feat: stages module, mobility frontend, theme toggle, employeeOnly access control
- Add stages module with full CRUD API and admin overview island - Add mobility overview island (Liste, Kanban, Detail CRUD views) - Add contract PDF upload/download endpoints for mobilites - Add light/dark theme toggle in header - Add employeeOnly flag to hide entire modules from students (admin, students, stages) - Add read-only GET endpoints for modules/ues/ue-modules in notes module - Add [slug].tsx catch-all routes for direct URL navigation - Replace old mobility table with mobilites + stages schema (migration 0004) - Allow students to create mobilites and upload contracts - Redirect authenticated users from / to /apps catalog
This commit is contained in:
@@ -1,122 +0,0 @@
|
||||
import { Handlers } from "$fresh/server.ts";
|
||||
import { db } from "$root/databases/db.ts";
|
||||
import { mobility, promotions, students } from "$root/databases/schema.ts";
|
||||
import { eq } from "npm:drizzle-orm@0.45.2";
|
||||
|
||||
export const handler: Handlers = {
|
||||
async GET() {
|
||||
try {
|
||||
const studentRows = await db
|
||||
.select({
|
||||
id: students.userId,
|
||||
firstName: students.firstName,
|
||||
lastName: students.lastName,
|
||||
promotionId: students.promotionId,
|
||||
endyear: promotions.endyear,
|
||||
current: promotions.current,
|
||||
})
|
||||
.from(students)
|
||||
.leftJoin(promotions, eq(students.promotionId, promotions.id));
|
||||
|
||||
const mobilityRows = await db.select().from(mobility);
|
||||
|
||||
const promotionRows = await db
|
||||
.select({
|
||||
id: promotions.id,
|
||||
endyear: promotions.endyear,
|
||||
current: promotions.current,
|
||||
})
|
||||
.from(promotions);
|
||||
|
||||
return new Response(
|
||||
JSON.stringify({
|
||||
mobilities: mobilityRows,
|
||||
students: studentRows,
|
||||
promotions: promotionRows,
|
||||
}),
|
||||
{ status: 200, headers: { "Content-Type": "application/json" } },
|
||||
);
|
||||
} catch (error) {
|
||||
console.error("Error fetching mobility data:", error);
|
||||
return new Response("Failed to fetch data", { status: 500 });
|
||||
}
|
||||
},
|
||||
|
||||
async POST(request) {
|
||||
try {
|
||||
const body = await request.json();
|
||||
const { data } = body;
|
||||
|
||||
if (!Array.isArray(data)) {
|
||||
throw new Error("Invalid request body");
|
||||
}
|
||||
|
||||
for (const entry of data) {
|
||||
const {
|
||||
id,
|
||||
studentId,
|
||||
startDate,
|
||||
endDate,
|
||||
weeksCount,
|
||||
destinationCountry,
|
||||
destinationName,
|
||||
mobilityStatus = "N/A",
|
||||
} = entry;
|
||||
|
||||
const studentExists = await db
|
||||
.select({ userId: students.userId })
|
||||
.from(students)
|
||||
.where(eq(students.userId, studentId))
|
||||
.limit(1)
|
||||
.then((rows) => rows.length > 0);
|
||||
|
||||
if (!studentExists) {
|
||||
console.warn(`Skipping mobility for unknown studentId: ${studentId}`);
|
||||
continue;
|
||||
}
|
||||
|
||||
let calculatedWeeksCount = weeksCount;
|
||||
if (startDate && endDate) {
|
||||
const start = new Date(startDate);
|
||||
const end = new Date(endDate);
|
||||
calculatedWeeksCount = start <= end
|
||||
? Math.ceil(
|
||||
(end.getTime() - start.getTime()) / (7 * 24 * 60 * 60 * 1000),
|
||||
)
|
||||
: null;
|
||||
}
|
||||
|
||||
await db
|
||||
.insert(mobility)
|
||||
.values({
|
||||
id,
|
||||
studentId,
|
||||
startDate,
|
||||
endDate,
|
||||
weeksCount: calculatedWeeksCount,
|
||||
destinationCountry,
|
||||
destinationName,
|
||||
mobilityStatus,
|
||||
})
|
||||
.onConflictDoUpdate({
|
||||
target: mobility.id,
|
||||
set: {
|
||||
startDate,
|
||||
endDate,
|
||||
weeksCount: calculatedWeeksCount,
|
||||
destinationCountry,
|
||||
destinationName,
|
||||
mobilityStatus,
|
||||
},
|
||||
});
|
||||
}
|
||||
|
||||
return new Response("Data inserted/updated successfully", {
|
||||
status: 200,
|
||||
});
|
||||
} catch (error) {
|
||||
console.error("Error inserting mobility data:", error);
|
||||
return new Response("Failed to insert/update data", { status: 500 });
|
||||
}
|
||||
},
|
||||
};
|
||||
@@ -0,0 +1,116 @@
|
||||
import { FreshContext, Handlers } from "$fresh/server.ts";
|
||||
import { db } from "$root/databases/db.ts";
|
||||
import { mobilites } from "$root/databases/schema.ts";
|
||||
import { AuthenticatedState } from "$root/defaults/interfaces.ts";
|
||||
import { eq } from "npm:drizzle-orm@0.45.2";
|
||||
|
||||
const VALID_STATUSES = [
|
||||
"contracts_received",
|
||||
"under_revision",
|
||||
"done",
|
||||
"validated",
|
||||
"canceled",
|
||||
] as const;
|
||||
|
||||
export const handler: Handlers<null, AuthenticatedState> = {
|
||||
// GET /mobilites — list all, optional ?numEtud filter
|
||||
async GET(request) {
|
||||
try {
|
||||
const url = new URL(request.url);
|
||||
const numEtudParam = url.searchParams.get("numEtud");
|
||||
|
||||
let query = db.select().from(mobilites).$dynamic();
|
||||
|
||||
if (numEtudParam) {
|
||||
const numEtud = parseInt(numEtudParam);
|
||||
if (isNaN(numEtud)) {
|
||||
return new Response("Paramètre numEtud invalide", { status: 400 });
|
||||
}
|
||||
query = query.where(eq(mobilites.numEtud, numEtud));
|
||||
}
|
||||
|
||||
const result = await query;
|
||||
|
||||
return new Response(JSON.stringify(result), {
|
||||
status: 200,
|
||||
headers: { "Content-Type": "application/json" },
|
||||
});
|
||||
} catch (error) {
|
||||
console.error("Error fetching mobilites:", error);
|
||||
return new Response("Failed to fetch data", { status: 500 });
|
||||
}
|
||||
},
|
||||
|
||||
// POST /mobilites — create mobility
|
||||
async POST(
|
||||
request: Request,
|
||||
context: FreshContext<AuthenticatedState>,
|
||||
): Promise<Response> {
|
||||
const isEmployee =
|
||||
context.state.session.eduPersonPrimaryAffiliation === "employee";
|
||||
|
||||
try {
|
||||
const body = await request.json();
|
||||
const { numEtud, duree, ecole, pays, status, idStage } = body;
|
||||
|
||||
// Students can only create mobilites for themselves
|
||||
if (!isEmployee && numEtud !== undefined) {
|
||||
// Students cannot set idStage or status
|
||||
if (idStage || (status && status !== "contracts_received")) {
|
||||
return new Response(null, { status: 403 });
|
||||
}
|
||||
}
|
||||
|
||||
if (!numEtud || duree === undefined) {
|
||||
return new Response(
|
||||
JSON.stringify({ error: "Champs requis: numEtud, duree" }),
|
||||
{ status: 400, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
|
||||
if (!Number.isInteger(duree) || duree < 1) {
|
||||
return new Response(
|
||||
JSON.stringify({ error: "duree doit être un entier >= 1" }),
|
||||
{ status: 400, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
|
||||
if (
|
||||
status !== undefined &&
|
||||
!VALID_STATUSES.includes(status)
|
||||
) {
|
||||
return new Response(
|
||||
JSON.stringify({
|
||||
error: `status invalide, valeurs: ${VALID_STATUSES.join(", ")}`,
|
||||
}),
|
||||
{ status: 400, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
|
||||
// Stage-linked mobilities are always validated
|
||||
const effectiveStatus = idStage
|
||||
? "validated"
|
||||
: (status ?? "contracts_received");
|
||||
|
||||
const [created] = await db
|
||||
.insert(mobilites)
|
||||
.values({
|
||||
numEtud,
|
||||
duree,
|
||||
ecole: ecole ?? null,
|
||||
pays: pays ?? null,
|
||||
status: effectiveStatus,
|
||||
idStage: idStage ?? null,
|
||||
})
|
||||
.returning();
|
||||
|
||||
return new Response(JSON.stringify(created), {
|
||||
status: 201,
|
||||
headers: { "content-type": "application/json" },
|
||||
});
|
||||
} catch (error) {
|
||||
console.error("Error creating mobilite:", error);
|
||||
return new Response("Failed to create mobilite", { status: 500 });
|
||||
}
|
||||
},
|
||||
};
|
||||
@@ -0,0 +1,149 @@
|
||||
import { FreshContext, Handlers } from "$fresh/server.ts";
|
||||
import { db } from "$root/databases/db.ts";
|
||||
import { mobilites } from "$root/databases/schema.ts";
|
||||
import { AuthenticatedState } from "$root/defaults/interfaces.ts";
|
||||
import { eq } from "npm:drizzle-orm@0.45.2";
|
||||
|
||||
const VALID_STATUSES = [
|
||||
"contracts_received",
|
||||
"under_revision",
|
||||
"done",
|
||||
"validated",
|
||||
"canceled",
|
||||
] as const;
|
||||
|
||||
const NOT_FOUND = () =>
|
||||
new Response(
|
||||
JSON.stringify({ error: "Mobilité introuvable" }),
|
||||
{ status: 404, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
|
||||
const FORBIDDEN = () => new Response(null, { status: 403 });
|
||||
|
||||
export const handler: Handlers<null, AuthenticatedState> = {
|
||||
// GET /mobilites/:idMob
|
||||
async GET(
|
||||
_request: Request,
|
||||
context: FreshContext<AuthenticatedState>,
|
||||
): Promise<Response> {
|
||||
const idMob = Number(context.params.idMob);
|
||||
if (isNaN(idMob)) {
|
||||
return new Response("Paramètre idMob invalide", { status: 400 });
|
||||
}
|
||||
|
||||
const row = await db
|
||||
.select()
|
||||
.from(mobilites)
|
||||
.where(eq(mobilites.id, idMob))
|
||||
.then((rows) => rows[0] ?? null);
|
||||
|
||||
if (!row) return NOT_FOUND();
|
||||
|
||||
return new Response(JSON.stringify(row), {
|
||||
headers: { "content-type": "application/json" },
|
||||
});
|
||||
},
|
||||
|
||||
// PUT /mobilites/:idMob (employee only)
|
||||
async PUT(
|
||||
request: Request,
|
||||
context: FreshContext<AuthenticatedState>,
|
||||
): Promise<Response> {
|
||||
if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
|
||||
return FORBIDDEN();
|
||||
}
|
||||
|
||||
const idMob = Number(context.params.idMob);
|
||||
if (isNaN(idMob)) {
|
||||
return new Response("Paramètre idMob invalide", { status: 400 });
|
||||
}
|
||||
|
||||
const body = await request.json();
|
||||
const { duree, ecole, pays, status, idStage } = body;
|
||||
|
||||
if (
|
||||
status !== undefined &&
|
||||
!VALID_STATUSES.includes(status)
|
||||
) {
|
||||
return new Response(
|
||||
JSON.stringify({
|
||||
error: `status invalide, valeurs: ${VALID_STATUSES.join(", ")}`,
|
||||
}),
|
||||
{ status: 400, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
|
||||
if (duree !== undefined && (!Number.isInteger(duree) || duree < 1)) {
|
||||
return new Response(
|
||||
JSON.stringify({ error: "duree doit être un entier >= 1" }),
|
||||
{ status: 400, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
|
||||
const set: Record<string, unknown> = {};
|
||||
if (duree !== undefined) set.duree = duree;
|
||||
if (ecole !== undefined) set.ecole = ecole;
|
||||
if (pays !== undefined) set.pays = pays;
|
||||
if (status !== undefined) set.status = status;
|
||||
if (idStage !== undefined) {
|
||||
set.idStage = idStage;
|
||||
if (idStage) set.status = "validated";
|
||||
}
|
||||
|
||||
if (Object.keys(set).length === 0) {
|
||||
return new Response(
|
||||
JSON.stringify({ error: "Au moins un champ à modifier requis" }),
|
||||
{ status: 400, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
|
||||
const [updated] = await db
|
||||
.update(mobilites)
|
||||
.set(set)
|
||||
.where(eq(mobilites.id, idMob))
|
||||
.returning();
|
||||
|
||||
if (!updated) return NOT_FOUND();
|
||||
|
||||
return new Response(JSON.stringify(updated), {
|
||||
headers: { "content-type": "application/json" },
|
||||
});
|
||||
},
|
||||
|
||||
// DELETE /mobilites/:idMob (employee only)
|
||||
async DELETE(
|
||||
_request: Request,
|
||||
context: FreshContext<AuthenticatedState>,
|
||||
): Promise<Response> {
|
||||
if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
|
||||
return FORBIDDEN();
|
||||
}
|
||||
|
||||
const idMob = Number(context.params.idMob);
|
||||
if (isNaN(idMob)) {
|
||||
return new Response("Paramètre idMob invalide", { status: 400 });
|
||||
}
|
||||
|
||||
// Delete contract file if exists
|
||||
const row = await db
|
||||
.select({ contratMob: mobilites.contratMob })
|
||||
.from(mobilites)
|
||||
.where(eq(mobilites.id, idMob))
|
||||
.then((rows) => rows[0] ?? null);
|
||||
|
||||
if (row?.contratMob) {
|
||||
try {
|
||||
await Deno.remove(`uploads/contracts/${row.contratMob}`);
|
||||
} catch { /* file may not exist */ }
|
||||
}
|
||||
|
||||
const [deleted] = await db
|
||||
.delete(mobilites)
|
||||
.where(eq(mobilites.id, idMob))
|
||||
.returning();
|
||||
|
||||
if (!deleted) return NOT_FOUND();
|
||||
|
||||
return new Response(null, { status: 204 });
|
||||
},
|
||||
};
|
||||
@@ -0,0 +1,156 @@
|
||||
import { FreshContext, Handlers } from "$fresh/server.ts";
|
||||
import { db } from "$root/databases/db.ts";
|
||||
import { mobilites } from "$root/databases/schema.ts";
|
||||
import { AuthenticatedState } from "$root/defaults/interfaces.ts";
|
||||
import { eq } from "npm:drizzle-orm@0.45.2";
|
||||
|
||||
const CONTRACTS_DIR = "uploads/contracts";
|
||||
|
||||
export const handler: Handlers<null, AuthenticatedState> = {
|
||||
// GET /mobilites/:idMob/contrat — download contract PDF
|
||||
async GET(
|
||||
_request: Request,
|
||||
context: FreshContext<AuthenticatedState>,
|
||||
): Promise<Response> {
|
||||
const idMob = Number(context.params.idMob);
|
||||
if (isNaN(idMob)) {
|
||||
return new Response("Paramètre idMob invalide", { status: 400 });
|
||||
}
|
||||
|
||||
const row = await db
|
||||
.select({ contratMob: mobilites.contratMob })
|
||||
.from(mobilites)
|
||||
.where(eq(mobilites.id, idMob))
|
||||
.then((rows) => rows[0] ?? null);
|
||||
|
||||
if (!row) {
|
||||
return new Response(
|
||||
JSON.stringify({ error: "Mobilité introuvable" }),
|
||||
{ status: 404, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
|
||||
if (!row.contratMob) {
|
||||
return new Response(
|
||||
JSON.stringify({ error: "Aucun contrat pour cette mobilité" }),
|
||||
{ status: 404, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
|
||||
try {
|
||||
const file = await Deno.readFile(`${CONTRACTS_DIR}/${row.contratMob}`);
|
||||
return new Response(file, {
|
||||
headers: {
|
||||
"Content-Type": "application/pdf",
|
||||
"Content-Disposition": `inline; filename="${row.contratMob}"`,
|
||||
},
|
||||
});
|
||||
} catch {
|
||||
return new Response(
|
||||
JSON.stringify({ error: "Fichier contrat introuvable" }),
|
||||
{ status: 404, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
},
|
||||
|
||||
// POST /mobilites/:idMob/contrat — upload contract PDF
|
||||
async POST(
|
||||
request: Request,
|
||||
context: FreshContext<AuthenticatedState>,
|
||||
): Promise<Response> {
|
||||
const idMob = Number(context.params.idMob);
|
||||
if (isNaN(idMob)) {
|
||||
return new Response("Paramètre idMob invalide", { status: 400 });
|
||||
}
|
||||
|
||||
// Check mobility exists
|
||||
const row = await db
|
||||
.select({ id: mobilites.id })
|
||||
.from(mobilites)
|
||||
.where(eq(mobilites.id, idMob))
|
||||
.then((rows) => rows[0] ?? null);
|
||||
|
||||
if (!row) {
|
||||
return new Response(
|
||||
JSON.stringify({ error: "Mobilité introuvable" }),
|
||||
{ status: 404, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
|
||||
const formData = await request.formData();
|
||||
const file = formData.get("contrat");
|
||||
|
||||
if (!file || !(file instanceof File)) {
|
||||
return new Response(
|
||||
JSON.stringify({ error: "Fichier 'contrat' requis (PDF)" }),
|
||||
{ status: 400, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
|
||||
if (file.type !== "application/pdf") {
|
||||
return new Response(
|
||||
JSON.stringify({ error: "Le fichier doit être un PDF" }),
|
||||
{ status: 400, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
|
||||
const filename = `mob_${idMob}.pdf`;
|
||||
await Deno.mkdir(CONTRACTS_DIR, { recursive: true });
|
||||
await Deno.writeFile(
|
||||
`${CONTRACTS_DIR}/${filename}`,
|
||||
new Uint8Array(await file.arrayBuffer()),
|
||||
);
|
||||
|
||||
const [updated] = await db
|
||||
.update(mobilites)
|
||||
.set({ contratMob: filename })
|
||||
.where(eq(mobilites.id, idMob))
|
||||
.returning();
|
||||
|
||||
return new Response(JSON.stringify(updated), {
|
||||
status: 200,
|
||||
headers: { "content-type": "application/json" },
|
||||
});
|
||||
},
|
||||
|
||||
// DELETE /mobilites/:idMob/contrat — remove contract (employee only)
|
||||
async DELETE(
|
||||
_request: Request,
|
||||
context: FreshContext<AuthenticatedState>,
|
||||
): Promise<Response> {
|
||||
if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
|
||||
return new Response(null, { status: 403 });
|
||||
}
|
||||
|
||||
const idMob = Number(context.params.idMob);
|
||||
if (isNaN(idMob)) {
|
||||
return new Response("Paramètre idMob invalide", { status: 400 });
|
||||
}
|
||||
|
||||
const row = await db
|
||||
.select({ contratMob: mobilites.contratMob })
|
||||
.from(mobilites)
|
||||
.where(eq(mobilites.id, idMob))
|
||||
.then((rows) => rows[0] ?? null);
|
||||
|
||||
if (!row) {
|
||||
return new Response(
|
||||
JSON.stringify({ error: "Mobilité introuvable" }),
|
||||
{ status: 404, headers: { "content-type": "application/json" } },
|
||||
);
|
||||
}
|
||||
|
||||
if (row.contratMob) {
|
||||
try {
|
||||
await Deno.remove(`${CONTRACTS_DIR}/${row.contratMob}`);
|
||||
} catch { /* file may not exist */ }
|
||||
}
|
||||
|
||||
await db
|
||||
.update(mobilites)
|
||||
.set({ contratMob: null })
|
||||
.where(eq(mobilites.id, idMob));
|
||||
|
||||
return new Response(null, { status: 204 });
|
||||
},
|
||||
};
|
||||
Reference in New Issue
Block a user