PMPR-42 : GET /notes - récupère les notes

feat(roles): add CRUD endpoints for role by id
feat(admin/api): add roles endpoint with GET and POST
2026-04-22 14:16:31 +02:00 · 2026-04-22 13:45:59 +02:00 · 2026-04-22 13:44:30 +02:00 · 2026-04-22 13:42:29 +02:00 · 2026-04-22 13:41:33 +02:00 · 2026-04-22 13:30:19 +02:00
10 changed files with 398 additions and 0 deletions
@@ -0,0 +1,13 @@
+import { AppProperties } from "$root/defaults/interfaces.ts";
+
+const properties: AppProperties = {
+  name: "Admin",
+  icon: "school",
+  pages: {
+    index: "Homepage",
+  },
+  adminOnly: [],
+  hint: "PolyMPR module",
+};
+
+export default properties;
@@ -0,0 +1,22 @@
+import { Handlers } from "$fresh/server.ts";
+
+export const handler: Handlers = {
+  async POST(request, context) {
+    if (request.headers.get("content-type") != "application/json") {
+      return new Response(null, {
+        status: 400,
+      });
+    }
+
+    const responseBody = {
+      requestBody: await request.json(),
+      context,
+    };
+
+    return new Response(JSON.stringify(responseBody), {
+      headers: {
+        "content-type": "application/json",
+      },
+    });
+  },
+};
@@ -0,0 +1,22 @@
+import { Handlers } from "$fresh/server.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+
+const PERMISSIONS = [
+  { id: "student_read", nom: "Consulter les élèves" },
+  { id: "student_write", nom: "Gérer les élèves" },
+  { id: "note_read", nom: "Consulter les notes" },
+  { id: "note_write", nom: "Gérer les notes" },
+  { id: "module_read", nom: "Consulter les modules" },
+  { id: "module_write", nom: "Gérer les modules" },
+  { id: "user_read", nom: "Consulter les utilisateurs" },
+  { id: "user_write", nom: "Gérer les utilisateurs" },
+  { id: "role_write", nom: "Gérer les rôles" },
+] as const;
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  GET(_request, _context): Response {
+    return new Response(JSON.stringify(PERMISSIONS), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+};
@@ -0,0 +1,64 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { rolePermissions, roles } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm";
+
+async function getRoleWithPermissions(
+  id: number,
+): Promise<{ id: number; nom: string; permissions: string[] } | null> {
+  const role = await db
+    .select()
+    .from(roles)
+    .where(eq(roles.id, id))
+    .then((rows) => rows[0] ?? null);
+
+  if (!role) return null;
+
+  const perms = await db
+    .select({ idPermission: rolePermissions.idPermission })
+    .from(rolePermissions)
+    .where(eq(rolePermissions.idRole, id));
+
+  return { id: role.id, nom: role.nom, permissions: perms.map((p) => p.idPermission) };
+}
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #65 GET /roles
+  async GET(
+    _request: Request,
+    _context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const allRoles = await db.select().from(roles);
+
+    const result = await Promise.all(
+      allRoles.map((r) => getRoleWithPermissions(r.id)),
+    );
+
+    return new Response(JSON.stringify(result), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #66 POST /roles
+  async POST(
+    request: Request,
+    _context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const body: { nom: string } = await request.json();
+
+    if (!body.nom) {
+      return new Response(null, { status: 400 });
+    }
+
+    const [created] = await db
+      .insert(roles)
+      .values({ nom: body.nom })
+      .returning();
+
+    return new Response(
+      JSON.stringify({ id: created.id, nom: created.nom, permissions: [] }),
+      { status: 201, headers: { "content-type": "application/json" } },
+    );
+  },
+};
@@ -0,0 +1,97 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { rolePermissions, roles } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Ressource introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+async function getRoleWithPermissions(
+  id: number,
+): Promise<{ id: number; nom: string; permissions: string[] } | null> {
+  const role = await db
+    .select()
+    .from(roles)
+    .where(eq(roles.id, id))
+    .then((rows) => rows[0] ?? null);
+
+  if (!role) return null;
+
+  const perms = await db
+    .select({ idPermission: rolePermissions.idPermission })
+    .from(rolePermissions)
+    .where(eq(rolePermissions.idRole, id));
+
+  return { id: role.id, nom: role.nom, permissions: perms.map((p) => p.idPermission) };
+}
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #67 GET /roles/{idRole}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const id = Number(context.params.idRole);
+    const role = await getRoleWithPermissions(id);
+
+    if (!role) return NOT_FOUND;
+
+    return new Response(JSON.stringify(role), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #68 PUT /roles/{idRole}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const id = Number(context.params.idRole);
+    const body: { nom: string; permissions: string[] } = await request.json();
+
+    const [updated] = await db
+      .update(roles)
+      .set({ nom: body.nom })
+      .where(eq(roles.id, id))
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    // Reset permissions
+    await db.delete(rolePermissions).where(eq(rolePermissions.idRole, id));
+
+    if (body.permissions?.length) {
+      await db.insert(rolePermissions).values(
+        body.permissions.map((p) => ({ idRole: id, idPermission: p })),
+      );
+    }
+
+    const role = await getRoleWithPermissions(id);
+    return new Response(JSON.stringify(role), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #69 DELETE /roles/{idRole}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const id = Number(context.params.idRole);
+
+    // Cascade delete role_permissions first
+    await db.delete(rolePermissions).where(eq(rolePermissions.idRole, id));
+
+    const [deleted] = await db
+      .delete(roles)
+      .where(eq(roles.id, id))
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -0,0 +1,60 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { users } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm";
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #60 GET /users
+  async GET(
+    request: Request,
+    _context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const url = new URL(request.url);
+    const idRole = url.searchParams.get("idRole");
+
+    const rows = idRole
+      ? await db.select().from(users).where(eq(users.idRole, Number(idRole)))
+      : await db.select().from(users);
+
+    return new Response(JSON.stringify(rows), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #61 POST /users
+  async POST(
+    request: Request,
+    _context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const body: { id: string; nom: string; prenom: string; idRole: number } =
+      await request.json();
+
+    if (!body.id || !body.nom || !body.prenom) {
+      return new Response(null, { status: 400 });
+    }
+
+    const existing = await db
+      .select()
+      .from(users)
+      .where(eq(users.id, body.id))
+      .then((rows) => rows[0] ?? null);
+
+    if (existing) {
+      return new Response(
+        JSON.stringify({ error: "Un utilisateur avec cet identifiant existe déjà" }),
+        { status: 409, headers: { "content-type": "application/json" } },
+      );
+    }
+
+    const [created] = await db
+      .insert(users)
+      .values({ id: body.id, nom: body.nom, prenom: body.prenom, idRole: body.idRole })
+      .returning();
+
+    return new Response(JSON.stringify(created), {
+      status: 201,
+      headers: { "content-type": "application/json" },
+    });
+  },
+};
@@ -0,0 +1,66 @@
+import { FreshContext, Handlers } from "$fresh/server.ts";
+import { db } from "$root/databases/db.ts";
+import { users } from "$root/databases/schema.ts";
+import { AuthenticatedState } from "$root/defaults/interfaces.ts";
+import { eq } from "npm:drizzle-orm";
+
+const NOT_FOUND = new Response(
+  JSON.stringify({ error: "Ressource introuvable" }),
+  { status: 404, headers: { "content-type": "application/json" } },
+);
+
+export const handler: Handlers<null, AuthenticatedState> = {
+  // #62 GET /users/{id}
+  async GET(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const user = await db
+      .select()
+      .from(users)
+      .where(eq(users.id, context.params.id))
+      .then((rows) => rows[0] ?? null);
+
+    if (!user) return NOT_FOUND;
+
+    return new Response(JSON.stringify(user), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #63 PUT /users/{id}
+  async PUT(
+    request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const body: { nom: string; prenom: string; idRole: number } =
+      await request.json();
+
+    const [updated] = await db
+      .update(users)
+      .set({ nom: body.nom, prenom: body.prenom, idRole: body.idRole })
+      .where(eq(users.id, context.params.id))
+      .returning();
+
+    if (!updated) return NOT_FOUND;
+
+    return new Response(JSON.stringify(updated), {
+      headers: { "content-type": "application/json" },
+    });
+  },
+
+  // #64 DELETE /users/{id}
+  async DELETE(
+    _request: Request,
+    context: FreshContext<AuthenticatedState>,
+  ): Promise<Response> {
+    const [deleted] = await db
+      .delete(users)
+      .where(eq(users.id, context.params.id))
+      .returning();
+
+    if (!deleted) return NOT_FOUND;
+
+    return new Response(null, { status: 204 });
+  },
+};
@@ -0,0 +1,2 @@
+import makeIndex from "$root/defaults/makeIndex.ts";
+export default makeIndex(import.meta.dirname!);
@@ -0,0 +1,13 @@
+import {
+  getPartialsConfig,
+  makePartials,
+} from "$root/defaults/makePartials.tsx";
+import { FreshContext } from "$fresh/server.ts";
+import { State } from "$root/routes/_middleware.ts";
+
+export async function Index(request: Request, context: FreshContext<State>) {
+  return <h2>Welcome to Admin.</h2>;
+}
+
+export const config = getPartialsConfig();
+export default makePartials(Index);
@@ -0,0 +1,39 @@
+import { Handlers } from "$fresh/server.ts";
+import { db } from "../../../../databases/db.ts";
+import { notes } from "../../../../databases/schema.ts";
+import { eq } from "npm:drizzle-orm";
+
+export const handler: Handlers = {
+  // #42 GET /notes
+  async GET(request) {
+    try {
+      const url = new URL(request.url);
+      const numEtudParam = url.searchParams.get("numEtud");
+      const idModule = url.searchParams.get("idModule");
+
+      let query = db.select().from(notes).$dynamic();
+
+      if (numEtudParam) {
+        const numEtud = parseInt(numEtudParam);
+        if (isNaN(numEtud)) {
+          return new Response("Paramètre numEtud invalide", { status: 400 });
+        }
+        query = query.where(eq(notes.numEtud, numEtud));
+      }
+
+      if (idModule) {
+        query = query.where(eq(notes.idModule, idModule));
+      }
+
+      const result = await query;
+
+      return new Response(JSON.stringify(result), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    } catch (error) {
+      console.error("Error fetching notes:", error);
+      return new Response("Failed to fetch data", { status: 500 });
+    }
+  },
+};
Author	SHA1	Message	Date
Clément Oudelet	373719ca29	PMPR-42 : GET /notes - récupère les notes	2026-04-22 14:16:31 +02:00
djalim	b5f134d016	feat(roles): add CRUD endpoints for role by id	2026-04-22 13:45:59 +02:00
djalim	9a3f49ecfe	feat(admin/api): add roles endpoint with GET and POST	2026-04-22 13:44:30 +02:00
djalim	5a86f69093	feat: add CRUD endpoints for users by id	2026-04-22 13:42:29 +02:00
djalim	03b58e7b0a	feat(admin/api/users): add GET and POST endpoints for users	2026-04-22 13:41:33 +02:00
djalim	9168ca53da	feat(admin): scaffold admin module and add GET /permissions endpoint Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-22 13:30:19 +02:00