alma/NeahStable
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Pages corrections pages missions

Browse Source
This commit is contained in:
alma 2026-01-16 15:03:06 +01:00
parent 9db972b80a
commit 4e26b958fe
6 changed files with 57 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
app/api/missions/[missionId]/files/folder/route.ts
View File

@ -19,11 +19,13 @@ const missionsS3Client = new S3Client({
const MISSIONS_BUCKET = 'missions'; const MISSIONS_BUCKET = 'missions';
// Helper function to check if user can manage files (creator or gardien) // Helper function to check if user can manage files (creator or gardien)
async function checkCanManage(userId: string, missionId: string): Promise<boolean> { // Also checks if mission is closed (closed missions cannot be modified)
async function checkCanManage(userId: string, missionId: string): Promise<{ canManage: boolean; isClosed: boolean }> {
const mission = await prisma.mission.findFirst({ const mission = await prisma.mission.findFirst({
where: { id: missionId }, where: { id: missionId },
select: { select: {
creatorId: true, creatorId: true,
isClosed: true,
missionUsers: { missionUsers: {
where: { userId }, where: { userId },
select: { role: true } select: { role: true }
@ -31,14 +33,20 @@ async function checkCanManage(userId: string, missionId: string): Promise<boolea
} }
}); });
if (!mission) return false; if (!mission) return { canManage: false, isClosed: false };
// If mission is closed, no one can manage files
if (mission.isClosed) {
return { canManage: false, isClosed: true };
}
// Creator can always manage // Creator can always manage
if (mission.creatorId === userId) return true; if (mission.creatorId === userId) return { canManage: true, isClosed: false };
// Gardiens can manage // Gardiens can manage
const userRole = mission.missionUsers[0]?.role; const userRole = mission.missionUsers[0]?.role;
return userRole === 'gardien-temps' || userRole === 'gardien-parole' || userRole === 'gardien-memoire'; const canManage = userRole === 'gardien-temps' || userRole === 'gardien-parole' || userRole === 'gardien-memoire';
return { canManage, isClosed: false };
} }
export async function POST( export async function POST(
@ -54,8 +62,11 @@ export async function POST(
const { missionId } = await params; const { missionId } = await params;
const userId = session.user.id; const userId = session.user.id;
// Check if user can manage files // Check if user can manage files and if mission is closed
const canManage = await checkCanManage(userId, missionId); const { canManage, isClosed } = await checkCanManage(userId, missionId);
if (isClosed) {
return NextResponse.json({ error: 'Mission is closed: folders cannot be created in closed missions' }, { status: 403 });
}
if (!canManage) { if (!canManage) {
return NextResponse.json({ error: 'Forbidden: You do not have permission to create folders' }, { status: 403 }); return NextResponse.json({ error: 'Forbidden: You do not have permission to create folders' }, { status: 403 });
} }

23
app/api/missions/[missionId]/files/route.ts
View File

@ -34,11 +34,13 @@ async function checkMissionAccess(userId: string, missionId: string): Promise<bo
} }
// Helper function to check if user can manage files (creator or gardien) // Helper function to check if user can manage files (creator or gardien)
async function checkCanManage(userId: string, missionId: string): Promise<boolean> { // Also checks if mission is closed (closed missions cannot be modified)
async function checkCanManage(userId: string, missionId: string): Promise<{ canManage: boolean; isClosed: boolean }> {
const mission = await prisma.mission.findFirst({ const mission = await prisma.mission.findFirst({
where: { id: missionId }, where: { id: missionId },
select: { select: {
creatorId: true, creatorId: true,
isClosed: true,
missionUsers: { missionUsers: {
where: { userId }, where: { userId },
select: { role: true } select: { role: true }
@ -46,14 +48,20 @@ async function checkCanManage(userId: string, missionId: string): Promise<boolea
} }
}); });
if (!mission) return false; if (!mission) return { canManage: false, isClosed: false };
// If mission is closed, no one can manage files
if (mission.isClosed) {
return { canManage: false, isClosed: true };
}
// Creator can always manage // Creator can always manage
if (mission.creatorId === userId) return true; if (mission.creatorId === userId) return { canManage: true, isClosed: false };
// Gardiens can manage // Gardiens can manage
const userRole = mission.missionUsers[0]?.role; const userRole = mission.missionUsers[0]?.role;
return userRole === 'gardien-temps' || userRole === 'gardien-parole' || userRole === 'gardien-memoire'; const canManage = userRole === 'gardien-temps' || userRole === 'gardien-parole' || userRole === 'gardien-memoire';
return { canManage, isClosed: false };
} }
// Helper function to stream to string // Helper function to stream to string
@ -323,8 +331,11 @@ export async function DELETE(
const { missionId } = await params; const { missionId } = await params;
const userId = session.user.id; const userId = session.user.id;
// Check if user can manage files // Check if user can manage files and if mission is closed
const canManage = await checkCanManage(userId, missionId); const { canManage, isClosed } = await checkCanManage(userId, missionId);
if (isClosed) {
return NextResponse.json({ error: 'Mission is closed: files cannot be deleted from closed missions' }, { status: 403 });
}
if (!canManage) { if (!canManage) {
return NextResponse.json({ error: 'Forbidden: You do not have permission to delete files' }, { status: 403 }); return NextResponse.json({ error: 'Forbidden: You do not have permission to delete files' }, { status: 403 });
} }

23
app/api/missions/[missionId]/files/upload/route.ts
View File

@ -5,11 +5,13 @@ import { prisma } from '@/lib/prisma';
import { uploadMissionAttachment } from '@/lib/mission-uploads'; import { uploadMissionAttachment } from '@/lib/mission-uploads';
// Helper function to check if user can manage files (creator or gardien) // Helper function to check if user can manage files (creator or gardien)
async function checkCanManage(userId: string, missionId: string): Promise<boolean> { // Also checks if mission is closed (closed missions cannot be modified)
async function checkCanManage(userId: string, missionId: string): Promise<{ canManage: boolean; isClosed: boolean }> {
const mission = await prisma.mission.findFirst({ const mission = await prisma.mission.findFirst({
where: { id: missionId }, where: { id: missionId },
select: { select: {
creatorId: true, creatorId: true,
isClosed: true,
missionUsers: { missionUsers: {
where: { userId }, where: { userId },
select: { role: true } select: { role: true }
@ -17,14 +19,20 @@ async function checkCanManage(userId: string, missionId: string): Promise<boolea
} }
}); });
if (!mission) return false; if (!mission) return { canManage: false, isClosed: false };
// If mission is closed, no one can manage files
if (mission.isClosed) {
return { canManage: false, isClosed: true };
}
// Creator can always manage // Creator can always manage
if (mission.creatorId === userId) return true; if (mission.creatorId === userId) return { canManage: true, isClosed: false };
// Gardiens can manage // Gardiens can manage
const userRole = mission.missionUsers[0]?.role; const userRole = mission.missionUsers[0]?.role;
return userRole === 'gardien-temps' || userRole === 'gardien-parole' || userRole === 'gardien-memoire'; const canManage = userRole === 'gardien-temps' || userRole === 'gardien-parole' || userRole === 'gardien-memoire';
return { canManage, isClosed: false };
} }
export async function POST( export async function POST(
@ -40,8 +48,11 @@ export async function POST(
const { missionId } = await params; const { missionId } = await params;
const userId = session.user.id; const userId = session.user.id;
// Check if user can manage files // Check if user can manage files and if mission is closed
const canManage = await checkCanManage(userId, missionId); const { canManage, isClosed } = await checkCanManage(userId, missionId);
if (isClosed) {
return NextResponse.json({ error: 'Mission is closed: files cannot be uploaded to closed missions' }, { status: 403 });
}
if (!canManage) { if (!canManage) {
return NextResponse.json({ error: 'Forbidden: You do not have permission to upload files' }, { status: 403 }); return NextResponse.json({ error: 'Forbidden: You do not have permission to upload files' }, { status: 403 });
} }

1
app/api/missions/[missionId]/route.ts
View File

@ -30,6 +30,7 @@ export async function GET(
id: true, id: true,
name: true, name: true,
creatorId: true, creatorId: true,
isClosed: true,
creator: { creator: {
select: { select: {
id: true, id: true,

2
app/pages/page.tsx
View File

@ -708,6 +708,7 @@ export default function CarnetPage() {
id: missionData.id, id: missionData.id,
name: missionData.name, name: missionData.name,
creatorId: missionData.creatorId || missionData.creator?.id, creatorId: missionData.creatorId || missionData.creator?.id,
isClosed: missionData.isClosed || false,
missionUsers: missionData.missionUsers || [] missionUsers: missionData.missionUsers || []
}); });
} else { } else {
@ -1182,6 +1183,7 @@ export default function CarnetPage() {
id: selectedMission.id, id: selectedMission.id,
name: selectedMission.name, name: selectedMission.name,
creatorId: selectedMission.creatorId || '', creatorId: selectedMission.creatorId || '',
isClosed: selectedMission.isClosed || false,
missionUsers: selectedMission.missionUsers || [] missionUsers: selectedMission.missionUsers || []
}} }}
currentUserId={session.user.id} currentUserId={session.user.id}

4
components/carnet/mission-files-manager.tsx
View File

@ -21,6 +21,7 @@ interface Mission {
id: string; id: string;
name: string; name: string;
creatorId: string; creatorId: string;
isClosed?: boolean;
missionUsers?: MissionUser[]; missionUsers?: MissionUser[];
} }
@ -50,7 +51,8 @@ export const MissionFilesManager: React.FC<MissionFilesManagerProps> = ({
const isCreator = mission.creatorId === currentUserId; const isCreator = mission.creatorId === currentUserId;
const userRole = mission.missionUsers?.find(mu => mu.userId === currentUserId)?.role; const userRole = mission.missionUsers?.find(mu => mu.userId === currentUserId)?.role;
const isGardien = userRole === 'gardien-temps' || userRole === 'gardien-parole' || userRole === 'gardien-memoire'; const isGardien = userRole === 'gardien-temps' || userRole === 'gardien-parole' || userRole === 'gardien-memoire';
const canManage = isCreator || isGardien; const isClosed = mission.isClosed || false;
const canManage = (isCreator || isGardien) && !isClosed; // Cannot manage if mission is closed
const fetchFiles = async () => { const fetchFiles = async () => {
try { try {