=? AND user_id=?').get(id, userId);
if (!order) return null;
order.items = db.prepare('SELECT * FROM order_items WHERE order_id=? ORDER BY id').all(id);
return order;
};
// GET /api/tools/bestellungen alle Bestellungen
router.get('/', authenticate, (req, res) => {
const orders = db.prepare(`
SELECT o.*,
COUNT(oi.id) as item_count
FROM orders o
LEFT JOIN order_items oi ON oi.order_id = o.id
WHERE o.user_id = ?
GROUP BY o.id
ORDER BY o.created_at DESC
`).all(uid(req));
res.json(orders);
});
// GET /api/tools/bestellungen/:id einzelne Bestellung mit Items
router.get('/:id', authenticate, (req, res) => {
const order = loadOrder(req.params.id, uid(req));
if (!order) return res.status(404).json({ error: 'Nicht gefunden' });
res.json(order);
});
// POST /api/tools/bestellungen neue Bestellung
router.post('/', authenticate, (req, res) => {
const { name, bemerkung = '', status = 'warteliste', custom_price = null } = req.body;
if (!name?.trim()) return res.status(400).json({ error: 'Name erforderlich' });
const r = db.prepare(`INSERT INTO orders (user_id,name,bemerkung,status,custom_price) VALUES (?,?,?,?,?)`)
.run(uid(req), name.trim(), bemerkung, status, custom_price);
res.json(loadOrder(r.lastInsertRowid, uid(req)));
});
// PUT /api/tools/bestellungen/:id Bestellung aktualisieren
router.put('/:id', authenticate, (req, res) => {
const ex = db.prepare('SELECT * FROM orders WHERE id=? AND user_id=?').get(req.params.id, uid(req));
if (!ex) return res.status(404).json({ error: 'Nicht gefunden' });
const { name=ex.name, bemerkung=ex.bemerkung, status=ex.status, custom_price=ex.custom_price } = req.body;
db.prepare(`UPDATE orders SET name=?,bemerkung=?,status=?,custom_price=?,updated_at=CURRENT_TIMESTAMP WHERE id=? AND user_id=?`)
.run(name, bemerkung, status, custom_price, req.params.id, uid(req));
res.json(loadOrder(req.params.id, uid(req)));
});
// DELETE /api/tools/bestellungen/:id
router.delete('/:id', authenticate, (req, res) => {
const r = db.prepare('DELETE FROM orders WHERE id=? AND user_id=?').run(req.params.id, uid(req));
if (!r.changes) return res.status(404).json({ error: 'Nicht gefunden' });
res.json({ success: true });
});
// POST /api/tools/bestellungen/:id/items Archiv-Eintrag hinzufügen
router.post('/:id/items', authenticate, (req, res) => {
const order = db.prepare('SELECT * FROM orders WHERE id=? AND user_id=?').get(req.params.id, uid(req));
if (!order) return res.status(404).json({ error: 'Bestellung nicht gefunden' });
const { calculation_id, stueckzahl = 1 } = req.body;
const calc = db.prepare('SELECT * FROM calculations WHERE id=? AND user_id=?').get(calculation_id, uid(req));
if (!calc) return res.status(404).json({ error: 'Archiv-Eintrag nicht gefunden' });
// Bereits vorhanden? → Stückzahl erhöhen
const existing = db.prepare('SELECT * FROM order_items WHERE order_id=? AND calculation_id=?').get(req.params.id, calculation_id);
if (existing) {
db.prepare('UPDATE order_items SET stueckzahl=? WHERE id=?').run(existing.stueckzahl + stueckzahl, existing.id);
} else {
db.prepare(`INSERT INTO order_items (order_id,calculation_id,calc_name,preis_freundschaft,preis_normal,preis_auftrag,stueckzahl)
VALUES (?,?,?,?,?,?,?)`)
.run(req.params.id, calc.id, calc.name, calc.preis_freundschaft, calc.preis_normal, calc.preis_auftrag, stueckzahl);
}
res.json(loadOrder(req.params.id, uid(req)));
});
// PUT /api/tools/bestellungen/:id/items/:itemId Stückzahl ändern
router.put('/:id/items/:itemId', authenticate, (req, res) => {
const order = db.prepare('SELECT * FROM orders WHERE id=? AND user_id=?').get(req.params.id, uid(req));
if (!order) return res.status(404).json({ error: 'Nicht gefunden' });
const { stueckzahl } = req.body;
if (!stueckzahl || stueckzahl < 1) return res.status(400).json({ error: 'Ungültige Stückzahl' });
db.prepare('UPDATE order_items SET stueckzahl=? WHERE id=? AND order_id=?').run(stueckzahl, req.params.itemId, req.params.id);
res.json(loadOrder(req.params.id, uid(req)));
});
// DELETE /api/tools/bestellungen/:id/items/:itemId
router.delete('/:id/items/:itemId', authenticate, (req, res) => {
const order = db.prepare('SELECT * FROM orders WHERE id=? AND user_id=?').get(req.params.id, uid(req));
if (!order) return res.status(404).json({ error: 'Nicht gefunden' });
db.prepare('DELETE FROM order_items WHERE id=? AND order_id=?').run(req.params.itemId, req.params.id);
res.json(loadOrder(req.params.id, uid(req)));
});
module.exports = router;