import { FreshContext, Handlers } from "$fresh/server.ts"; import { db } from "$root/databases/db.ts"; import { mobilites } from "$root/databases/schema.ts"; import { AuthenticatedState } from "$root/defaults/interfaces.ts"; import { eq } from "npm:drizzle-orm@0.45.2"; const CONTRACTS_DIR = "uploads/contracts"; export const handler: Handlers = { // GET /mobilites/:idMob/contrat — download contract PDF async GET( _request: Request, context: FreshContext, ): Promise { const idMob = Number(context.params.idMob); if (isNaN(idMob)) { return new Response("Paramètre idMob invalide", { status: 400 }); } const row = await db .select({ contratMob: mobilites.contratMob }) .from(mobilites) .where(eq(mobilites.id, idMob)) .then((rows) => rows[0] ?? null); if (!row) { return new Response( JSON.stringify({ error: "Mobilité introuvable" }), { status: 404, headers: { "content-type": "application/json" } }, ); } if (!row.contratMob) { return new Response( JSON.stringify({ error: "Aucun contrat pour cette mobilité" }), { status: 404, headers: { "content-type": "application/json" } }, ); } try { const file = await Deno.readFile(`${CONTRACTS_DIR}/${row.contratMob}`); return new Response(file, { headers: { "Content-Type": "application/pdf", "Content-Disposition": `inline; filename="${row.contratMob}"`, }, }); } catch { return new Response( JSON.stringify({ error: "Fichier contrat introuvable" }), { status: 404, headers: { "content-type": "application/json" } }, ); } }, // POST /mobilites/:idMob/contrat — upload contract PDF async POST( request: Request, context: FreshContext, ): Promise { const idMob = Number(context.params.idMob); if (isNaN(idMob)) { return new Response("Paramètre idMob invalide", { status: 400 }); } // Check mobility exists const row = await db .select({ id: mobilites.id }) .from(mobilites) .where(eq(mobilites.id, idMob)) .then((rows) => rows[0] ?? null); if (!row) { return new Response( JSON.stringify({ error: "Mobilité introuvable" }), { status: 404, headers: { "content-type": "application/json" } }, ); } const formData = await request.formData(); const file = formData.get("contrat"); if (!file || !(file instanceof File)) { return new Response( JSON.stringify({ error: "Fichier 'contrat' requis (PDF)" }), { status: 400, headers: { "content-type": "application/json" } }, ); } if (file.type !== "application/pdf") { return new Response( JSON.stringify({ error: "Le fichier doit être un PDF" }), { status: 400, headers: { "content-type": "application/json" } }, ); } const filename = `mob_${idMob}.pdf`; await Deno.mkdir(CONTRACTS_DIR, { recursive: true }); await Deno.writeFile( `${CONTRACTS_DIR}/${filename}`, new Uint8Array(await file.arrayBuffer()), ); const [updated] = await db .update(mobilites) .set({ contratMob: filename }) .where(eq(mobilites.id, idMob)) .returning(); return new Response(JSON.stringify(updated), { status: 200, headers: { "content-type": "application/json" }, }); }, // DELETE /mobilites/:idMob/contrat — remove contract (employee only) async DELETE( _request: Request, context: FreshContext, ): Promise { if (context.state.session.eduPersonPrimaryAffiliation !== "employee") { return new Response(null, { status: 403 }); } const idMob = Number(context.params.idMob); if (isNaN(idMob)) { return new Response("Paramètre idMob invalide", { status: 400 }); } const row = await db .select({ contratMob: mobilites.contratMob }) .from(mobilites) .where(eq(mobilites.id, idMob)) .then((rows) => rows[0] ?? null); if (!row) { return new Response( JSON.stringify({ error: "Mobilité introuvable" }), { status: 404, headers: { "content-type": "application/json" } }, ); } if (row.contratMob) { try { await Deno.remove(`${CONTRACTS_DIR}/${row.contratMob}`); } catch { /* file may not exist */ } } await db .update(mobilites) .set({ contratMob: null }) .where(eq(mobilites.id, idMob)); return new Response(null, { status: 204 }); }, };