Publication IA: - 4 templates (magazine, brief, essay, simple) avec CSS riche - Rewrite IA (article/exercises/tutorial/reference/mixed) - Modération avec timeout 12s + fallback safe - Quotas publish_enhance par tier (basic=2, pro=15, business=100) - Détection contenu stale (hash) - Migration DB publishedContent/publishedTemplate/publishedSourceHash Fixes: - cheerio v1.2: Element -> AnyNode (domhandler), decodeEntities cast - _isShared ajouté au type Note (champ virtuel serveur) - callout colors PDF export: extraction fonction pure testable - admin/published: guard note.userId null - Cmd+S fonctionne en mode dialog (pas seulement fullPage) i18n: - 23 clés publish* traduites dans les 15 locales - Extension Web Clipper: 13 locales mise à jour Tests: - callout-colors.test.ts (6 tests) - note-visible-in-view.test.ts (5 tests) - entitlements.test.ts + byok-entitlements.test.ts: mock usageLog + unstubAllEnvs - 199/199 tests passent Tracker: user-stories.md sync avec sprint-status.yaml
59 lines
1.8 KiB
TypeScript
59 lines
1.8 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server'
|
|
import { auth } from '@/auth'
|
|
import prisma from '@/lib/prisma'
|
|
|
|
async function requireAdmin() {
|
|
const session = await auth()
|
|
if (!session?.user?.id) return null
|
|
const user = await prisma.user.findUnique({ where: { id: session.user.id }, select: { role: true } })
|
|
if (user?.role !== 'ADMIN') return null
|
|
return session.user.id
|
|
}
|
|
|
|
export async function GET() {
|
|
const userId = await requireAdmin()
|
|
if (!userId) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
|
|
|
const notes = await prisma.note.findMany({
|
|
where: { isPublic: true, trashedAt: null },
|
|
select: {
|
|
id: true, title: true, publicSlug: true, publishedAt: true,
|
|
user: { select: { name: true } },
|
|
},
|
|
orderBy: { publishedAt: 'desc' },
|
|
})
|
|
|
|
return NextResponse.json({ notes })
|
|
}
|
|
|
|
export async function DELETE(request: NextRequest) {
|
|
const userId = await requireAdmin()
|
|
if (!userId) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
|
|
|
const { noteId } = await request.json()
|
|
if (!noteId) return NextResponse.json({ error: 'noteId required' }, { status: 400 })
|
|
|
|
await prisma.note.update({
|
|
where: { id: noteId },
|
|
data: { isPublic: false, publicSlug: null, publishedAt: null },
|
|
})
|
|
|
|
// Notify the owner
|
|
const note = await prisma.note.findUnique({
|
|
where: { id: noteId },
|
|
select: { userId: true, publicSlug: true },
|
|
})
|
|
if (note && note.userId) {
|
|
await prisma.notification.create({
|
|
data: {
|
|
userId: note.userId,
|
|
type: 'publish_revoked',
|
|
title: 'Publication retirée par un administrateur',
|
|
message: 'Votre note a été dépubliée par la modération. Si vous pensez qu\'il s\'agit d\'une erreur, contactez le support.',
|
|
},
|
|
}).catch(() => {})
|
|
}
|
|
|
|
return NextResponse.json({ success: true })
|
|
}
|