Initial commit

app/api/clients/route.ts

@@ -0,0 +1,47 @@
+import { NextRequest, NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { db } from "@/lib/db";
+
+export async function GET(req: NextRequest) {
+  const session = await auth();
+  if (!session?.user) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+
+  const clients = await db.client.findMany({
+    select: {
+      id: true,
+      company: true,
+      contactPerson: true,
+      email: true,
+      isActive: true,
+      _count: { select: { projects: true } },
+    },
+    orderBy: { company: "asc" },
+  });
+
+  return NextResponse.json({ clients });
+}
+
+export async function POST(req: NextRequest) {
+  const session = await auth();
+  if (!session?.user) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+  if (!["ADMIN", "PRODUCER"].includes(session.user.role as string)) {
+    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
+  }
+
+  const body = await req.json();
+  const { company, contactPerson, email, phone, notes } = body;
+
+  if (!company || !contactPerson || !email) {
+    return NextResponse.json({ error: "company, contactPerson and email are required" }, { status: 400 });
+  }
+
+  const client = await db.client.create({
+    data: { company, contactPerson, email, phone, notes },
+  });
+
+  return NextResponse.json({ client }, { status: 201 });
+}