- /admin/published : liste toutes les notes publiées - Bouton dépublier (force) pour chaque note - Notification envoyée au propriétaire quand dépublié par admin - API GET /api/admin/published (liste) + DELETE (force unpublish) - Liens signalements affichés si notifications - Onglet 'Pages publiées' dans sidebar admin (icône Shield) - i18n FR/EN - Fix: report page params Promise unwrap
59 lines
1.8 KiB
TypeScript
59 lines
1.8 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server'
|
|
import { auth } from '@/auth'
|
|
import prisma from '@/lib/prisma'
|
|
|
|
async function requireAdmin() {
|
|
const session = await auth()
|
|
if (!session?.user?.id) return null
|
|
const user = await prisma.user.findUnique({ where: { id: session.user.id }, select: { role: true } })
|
|
if (user?.role !== 'ADMIN') return null
|
|
return session.user.id
|
|
}
|
|
|
|
export async function GET() {
|
|
const userId = await requireAdmin()
|
|
if (!userId) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
|
|
|
const notes = await prisma.note.findMany({
|
|
where: { isPublic: true, trashedAt: null },
|
|
select: {
|
|
id: true, title: true, publicSlug: true, publishedAt: true,
|
|
user: { select: { name: true } },
|
|
},
|
|
orderBy: { publishedAt: 'desc' },
|
|
})
|
|
|
|
return NextResponse.json({ notes })
|
|
}
|
|
|
|
export async function DELETE(request: NextRequest) {
|
|
const userId = await requireAdmin()
|
|
if (!userId) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
|
|
|
const { noteId } = await request.json()
|
|
if (!noteId) return NextResponse.json({ error: 'noteId required' }, { status: 400 })
|
|
|
|
await prisma.note.update({
|
|
where: { id: noteId },
|
|
data: { isPublic: false, publicSlug: null, publishedAt: null },
|
|
})
|
|
|
|
// Notify the owner
|
|
const note = await prisma.note.findUnique({
|
|
where: { id: noteId },
|
|
select: { userId: true, publicSlug: true },
|
|
})
|
|
if (note) {
|
|
await prisma.notification.create({
|
|
data: {
|
|
userId: note.userId,
|
|
type: 'publish_revoked',
|
|
title: 'Publication retirée par un administrateur',
|
|
message: 'Votre note a été dépubliée par la modération. Si vous pensez qu\'il s\'agit d\'une erreur, contactez le support.',
|
|
},
|
|
}).catch(() => {})
|
|
}
|
|
|
|
return NextResponse.json({ success: true })
|
|
}
|