Nicholai
b20db98051
Some checks failed
CI / build-and-test (pull_request) Failing after 1m19s
CI (.gitea/workflows/ci.yaml): lint → typecheck → vitest w/ coverage → OpenNext build → preview smoke → bundle-size budgets; Node 20; npm ci; artifacts; safe env; D1 dry-run scaffold. Budgets: add scripts/budgets.mjs; TOTAL_STATIC_MAX_BYTES and MAX_ASSET_BYTES thresholds; report top offenders; fail on breach; README CI section. Flags: add lib/flags.ts with typed booleans and safe defaults (ADMIN_ENABLED, ARTISTS_MODULE_ENABLED, UPLOADS_ADMIN_ENABLED, BOOKING_ENABLED, PUBLIC_APPOINTMENT_REQUESTS_ENABLED, REFERENCE_UPLOADS_PUBLIC_ENABLED, DEPOSITS_ENABLED, PUBLIC_DB_ARTISTS_ENABLED, ADVANCED_NAV_SCROLL_ANIMATIONS_ENABLED, STRICT_CI_GATES_ENABLED, ISR_CACHE_R2_ENABLED); robust parsing; client provider; unit tests. Wiring: gate Admin shell and admin write APIs (503 JSON on uploads and artists writes); disable booking submit and short-circuit booking mutations when off; render static Hero/Artists when advanced animations off; tests for UI and API guards. Ops: expand docs/prd/rollback-strategy.md with “Feature Flags Operations,” Cloudflare Dashboard and wrangler.toml steps, preview simulation, incident playbook, and post-toggle smoke checklist. Release: add docs/releases/2025-09-19-feature-flags-rollout.md with last-good commit, preview/production flag matrices, rollback notes, and smoke results; link from rollback doc. Chore: fix TS issues (gift-cards boolean handling, Lenis options, tailwind darkMode), remove next-on-pages peer conflict, update package.json scripts, configure Gitea act_runner label, open draft PR to trigger CI. Refs: CI-1, FF-1, FF-2, FF-3, OPS-1 Impact: defaults preserve current behavior; no runtime changes unless flags flipped
71 lines
2.2 KiB
TypeScript
71 lines
2.2 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server'
|
|
import { getServerSession } from 'next-auth'
|
|
import { authOptions } from '@/lib/auth'
|
|
import { getDB } from '@/lib/db'
|
|
import { z } from 'zod'
|
|
import { Flags } from '@/lib/flags'
|
|
|
|
export const dynamic = "force-dynamic";
|
|
|
|
const bulkDeleteSchema = z.object({
|
|
fileIds: z.array(z.string()).min(1, 'At least one file ID is required'),
|
|
})
|
|
|
|
export async function POST(request: NextRequest, { params }: { params?: any } = {}, context?: any) {
|
|
try {
|
|
if (!Flags.UPLOADS_ADMIN_ENABLED) {
|
|
return NextResponse.json({ error: 'Admin uploads disabled' }, { status: 503 })
|
|
}
|
|
const session = await getServerSession(authOptions)
|
|
if (!session) {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
|
}
|
|
|
|
const body = await request.json()
|
|
const { fileIds } = bulkDeleteSchema.parse(body)
|
|
|
|
const db = getDB(context?.env)
|
|
|
|
// First, get the file URLs for R2 cleanup (optional)
|
|
const fileUrlsStmt = db.prepare(`
|
|
SELECT url FROM file_uploads
|
|
WHERE id IN (${fileIds.map(() => '?').join(',')})
|
|
`)
|
|
const fileUrlsResult = await fileUrlsStmt.bind(...fileIds).all()
|
|
|
|
// Delete the files from the database
|
|
const deleteStmt = db.prepare(`
|
|
DELETE FROM file_uploads
|
|
WHERE id IN (${fileIds.map(() => '?').join(',')})
|
|
`)
|
|
const deleteResult = await deleteStmt.bind(...fileIds).run()
|
|
|
|
// TODO: In a real implementation, you would also delete the files from R2
|
|
// const r2Bucket = getR2Bucket()
|
|
// for (const row of fileUrlsResult.results) {
|
|
// const key = extractKeyFromUrl(row.url)
|
|
// await r2Bucket.delete(key)
|
|
// }
|
|
|
|
return NextResponse.json({
|
|
success: true,
|
|
deletedCount: deleteResult.meta?.rows_written || 0,
|
|
message: `Successfully deleted ${deleteResult.meta?.rows_written || 0} files`
|
|
})
|
|
} catch (error) {
|
|
console.error('Bulk delete error:', error)
|
|
|
|
if (error instanceof z.ZodError) {
|
|
return NextResponse.json(
|
|
{ error: 'Invalid input data', details: error.errors },
|
|
{ status: 400 }
|
|
)
|
|
}
|
|
|
|
return NextResponse.json(
|
|
{ error: 'Failed to delete files' },
|
|
{ status: 500 }
|
|
)
|
|
}
|
|
}
|