feat: implement platform management system with authentication and dashboard

- Add PlatformUser model with roles (SUPER_ADMIN, ADMIN, SUPPORT) - Implement platform authentication with NextAuth - Create platform dashboard showing companies, users, and sessions - Add platform API endpoints for company management - Update landing page with SaaS design - Include test improvements and accessibility updates
2026-01-16 11:32:13 +01:00 · 2025-06-28 12:41:50 +02:00
parent aa0e9d5ebc
commit 60d1b72aba
18 changed files with 1190 additions and 53 deletions
--- a/app/api/platform/companies/[id]/route.ts
+++ b/app/api/platform/companies/[id]/route.ts
@ -0,0 +1,125 @@
+import { NextRequest, NextResponse } from "next/server";
+import { getServerSession } from "next-auth";
+import { platformAuthOptions } from "../../auth/[...nextauth]/route";
+import { prisma } from "../../../../../lib/prisma";
+import { CompanyStatus } from "@prisma/client";
+
+// GET /api/platform/companies/[id] - Get company details
+export async function GET(
+  request: NextRequest,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  try {
+    const session = await getServerSession(platformAuthOptions);
+
+    if (!session?.user?.isPlatformUser) {
+      return NextResponse.json({ error: "Platform access required" }, { status: 401 });
+    }
+
+    const { id } = await params;
+
+    const company = await prisma.company.findUnique({
+      where: { id },
+      include: {
+        users: {
+          select: {
+            id: true,
+            email: true,
+            role: true,
+            createdAt: true,
+            updatedAt: true,
+          },
+        },
+        sessions: {
+          select: {
+            id: true,
+            startTime: true,
+            endTime: true,
+            sentiment: true,
+            category: true,
+          },
+          take: 10,
+          orderBy: { createdAt: "desc" },
+        },
+        _count: {
+          select: {
+            sessions: true,
+            imports: true,
+            users: true,
+          },
+        },
+      },
+    });
+
+    if (!company) {
+      return NextResponse.json({ error: "Company not found" }, { status: 404 });
+    }
+
+    return NextResponse.json({ company });
+  } catch (error) {
+    console.error("Platform company details error:", error);
+    return NextResponse.json({ error: "Internal server error" }, { status: 500 });
+  }
+}
+
+// PATCH /api/platform/companies/[id] - Update company
+export async function PATCH(
+  request: NextRequest,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  try {
+    const session = await getServerSession(platformAuthOptions);
+
+    if (!session?.user?.isPlatformUser || session.user.platformRole === "SUPPORT") {
+      return NextResponse.json({ error: "Admin access required" }, { status: 403 });
+    }
+
+    const { id } = await params;
+    const body = await request.json();
+    const { name, csvUrl, csvUsername, csvPassword, status } = body;
+
+    const updateData: any = {};
+    if (name !== undefined) updateData.name = name;
+    if (csvUrl !== undefined) updateData.csvUrl = csvUrl;
+    if (csvUsername !== undefined) updateData.csvUsername = csvUsername;
+    if (csvPassword !== undefined) updateData.csvPassword = csvPassword;
+    if (status !== undefined) updateData.status = status;
+
+    const company = await prisma.company.update({
+      where: { id },
+      data: updateData,
+    });
+
+    return NextResponse.json({ company });
+  } catch (error) {
+    console.error("Platform company update error:", error);
+    return NextResponse.json({ error: "Internal server error" }, { status: 500 });
+  }
+}
+
+// DELETE /api/platform/companies/[id] - Delete company (archives instead)
+export async function DELETE(
+  request: NextRequest,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  try {
+    const session = await getServerSession(platformAuthOptions);
+
+    if (!session?.user?.isPlatformUser || session.user.platformRole !== "SUPER_ADMIN") {
+      return NextResponse.json({ error: "Super admin access required" }, { status: 403 });
+    }
+
+    const { id } = await params;
+
+    // Archive instead of delete to preserve data integrity
+    const company = await prisma.company.update({
+      where: { id },
+      data: { status: CompanyStatus.ARCHIVED },
+    });
+
+    return NextResponse.json({ company });
+  } catch (error) {
+    console.error("Platform company archive error:", error);
+    return NextResponse.json({ error: "Internal server error" }, { status: 500 });
+  }
+}
--- a/app/api/platform/companies/route.ts
+++ b/app/api/platform/companies/route.ts
@ -0,0 +1,99 @@
+import { NextRequest, NextResponse } from "next/server";
+import { getServerSession } from "next-auth";
+import { platformAuthOptions } from "../auth/[...nextauth]/route";
+import { prisma } from "../../../../lib/prisma";
+import { CompanyStatus } from "@prisma/client";
+
+// GET /api/platform/companies - List all companies
+export async function GET(request: NextRequest) {
+  try {
+    const session = await getServerSession(platformAuthOptions);
+
+    if (!session?.user?.isPlatformUser) {
+      return NextResponse.json({ error: "Platform access required" }, { status: 401 });
+    }
+
+    const { searchParams } = new URL(request.url);
+    const status = searchParams.get("status") as CompanyStatus | null;
+    const search = searchParams.get("search");
+    const page = parseInt(searchParams.get("page") || "1");
+    const limit = parseInt(searchParams.get("limit") || "20");
+    const offset = (page - 1) * limit;
+
+    const where: any = {};
+    if (status) where.status = status;
+    if (search) {
+      where.name = {
+        contains: search,
+        mode: "insensitive",
+      };
+    }
+
+    const [companies, total] = await Promise.all([
+      prisma.company.findMany({
+        where,
+        include: {
+          users: {
+            select: { id: true, email: true, role: true, createdAt: true },
+          },
+          _count: {
+            select: {
+              sessions: true,
+              imports: true,
+            },
+          },
+        },
+        orderBy: { createdAt: "desc" },
+        skip: offset,
+        take: limit,
+      }),
+      prisma.company.count({ where }),
+    ]);
+
+    return NextResponse.json({
+      companies,
+      pagination: {
+        page,
+        limit,
+        total,
+        pages: Math.ceil(total / limit),
+      },
+    });
+  } catch (error) {
+    console.error("Platform companies list error:", error);
+    return NextResponse.json({ error: "Internal server error" }, { status: 500 });
+  }
+}
+
+// POST /api/platform/companies - Create new company
+export async function POST(request: NextRequest) {
+  try {
+    const session = await getServerSession(platformAuthOptions);
+
+    if (!session?.user?.isPlatformUser || session.user.platformRole === "SUPPORT") {
+      return NextResponse.json({ error: "Admin access required" }, { status: 403 });
+    }
+
+    const body = await request.json();
+    const { name, csvUrl, csvUsername, csvPassword, status = "TRIAL" } = body;
+
+    if (!name || !csvUrl) {
+      return NextResponse.json({ error: "Name and CSV URL required" }, { status: 400 });
+    }
+
+    const company = await prisma.company.create({
+      data: {
+        name,
+        csvUrl,
+        csvUsername: csvUsername || null,
+        csvPassword: csvPassword || null,
+        status,
+      },
+    });
+
+    return NextResponse.json({ company }, { status: 201 });
+  } catch (error) {
+    console.error("Platform company creation error:", error);
+    return NextResponse.json({ error: "Internal server error" }, { status: 500 });
+  }
+}