Initial commit
This commit is contained in:
@@ -0,0 +1,29 @@
|
||||
import { NextResponse } from 'next/server';
|
||||
import { db } from '@/db';
|
||||
import { getSession } from '@/lib/auth';
|
||||
import { isAdminUser } from '@/lib/auth/admin';
|
||||
|
||||
export async function GET() {
|
||||
try {
|
||||
if (!db) {
|
||||
return NextResponse.json({ isAdmin: false, user: null });
|
||||
}
|
||||
|
||||
const session = await getSession();
|
||||
if (!session) {
|
||||
return NextResponse.json({ isAdmin: false, user: null });
|
||||
}
|
||||
|
||||
return NextResponse.json({
|
||||
isAdmin: isAdminUser(session.user),
|
||||
user: {
|
||||
id: session.user.id,
|
||||
handle: session.user.handle,
|
||||
displayName: session.user.displayName,
|
||||
},
|
||||
});
|
||||
} catch (error) {
|
||||
console.error('Admin status error:', error);
|
||||
return NextResponse.json({ isAdmin: false, user: null });
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,54 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import { db } from '@/db';
|
||||
import { nodes } from '@/db';
|
||||
import { eq } from 'drizzle-orm';
|
||||
import { requireAdmin } from '@/lib/auth/admin';
|
||||
|
||||
export async function PATCH(req: NextRequest) {
|
||||
try {
|
||||
await requireAdmin();
|
||||
const data = await req.json();
|
||||
|
||||
const domain = process.env.NEXT_PUBLIC_NODE_DOMAIN || 'localhost:3000';
|
||||
|
||||
let node = await db.query.nodes.findFirst({
|
||||
where: eq(nodes.domain, domain),
|
||||
});
|
||||
|
||||
if (!node) {
|
||||
[node] = await db.insert(nodes).values({
|
||||
domain,
|
||||
name: data.name || process.env.NEXT_PUBLIC_NODE_NAME || 'Synapsis Node',
|
||||
description: data.description,
|
||||
longDescription: data.longDescription,
|
||||
rules: data.rules,
|
||||
bannerUrl: data.bannerUrl,
|
||||
logoUrl: data.logoUrl,
|
||||
faviconUrl: data.faviconUrl,
|
||||
accentColor: data.accentColor,
|
||||
isNsfw: data.isNsfw ?? false,
|
||||
}).returning();
|
||||
} else {
|
||||
[node] = await db.update(nodes)
|
||||
.set({
|
||||
name: data.name,
|
||||
description: data.description,
|
||||
longDescription: data.longDescription,
|
||||
rules: data.rules,
|
||||
bannerUrl: data.bannerUrl,
|
||||
logoUrl: data.logoUrl,
|
||||
faviconUrl: data.faviconUrl,
|
||||
accentColor: data.accentColor,
|
||||
isNsfw: data.isNsfw ?? node.isNsfw,
|
||||
updatedAt: new Date(),
|
||||
})
|
||||
.where(eq(nodes.id, node.id))
|
||||
.returning();
|
||||
}
|
||||
|
||||
return NextResponse.json({ node });
|
||||
} catch (error) {
|
||||
console.error('Update node settings error:', error);
|
||||
return NextResponse.json({ error: 'Failed to update settings' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,69 @@
|
||||
import { NextResponse } from 'next/server';
|
||||
import { db, posts } from '@/db';
|
||||
import { requireAdmin } from '@/lib/auth/admin';
|
||||
import { eq } from 'drizzle-orm';
|
||||
import { z } from 'zod';
|
||||
|
||||
type RouteContext = { params: Promise<{ id: string }> };
|
||||
|
||||
const moderationSchema = z.object({
|
||||
action: z.enum(['remove', 'restore']),
|
||||
reason: z.string().max(240).optional(),
|
||||
});
|
||||
|
||||
export async function PATCH(request: Request, context: RouteContext) {
|
||||
try {
|
||||
const admin = await requireAdmin();
|
||||
|
||||
if (!db) {
|
||||
return NextResponse.json({ error: 'Database not available' }, { status: 503 });
|
||||
}
|
||||
|
||||
const { id } = await context.params;
|
||||
const body = await request.json();
|
||||
const data = moderationSchema.parse(body);
|
||||
|
||||
const post = await db.query.posts.findFirst({
|
||||
where: eq(posts.id, id),
|
||||
});
|
||||
|
||||
if (!post) {
|
||||
return NextResponse.json({ error: 'Post not found' }, { status: 404 });
|
||||
}
|
||||
|
||||
if (data.action === 'remove') {
|
||||
const [updated] = await db.update(posts)
|
||||
.set({
|
||||
isRemoved: true,
|
||||
removedAt: new Date(),
|
||||
removedBy: admin.id,
|
||||
removedReason: data.reason || null,
|
||||
})
|
||||
.where(eq(posts.id, id))
|
||||
.returning();
|
||||
|
||||
return NextResponse.json({ post: updated });
|
||||
}
|
||||
|
||||
const [restored] = await db.update(posts)
|
||||
.set({
|
||||
isRemoved: false,
|
||||
removedAt: null,
|
||||
removedBy: null,
|
||||
removedReason: null,
|
||||
})
|
||||
.where(eq(posts.id, id))
|
||||
.returning();
|
||||
|
||||
return NextResponse.json({ post: restored });
|
||||
} catch (error) {
|
||||
if (error instanceof z.ZodError) {
|
||||
return NextResponse.json({ error: 'Invalid input', details: error.issues }, { status: 400 });
|
||||
}
|
||||
if (error instanceof Error && error.message === 'Admin required') {
|
||||
return NextResponse.json({ error: 'Admin required' }, { status: 403 });
|
||||
}
|
||||
console.error('Post moderation error:', error);
|
||||
return NextResponse.json({ error: 'Failed to update post' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,58 @@
|
||||
import { NextResponse } from 'next/server';
|
||||
import { db, posts } from '@/db';
|
||||
import { requireAdmin } from '@/lib/auth/admin';
|
||||
import { desc, eq } from 'drizzle-orm';
|
||||
|
||||
export async function GET(request: Request) {
|
||||
try {
|
||||
await requireAdmin();
|
||||
|
||||
if (!db) {
|
||||
return NextResponse.json({ error: 'Database not available' }, { status: 503 });
|
||||
}
|
||||
|
||||
const { searchParams } = new URL(request.url);
|
||||
const status = searchParams.get('status') || 'active'; // active | removed | all
|
||||
const limit = Math.min(parseInt(searchParams.get('limit') || '25'), 50);
|
||||
|
||||
const where =
|
||||
status === 'active'
|
||||
? eq(posts.isRemoved, false)
|
||||
: status === 'removed'
|
||||
? eq(posts.isRemoved, true)
|
||||
: undefined;
|
||||
|
||||
const results = await db.query.posts.findMany({
|
||||
where,
|
||||
with: {
|
||||
author: true,
|
||||
},
|
||||
orderBy: [desc(posts.createdAt)],
|
||||
limit,
|
||||
});
|
||||
|
||||
const sanitized = results.map((post) => {
|
||||
const author = post.author as { id: string; handle: string; displayName: string | null };
|
||||
return {
|
||||
id: post.id,
|
||||
content: post.content,
|
||||
createdAt: post.createdAt,
|
||||
isRemoved: post.isRemoved,
|
||||
removedReason: post.removedReason,
|
||||
author: {
|
||||
id: author.id,
|
||||
handle: author.handle,
|
||||
displayName: author.displayName,
|
||||
},
|
||||
};
|
||||
});
|
||||
|
||||
return NextResponse.json({ posts: sanitized });
|
||||
} catch (error) {
|
||||
if (error instanceof Error && error.message === 'Admin required') {
|
||||
return NextResponse.json({ error: 'Admin required' }, { status: 403 });
|
||||
}
|
||||
console.error('Admin posts error:', error);
|
||||
return NextResponse.json({ error: 'Failed to fetch posts' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,55 @@
|
||||
import { NextResponse } from 'next/server';
|
||||
import { db, reports } from '@/db';
|
||||
import { requireAdmin } from '@/lib/auth/admin';
|
||||
import { eq } from 'drizzle-orm';
|
||||
import { z } from 'zod';
|
||||
|
||||
type RouteContext = { params: Promise<{ id: string }> };
|
||||
|
||||
const updateSchema = z.object({
|
||||
status: z.enum(['open', 'resolved']),
|
||||
note: z.string().max(240).optional(),
|
||||
});
|
||||
|
||||
export async function PATCH(request: Request, context: RouteContext) {
|
||||
try {
|
||||
const admin = await requireAdmin();
|
||||
|
||||
if (!db) {
|
||||
return NextResponse.json({ error: 'Database not available' }, { status: 503 });
|
||||
}
|
||||
|
||||
const { id } = await context.params;
|
||||
const body = await request.json();
|
||||
const data = updateSchema.parse(body);
|
||||
|
||||
const report = await db.query.reports.findFirst({
|
||||
where: eq(reports.id, id),
|
||||
});
|
||||
|
||||
if (!report) {
|
||||
return NextResponse.json({ error: 'Report not found' }, { status: 404 });
|
||||
}
|
||||
|
||||
const [updated] = await db.update(reports)
|
||||
.set({
|
||||
status: data.status,
|
||||
resolvedAt: data.status === 'resolved' ? new Date() : null,
|
||||
resolvedBy: data.status === 'resolved' ? admin.id : null,
|
||||
resolutionNote: data.note || null,
|
||||
})
|
||||
.where(eq(reports.id, id))
|
||||
.returning();
|
||||
|
||||
return NextResponse.json({ report: updated });
|
||||
} catch (error) {
|
||||
if (error instanceof z.ZodError) {
|
||||
return NextResponse.json({ error: 'Invalid input', details: error.issues }, { status: 400 });
|
||||
}
|
||||
if (error instanceof Error && error.message === 'Admin required') {
|
||||
return NextResponse.json({ error: 'Admin required' }, { status: 403 });
|
||||
}
|
||||
console.error('Report update error:', error);
|
||||
return NextResponse.json({ error: 'Failed to update report' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,106 @@
|
||||
import { NextResponse } from 'next/server';
|
||||
import { db, reports, posts, users } from '@/db';
|
||||
import { requireAdmin } from '@/lib/auth/admin';
|
||||
import { desc, inArray, eq } from 'drizzle-orm';
|
||||
|
||||
export async function GET(request: Request) {
|
||||
try {
|
||||
await requireAdmin();
|
||||
|
||||
if (!db) {
|
||||
return NextResponse.json({ error: 'Database not available' }, { status: 503 });
|
||||
}
|
||||
|
||||
const { searchParams } = new URL(request.url);
|
||||
const status = searchParams.get('status') || 'open'; // open | resolved | all
|
||||
const limit = Math.min(parseInt(searchParams.get('limit') || '25'), 50);
|
||||
|
||||
const reportRows = await db.query.reports.findMany({
|
||||
where: status === 'all' ? undefined : eq(reports.status, status),
|
||||
orderBy: [desc(reports.createdAt)],
|
||||
limit,
|
||||
with: {
|
||||
reporter: true,
|
||||
resolver: true,
|
||||
},
|
||||
});
|
||||
|
||||
const postIds = reportRows
|
||||
.filter((report) => report.targetType === 'post')
|
||||
.map((report) => report.targetId);
|
||||
const userIds = reportRows
|
||||
.filter((report) => report.targetType === 'user')
|
||||
.map((report) => report.targetId);
|
||||
|
||||
const postTargetsRaw = postIds.length
|
||||
? await db.query.posts.findMany({
|
||||
where: inArray(posts.id, postIds),
|
||||
with: { author: true },
|
||||
})
|
||||
: [];
|
||||
const userTargetsRaw = userIds.length
|
||||
? await db.query.users.findMany({
|
||||
where: inArray(users.id, userIds),
|
||||
})
|
||||
: [];
|
||||
|
||||
const postTargets = postTargetsRaw.map((post) => {
|
||||
const author = post.author as { id: string; handle: string; displayName: string | null };
|
||||
return {
|
||||
id: post.id,
|
||||
content: post.content,
|
||||
createdAt: post.createdAt,
|
||||
isRemoved: post.isRemoved,
|
||||
author: {
|
||||
id: author.id,
|
||||
handle: author.handle,
|
||||
displayName: author.displayName,
|
||||
},
|
||||
};
|
||||
});
|
||||
|
||||
const userTargets = userTargetsRaw.map((user) => ({
|
||||
id: user.id,
|
||||
handle: user.handle,
|
||||
displayName: user.displayName,
|
||||
isSuspended: user.isSuspended,
|
||||
isSilenced: user.isSilenced,
|
||||
}));
|
||||
|
||||
const postMap = new Map(postTargets.map((post) => [post.id, post]));
|
||||
const userMap = new Map(userTargets.map((user) => [user.id, user]));
|
||||
|
||||
type UserInfo = { id: string; handle: string };
|
||||
|
||||
const reportsWithTargets = reportRows.map((report) => {
|
||||
const reporter = report.reporter as UserInfo | null;
|
||||
const resolver = report.resolver as UserInfo | null;
|
||||
return {
|
||||
id: report.id,
|
||||
targetType: report.targetType,
|
||||
targetId: report.targetId,
|
||||
reason: report.reason,
|
||||
status: report.status,
|
||||
createdAt: report.createdAt,
|
||||
reporter: reporter
|
||||
? { id: reporter.id, handle: reporter.handle }
|
||||
: null,
|
||||
resolver: resolver
|
||||
? { id: resolver.id, handle: resolver.handle }
|
||||
: null,
|
||||
target:
|
||||
report.targetType === 'post'
|
||||
? postMap.get(report.targetId) || null
|
||||
: userMap.get(report.targetId) || null,
|
||||
};
|
||||
});
|
||||
|
||||
return NextResponse.json({ reports: reportsWithTargets });
|
||||
} catch (error) {
|
||||
if (error instanceof Error && error.message === 'Admin required') {
|
||||
return NextResponse.json({ error: 'Admin required' }, { status: 403 });
|
||||
}
|
||||
console.error('Admin reports error:', error);
|
||||
return NextResponse.json({ error: 'Failed to fetch reports' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,133 @@
|
||||
import { NextResponse } from 'next/server';
|
||||
import { db, users } from '@/db';
|
||||
import { requireAdmin } from '@/lib/auth/admin';
|
||||
import { eq } from 'drizzle-orm';
|
||||
import { z } from 'zod';
|
||||
|
||||
type RouteContext = { params: Promise<{ id: string }> };
|
||||
|
||||
const moderationSchema = z.object({
|
||||
action: z.enum(['suspend', 'unsuspend', 'silence', 'unsilence']),
|
||||
reason: z.string().max(240).optional(),
|
||||
});
|
||||
|
||||
export async function PATCH(request: Request, context: RouteContext) {
|
||||
try {
|
||||
const admin = await requireAdmin();
|
||||
|
||||
if (!db) {
|
||||
return NextResponse.json({ error: 'Database not available' }, { status: 503 });
|
||||
}
|
||||
|
||||
const { id } = await context.params;
|
||||
const body = await request.json();
|
||||
const data = moderationSchema.parse(body);
|
||||
|
||||
const user = await db.query.users.findFirst({
|
||||
where: eq(users.id, id),
|
||||
});
|
||||
|
||||
if (!user) {
|
||||
return NextResponse.json({ error: 'User not found' }, { status: 404 });
|
||||
}
|
||||
if (user.id === admin.id && (data.action === 'suspend' || data.action === 'silence')) {
|
||||
return NextResponse.json({ error: 'Cannot apply this action to yourself' }, { status: 400 });
|
||||
}
|
||||
|
||||
if (data.action === 'suspend') {
|
||||
const [updated] = await db.update(users)
|
||||
.set({
|
||||
isSuspended: true,
|
||||
suspendedAt: new Date(),
|
||||
suspensionReason: data.reason || null,
|
||||
})
|
||||
.where(eq(users.id, id))
|
||||
.returning();
|
||||
return NextResponse.json({ user: {
|
||||
id: updated.id,
|
||||
handle: updated.handle,
|
||||
displayName: updated.displayName,
|
||||
email: updated.email,
|
||||
isSuspended: updated.isSuspended,
|
||||
suspensionReason: updated.suspensionReason,
|
||||
isSilenced: updated.isSilenced,
|
||||
silenceReason: updated.silenceReason,
|
||||
createdAt: updated.createdAt,
|
||||
} });
|
||||
}
|
||||
|
||||
if (data.action === 'unsuspend') {
|
||||
const [updated] = await db.update(users)
|
||||
.set({
|
||||
isSuspended: false,
|
||||
suspendedAt: null,
|
||||
suspensionReason: null,
|
||||
})
|
||||
.where(eq(users.id, id))
|
||||
.returning();
|
||||
return NextResponse.json({ user: {
|
||||
id: updated.id,
|
||||
handle: updated.handle,
|
||||
displayName: updated.displayName,
|
||||
email: updated.email,
|
||||
isSuspended: updated.isSuspended,
|
||||
suspensionReason: updated.suspensionReason,
|
||||
isSilenced: updated.isSilenced,
|
||||
silenceReason: updated.silenceReason,
|
||||
createdAt: updated.createdAt,
|
||||
} });
|
||||
}
|
||||
|
||||
if (data.action === 'silence') {
|
||||
const [updated] = await db.update(users)
|
||||
.set({
|
||||
isSilenced: true,
|
||||
silencedAt: new Date(),
|
||||
silenceReason: data.reason || null,
|
||||
})
|
||||
.where(eq(users.id, id))
|
||||
.returning();
|
||||
return NextResponse.json({ user: {
|
||||
id: updated.id,
|
||||
handle: updated.handle,
|
||||
displayName: updated.displayName,
|
||||
email: updated.email,
|
||||
isSuspended: updated.isSuspended,
|
||||
suspensionReason: updated.suspensionReason,
|
||||
isSilenced: updated.isSilenced,
|
||||
silenceReason: updated.silenceReason,
|
||||
createdAt: updated.createdAt,
|
||||
} });
|
||||
}
|
||||
|
||||
const [updated] = await db.update(users)
|
||||
.set({
|
||||
isSilenced: false,
|
||||
silencedAt: null,
|
||||
silenceReason: null,
|
||||
})
|
||||
.where(eq(users.id, id))
|
||||
.returning();
|
||||
|
||||
return NextResponse.json({ user: {
|
||||
id: updated.id,
|
||||
handle: updated.handle,
|
||||
displayName: updated.displayName,
|
||||
email: updated.email,
|
||||
isSuspended: updated.isSuspended,
|
||||
suspensionReason: updated.suspensionReason,
|
||||
isSilenced: updated.isSilenced,
|
||||
silenceReason: updated.silenceReason,
|
||||
createdAt: updated.createdAt,
|
||||
} });
|
||||
} catch (error) {
|
||||
if (error instanceof z.ZodError) {
|
||||
return NextResponse.json({ error: 'Invalid input', details: error.issues }, { status: 400 });
|
||||
}
|
||||
if (error instanceof Error && error.message === 'Admin required') {
|
||||
return NextResponse.json({ error: 'Admin required' }, { status: 403 });
|
||||
}
|
||||
console.error('Admin user moderation error:', error);
|
||||
return NextResponse.json({ error: 'Failed to update user' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,41 @@
|
||||
import { NextResponse } from 'next/server';
|
||||
import { db, users } from '@/db';
|
||||
import { requireAdmin } from '@/lib/auth/admin';
|
||||
import { desc } from 'drizzle-orm';
|
||||
|
||||
export async function GET(request: Request) {
|
||||
try {
|
||||
await requireAdmin();
|
||||
|
||||
if (!db) {
|
||||
return NextResponse.json({ error: 'Database not available' }, { status: 503 });
|
||||
}
|
||||
|
||||
const { searchParams } = new URL(request.url);
|
||||
const limit = Math.min(parseInt(searchParams.get('limit') || '25'), 50);
|
||||
|
||||
const results = await db.select({
|
||||
id: users.id,
|
||||
handle: users.handle,
|
||||
displayName: users.displayName,
|
||||
email: users.email,
|
||||
isSuspended: users.isSuspended,
|
||||
suspensionReason: users.suspensionReason,
|
||||
isSilenced: users.isSilenced,
|
||||
silenceReason: users.silenceReason,
|
||||
createdAt: users.createdAt,
|
||||
isBot: users.isBot,
|
||||
})
|
||||
.from(users)
|
||||
.orderBy(desc(users.createdAt))
|
||||
.limit(limit);
|
||||
|
||||
return NextResponse.json({ users: results });
|
||||
} catch (error) {
|
||||
if (error instanceof Error && error.message === 'Admin required') {
|
||||
return NextResponse.json({ error: 'Admin required' }, { status: 403 });
|
||||
}
|
||||
console.error('Admin users error:', error);
|
||||
return NextResponse.json({ error: 'Failed to fetch users' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user