mikicv/tt-booking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial version of the app

Browse Source
This commit is contained in:
mikicvi
2025-09-21 17:11:02 +01:00
commit c8062cf96b
101 changed files with 23061 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/api/admin/announcements/[id]/route.ts
+76
View File
@@ -0,0 +1,76 @@
import { NextRequest, NextResponse } from 'next/server';
import { db } from '@/lib/db';
import { announcements } from '@/lib/db/schema';
import { eq } from 'drizzle-orm';
import { getSession } from '@/lib/session';
export async function PUT(request: NextRequest, { params }: { params: { id: string } }) {
try {
const session = await getSession();
if (!session || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { title, content, priority, expiresAt, isActive } = await request.json();
const announcementId = params.id;
if (!title || !content) {
return NextResponse.json({ error: 'Title and content are required' }, { status: 400 });
}
// Check if announcement exists
const existing = await db.select().from(announcements).where(eq(announcements.id, announcementId)).limit(1);
if (existing.length === 0) {
return NextResponse.json({ error: 'Announcement not found' }, { status: 404 });
}
// Update announcement
const [updatedAnnouncement] = await db
.update(announcements)
.set({
title,
content,
priority: priority || 'medium',
expiresAt: expiresAt ? new Date(expiresAt) : null,
isActive: isActive !== undefined ? isActive : true,
updatedAt: new Date(),
})
.where(eq(announcements.id, announcementId))
.returning();
return NextResponse.json({
announcement: updatedAnnouncement,
message: 'Announcement updated successfully',
});
} catch (error) {
console.error('Error updating announcement:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
export async function DELETE(request: NextRequest, { params }: { params: { id: string } }) {
try {
const session = await getSession();
if (!session || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const announcementId = params.id;
// Check if announcement exists
const existing = await db.select().from(announcements).where(eq(announcements.id, announcementId)).limit(1);
if (existing.length === 0) {
return NextResponse.json({ error: 'Announcement not found' }, { status: 404 });
}
// Delete announcement
await db.delete(announcements).where(eq(announcements.id, announcementId));
return NextResponse.json({ message: 'Announcement deleted successfully' });
} catch (error) {
console.error('Error deleting announcement:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
app/api/admin/announcements/route.ts
+63
View File
@@ -0,0 +1,63 @@
import { NextRequest, NextResponse } from 'next/server';
import { db } from '@/lib/db';
import { announcements } from '@/lib/db/schema';
import { eq, desc } from 'drizzle-orm';
import { getSession } from '@/lib/session';
export async function GET(request: NextRequest) {
try {
const session = await getSession();
if (!session) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
// Regular users see only active announcements, admins see all
const allAnnouncements = await db
.select()
.from(announcements)
.where(session.role === 'admin' ? undefined : eq(announcements.isActive, true))
.orderBy(desc(announcements.createdAt));
return NextResponse.json({ announcements: allAnnouncements });
} catch (error) {
console.error('Error fetching announcements:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
export async function POST(request: NextRequest) {
try {
const session = await getSession();
if (!session || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { title, content, priority, expiresAt } = await request.json();
if (!title || !content) {
return NextResponse.json({ error: 'Title and content are required' }, { status: 400 });
}
const [newAnnouncement] = await db
.insert(announcements)
.values({
id: crypto.randomUUID(),
title,
content,
priority: priority || 'medium',
expiresAt: expiresAt ? new Date(expiresAt) : null,
isActive: true,
createdAt: new Date(),
updatedAt: new Date(),
})
.returning();
return NextResponse.json({
announcement: newAnnouncement,
message: 'Announcement created successfully',
});
} catch (error) {
console.error('Error creating announcement:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
app/api/admin/courts/[id]/route.ts
+73
View File
@@ -0,0 +1,73 @@
import { NextRequest, NextResponse } from 'next/server';
import { db } from '@/lib/db';
import { courts } from '@/lib/db/schema';
import { eq } from 'drizzle-orm';
import { getSession } from '@/lib/session';
export async function PUT(request: NextRequest, { params }: { params: { id: string } }) {
try {
const session = await getSession();
if (!session || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { name, isActive } = await request.json();
const courtId = params.id;
if (!name) {
return NextResponse.json({ error: 'Court name is required' }, { status: 400 });
}
// Check if court exists
const existing = await db.select().from(courts).where(eq(courts.id, courtId)).limit(1);
if (existing.length === 0) {
return NextResponse.json({ error: 'Court not found' }, { status: 404 });
}
// Update court
const [updatedCourt] = await db
.update(courts)
.set({
name,
isActive: isActive !== undefined ? isActive : true,
updatedAt: new Date(),
})
.where(eq(courts.id, courtId))
.returning();
return NextResponse.json({
court: updatedCourt,
message: 'Court updated successfully',
});
} catch (error) {
console.error('Error updating court:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
export async function DELETE(request: NextRequest, { params }: { params: { id: string } }) {
try {
const session = await getSession();
if (!session || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const courtId = params.id;
// Check if court exists
const existing = await db.select().from(courts).where(eq(courts.id, courtId)).limit(1);
if (existing.length === 0) {
return NextResponse.json({ error: 'Court not found' }, { status: 404 });
}
// Delete court (this will cascade to bookings due to foreign key)
await db.delete(courts).where(eq(courts.id, courtId));
return NextResponse.json({ message: 'Court deleted successfully' });
} catch (error) {
console.error('Error deleting court:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
app/api/admin/courts/route.ts
+59
View File
@@ -0,0 +1,59 @@
import { NextRequest, NextResponse } from 'next/server';
import { db } from '@/lib/db';
import { courts } from '@/lib/db/schema';
import { eq } from 'drizzle-orm';
import { getSession } from '@/lib/session';
export async function GET(request: NextRequest) {
try {
const session = await getSession();
if (!session) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
// Regular users see only active courts, admins see all
const allCourts = await db
.select()
.from(courts)
.where(session.role === 'admin' ? undefined : eq(courts.isActive, true));
return NextResponse.json({ courts: allCourts });
} catch (error) {
console.error('Error fetching courts:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
export async function POST(request: NextRequest) {
try {
const session = await getSession();
if (!session || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { name, isActive } = await request.json();
if (!name) {
return NextResponse.json({ error: 'Court name is required' }, { status: 400 });
}
const [newCourt] = await db
.insert(courts)
.values({
id: crypto.randomUUID(),
name,
isActive: isActive !== undefined ? isActive : true,
createdAt: new Date(),
updatedAt: new Date(),
})
.returning();
return NextResponse.json({
court: newCourt,
message: 'Court created successfully',
});
} catch (error) {
console.error('Error creating court:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
app/api/admin/logs/route.ts
+93
View File
@@ -0,0 +1,93 @@
import { NextRequest, NextResponse } from 'next/server';
import { verifySession } from '@/lib/session';
import { db } from '@/lib/db';
import { activityLogs, users } from '@/lib/db/schema';
import { eq, desc, isNull, or } from 'drizzle-orm';
export async function GET(request: NextRequest) {
try {
const session = await verifySession();
if (!session.isAuth || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { searchParams } = new URL(request.url);
const limit = parseInt(searchParams.get('limit') || '20');
const offset = parseInt(searchParams.get('offset') || '0');
// Get activity logs with user details
const logs = await db
.select({
id: activityLogs.id,
action: activityLogs.action,
entityType: activityLogs.entityType,
entityId: activityLogs.entityId,
details: activityLogs.details,
ipAddress: activityLogs.ipAddress,
userAgent: activityLogs.userAgent,
createdAt: activityLogs.createdAt,
user: {
id: users.id,
name: users.name,
surname: users.surname,
email: users.email,
},
})
.from(activityLogs)
.leftJoin(users, eq(activityLogs.userId, users.id))
.orderBy(desc(activityLogs.createdAt))
.limit(limit)
.offset(offset);
return NextResponse.json({
success: true,
logs,
pagination: {
limit,
offset,
hasMore: logs.length === limit,
},
});
} catch (error) {
console.error('Error fetching activity logs:', error);
return NextResponse.json({ error: 'Failed to fetch activity logs' }, { status: 500 });
}
}
export async function POST(request: NextRequest) {
try {
const body = await request.json();
const { action, entityType, entityId, details, ipAddress, userAgent } = body;
if (!action || !entityType) {
return NextResponse.json({ error: 'Missing required fields' }, { status: 400 });
}
const session = await verifySession();
const userId = session.isAuth ? session.userId : null;
// Create activity log
const [log] = await db
.insert(activityLogs)
.values({
id: crypto.randomUUID(),
userId,
action,
entityType,
entityId,
details: details ? JSON.stringify(details) : null,
ipAddress,
userAgent,
createdAt: new Date(),
})
.returning();
return NextResponse.json({
success: true,
log,
});
} catch (error) {
console.error('Error creating activity log:', error);
return NextResponse.json({ error: 'Failed to create activity log' }, { status: 500 });
}
}
app/api/admin/recent-bookings/route.ts
+52
View File
@@ -0,0 +1,52 @@
import { NextRequest, NextResponse } from 'next/server';
import { verifySession } from '@/lib/session';
import { db } from '@/lib/db';
import { bookings, users, courts } from '@/lib/db/schema';
import { eq, desc, gte } from 'drizzle-orm';
export async function GET(request: NextRequest) {
try {
const session = await verifySession();
if (!session.isAuth || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { searchParams } = new URL(request.url);
const limit = parseInt(searchParams.get('limit') || '10');
// Get recent bookings with user and court details
const recentBookings = await db
.select({
id: bookings.id,
date: bookings.date,
startTime: bookings.startTime,
endTime: bookings.endTime,
status: bookings.status,
notes: bookings.notes,
createdAt: bookings.createdAt,
court: {
id: courts.id,
name: courts.name,
},
user: {
id: users.id,
name: users.name,
surname: users.surname,
email: users.email,
},
})
.from(bookings)
.innerJoin(courts, eq(bookings.courtId, courts.id))
.innerJoin(users, eq(bookings.userId, users.id))
.orderBy(desc(bookings.createdAt))
.limit(limit);
return NextResponse.json({
success: true,
bookings: recentBookings,
});
} catch (error) {
console.error('Error fetching admin recent bookings:', error);
return NextResponse.json({ error: 'Failed to fetch recent bookings' }, { status: 500 });
}
}
app/api/admin/settings/route.ts
+78
View File
@@ -0,0 +1,78 @@
import { NextRequest, NextResponse } from 'next/server';
import { db } from '@/lib/db';
import { settings } from '@/lib/db/schema';
import { eq } from 'drizzle-orm';
import { getSession } from '@/lib/session';
export async function GET(request: NextRequest) {
try {
const session = await getSession();
if (!session || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const allSettings = await db.select().from(settings);
// Convert to key-value object for easier use
const settingsObj = allSettings.reduce((acc: any, setting) => {
acc[setting.key] = setting.value;
return acc;
}, {});
return NextResponse.json({ settings: allSettings });
} catch (error) {
console.error('Error fetching settings:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
export async function PUT(request: NextRequest) {
try {
const session = await getSession();
if (!session || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { settings: newSettings } = await request.json();
if (!newSettings || !Array.isArray(newSettings)) {
return NextResponse.json(
{ error: 'Invalid settings format. Expected array of {key, value} objects' },
{ status: 400 }
);
}
// Update each setting
const updatePromises = newSettings.map(async ({ key, value }) => {
if (!key || value === undefined) {
return;
}
// Try to update existing setting first
const result = await db
.update(settings)
.set({
value: String(value),
updatedAt: new Date(),
})
.where(eq(settings.key, key));
// If no rows were updated, insert new setting
if (!result.changes) {
await db.insert(settings).values({
id: crypto.randomUUID(),
key,
value: String(value),
updatedAt: new Date(),
});
}
});
await Promise.all(updatePromises);
return NextResponse.json({ message: 'Settings updated successfully' });
} catch (error) {
console.error('Error updating settings:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
app/api/admin/users/[id]/route.ts
+90
View File
@@ -0,0 +1,90 @@
import { NextRequest, NextResponse } from 'next/server';
import { db } from '@/lib/db';
import { users } from '@/lib/db/schema';
import { eq } from 'drizzle-orm';
import { getSession } from '@/lib/session';
import bcrypt from 'bcryptjs';
export async function PUT(request: NextRequest, { params }: { params: { id: string } }) {
try {
const session = await getSession();
if (!session || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { name, surname, email, role, password } = await request.json();
const userId = params.id;
if (!name || !surname || !email) {
return NextResponse.json({ error: 'Missing required fields' }, { status: 400 });
}
// Check if user exists
const existingUser = await db.select().from(users).where(eq(users.id, userId)).limit(1);
if (existingUser.length === 0) {
return NextResponse.json({ error: 'User not found' }, { status: 404 });
}
// Prepare update data
const updateData: any = {
name,
surname,
email,
role: role || 'user',
updatedAt: new Date(),
};
// Only hash and update password if provided
if (password) {
updateData.password = await bcrypt.hash(password, 12);
}
// Update user
const [updatedUser] = await db.update(users).set(updateData).where(eq(users.id, userId)).returning({
id: users.id,
name: users.name,
surname: users.surname,
email: users.email,
role: users.role,
createdAt: users.createdAt,
updatedAt: users.updatedAt,
});
return NextResponse.json({ user: updatedUser, message: 'User updated successfully' });
} catch (error) {
console.error('Error updating user:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
export async function DELETE(request: NextRequest, { params }: { params: { id: string } }) {
try {
const session = await getSession();
if (!session || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const userId = params.id;
// Prevent admin from deleting themselves
if (session.userId === userId) {
return NextResponse.json({ error: 'Cannot delete your own account' }, { status: 400 });
}
// Check if user exists
const existingUser = await db.select().from(users).where(eq(users.id, userId)).limit(1);
if (existingUser.length === 0) {
return NextResponse.json({ error: 'User not found' }, { status: 404 });
}
// Delete user
await db.delete(users).where(eq(users.id, userId));
return NextResponse.json({ message: 'User deleted successfully' });
} catch (error) {
console.error('Error deleting user:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
app/api/admin/users/route.ts
+83
View File
@@ -0,0 +1,83 @@
import { NextRequest, NextResponse } from 'next/server';
import { db } from '@/lib/db';
import { users } from '@/lib/db/schema';
import { eq } from 'drizzle-orm';
import { getSession } from '@/lib/session';
import bcrypt from 'bcryptjs';
export async function GET(request: NextRequest) {
try {
const session = await getSession();
if (!session || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const allUsers = await db
.select({
id: users.id,
name: users.name,
surname: users.surname,
email: users.email,
role: users.role,
createdAt: users.createdAt,
})
.from(users);
return NextResponse.json({ users: allUsers });
} catch (error) {
console.error('Error fetching users:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}
export async function POST(request: NextRequest) {
try {
const session = await getSession();
if (!session || session.role !== 'admin') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { name, surname, email, password, role } = await request.json();
if (!name || !surname || !email || !password) {
return NextResponse.json({ error: 'Missing required fields' }, { status: 400 });
}
// Check if user already exists
const existingUser = await db.select().from(users).where(eq(users.email, email)).limit(1);
if (existingUser.length > 0) {
return NextResponse.json({ error: 'User with this email already exists' }, { status: 400 });
}
// Hash password
const hashedPassword = await bcrypt.hash(password, 12);
// Create user
const [newUser] = await db
.insert(users)
.values({
id: crypto.randomUUID(),
name,
surname,
email,
password: hashedPassword,
role: role || 'user',
createdAt: new Date(),
updatedAt: new Date(),
})
.returning({
id: users.id,
name: users.name,
surname: users.surname,
email: users.email,
role: users.role,
createdAt: users.createdAt,
});
return NextResponse.json({ user: newUser, message: 'User created successfully' });
} catch (error) {
console.error('Error creating user:', error);
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
}
}