import { NextRequest, NextResponse } from "next/server"; import { authenticateAPIRequest } from "@/app/lib/api-auth"; import { hasPermission, PERMISSIONS } from "@/app/lib/permissions"; import { db } from "@/db"; import { images } from "@/db/schema"; import { eq, desc } from "drizzle-orm"; /** * GET /api/v1/images * Kullanıcının tüm resimlerini listele * Moderator ve adminler tüm resimleri görebilir * * Headers: * - Authorization: Bearer */ export async function GET(request: NextRequest) { const auth = await authenticateAPIRequest(request); if (!auth.authenticated) { return NextResponse.json({ error: auth.error }, { status: 401 }); } try { // Permission kontrolü - admin ve moderator tüm resimleri görebilir const canViewAll = hasPermission(auth.role!, PERMISSIONS.IMAGE_VIEW_ANY); let userImages; if (canViewAll) { // Tüm resimleri listele userImages = await db .select() .from(images) .orderBy(desc(images.createdAt)); } else { // Sadece kendi resimlerini listele userImages = await db .select() .from(images) .where(eq(images.userId, auth.userId!)) .orderBy(desc(images.createdAt)); } return NextResponse.json({ success: true, data: { images: userImages.map((img) => ({ id: img.id, originalName: img.originalName, url: img.url, // R2 URL'leri zaten tam URL olarak kaydedildi width: img.width, height: img.height, quality: img.quality, format: img.format, fileSize: img.fileSize, createdAt: img.createdAt.toISOString(), })), total: userImages.length, }, }); } catch (error: any) { console.error("API - Resim listesi hatası:", error); return NextResponse.json( { error: "Resimler yüklenemedi" }, { status: 500 } ); } }