81 lines
2.3 KiB
TypeScript
81 lines
2.3 KiB
TypeScript
import { execute, queryOne } from '../../../utils/db'
|
|
import { getCurrentUserId } from '../../../utils/user'
|
|
import crypto from 'crypto'
|
|
|
|
interface UpdateBody {
|
|
vcsUsername?: string
|
|
vcsEmail?: string
|
|
authType?: string
|
|
credential?: string
|
|
isActive?: boolean
|
|
}
|
|
|
|
function encryptCredential(text: string): string {
|
|
const key = process.env.ENCRYPTION_KEY || 'weeklyreport-default-key-32byte!'
|
|
const iv = crypto.randomBytes(16)
|
|
const cipher = crypto.createCipheriv('aes-256-cbc', Buffer.from(key.padEnd(32, '0').slice(0, 32)), iv)
|
|
let encrypted = cipher.update(text, 'utf8', 'hex')
|
|
encrypted += cipher.final('hex')
|
|
return iv.toString('hex') + ':' + encrypted
|
|
}
|
|
|
|
/**
|
|
* VCS 계정 수정
|
|
* PUT /api/vcs-account/[id]/update
|
|
*/
|
|
export default defineEventHandler(async (event) => {
|
|
const accountId = Number(getRouterParam(event, 'id'))
|
|
const body = await readBody<UpdateBody>(event)
|
|
const userId = await getCurrentUserId(event)
|
|
|
|
const existing = await queryOne(
|
|
'SELECT * FROM wr_employee_vcs_account WHERE account_id = $1 AND employee_id = $2',
|
|
[accountId, userId]
|
|
)
|
|
if (!existing) {
|
|
throw createError({ statusCode: 404, message: 'VCS 계정을 찾을 수 없습니다.' })
|
|
}
|
|
|
|
const updates: string[] = []
|
|
const values: any[] = []
|
|
let paramIndex = 1
|
|
|
|
if (body.vcsUsername !== undefined) {
|
|
updates.push(`vcs_username = $${paramIndex++}`)
|
|
values.push(body.vcsUsername)
|
|
}
|
|
|
|
if (body.vcsEmail !== undefined) {
|
|
updates.push(`vcs_email = $${paramIndex++}`)
|
|
values.push(body.vcsEmail)
|
|
}
|
|
|
|
if (body.authType !== undefined) {
|
|
updates.push(`auth_type = $${paramIndex++}`)
|
|
values.push(body.authType)
|
|
}
|
|
|
|
if (body.credential !== undefined && body.credential) {
|
|
updates.push(`encrypted_credential = $${paramIndex++}`)
|
|
values.push(encryptCredential(body.credential))
|
|
}
|
|
|
|
if (body.isActive !== undefined) {
|
|
updates.push(`is_active = $${paramIndex++}`)
|
|
values.push(body.isActive)
|
|
}
|
|
|
|
if (updates.length === 0) {
|
|
return { success: true, message: '변경된 내용이 없습니다.' }
|
|
}
|
|
|
|
updates.push('updated_at = NOW()')
|
|
values.push(accountId)
|
|
|
|
await execute(`
|
|
UPDATE wr_employee_vcs_account SET ${updates.join(', ')} WHERE account_id = $${paramIndex}
|
|
`, values)
|
|
|
|
return { success: true }
|
|
})
|