[action].post.ts
2.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
import { z } from 'zod'
import { OPERATION_TASK_ACTION_VALUES } from '../../../../../app/types/operation'
import { mutateMockOperationTask } from '../../../../utils/mock-operations'
import { getMockUserByToken } from '../../../../utils/mock-auth'
const paramsSchema = z.object({
action: z.enum(OPERATION_TASK_ACTION_VALUES)
})
const payloadSchema = z.object({
operator: z.string().trim().min(1),
remark: z.string().trim().optional(),
testPassed: z.boolean().optional(),
workstation: z.string().trim().optional(),
stepName: z.string().trim().optional(),
evidencePath: z.string().trim().optional()
})
function getTokenFromAuthorizationHeader(value?: string) {
if (!value) {
return null
}
const [type, token] = value.split(' ')
if (type?.toLowerCase() !== 'bearer' || !token) {
return null
}
return token
}
export default eventHandler(async (event) => {
const idRaw = getRouterParam(event, 'id')
const id = Number(idRaw)
if (!Number.isInteger(id) || id <= 0) {
return {
success: false,
errorCode: 'VALIDATION_ERROR',
message: '工序任务标识不正确。'
}
}
const actionRaw = getRouterParam(event, 'action')
const actionResult = paramsSchema.safeParse({ action: actionRaw })
if (!actionResult.success) {
return {
success: false,
errorCode: 'VALIDATION_ERROR',
message: '工序任务动作不支持。'
}
}
const body = await readBody(event)
const payloadResult = payloadSchema.safeParse(body)
if (!payloadResult.success) {
return {
success: false,
errorCode: 'VALIDATION_ERROR',
message: '工序任务操作参数不正确。'
}
}
if (actionResult.data.action === 'skip') {
const authorization = getHeader(event, 'authorization')
const token = getTokenFromAuthorizationHeader(authorization)
if (!token) {
return {
success: false,
errorCode: 'TOKEN_MISSING',
message: '未提供有效 token。'
}
}
const userResult = getMockUserByToken(token)
if (!userResult.success) {
return {
success: false,
errorCode: userResult.errorCode,
message: userResult.errorCode === 'TOKEN_EXPIRED' ? 'token 已过期。' : 'token 无效。'
}
}
const roles = Array.isArray(userResult.user.roles) ? userResult.user.roles : []
if (!roles.includes('admin')) {
return {
success: false,
errorCode: 'FORBIDDEN',
message: '仅管理员可执行跳过工序。'
}
}
}
return mutateMockOperationTask(id, actionResult.data.action, payloadResult.data)
})