- contentModerationService branché dans /api/notes/publish - blocked → 403, publication refusée, toast d'explication - flagged → publié mais admins notifiés pour révision - safe → publication normale - PublishDialog gère les 3 cas (succès normal, flagged, blocked) - i18n FR/EN
92 lines
3.1 KiB
TypeScript
92 lines
3.1 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server'
|
|
import { auth } from '@/auth'
|
|
import prisma from '@/lib/prisma'
|
|
import { contentModerationService } from '@/lib/ai/services/content-moderation.service'
|
|
|
|
function generateSlug(title: string): string {
|
|
const base = title
|
|
.toLowerCase()
|
|
.normalize('NFD')
|
|
.replace(/[\u0300-\u036f]/g, '')
|
|
.replace(/[^a-z0-9]+/g, '-')
|
|
.replace(/^-+|-+$/g, '')
|
|
.slice(0, 60) || 'note'
|
|
return `${base}-${Math.random().toString(36).slice(2, 8)}`
|
|
}
|
|
|
|
export async function POST(request: NextRequest) {
|
|
const session = await auth()
|
|
if (!session?.user?.id) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
|
|
|
const { noteId, action } = await request.json()
|
|
if (!noteId) return NextResponse.json({ error: 'noteId required' }, { status: 400 })
|
|
|
|
const note = await prisma.note.findFirst({
|
|
where: { id: noteId, userId: session.user.id },
|
|
select: { id: true, title: true, publicSlug: true, content: true },
|
|
})
|
|
if (!note) return NextResponse.json({ error: 'Not found' }, { status: 404 })
|
|
|
|
if (action === 'publish') {
|
|
// --- AI Moderation ---
|
|
let moderation
|
|
try {
|
|
moderation = await contentModerationService.moderate(note.title || '', note.content || '')
|
|
} catch {
|
|
moderation = { verdict: 'safe' as const, categories: ['safe'], reason: 'Moderation indisponible' }
|
|
}
|
|
|
|
if (moderation.verdict === 'blocked') {
|
|
return NextResponse.json({
|
|
error: 'blocked',
|
|
reason: moderation.reason,
|
|
categories: moderation.categories,
|
|
}, { status: 403 })
|
|
}
|
|
|
|
// flagged → publish but notify admins
|
|
if (moderation.verdict === 'flagged') {
|
|
const admins = await prisma.user.findMany({ where: { role: 'ADMIN' }, select: { id: true } })
|
|
for (const admin of admins) {
|
|
await prisma.notification.create({
|
|
data: {
|
|
userId: admin.id,
|
|
type: 'content_flagged',
|
|
title: 'Contenu sensible publié',
|
|
message: `La note "${note.title}" a été publiée avec un contenu potentiellement sensible: ${moderation.reason}`,
|
|
actionUrl: '/admin/published',
|
|
relatedId: note.id,
|
|
},
|
|
}).catch(() => {})
|
|
}
|
|
}
|
|
|
|
let slug = note.publicSlug
|
|
if (!slug) {
|
|
slug = generateSlug(note.title || 'note')
|
|
const existing = await prisma.note.findUnique({ where: { publicSlug: slug } })
|
|
if (existing && existing.id !== noteId) slug = `${slug}-${Date.now().toString(36)}`
|
|
}
|
|
await prisma.note.update({
|
|
where: { id: noteId },
|
|
data: { isPublic: true, publicSlug: slug, publishedAt: new Date() },
|
|
})
|
|
|
|
return NextResponse.json({
|
|
success: true,
|
|
slug,
|
|
moderation: moderation.verdict === 'flagged' ? 'flagged' : undefined,
|
|
})
|
|
}
|
|
|
|
if (action === 'unpublish') {
|
|
await prisma.note.update({
|
|
where: { id: noteId },
|
|
data: { isPublic: false, publicSlug: null, publishedAt: null },
|
|
})
|
|
return NextResponse.json({ success: true })
|
|
}
|
|
|
|
return NextResponse.json({ error: 'Invalid action' }, { status: 400 })
|
|
}
|