feat: add CRUD forms with Server Actions for establishments, users, classes, students

This commit is contained in:
root
2026-06-06 20:08:17 +00:00
parent 0a73a70820
commit a1883080d3
26 changed files with 1206 additions and 16 deletions
+75
View File
@@ -0,0 +1,75 @@
'use server';
import { z } from "zod";
import { prisma } from "@/lib/prisma";
import { hashPassword } from "@/lib/auth";
import { getServerSession } from "next-auth/next";
import { authOptions } from "@/lib/auth-config";
import { redirect } from "next/navigation";
import { revalidatePath } from "next/cache";
const createUserSchema = z.object({
email: z.string().email("Email invalide"),
password: z.string().min(8, "Le mot de passe doit faire au moins 8 caractères"),
role: z.enum(["admin", "teacher"], { message: "Rôle invalide" }),
establishmentId: z.string().optional().nullable(),
});
export async function createUser(formData: FormData) {
const session = await getServerSession(authOptions);
if (!session?.user) throw new Error("Non authentifié");
const isSuperadmin = session.user.role === "superadmin";
if (!isSuperadmin && session.user.role !== "admin") throw new Error("Accès interdit");
const raw = Object.fromEntries(formData);
const parsed = createUserSchema.safeParse(raw);
if (!parsed.success) {
throw new Error(parsed.error.issues.map((e: any) => e.message).join(", "));
}
const { email, password, role, establishmentId } = parsed.data;
const finalEstablishmentId = isSuperadmin
? (establishmentId || null)
: session.user.establishmentId;
const existing = await prisma.user.findUnique({ where: { email } });
if (existing) throw new Error("Cet email est déjà utilisé");
const hashed = await hashPassword(password);
await prisma.user.create({
data: {
email,
password: hashed,
role,
establishmentId: finalEstablishmentId,
},
});
revalidatePath("/dashboard/users");
redirect("/dashboard/users");
}
export async function deleteUser(userId: string) {
const session = await getServerSession(authOptions);
if (!session?.user) throw new Error("Non authentifié");
const isSuperadmin = session.user.role === "superadmin";
if (!isSuperadmin && session.user.role !== "admin") throw new Error("Accès interdit");
if (userId === session.user.id) throw new Error("Vous ne pouvez pas supprimer votre propre compte");
const user = await prisma.user.findUnique({ where: { id: userId } });
if (!user) throw new Error("Utilisateur introuvable");
if (!isSuperadmin && user.establishmentId !== session.user.establishmentId) {
throw new Error("Accès interdit");
}
await prisma.user.delete({ where: { id: userId } });
revalidatePath("/dashboard/users");
redirect("/dashboard/users");
}