Files
edubox/server/app/api/establishments/route.ts
T
EduBox Dev a414f03a59 feat(agent): v0.3.5 Windows inbound forwarding, UI actions, lifecycle
- Configure tailscale serve automatically for each instance on Windows userspace networking.
- Add local UI buttons: start/stop/reset/delete instances (stop/start preserve volumes).
- Clean shutdown: stop tailscaled and instances, notify server with instance_stopped.
- Restart tailscaled on agent boot using persisted state when pre-auth key is absent.
- Sync instance stopped/deleted status to dashboard (server/lib/websocket.ts).
- Security: include prior authz/scoping changes across API routes, ephemeral pre-auth keys, ACL policy, internal API key.
- Update SUIVI_VPN_ONDEMAND.md and docs/ONBOARDING_CLIENT.md.
- Bump agent version to 0.3.5.
2026-06-25 22:59:09 +00:00

50 lines
1.4 KiB
TypeScript

import { NextRequest, NextResponse } from "next/server";
import { prisma } from "@/lib/prisma";
import { hashPassword } from "@/lib/auth";
import { requireAuth, requireRole } from "@/lib/api-auth";
export async function GET() {
const user = await requireAuth();
if (user instanceof NextResponse) return user;
const where = user.role === "superadmin" ? {} : { id: user.establishmentId };
const establishments = await prisma.establishment.findMany({
where,
include: { subscription: true, _count: { select: { users: true, classes: true } } },
orderBy: { createdAt: "desc" },
});
return NextResponse.json(establishments);
}
export async function POST(req: NextRequest) {
const user = await requireAuth();
if (user instanceof NextResponse) return user;
const denied = requireRole(user, "superadmin");
if (denied) return denied;
const body = await req.json();
const { name, slug, adminEmail, adminPassword } = body;
const establishment = await prisma.establishment.create({
data: { name, slug },
});
await prisma.subscription.create({
data: { establishmentId: establishment.id, plan: "trial", status: "active" },
});
if (adminEmail && adminPassword) {
await prisma.user.create({
data: {
email: adminEmail,
password: await hashPassword(adminPassword),
role: "admin",
establishmentId: establishment.id,
},
});
}
return NextResponse.json(establishment, { status: 201 });
}