feat(admin/api): add modules endpoint with GET and POST handlers

chore(drizzle.config.ts): import process for env variable support
chore(deps): update drizzle-orm to 0.45.2 and pg to 8.20.0
2026-04-22 14:46:00 +02:00 · 2026-04-22 14:40:19 +02:00 · 2026-04-22 14:40:19 +02:00 · 2026-04-22 14:40:19 +02:00 · 2026-04-22 14:28:03 +02:00 · 2026-04-22 12:20:59 +00:00
17 changed files with 446 additions and 20 deletions
@@ -1,5 +1,5 @@
-import { drizzle } from "npm:drizzle-orm/node-postgres";
-import pg from "npm:pg";
+import { drizzle } from "npm:drizzle-orm@0.45.2/node-postgres";
+import pg from "npm:pg@8.20.0";

 const { Pool } = pg;

@@ -6,7 +6,7 @@ import {
  primaryKey,
  serial,
  text,
-} from "npm:drizzle-orm/pg-core";
+} from "npm:drizzle-orm@0.45.2/pg-core";

 export const roles = pgTable("roles", {
  id: serial("id").primaryKey(),
@@ -1,4 +1,5 @@
 import { defineConfig } from "drizzle-kit";
+import process from "node:process";

 export default defineConfig({
  dialect: "postgresql",
@@ -0,0 +1,63 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { modules } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm";
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #23 GET /modules
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(JSON.stringify([]), {
+        headers: { "content-type": "application/json" },
+      });
+    }
+
+    const rows = await db.select().from(modules);
+    return new Response(JSON.stringify(rows), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #24 POST /modules
+  async POST(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(null, { status: 403 });
+    }
+
+    const body: { id: string; nom: string } = await request.json();
+
+    if (!body.id || !body.nom) {
+      return new Response(null, { status: 400 });
+    }
+
+    const existing = await db
+      .select()
+      .from(modules)
+      .where(eq(modules.id, body.id))
+      .then((rows) => rows[0] ?? null);
+
+    if (existing) {
+      return new Response(
+        JSON.stringify({ error: "Un module avec cet identifiant existe déjà" }),
+        { status: 409, headers: { "content-type": "application/json" } },
+      );
+    }
+
+    const [created] = await db
+      .insert(modules)
+      .values({ id: body.id, nom: body.nom })
+      .returning();
+
+    return new Response(JSON.stringify(created), {
+      status: 201,
+      headers: { "content-type": "application/json" },
+    });
+  },
+};
@@ -2,7 +2,7 @@ import { FreshContext, Handlers } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
 import { rolePermissions, roles } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
-import { eq } from "npm:drizzle-orm";
+import { eq } from "npm:drizzle-orm@0.45.2";

 async function getRoleWithPermissions(
  id: number,
@@ -20,7 +20,11 @@ async function getRoleWithPermissions(
    .from(rolePermissions)
    .where(eq(rolePermissions.idRole, id));

-  return { id: role.id, nom: role.nom, permissions: perms.map((p) => p.idPermission) };
+  return {
+    id: role.id,
+    nom: role.nom,
+    permissions: perms.map((p) => p.idPermission),
+  };
 }

 export const handler: Handlers<null, AuthenticatedState> = {
@@ -2,7 +2,7 @@ import { FreshContext, Handlers } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
 import { rolePermissions, roles } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
-import { eq } from "npm:drizzle-orm";
+import { eq } from "npm:drizzle-orm@0.45.2";

 const NOT_FOUND = new Response(
  JSON.stringify({ error: "Ressource introuvable" }),
@@ -25,7 +25,11 @@ async function getRoleWithPermissions(
    .from(rolePermissions)
    .where(eq(rolePermissions.idRole, id));

-  return { id: role.id, nom: role.nom, permissions: perms.map((p) => p.idPermission) };
+  return {
+    id: role.id,
+    nom: role.nom,
+    permissions: perms.map((p) => p.idPermission),
+  };
 }

 export const handler: Handlers<null, AuthenticatedState> = {
@@ -2,7 +2,7 @@ import { FreshContext, Handlers } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
 import { users } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
-import { eq } from "npm:drizzle-orm";
+import { eq } from "npm:drizzle-orm@0.45.2";

 export const handler: Handlers<null, AuthenticatedState> = {
  // #60 GET /users
@@ -42,14 +42,21 @@ export const handler: Handlers<null, AuthenticatedState> = {

    if (existing) {
      return new Response(
-        JSON.stringify({ error: "Un utilisateur avec cet identifiant existe déjà" }),
+        JSON.stringify({
+          error: "Un utilisateur avec cet identifiant existe déjà",
+        }),
        { status: 409, headers: { "content-type": "application/json" } },
      );
    }

    const [created] = await db
      .insert(users)
-      .values({ id: body.id, nom: body.nom, prenom: body.prenom, idRole: body.idRole })
+      .values({
+        id: body.id,
+        nom: body.nom,
+        prenom: body.prenom,
+        idRole: body.idRole,
+      })
      .returning();

    return new Response(JSON.stringify(created), {
@@ -2,7 +2,7 @@ import { FreshContext, Handlers } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
 import { users } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
-import { eq } from "npm:drizzle-orm";
+import { eq } from "npm:drizzle-orm@0.45.2";

 const NOT_FOUND = new Response(
  JSON.stringify({ error: "Ressource introuvable" }),
@@ -33,8 +33,8 @@ export const handler: Handlers<null, AuthenticatedState> = {
    request: Request,
    context: FreshContext<AuthenticatedState>,
  ): Promise<Response> {
-    const body: { nom: string; prenom: string; idRole: number } =
-      await request.json();
+    const body: { nom: string; prenom: string; idRole: number } = await request
+      .json();

    const [updated] = await db
      .update(users)
@@ -5,7 +5,7 @@ import {
 import { FreshContext } from "$fresh/server.ts";
 import { State } from "$root/routes/_middleware.ts";

-export async function Index(request: Request, context: FreshContext<State>) {
+export function Index(_request: Request, _context: FreshContext<State>) {
  return <h2>Welcome to Admin.</h2>;
 }

@@ -1,7 +1,7 @@
 import { Handlers } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
 import { mobility, promotions, students } from "$root/databases/schema.ts";
-import { eq } from "npm:drizzle-orm";
+import { eq } from "npm:drizzle-orm@0.45.2";

 export const handler: Handlers = {
  async GET() {
@@ -21,7 +21,11 @@ export const handler: Handlers = {
      const mobilityRows = await db.select().from(mobility);

      const promotionRows = await db
-        .select({ id: promotions.id, endyear: promotions.endyear, current: promotions.current })
+        .select({
+          id: promotions.id,
+          endyear: promotions.endyear,
+          current: promotions.current,
+        })
        .from(promotions);

      return new Response(
@@ -107,7 +111,9 @@ export const handler: Handlers = {
          });
      }

-      return new Response("Data inserted/updated successfully", { status: 200 });
+      return new Response("Data inserted/updated successfully", {
+        status: 200,
+      });
    } catch (error) {
      console.error("Error inserting mobility data:", error);
      return new Response("Failed to insert/update data", { status: 500 });
@@ -0,0 +1,39 @@
+import { Handlers } from "$fresh/server.ts";
+import { db } from "../../../../databases/db.ts";
+import { notes } from "../../../../databases/schema.ts";
+import { eq } from "npm:drizzle-orm";
+
+export const handler: Handlers = {
+  // #42 GET /notes
+  async GET(request) {
+    try {
+      const url = new URL(request.url);
+      const numEtudParam = url.searchParams.get("numEtud");
+      const idModule = url.searchParams.get("idModule");
+
+      let query = db.select().from(notes).$dynamic();
+
+      if (numEtudParam) {
+        const numEtud = parseInt(numEtudParam);
+        if (isNaN(numEtud)) {
+          return new Response("Paramètre numEtud invalide", { status: 400 });
+        }
+        query = query.where(eq(notes.numEtud, numEtud));
+      }
+
+      if (idModule) {
+        query = query.where(eq(notes.idModule, idModule));
+      }
+
+      const result = await query;
+
+      return new Response(JSON.stringify(result), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error fetching notes:", error);
+      return new Response("Failed to fetch data", { status: 500 });
+    }
+  },
+};
@@ -3,6 +3,7 @@ import { db } from "../../../../databases/db.ts";
 import { ues } from "../../../../databases/schema.ts";

 export const handler: Handlers = {
+  // #32 GET /ues
  async GET() {
    try {
      const result = await db.select().from(ues);
@@ -16,4 +17,26 @@ export const handler: Handlers = {
      return new Response("Failed to fetch data", { status: 500 });
    }
  },
+
+  // #33 POST /ues
+  async POST(request) {
+    try {
+      const body = await request.json();
+      const { nom } = body;
+
+      if (!nom) {
+        return new Response("Champ 'nom' manquant", { status: 400 });
+      }
+
+      const result = await db.insert(ues).values({ nom }).returning();
+
+      return new Response(JSON.stringify(result[0]), {
+        status: 201,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error creating UE:", error);
+      return new Response("Failed to create UE", { status: 500 });
+    }
+  },
 };
@@ -0,0 +1,49 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { promotions } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #13 GET /promotions
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(JSON.stringify([]), {
+        headers: { "content-type": "application/json" },
+      });
+    }
+
+    const rows = await db.select().from(promotions);
+    return new Response(JSON.stringify(rows), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #14 POST /promotions
+  async POST(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(null, { status: 403 });
+    }
+
+    const body: { idPromo: string; annee: string } = await request.json();
+
+    if (!body.idPromo || !body.annee) {
+      return new Response(null, { status: 400 });
+    }
+
+    const [created] = await db
+      .insert(promotions)
+      .values({ id: body.idPromo, annee: body.annee })
+      .returning();
+
+    return new Response(JSON.stringify(created), {
+      status: 201,
+      headers: { "content-type": "application/json" },
+    });
+  },
+};
@@ -0,0 +1,79 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { promotions } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Ressource introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+const FORBIDDEN = new Response(null, { status: 403 });
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #15 GET /promotions/{idPromo}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const promo = await db
+      .select()
+      .from(promotions)
+      .where(eq(promotions.id, context.params.idPromo))
+      .then((rows) => rows[0] ?? null);
+
+    if (!promo) return NOT_FOUND;
+
+    return new Response(JSON.stringify(promo), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #16 PUT /promotions/{idPromo}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const body: { annee: string } = await request.json();
+
+    const [updated] = await db
+      .update(promotions)
+      .set({ annee: body.annee })
+      .where(eq(promotions.id, context.params.idPromo))
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    return new Response(JSON.stringify(updated), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #17 DELETE /promotions/{idPromo}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const [deleted] = await db
+      .delete(promotions)
+      .where(eq(promotions.id, context.params.idPromo))
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -2,7 +2,7 @@ import { FreshContext, Handlers } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
 import { students } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
-import { eq } from "npm:drizzle-orm";
+import { eq } from "npm:drizzle-orm@0.45.2";

 export const handler: Handlers<null, AuthenticatedState> = {
  // #7 GET /students
@@ -37,8 +37,12 @@ export const handler: Handlers<null, AuthenticatedState> = {
      return new Response(null, { status: 403 });
    }

-    const body: { numEtud: number; nom: string; prenom: string; idPromo: string } =
-      await request.json();
+    const body: {
+      numEtud: number;
+      nom: string;
+      prenom: string;
+      idPromo: string;
+    } = await request.json();

    if (!body.nom || !body.prenom || !body.idPromo) {
      return new Response(null, { status: 400 });
@@ -0,0 +1,83 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { students } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm@0.45.2";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Ressource introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+const FORBIDDEN = new Response(null, { status: 403 });
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #10 GET /students/{numEtud}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const numEtud = Number(context.params.numEtud);
+    const student = await db
+      .select()
+      .from(students)
+      .where(eq(students.numEtud, numEtud))
+      .then((rows) => rows[0] ?? null);
+
+    if (!student) return NOT_FOUND;
+
+    return new Response(JSON.stringify(student), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #11 PUT /students/{numEtud}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const numEtud = Number(context.params.numEtud);
+    const body: { nom: string; prenom: string; idPromo: string } = await request
+      .json();
+
+    const [updated] = await db
+      .update(students)
+      .set({ nom: body.nom, prenom: body.prenom, idPromo: body.idPromo })
+      .where(eq(students.numEtud, numEtud))
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    return new Response(JSON.stringify(updated), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #12 DELETE /students/{numEtud}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return FORBIDDEN;
+    }
+
+    const numEtud = Number(context.params.numEtud);
+    const [deleted] = await db
+      .delete(students)
+      .where(eq(students.numEtud, numEtud))
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -0,0 +1,64 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { students } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+
+// #9 POST /students/import-csv
+export const handler: Handlers<null, AuthenticatedState> = {
+  async POST(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    if (context.state.session.eduPersonPrimaryAffiliation !== "employee") {
+      return new Response(null, { status: 403 });
+    }
+
+    const formData = await request.formData();
+    const file = formData.get("file") as File | null;
+    const idPromo = formData.get("idPromo") as string | null;
+
+    if (!file || !idPromo) {
+      return new Response(null, { status: 400 });
+    }
+
+    const text = await file.text();
+    const lines = text.trim().split("\n");
+
+    let imported = 0;
+    const errors: { line: number; message: string }[] = [];
+
+    for (let i = 0; i < lines.length; i++) {
+      const lineNum = i + 1;
+      const cols = lines[i].split(",").map((c) => c.trim());
+
+      const [numEtudStr, nom, prenom] = cols;
+
+      if (!numEtudStr) {
+        errors.push({ line: lineNum, message: "Numéro étudiant manquant" });
+        continue;
+      }
+
+      const numEtud = Number(numEtudStr);
+      if (isNaN(numEtud)) {
+        errors.push({ line: lineNum, message: "Numéro étudiant invalide" });
+        continue;
+      }
+
+      if (!nom || !prenom) {
+        errors.push({ line: lineNum, message: "Nom ou prénom manquant" });
+        continue;
+      }
+
+      await db
+        .insert(students)
+        .values({ nom, prenom, idPromo })
+        .onConflictDoNothing();
+
+      imported++;
+    }
+
+    return new Response(JSON.stringify({ imported, errors }), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+};
Author	SHA1	Message	Date
djalim	cf3c7c0693	feat(admin/api): add modules endpoint with GET and POST handlers	2026-04-22 14:46:00 +02:00
djalim	5229453169	chore(drizzle.config.ts): import process for env variable support	2026-04-22 14:40:19 +02:00
djalim	6c18189d9f	chore(deps): update drizzle-orm to 0.45.2 and pg to 8.20.0	2026-04-22 14:40:19 +02:00
djalim	2c1fd7e5ad	feat(promotions): add CRUD endpoints for promotion by id - GET /promotions/{idPromo} returns promotion or 404 - PUT /promotions/{idPromo} updates year or 404 - DELETE /promotions/{idPromo} deletes promotion or 404 - Only employees allowed, otherwise 403	2026-04-22 14:40:19 +02:00
Clément Oudelet	2f15efe21e	PMPR-33 : POST /ues - créer une UE	2026-04-22 14:28:03 +02:00
Clément Oudelet	b2847a4a7d	PMPR-42 : GET /notes - récupère les notes	2026-04-22 12:20:59 +00:00
djalim	3f0c8d079f	feat(students): add promotions API for employees	2026-04-22 14:13:59 +02:00
djalim	4eaea48ebd	feat(students): add CRUD endpoints for student by numEtud	2026-04-22 14:11:29 +02:00
djalim	f959cf0d3a	feat(students): add CSV import endpoint for student data	2026-04-22 14:10:18 +02:00