feat(notes): vues structurées tableau/kanban, flashcards et MCP robuste
Ajoute la base organisable par carnet (schéma, champs partagés, valeurs par note) avec activation guidée, tableau éditable, kanban et suppression de colonnes. Corrige le multiselect en vue tableau et enrichit sidebar, grille et i18n FR/EN. Inclut aussi les améliorations flashcards SM-2, l'audit consentement IA et la robustesse du serveur MCP (config, validation, rate-limit, métriques). Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
@@ -36,31 +36,48 @@ export async function POST(req: NextRequest) {
|
||||
// Hash/Anonymize IP address for strict GDPR compliance
|
||||
const anonymizedIp = ip ? createHash('sha256').update(ip).digest('hex') : null
|
||||
|
||||
// Create persistent audit log of this consent decision
|
||||
await prisma.aiConsentLog.create({
|
||||
data: {
|
||||
userId,
|
||||
consent,
|
||||
ipAddress: anonymizedIp,
|
||||
userAgent,
|
||||
},
|
||||
})
|
||||
|
||||
// If remember is requested, persist state in UserAISettings
|
||||
if (remember) {
|
||||
await prisma.userAISettings.upsert({
|
||||
where: { userId },
|
||||
create: {
|
||||
let auditOk = true
|
||||
try {
|
||||
await prisma.aiConsentLog.create({
|
||||
data: {
|
||||
userId,
|
||||
aiProcessingConsent: consent,
|
||||
},
|
||||
update: {
|
||||
aiProcessingConsent: consent,
|
||||
consent,
|
||||
ipAddress: anonymizedIp,
|
||||
userAgent,
|
||||
},
|
||||
})
|
||||
} catch (auditError) {
|
||||
auditOk = false
|
||||
console.error('[POST /api/user/ai-consent] audit log failed:', auditError)
|
||||
}
|
||||
|
||||
if (remember) {
|
||||
try {
|
||||
await prisma.userAISettings.upsert({
|
||||
where: { userId },
|
||||
create: {
|
||||
userId,
|
||||
aiProcessingConsent: consent,
|
||||
},
|
||||
update: {
|
||||
aiProcessingConsent: consent,
|
||||
},
|
||||
})
|
||||
} catch (settingsError) {
|
||||
console.error('[POST /api/user/ai-consent] settings upsert failed:', settingsError)
|
||||
return NextResponse.json({ error: 'settings_update_failed' }, { status: 500 })
|
||||
}
|
||||
}
|
||||
|
||||
if (!auditOk) {
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
auditLogged: false,
|
||||
warning: 'audit_log_failed',
|
||||
})
|
||||
}
|
||||
|
||||
return NextResponse.json({ success: true })
|
||||
return NextResponse.json({ success: true, auditLogged: true })
|
||||
} catch (error) {
|
||||
console.error('[POST /api/user/ai-consent] failed:', error)
|
||||
return NextResponse.json({ error: 'Internal Server Error' }, { status: 500 })
|
||||
|
||||
Reference in New Issue
Block a user