create-crm-tmp 1.1.2 → 2.0.0

package/template/src/app/api/auth/google/callback/route.ts

@@ -2,6 +2,7 @@ import { NextRequest, NextResponse } from 'next/server';
 import { auth } from '@/lib/auth';
 import { prisma } from '@/lib/prisma';
 import { exchangeGoogleCodeForTokens } from '@/lib/google-calendar';
+import { encrypt } from '@/lib/encryption';
 
 /**
  * GET /api/auth/google/callback
@@ -17,6 +18,8 @@ export async function GET(request: NextRequest) {
       return NextResponse.redirect(new URL('/signin', request.url));
     }
 
+    // Tous les utilisateurs peuvent maintenant connecter leur compte Google pour Calendar
+
     const { searchParams } = new URL(request.url);
     const code = searchParams.get('code');
     const error = searchParams.get('error');
@@ -63,19 +66,19 @@ export async function GET(request: NextRequest) {
       console.error("Erreur lors de la récupération de l'email Google:", err);
     }
 
-    // Sauvegarder ou mettre à jour les tokens
+    // Sauvegarder ou mettre à jour les tokens (chiffrés si ENCRYPTION_KEY est définie)
     await prisma.userGoogleAccount.upsert({
       where: { userId: session.user.id },
       create: {
         userId: session.user.id,
-        accessToken: tokens.access_token,
-        refreshToken: tokens.refresh_token || '',
+        accessToken: encrypt(tokens.access_token),
+        refreshToken: tokens.refresh_token ? encrypt(tokens.refresh_token) : '',
         tokenExpiresAt,
         email: googleEmail,
       },
       update: {
-        accessToken: tokens.access_token,
-        refreshToken: tokens.refresh_token || undefined,
+        accessToken: encrypt(tokens.access_token),
+        refreshToken: tokens.refresh_token ? encrypt(tokens.refresh_token) : undefined,
         tokenExpiresAt,
         email: googleEmail,
       },

package/template/src/app/api/auth/google/disconnect/route.ts

@@ -4,7 +4,7 @@ import { prisma } from '@/lib/prisma';
 
 /**
  * POST /api/auth/google/disconnect
- * Déconnecte le compte Google de l'utilisateur
+ * Déconnecte le compte Google de l'administrateur (seuls les admins peuvent déconnecter)
  */
 export async function POST(request: NextRequest) {
   try {
@@ -16,7 +16,7 @@ export async function POST(request: NextRequest) {
       return NextResponse.json({ error: 'Non authentifié' }, { status: 401 });
     }
 
-    // Supprimer le compte Google
+    // Tous les utilisateurs peuvent déconnecter leur compte Google
     await prisma.userGoogleAccount.deleteMany({
       where: { userId: session.user.id },
     });

package/template/src/app/api/companies/[id]/activities/route.ts

@@ -0,0 +1,131 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { auth } from '@/lib/auth';
+import { prisma } from '@/lib/prisma';
+import { checkPermission } from '@/lib/check-permission';
+
+export async function GET(request: NextRequest, { params }: { params: Promise<{ id: string }> }) {
+  try {
+    const session = await auth.api.getSession({ headers: request.headers });
+    if (!session) {
+      return NextResponse.json({ error: 'Non authentifié' }, { status: 401 });
+    }
+
+    const [
+      companiesViewAll,
+      companiesViewOwn,
+      companiesViewActivities,
+      contactsViewAll,
+      contactsViewOwn,
+    ] = await Promise.all([
+      checkPermission('companies.view_all'),
+      checkPermission('companies.view_own'),
+      checkPermission('companies.view_activities'),
+      checkPermission('contacts.view_all'),
+      checkPermission('contacts.view_own'),
+    ]);
+    const canViewAll = companiesViewAll || contactsViewAll;
+    const canViewOwn = companiesViewOwn || contactsViewOwn;
+    const canViewActivities = companiesViewActivities || canViewAll || canViewOwn;
+
+    if (!canViewActivities) {
+      return NextResponse.json({ error: 'Accès refusé' }, { status: 403 });
+    }
+
+    const { id } = await params;
+
+    const company = await prisma.company.findUnique({
+      where: { id },
+      select: {
+        id: true,
+        assignedCommercialId: true,
+        assignedTeleproId: true,
+        createdById: true,
+      },
+    });
+
+    if (!company) {
+      return NextResponse.json({ error: 'Entreprise non trouvée' }, { status: 404 });
+    }
+
+    if (!canViewAll && canViewOwn) {
+      const isOwner =
+        company.assignedCommercialId === session.user.id ||
+        company.assignedTeleproId === session.user.id ||
+        company.createdById === session.user.id;
+      if (!isOwner) {
+        return NextResponse.json({ error: 'Accès refusé' }, { status: 403 });
+      }
+    }
+
+    const activities = await prisma.companyActivity.findMany({
+      where: { companyId: id },
+      include: {
+        user: { select: { id: true, name: true } },
+      },
+      orderBy: { createdAt: 'desc' },
+      take: 100,
+    });
+
+    return NextResponse.json(activities);
+  } catch (error) {
+    console.error('Erreur lors de la récupération des activités entreprise:', error);
+    return NextResponse.json({ error: 'Erreur serveur' }, { status: 500 });
+  }
+}
+
+export async function POST(request: NextRequest, { params }: { params: Promise<{ id: string }> }) {
+  try {
+    const session = await auth.api.getSession({ headers: request.headers });
+    if (!session) {
+      return NextResponse.json({ error: 'Non authentifié' }, { status: 401 });
+    }
+
+    const canAddActivity =
+      (await checkPermission('companies.add_activity')) ||
+      (await checkPermission('companies.edit')) ||
+      (await checkPermission('contacts.edit'));
+    if (!canAddActivity) {
+      return NextResponse.json({ error: 'Permission insuffisante' }, { status: 403 });
+    }
+
+    const { id } = await params;
+    const body = await request.json();
+    const { type, title, content, metadata } = body as {
+      type: string;
+      title?: string;
+      content: string;
+      metadata?: unknown;
+    };
+
+    if (!type || !content) {
+      return NextResponse.json({ error: 'type et content sont requis' }, { status: 400 });
+    }
+
+    const company = await prisma.company.findUnique({
+      where: { id },
+      select: { id: true },
+    });
+    if (!company) {
+      return NextResponse.json({ error: 'Entreprise non trouvée' }, { status: 404 });
+    }
+
+    const activity = await prisma.companyActivity.create({
+      data: {
+        companyId: id,
+        type,
+        title: title || null,
+        content,
+        metadata: metadata !== undefined && metadata !== null && metadata,
+        userId: session.user.id,
+      },
+      include: {
+        user: { select: { id: true, name: true } },
+      },
+    });
+
+    return NextResponse.json(activity, { status: 201 });
+  } catch (error) {
+    console.error("Erreur lors de la création de l'activité entreprise:", error);
+    return NextResponse.json({ error: 'Erreur serveur' }, { status: 500 });
+  }
+}

package/template/src/app/api/companies/[id]/route.ts

@@ -0,0 +1,195 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { auth } from '@/lib/auth';
+import { prisma } from '@/lib/prisma';
+import { checkPermission } from '@/lib/check-permission';
+
+export async function GET(request: NextRequest, { params }: { params: Promise<{ id: string }> }) {
+  try {
+    const session = await auth.api.getSession({ headers: request.headers });
+    if (!session) {
+      return NextResponse.json({ error: 'Non authentifié' }, { status: 401 });
+    }
+
+    const [companiesViewAll, companiesViewOwn, contactsViewAll, contactsViewOwn] =
+      await Promise.all([
+        checkPermission('companies.view_all'),
+        checkPermission('companies.view_own'),
+        checkPermission('contacts.view_all'),
+        checkPermission('contacts.view_own'),
+      ]);
+    const canViewAll = companiesViewAll || contactsViewAll;
+    const canViewOwn = companiesViewOwn || contactsViewOwn;
+
+    if (!canViewAll && !canViewOwn) {
+      return NextResponse.json({ error: 'Accès refusé' }, { status: 403 });
+    }
+
+    const { id } = await params;
+
+    const company = await prisma.company.findUnique({
+      where: { id },
+      include: {
+        contacts: {
+          select: {
+            id: true,
+            firstName: true,
+            lastName: true,
+            jobTitle: true,
+            phone: true,
+            email: true,
+            status: { select: { id: true, name: true, color: true } },
+          },
+        },
+        _count: { select: { contacts: true } },
+        assignedCommercial: { select: { id: true, name: true, email: true } },
+        assignedTelepro: { select: { id: true, name: true, email: true } },
+        createdBy: { select: { id: true, name: true, email: true } },
+      },
+    });
+
+    if (!company) {
+      return NextResponse.json({ error: 'Entreprise non trouvée' }, { status: 404 });
+    }
+
+    if (!canViewAll && canViewOwn) {
+      const isOwner =
+        company.assignedCommercialId === session.user.id ||
+        company.assignedTeleproId === session.user.id ||
+        company.createdById === session.user.id;
+      if (!isOwner) {
+        return NextResponse.json({ error: 'Accès refusé' }, { status: 403 });
+      }
+    }
+
+    return NextResponse.json(company);
+  } catch (error) {
+    console.error("Erreur lors de la récupération de l'entreprise:", error);
+    return NextResponse.json({ error: 'Erreur serveur' }, { status: 500 });
+  }
+}
+
+export async function PUT(request: NextRequest, { params }: { params: Promise<{ id: string }> }) {
+  try {
+    const session = await auth.api.getSession({ headers: request.headers });
+    if (!session) {
+      return NextResponse.json({ error: 'Non authentifié' }, { status: 401 });
+    }
+
+    const canEdit =
+      (await checkPermission('companies.edit')) || (await checkPermission('contacts.edit'));
+    if (!canEdit) {
+      return NextResponse.json({ error: 'Permission insuffisante' }, { status: 403 });
+    }
+
+    const { id } = await params;
+    const body = await request.json();
+
+    const existing = await prisma.company.findUnique({ where: { id } });
+    if (!existing) {
+      return NextResponse.json({ error: 'Entreprise non trouvée' }, { status: 404 });
+    }
+
+    const data: Record<string, unknown> = {};
+    const fields = [
+      'name',
+      'phone',
+      'email',
+      'address',
+      'city',
+      'postalCode',
+      'website',
+      'siret',
+      'industry',
+      'notes',
+      'assignedCommercialId',
+      'assignedTeleproId',
+    ] as const;
+    for (const field of fields) {
+      if (body[field] !== undefined) {
+        (data as any)[field] = body[field] === '' ? null : body[field];
+      }
+    }
+
+    const company = await prisma.company.update({
+      where: { id },
+      data,
+      include: {
+        contacts: {
+          select: {
+            id: true,
+            firstName: true,
+            lastName: true,
+            jobTitle: true,
+            phone: true,
+            email: true,
+            status: { select: { id: true, name: true, color: true } },
+          },
+        },
+        _count: { select: { contacts: true } },
+        assignedCommercial: { select: { id: true, name: true, email: true } },
+        assignedTelepro: { select: { id: true, name: true, email: true } },
+        createdBy: { select: { id: true, name: true, email: true } },
+      },
+    });
+
+    // Enregistrer une activité pour la modification
+    const changes: { field: string; old: unknown; new: unknown }[] = [];
+    for (const field of fields) {
+      if (body[field] === undefined) continue;
+      const oldVal = (existing as any)[field];
+      const newVal = (company as any)[field];
+      if (oldVal !== newVal) {
+        changes.push({ field, old: oldVal, new: newVal });
+      }
+    }
+    if (changes.length > 0) {
+      await prisma.companyActivity.create({
+        data: {
+          companyId: id,
+          type: 'COMPANY_UPDATE',
+          title: 'Informations modifiées',
+          content: `${changes.length} champ(s) modifié(s) : ${changes.map((c) => c.field).join(', ')}`,
+          metadata: JSON.parse(JSON.stringify({ changes })),
+          userId: session.user.id,
+        },
+      });
+    }
+
+    return NextResponse.json(company);
+  } catch (error) {
+    console.error("Erreur lors de la mise à jour de l'entreprise:", error);
+    return NextResponse.json({ error: 'Erreur serveur' }, { status: 500 });
+  }
+}
+
+export async function DELETE(
+  request: NextRequest,
+  { params }: { params: Promise<{ id: string }> },
+) {
+  try {
+    const session = await auth.api.getSession({ headers: request.headers });
+    if (!session) {
+      return NextResponse.json({ error: 'Non authentifié' }, { status: 401 });
+    }
+
+    const canDelete =
+      (await checkPermission('companies.delete')) || (await checkPermission('contacts.delete'));
+    if (!canDelete) {
+      return NextResponse.json({ error: 'Permission insuffisante' }, { status: 403 });
+    }
+
+    const { id } = await params;
+
+    await prisma.contact.updateMany({
+      where: { companyId: id },
+      data: { companyId: null },
+    });
+
+    await prisma.company.delete({ where: { id } });
+
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    console.error("Erreur lors de la suppression de l'entreprise:", error);
+    return NextResponse.json({ error: 'Erreur serveur' }, { status: 500 });
+  }
+}

package/template/src/app/api/companies/export/route.ts

@@ -0,0 +1,206 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { auth } from '@/lib/auth';
+import { prisma } from '@/lib/prisma';
+import { checkPermission } from '@/lib/check-permission';
+
+export async function POST(request: NextRequest) {
+  try {
+    const session = await auth.api.getSession({
+      headers: request.headers,
+    });
+
+    if (!session) {
+      return NextResponse.json({ error: 'Non authentifié' }, { status: 401 });
+    }
+
+    const canExport = await checkPermission('contacts.export');
+    if (!canExport) {
+      return NextResponse.json({ error: 'Accès refusé' }, { status: 403 });
+    }
+
+    const body = await request.json();
+    const { format } = body;
+
+    if (!format || (format !== 'csv' && format !== 'excel')) {
+      return NextResponse.json(
+        { error: 'Format invalide. Utilisez "csv" ou "excel".' },
+        { status: 400 },
+      );
+    }
+
+    const MAX_EXPORT = 10_000;
+
+    const companies = await prisma.company.findMany({
+      include: {
+        contacts: {
+          select: {
+            civility: true,
+            firstName: true,
+            lastName: true,
+            jobTitle: true,
+            phone: true,
+            secondaryPhone: true,
+            email: true,
+            address: true,
+            city: true,
+            postalCode: true,
+            origin: true,
+            status: { select: { name: true } },
+          },
+        },
+        assignedCommercial: { select: { name: true, email: true } },
+        assignedTelepro: { select: { name: true, email: true } },
+        createdBy: { select: { name: true, email: true } },
+      },
+      orderBy: { createdAt: 'desc' },
+      take: MAX_EXPORT,
+    });
+
+    if (companies.length === 0) {
+      return NextResponse.json({ error: 'Aucune entreprise à exporter' }, { status: 400 });
+    }
+
+    const companyHeaders = [
+      'Nom',
+      'Téléphone',
+      'Email',
+      'Adresse',
+      'Ville',
+      'Code postal',
+      'Site web',
+      'SIRET',
+      'Secteur',
+      'Commercial',
+      'Email Commercial',
+      'Télépro',
+      'Email Télépro',
+      'Créé par',
+      'Créé le',
+      'Modifié le',
+      'Nb contacts',
+      'Notes',
+    ];
+
+    const companyRows = companies.map((c) => [
+      c.name || '',
+      c.phone || '',
+      c.email || '',
+      c.address || '',
+      c.city || '',
+      c.postalCode || '',
+      c.website || '',
+      c.siret || '',
+      c.industry || '',
+      c.assignedCommercial?.name || '',
+      c.assignedCommercial?.email || '',
+      c.assignedTelepro?.name || '',
+      c.assignedTelepro?.email || '',
+      c.createdBy?.name || '',
+      c.createdAt ? new Date(c.createdAt).toLocaleString('fr-FR') : '',
+      c.updatedAt ? new Date(c.updatedAt).toLocaleString('fr-FR') : '',
+      String(c.contacts.length),
+      c.notes || '',
+    ]);
+
+    const contactHeaders = [
+      'Entreprise',
+      'Civilité',
+      'Prénom',
+      'Nom',
+      'Poste',
+      'Téléphone',
+      'Téléphone secondaire',
+      'Email',
+      'Adresse',
+      'Ville',
+      'Code postal',
+      'Origine',
+      'Statut',
+    ];
+
+    const contactRows: string[][] = [];
+    for (const company of companies) {
+      for (const contact of company.contacts) {
+        contactRows.push([
+          company.name || '',
+          contact.civility || '',
+          contact.firstName || '',
+          contact.lastName || '',
+          contact.jobTitle || '',
+          contact.phone || '',
+          contact.secondaryPhone || '',
+          contact.email || '',
+          contact.address || '',
+          contact.city || '',
+          contact.postalCode || '',
+          contact.origin || '',
+          contact.status?.name || '',
+        ]);
+      }
+    }
+
+    const dateStr = new Date().toISOString().split('T')[0];
+
+    function toCsvBlock(headers: string[], rows: string[][]): string {
+      const escape = (cell: string) => `"${String(cell || '').replace(/"/g, '""')}"`;
+      return [headers.map(escape).join(','), ...rows.map((row) => row.map(escape).join(','))].join(
+        '\n',
+      );
+    }
+
+    if (format === 'csv') {
+      const csvContent =
+        '--- ENTREPRISES ---\n' +
+        toCsvBlock(companyHeaders, companyRows) +
+        '\n\n--- CONTACTS RELIÉS ---\n' +
+        toCsvBlock(contactHeaders, contactRows);
+
+      const csvWithBOM = '\uFEFF' + csvContent;
+
+      return new NextResponse(csvWithBOM, {
+        headers: {
+          'Content-Type': 'text/csv; charset=utf-8',
+          'Content-Disposition': `attachment; filename="entreprises_${dateStr}.csv"`,
+        },
+      });
+    } else {
+      try {
+        const XLSX = await import('xlsx');
+        const workbook = XLSX.utils.book_new();
+
+        const wsCompanies = XLSX.utils.aoa_to_sheet([companyHeaders, ...companyRows]);
+        XLSX.utils.book_append_sheet(workbook, wsCompanies, 'Entreprises');
+
+        const wsContacts = XLSX.utils.aoa_to_sheet([contactHeaders, ...contactRows]);
+        XLSX.utils.book_append_sheet(workbook, wsContacts, 'Contacts');
+
+        const excelBuffer = XLSX.write(workbook, { type: 'buffer', bookType: 'xlsx' });
+
+        return new NextResponse(excelBuffer, {
+          headers: {
+            'Content-Type': 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
+            'Content-Disposition': `attachment; filename="entreprises_${dateStr}.xlsx"`,
+          },
+        });
+      } catch {
+        const csvContent =
+          '--- ENTREPRISES ---\n' +
+          toCsvBlock(companyHeaders, companyRows) +
+          '\n\n--- CONTACTS RELIÉS ---\n' +
+          toCsvBlock(contactHeaders, contactRows);
+
+        const csvWithBOM = '\uFEFF' + csvContent;
+
+        return new NextResponse(csvWithBOM, {
+          headers: {
+            'Content-Type': 'text/csv; charset=utf-8',
+            'Content-Disposition': `attachment; filename="entreprises_${dateStr}.csv"`,
+          },
+        });
+      }
+    }
+  } catch (error) {
+    console.error("Erreur lors de l'export des entreprises:", error);
+    return NextResponse.json({ error: 'Erreur serveur' }, { status: 500 });
+  }
+}