Add company management editing and deletion

2025-10-13 15:23:53 -03:00 · 2025-10-13 15:23:53 -03:00 · 17f9f00343
commit 17f9f00343
parent b60f27b2dc
2 changed files with 137 additions and 7 deletions
--- a/src/app/api/admin/companies/[id]/route.ts
+++ b/src/app/api/admin/companies/[id]/route.ts
@ -1,5 +1,6 @@
 import { NextResponse } from "next/server"

+import { Prisma } from "@prisma/client"
 import { prisma } from "@/lib/prisma"
 import { assertAdminSession } from "@/lib/auth-server"

@ -46,3 +47,36 @@ export async function PATCH(request: Request, { params }: { params: Promise<{ id
    return NextResponse.json({ error: "Falha ao atualizar empresa" }, { status: 500 })
  }
 }
+
+export async function DELETE(_: Request, { params }: { params: Promise<{ id: string }> }) {
+  const session = await assertAdminSession()
+  if (!session) return NextResponse.json({ error: "Não autorizado" }, { status: 401 })
+  const { id } = await params
+
+  const company = await prisma.company.findUnique({
+    where: { id },
+    select: { id: true, tenantId: true, name: true },
+  })
+
+  if (!company) {
+    return NextResponse.json({ error: "Empresa não encontrada" }, { status: 404 })
+  }
+
+  if (company.tenantId !== (session.user.tenantId ?? company.tenantId)) {
+    return NextResponse.json({ error: "Acesso negado" }, { status: 403 })
+  }
+
+  try {
+    await prisma.company.delete({ where: { id: company.id } })
+    return NextResponse.json({ ok: true })
+  } catch (error) {
+    if (error instanceof Prisma.PrismaClientKnownRequestError && error.code === "P2003") {
+      return NextResponse.json(
+        { error: "Não é possível remover esta empresa pois existem registros vinculados." },
+        { status: 409 }
+      )
+    }
+    console.error("Failed to delete company", error)
+    return NextResponse.json({ error: "Falha ao excluir empresa" }, { status: 500 })
+  }
+}