feat(admin/api/users): add GET and POST endpoints for users

2026-04-22 13:24:03 +02:00
9 changed files with 0 additions and 338 deletions
@@ -1,13 +0,0 @@
 import { AppProperties } from "$root/defaults/interfaces.ts";
 const properties: AppProperties = {
  name: "Admin",
  icon: "school",
  pages: {
    index: "Homepage",
  },
  adminOnly: [],
  hint: "PolyMPR module",
 };
 export default properties;
@@ -1,22 +0,0 @@
 import { Handlers } from "$fresh/server.ts";
 export const handler: Handlers = {
  async POST(request, context) {
    if (request.headers.get("content-type") != "application/json") {
      return new Response(null, {
        status: 400,
      });
    }
    const responseBody = {
      requestBody: await request.json(),
      context,
    };
    return new Response(JSON.stringify(responseBody), {
      headers: {
        "content-type": "application/json",
      },
    });
  },
 };
@@ -1,22 +0,0 @@
 import { Handlers } from "$fresh/server.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
 const PERMISSIONS = [
  { id: "student_read", nom: "Consulter les élèves" },
  { id: "student_write", nom: "Gérer les élèves" },
  { id: "note_read", nom: "Consulter les notes" },
  { id: "note_write", nom: "Gérer les notes" },
  { id: "module_read", nom: "Consulter les modules" },
  { id: "module_write", nom: "Gérer les modules" },
  { id: "user_read", nom: "Consulter les utilisateurs" },
  { id: "user_write", nom: "Gérer les utilisateurs" },
  { id: "role_write", nom: "Gérer les rôles" },
 ] as const;
 export const handler: Handlers<null, AuthenticatedState> = {
  GET(_request, _context): Response {
    return new Response(JSON.stringify(PERMISSIONS), {
      headers: { "content-type": "application/json" },
    });
  },
 };
@@ -1,64 +0,0 @@
 import { FreshContext, Handlers } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
 import { rolePermissions, roles } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
 import { eq } from "npm:drizzle-orm";
 async function getRoleWithPermissions(
  id: number,
 ): Promise<{ id: number; nom: string; permissions: string[] } | null> {
  const role = await db
    .select()
    .from(roles)
    .where(eq(roles.id, id))
    .then((rows) => rows[0] ?? null);
  if (!role) return null;
  const perms = await db
    .select({ idPermission: rolePermissions.idPermission })
    .from(rolePermissions)
    .where(eq(rolePermissions.idRole, id));
  return { id: role.id, nom: role.nom, permissions: perms.map((p) => p.idPermission) };
 }
 export const handler: Handlers<null, AuthenticatedState> = {
  // #65 GET /roles
  async GET(
    _request: Request,
    _context: FreshContext<AuthenticatedState>,
  ): Promise<Response> {
    const allRoles = await db.select().from(roles);
    const result = await Promise.all(
      allRoles.map((r) => getRoleWithPermissions(r.id)),
    );
    return new Response(JSON.stringify(result), {
      headers: { "content-type": "application/json" },
    });
  },
  // #66 POST /roles
  async POST(
    request: Request,
    _context: FreshContext<AuthenticatedState>,
  ): Promise<Response> {
    const body: { nom: string } = await request.json();
    if (!body.nom) {
      return new Response(null, { status: 400 });
    }
    const [created] = await db
      .insert(roles)
      .values({ nom: body.nom })
      .returning();
    return new Response(
      JSON.stringify({ id: created.id, nom: created.nom, permissions: [] }),
      { status: 201, headers: { "content-type": "application/json" } },
    );
  },
 };
@@ -1,97 +0,0 @@
 import { FreshContext, Handlers } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
 import { rolePermissions, roles } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
 import { eq } from "npm:drizzle-orm";
 const NOT_FOUND = new Response(
  JSON.stringify({ error: "Ressource introuvable" }),
  { status: 404, headers: { "content-type": "application/json" } },
 );
 async function getRoleWithPermissions(
  id: number,
 ): Promise<{ id: number; nom: string; permissions: string[] } | null> {
  const role = await db
    .select()
    .from(roles)
    .where(eq(roles.id, id))
    .then((rows) => rows[0] ?? null);
  if (!role) return null;
  const perms = await db
    .select({ idPermission: rolePermissions.idPermission })
    .from(rolePermissions)
    .where(eq(rolePermissions.idRole, id));
  return { id: role.id, nom: role.nom, permissions: perms.map((p) => p.idPermission) };
 }
 export const handler: Handlers<null, AuthenticatedState> = {
  // #67 GET /roles/{idRole}
  async GET(
    _request: Request,
    context: FreshContext<AuthenticatedState>,
  ): Promise<Response> {
    const id = Number(context.params.idRole);
    const role = await getRoleWithPermissions(id);
    if (!role) return NOT_FOUND;
    return new Response(JSON.stringify(role), {
      headers: { "content-type": "application/json" },
    });
  },
  // #68 PUT /roles/{idRole}
  async PUT(
    request: Request,
    context: FreshContext<AuthenticatedState>,
  ): Promise<Response> {
    const id = Number(context.params.idRole);
    const body: { nom: string; permissions: string[] } = await request.json();
    const [updated] = await db
      .update(roles)
      .set({ nom: body.nom })
      .where(eq(roles.id, id))
      .returning();
    if (!updated) return NOT_FOUND;
    // Reset permissions
    await db.delete(rolePermissions).where(eq(rolePermissions.idRole, id));
    if (body.permissions?.length) {
      await db.insert(rolePermissions).values(
        body.permissions.map((p) => ({ idRole: id, idPermission: p })),
      );
    }
    const role = await getRoleWithPermissions(id);
    return new Response(JSON.stringify(role), {
      headers: { "content-type": "application/json" },
    });
  },
  // #69 DELETE /roles/{idRole}
  async DELETE(
    _request: Request,
    context: FreshContext<AuthenticatedState>,
  ): Promise<Response> {
    const id = Number(context.params.idRole);
    // Cascade delete role_permissions first
    await db.delete(rolePermissions).where(eq(rolePermissions.idRole, id));
    const [deleted] = await db
      .delete(roles)
      .where(eq(roles.id, id))
      .returning();
    if (!deleted) return NOT_FOUND;
    return new Response(null, { status: 204 });
  },
 };
@@ -1,66 +0,0 @@
 import { FreshContext, Handlers } from "$fresh/server.ts";
 import { db } from "$root/databases/db.ts";
 import { users } from "$root/databases/schema.ts";
 import { AuthenticatedState } from "$root/defaults/interfaces.ts";
 import { eq } from "npm:drizzle-orm";
 const NOT_FOUND = new Response(
  JSON.stringify({ error: "Ressource introuvable" }),
  { status: 404, headers: { "content-type": "application/json" } },
 );
 export const handler: Handlers<null, AuthenticatedState> = {
  // #62 GET /users/{id}
  async GET(
    _request: Request,
    context: FreshContext<AuthenticatedState>,
  ): Promise<Response> {
    const user = await db
      .select()
      .from(users)
      .where(eq(users.id, context.params.id))
      .then((rows) => rows[0] ?? null);
    if (!user) return NOT_FOUND;
    return new Response(JSON.stringify(user), {
      headers: { "content-type": "application/json" },
    });
  },
  // #63 PUT /users/{id}
  async PUT(
    request: Request,
    context: FreshContext<AuthenticatedState>,
  ): Promise<Response> {
    const body: { nom: string; prenom: string; idRole: number } =
      await request.json();
    const [updated] = await db
      .update(users)
      .set({ nom: body.nom, prenom: body.prenom, idRole: body.idRole })
      .where(eq(users.id, context.params.id))
      .returning();
    if (!updated) return NOT_FOUND;
    return new Response(JSON.stringify(updated), {
      headers: { "content-type": "application/json" },
    });
  },
  // #64 DELETE /users/{id}
  async DELETE(
    _request: Request,
    context: FreshContext<AuthenticatedState>,
  ): Promise<Response> {
    const [deleted] = await db
      .delete(users)
      .where(eq(users.id, context.params.id))
      .returning();
    if (!deleted) return NOT_FOUND;
    return new Response(null, { status: 204 });
  },
 };
@@ -1,2 +0,0 @@
 import makeIndex from "$root/defaults/makeIndex.ts";
 export default makeIndex(import.meta.dirname!);
@@ -1,13 +0,0 @@
 import {
  getPartialsConfig,
  makePartials,
 } from "$root/defaults/makePartials.tsx";
 import { FreshContext } from "$fresh/server.ts";
 import { State } from "$root/routes/_middleware.ts";
 export async function Index(request: Request, context: FreshContext<State>) {
  return <h2>Welcome to Admin.</h2>;
 }
 export const config = getPartialsConfig();
 export default makePartials(Index);
@@ -1,39 +0,0 @@
 import { Handlers } from "$fresh/server.ts";
 import { db } from "../../../../databases/db.ts";
 import { notes } from "../../../../databases/schema.ts";
 import { eq } from "npm:drizzle-orm";
 export const handler: Handlers = {
  // #42 GET /notes
  async GET(request) {
    try {
      const url = new URL(request.url);
      const numEtudParam = url.searchParams.get("numEtud");
      const idModule = url.searchParams.get("idModule");
      let query = db.select().from(notes).$dynamic();
      if (numEtudParam) {
        const numEtud = parseInt(numEtudParam);
        if (isNaN(numEtud)) {
          return new Response("Paramètre numEtud invalide", { status: 400 });
        }
        query = query.where(eq(notes.numEtud, numEtud));
      }
      if (idModule) {
        query = query.where(eq(notes.idModule, idModule));
      }
      const result = await query;
      return new Response(JSON.stringify(result), {
        status: 200,
        headers: { "Content-Type": "application/json" },
      });
    } catch (error) {
      console.error("Error fetching notes:", error);
      return new Response("Failed to fetch data", { status: 500 });
    }
  },
 };
		`@@ -1,2 +0,0 @@`
			`import makeIndex from "$root/defaults/makeIndex.ts";`
			`export default makeIndex(import.meta.dirname!);`