import { NextRequest, NextResponse } from "next/server"; import { authenticateAPIRequest } from "@/app/lib/api-auth"; import { hasPermission, PERMISSIONS } from "@/app/lib/permissions"; import { db } from "@/db"; import { images } from "@/db/schema"; import { eq, desc } from "drizzle-orm"; /** * GET /api/v1/images * Kullanıcının tüm resimlerini listele * Moderator ve adminler tüm resimleri görebilir * * Headers: * - Authorization: Bearer */ export async function GET(request: NextRequest) { const auth = await authenticateAPIRequest(request); if (!auth.authenticated) { return NextResponse.json({ error: auth.error }, { status: 401 }); } try { // Permission kontrolü - admin ve moderator tüm resimleri görebilir const canViewAll = hasPermission(auth.role!, PERMISSIONS.IMAGE_VIEW_ANY); let userImages; if (canViewAll) { // Tüm resimleri listele userImages = await db .select() .from(images) .orderBy(desc(images.createdAt)); } else { // Sadece kendi resimlerini listele userImages = await db .select() .from(images) .where(eq(images.userId, auth.userId!)) .orderBy(desc(images.createdAt)); } // Base URL'i al const baseUrl = getBaseUrl(request); return NextResponse.json({ success: true, data: { images: userImages.map((img) => ({ id: img.id, originalName: img.originalName, url: `${baseUrl}${img.url}`, width: img.width, height: img.height, quality: img.quality, format: img.format, fileSize: img.fileSize, createdAt: img.createdAt.toISOString(), })), total: userImages.length, }, }); } catch (error: any) { console.error("API - Resim listesi hatası:", error); return NextResponse.json( { error: "Resimler yüklenemedi" }, { status: 500 } ); } } function getBaseUrl(request: NextRequest): string { if (process.env.NEXT_PUBLIC_APP_URL) { return process.env.NEXT_PUBLIC_APP_URL; } if (process.env.APP_URL) { return process.env.APP_URL; } const forwardedHost = request.headers.get("x-forwarded-host"); const forwardedProto = request.headers.get("x-forwarded-proto"); if (forwardedHost && forwardedProto) { return `${forwardedProto}://${forwardedHost}`; } return request.nextUrl.origin; }