npm - i18n-dashboard - Versions diffs - 0.1.0 - Mend

i18n-dashboard 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (176) hide show

package/LICENSE +21 -0
package/README.md +715 -0
package/app.vue +8 -0
package/assets/css/main.css +21 -0
package/assets/locales/en.json +380 -0
package/bin/cli.mjs +279 -0
package/components/LinkedKeyPicker.vue +135 -0
package/components/PathPicker.vue +153 -0
package/components/PluralEditor.vue +295 -0
package/components/ScanModal.vue +153 -0
package/components/TranslationHistoryModal.vue +66 -0
package/components/TranslationRow.vue +541 -0
package/components/dashboard/WidgetConfigModal.vue +121 -0
package/components/dashboard/WidgetGrid.vue +190 -0
package/components/dashboard/WidgetPicker.vue +75 -0
package/components/dashboard/widgets/ActivityWidget.vue +109 -0
package/components/dashboard/widgets/LanguagesCoverageWidget.vue +104 -0
package/components/dashboard/widgets/ProjectsWidget.vue +77 -0
package/components/dashboard/widgets/ReviewWidget.vue +150 -0
package/components/dashboard/widgets/StatWidget.vue +133 -0
package/composables/useAuth.ts +72 -0
package/composables/useConfig.ts +14 -0
package/composables/useDashboard.ts +89 -0
package/composables/useFormats.ts +100 -0
package/composables/useKeys.ts +231 -0
package/composables/useLanguages.ts +221 -0
package/composables/useProfile.ts +76 -0
package/composables/useProject.ts +180 -0
package/composables/useReview.ts +94 -0
package/composables/useSettings.ts +30 -0
package/composables/useStats.ts +16 -0
package/composables/useT.ts +38 -0
package/composables/useUsers.ts +101 -0
package/composables/useWidgetData.ts +50 -0
package/consts/commons.const.ts +6 -0
package/consts/dashboard.const.ts +94 -0
package/consts/languages.const.ts +223 -0
package/enums/commons.enum.ts +7 -0
package/i18n-dashboard.config.example.js +40 -0
package/interfaces/commons.interface.ts +23 -0
package/interfaces/job.interface.ts +10 -0
package/interfaces/key.interface.ts +39 -0
package/interfaces/languages.interface.ts +23 -0
package/interfaces/project.interface.ts +9 -0
package/interfaces/scan.interface.ts +12 -0
package/interfaces/settings.interface.ts +4 -0
package/interfaces/stat.interface.ts +30 -0
package/interfaces/translation.interface.ts +11 -0
package/interfaces/user.interface.ts +24 -0
package/layouts/auth.vue +5 -0
package/layouts/default.vue +327 -0
package/middleware/auth.global.ts +26 -0
package/nuxt.config.ts +66 -0
package/package.json +89 -0
package/pages/index.vue +5 -0
package/pages/login.vue +74 -0
package/pages/onboarding.vue +563 -0
package/pages/projects/[id]/formats/datetime.vue +240 -0
package/pages/projects/[id]/formats/modifiers.vue +194 -0
package/pages/projects/[id]/formats/number.vue +250 -0
package/pages/projects/[id]/index.vue +182 -0
package/pages/projects/[id]/languages.vue +537 -0
package/pages/projects/[id]/review.vue +109 -0
package/pages/projects/[id]/settings.vue +515 -0
package/pages/projects/[id]/translations/[keyId].vue +642 -0
package/pages/projects/[id]/translations/index.vue +250 -0
package/pages/projects/[id]/users.vue +276 -0
package/pages/projects/index.vue +334 -0
package/pages/users/[id]/profile.vue +421 -0
package/pages/users/index.vue +345 -0
package/plugins/loading.client.ts +3 -0
package/plugins/ui-i18n.ts +6 -0
package/server/api/auth/login.post.ts +28 -0
package/server/api/auth/logout.post.ts +7 -0
package/server/api/auth/me.get.ts +11 -0
package/server/api/auth/me.put.ts +31 -0
package/server/api/auth/password.put.ts +27 -0
package/server/api/auth/status.get.ts +16 -0
package/server/api/config.get.ts +10 -0
package/server/api/dashboard/layout.get.ts +18 -0
package/server/api/dashboard/layout.post.ts +18 -0
package/server/api/db-config.get.ts +44 -0
package/server/api/db-config.post.ts +73 -0
package/server/api/export.get.ts +64 -0
package/server/api/formats/datetime/[id].delete.ts +8 -0
package/server/api/formats/datetime/[id].put.ts +15 -0
package/server/api/formats/datetime.get.ts +11 -0
package/server/api/formats/datetime.post.ts +16 -0
package/server/api/formats/modifiers/[id].delete.ts +8 -0
package/server/api/formats/modifiers/[id].put.ts +10 -0
package/server/api/formats/modifiers.get.ts +10 -0
package/server/api/formats/modifiers.post.ts +14 -0
package/server/api/formats/number/[id].delete.ts +8 -0
package/server/api/formats/number/[id].put.ts +15 -0
package/server/api/formats/number.get.ts +11 -0
package/server/api/formats/number.post.ts +16 -0
package/server/api/formats/snippet.get.ts +87 -0
package/server/api/fs/browse.get.ts +50 -0
package/server/api/history/[translationId].get.ts +13 -0
package/server/api/keys/[id].delete.ts +14 -0
package/server/api/keys/[id].get.ts +41 -0
package/server/api/keys/[id].patch.ts +20 -0
package/server/api/keys/index.get.ts +98 -0
package/server/api/keys/index.post.ts +17 -0
package/server/api/languages/[code].delete.ts +15 -0
package/server/api/languages/[id].put.ts +24 -0
package/server/api/languages/index.get.ts +13 -0
package/server/api/languages/index.post.ts +42 -0
package/server/api/onboarding.post.ts +56 -0
package/server/api/profile.get.ts +81 -0
package/server/api/project-snapshot.get.ts +73 -0
package/server/api/project-snapshot.post.ts +160 -0
package/server/api/projects/[id].delete.ts +13 -0
package/server/api/projects/[id].put.ts +40 -0
package/server/api/projects/index.get.ts +19 -0
package/server/api/projects/index.post.ts +34 -0
package/server/api/scan.post.ts +165 -0
package/server/api/settings/index.get.ts +9 -0
package/server/api/settings/index.post.ts +20 -0
package/server/api/setup.post.ts +39 -0
package/server/api/stats/global.get.ts +126 -0
package/server/api/stats.get.ts +70 -0
package/server/api/sync.post.ts +179 -0
package/server/api/translate.post.ts +52 -0
package/server/api/translations/batch-translate.post.ts +121 -0
package/server/api/translations/bulk-status.post.ts +24 -0
package/server/api/translations/index.post.ts +62 -0
package/server/api/translations/job/[id].get.ts +23 -0
package/server/api/translations/status.post.ts +30 -0
package/server/api/translations/translate-all.post.ts +18 -0
package/server/api/ui-locale.get.ts +39 -0
package/server/api/users/[id]/profile.get.ts +107 -0
package/server/api/users/[id]/roles.put.ts +67 -0
package/server/api/users/[id].delete.ts +36 -0
package/server/api/users/[id].put.ts +43 -0
package/server/api/users/index.get.ts +49 -0
package/server/api/users/index.post.ts +89 -0
package/server/consts/auto-translate.const.ts +2 -0
package/server/consts/commons.const.ts +10 -0
package/server/consts/db.const.ts +3 -0
package/server/consts/scanner.const.ts +4 -0
package/server/consts/translation-job.const.ts +8 -0
package/server/db/index.ts +672 -0
package/server/enums/auth.enum.ts +5 -0
package/server/enums/translation.enum.ts +6 -0
package/server/interfaces/profile.interface.ts +48 -0
package/server/interfaces/project-config.interface.ts +9 -0
package/server/interfaces/scanner.interface.ts +18 -0
package/server/interfaces/translation-job.interface.ts +13 -0
package/server/middleware/auth.ts +32 -0
package/server/plugins/db.ts +6 -0
package/server/routes/locale/[lang].get.ts +179 -0
package/server/types/auth.type.ts +3 -0
package/server/utils/auth.util.ts +89 -0
package/server/utils/auto-translate.util.ts +112 -0
package/server/utils/lang-api.util.ts +24 -0
package/server/utils/mailer.util.ts +80 -0
package/server/utils/project-config.util.ts +37 -0
package/server/utils/scanner.uti.ts +307 -0
package/server/utils/translation-job.util.ts +142 -0
package/services/auth.service.ts +31 -0
package/services/base.service.ts +140 -0
package/services/job.service.ts +10 -0
package/services/key.service.ts +26 -0
package/services/language.service.ts +26 -0
package/services/profile.service.ts +14 -0
package/services/project.service.ts +23 -0
package/services/scan.service.ts +14 -0
package/services/settings.service.ts +14 -0
package/services/stats.service.ts +11 -0
package/services/translation.service.ts +36 -0
package/services/user.service.ts +28 -0
package/tsconfig.json +3 -0
package/types/commons.type.ts +3 -0
package/types/dashboard.type.ts +26 -0
package/utils/config.util.ts +60 -0

package/server/api/translations/batch-translate.post.ts ADDED Viewed

@@ -0,0 +1,121 @@
+import { translate } from '@vitalets/google-translate-api'
+import { getDb } from '../../db/index'
+// Auto-translate all missing translations for a given target language
+export default defineEventHandler(async (event) => {
+  const body = await readBody(event)
+  const { project_id, target_language, source_language } = body
+  if (!project_id) throw createError({ statusCode: 400, message: 'project_id is required' })
+  if (!target_language) {
+    throw createError({ statusCode: 400, message: 'target_language is required' })
+  }
+  const db = getDb()
+  // Get all keys that have NO translation for target language
+  // but DO have a translation in source_language (or any language)
+  const keysWithoutTarget = await db('translation_keys as tk')
+    .leftJoin('translations as target_t', function () {
+      this.on('target_t.key_id', '=', 'tk.id')
+        .andOn('target_t.language_code', '=', db.raw('?', [target_language]))
+    })
+    .where('tk.project_id', Number(project_id))
+    .where(function () {
+      this.whereNull('target_t.id').orWhere('target_t.value', '').orWhereNull('target_t.value')
+    })
+    .select('tk.id', 'tk.key')
+  if (!keysWithoutTarget.length) {
+    return { translated: 0, skipped: 0, errors: 0, message: 'All translations already exist' }
+  }
+  // Get source translations (prefer source_language, fallback to any available)
+  const keyIds = keysWithoutTarget.map((k: any) => k.id)
+  let sourceTranslations: any[]
+  if (source_language) {
+    sourceTranslations = await db('translations')
+      .whereIn('key_id', keyIds)
+      .where('language_code', source_language)
+      .whereNotNull('value')
+      .where('value', '!=', '')
+      .select('key_id', 'value', 'language_code')
+  } else {
+    // Pick any available translation per key (first one found)
+    sourceTranslations = await db('translations')
+      .whereIn('key_id', keyIds)
+      .whereNotNull('value')
+      .where('value', '!=', '')
+      .select('key_id', 'value', 'language_code')
+      .orderBy('key_id', 'asc')
+  }
+  // Build map: key_id → { value, language }
+  const sourceMap = new Map<number, { value: string; lang: string }>()
+  for (const t of sourceTranslations) {
+    if (!sourceMap.has(t.key_id)) {
+      sourceMap.set(t.key_id, { value: t.value, lang: t.language_code })
+    }
+  }
+  let translated = 0
+  let skipped = 0
+  let errors = 0
+  for (const key of keysWithoutTarget) {
+    const source = sourceMap.get(key.id)
+    if (!source) {
+      skipped++
+      continue
+    }
+    try {
+      const result = await translate(source.value, {
+        from: source.lang,
+        to: target_language,
+      })
+      const translatedText = result.text
+      const existing = await db('translations')
+        .where({ key_id: key.id, language_code: target_language })
+        .first()
+      if (existing) {
+        await db('translation_history').insert({
+          translation_id: existing.id,
+          old_value: existing.value,
+          new_value: translatedText,
+          changed_by: 'google-translate',
+        })
+        await db('translations')
+          .where({ id: existing.id })
+          .update({ value: translatedText, status: 'draft', updated_at: db.fn.now() })
+      } else {
+        const [id] = await db('translations').insert({
+          key_id: key.id,
+          language_code: target_language,
+          value: translatedText,
+          status: 'draft',
+        })
+        await db('translation_history').insert({
+          translation_id: id,
+          old_value: null,
+          new_value: translatedText,
+          changed_by: 'google-translate',
+        })
+      }
+      translated++
+      // Small delay to be polite to the free API
+      await new Promise((r) => setTimeout(r, 200))
+    } catch (e: any) {
+      errors++
+      console.error(`[batch-translate] Failed for key "${key.key}":`, e.message)
+    }
+  }
+  return { translated, skipped, errors, total: keysWithoutTarget.length }
+})

package/server/api/translations/bulk-status.post.ts ADDED Viewed

@@ -0,0 +1,24 @@
+import { getDb } from '../../db/index'
+import { TRANSLATION_STATUS } from '../../enums/translation.enum'
+// Bulk update status for multiple translations by their IDs
+export default defineEventHandler(async (event) => {
+  const body = await readBody(event)
+  const { ids, status } = body
+  if (!ids?.length || !status) {
+    throw createError({ statusCode: 400, message: 'ids and status are required' })
+  }
+  const validStatuses = [TRANSLATION_STATUS.DRAFT, TRANSLATION_STATUS.REVIEWED, TRANSLATION_STATUS.APPROVED]
+  if (!validStatuses.includes(status)) {
+    throw createError({ statusCode: 400, message: `Status must be one of: ${validStatuses.join(', ')}` })
+  }
+  const db = getDb()
+  await db('translations')
+    .whereIn('id', ids)
+    .update({ status, updated_at: db.fn.now() })
+  return { updated: ids.length }
+})

package/server/api/translations/index.post.ts ADDED Viewed

@@ -0,0 +1,62 @@
+import { getDb } from '../../db/index'
+import { TRANSLATION_STATUS } from '../../enums/translation.enum'
+export default defineEventHandler(async (event) => {
+  const body = await readBody(event)
+  const { key_id, language_code, value, status } = body
+  if (!key_id || !language_code) {
+    throw createError({ statusCode: 400, message: 'key_id and language_code are required' })
+  }
+  const db = getDb()
+  const key = await db('translation_keys').where({ id: Number(key_id) }).first()
+  if (!key) throw createError({ statusCode: 404, message: 'Translation key not found' })
+  const lang = await db('languages').where({ code: language_code }).first()
+  if (!lang) throw createError({ statusCode: 404, message: 'Language not found' })
+  const existing = await db('translations').where({ key_id: Number(key_id), language_code }).first()
+  if (existing) {
+    const oldValue = existing.value
+    const updates: Record<string, any> = { updated_at: db.fn.now() }
+    if (value !== undefined) updates.value = value
+    if (status !== undefined) updates.status = status
+    // Editing a value resets status to draft unless explicitly set
+    if (value !== undefined && value !== oldValue && status === undefined) {
+      updates.status = TRANSLATION_STATUS.DRAFT
+    }
+    if (oldValue !== value && value !== undefined) {
+      await db('translation_history').insert({
+        translation_id: existing.id,
+        old_value: oldValue,
+        new_value: value,
+        changed_by: 'user',
+      })
+    }
+    await db('translations').where({ id: existing.id }).update(updates)
+    return db('translations').where({ id: existing.id }).first()
+  }
+  // Create new translation
+  const [id] = await db('translations').insert({
+    key_id: Number(key_id),
+    language_code,
+    value,
+    status: status || TRANSLATION_STATUS.DRAFT,
+  })
+  await db('translation_history').insert({
+    translation_id: id,
+    old_value: null,
+    new_value: value,
+    changed_by: 'user',
+  })
+  return db('translations').where({ id }).first()
+})

package/server/api/translations/job/[id].get.ts ADDED Viewed

@@ -0,0 +1,23 @@
+import { getJob } from '../../../utils/translation-job.util'
+export default defineEventHandler((event) => {
+  const id = getRouterParam(event, 'id') || ''
+  const job = getJob(id)
+  if (!job) {
+    throw createError({ statusCode: 404, message: 'Job not found' })
+  }
+  const percent = job.total > 0 ? Math.round((job.done / job.total) * 100) : 0
+  return {
+    id: job.id,
+    status: job.status,
+    languageCode: job.languageCode,
+    languageName: job.languageName,
+    total: job.total,
+    done: job.done,
+    errors: job.errors,
+    percent,
+  }
+})

package/server/api/translations/status.post.ts ADDED Viewed

@@ -0,0 +1,30 @@
+import { getDb } from '../../db/index'
+import { TRANSLATION_STATUS } from '../../enums/translation.enum'
+// Update only the status of a translation (Draft → Reviewed → Approved)
+export default defineEventHandler(async (event) => {
+  const body = await readBody(event)
+  const { key_id, language_code, status } = body
+  if (!key_id || !language_code || !status) {
+    throw createError({ statusCode: 400, message: 'key_id, language_code and status are required' })
+  }
+  const validStatuses = Object.values(TRANSLATION_STATUS)
+  if (!validStatuses.includes(status)) {
+    throw createError({ statusCode: 400, message: `Status must be one of: ${validStatuses.join(', ')}` })
+  }
+  const db = getDb()
+  const existing = await db('translations').where({ key_id: Number(key_id), language_code }).first()
+  if (!existing) {
+    throw createError({ statusCode: 404, message: 'Translation not found' })
+  }
+  await db('translations')
+    .where({ id: existing.id })
+    .update({ status, updated_at: db.fn.now() })
+  return db('translations').where({ id: existing.id }).first()
+})

package/server/api/translations/translate-all.post.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import { getDb } from '../../db/index'
+import { createJob, runTranslationJob } from '../../utils/translation-job.util'
+export default defineEventHandler(async (event) => {
+  const { project_id, language_code, language_name } = await readBody(event)
+  if (!project_id || !language_code) {
+    throw createError({ statusCode: 400, message: 'project_id and language_code are required' })
+  }
+  const db = getDb()
+  const job = createJob(Number(project_id), language_code, language_name || language_code)
+  // Fire-and-forget — client polls for progress
+  setImmediate(() => runTranslationJob(db, job))
+  return { jobId: job.id, total: job.total }
+})

package/server/api/ui-locale.get.ts ADDED Viewed

@@ -0,0 +1,39 @@
+import { getDb } from '../db/index'
+// Public endpoint — returns Dashboard UI translations as a flat key→value JSON
+export default defineEventHandler(async (event) => {
+  const { lang = 'en' } = getQuery(event)
+  const db = getDb()
+  const systemProject = await db('projects').where({ is_system: true }).first()
+  if (!systemProject) return {}
+  const keys = await db('translation_keys')
+    .where({ project_id: systemProject.id })
+    .select('id', 'key')
+  const keyIds = keys.map((k: any) => k.id)
+  if (!keyIds.length) return {}
+  // Prefer requested lang, fallback to en then fr
+  const translations = await db('translations')
+    .whereIn('key_id', keyIds)
+    .whereIn('language_code', [lang as string, 'en', 'fr'])
+    .select('key_id', 'language_code', 'value')
+  // Build map: key_id → { lang: value, en: value, fr: value }
+  const byKeyId: Record<number, Record<string, string>> = {}
+  for (const tr of translations) {
+    if (!byKeyId[tr.key_id]) byKeyId[tr.key_id] = {}
+    byKeyId[tr.key_id][tr.language_code] = tr.value
+  }
+  const result: Record<string, string> = {}
+  for (const k of keys) {
+    const langMap = byKeyId[k.id] || {}
+    const value = langMap[lang as string] || langMap['en'] || langMap['fr']
+    if (value) result[k.key] = value
+  }
+  return result
+})

package/server/api/users/[id]/profile.get.ts ADDED Viewed

@@ -0,0 +1,107 @@
+import { getDb } from '../../../db/index'
+import { getUserRole } from '../../../utils/auth.util'
+import type { UserProfile } from '../../../interfaces/profile.interface'
+export default defineEventHandler(async (event): Promise<UserProfile> => {
+  const currentUser = event.context.user
+  const targetId = Number(getRouterParam(event, 'id'))
+  const db = getDb()
+  const target = await db('users')
+    .where({ id: targetId })
+    .select('id', 'name', 'email', 'is_super_admin', 'is_active', 'last_login_at', 'created_at')
+    .first()
+  if (!target) throw createError({ statusCode: 404, message: 'Utilisateur non trouvé' })
+  // Access: own profile, super admin, or admin in a shared project
+  const isSelf = currentUser.id === targetId
+  if (!isSelf && !currentUser.is_super_admin) {
+    const targetProjectIds: number[] = await db('user_project_roles')
+      .where({ user_id: targetId })
+      .whereNotNull('project_id')
+      .pluck('project_id')
+    let hasAccess = false
+    for (const pid of targetProjectIds) {
+      const role = await getUserRole(currentUser.id, pid)
+      if (role === 'admin') { hasAccess = true; break }
+    }
+    if (!hasAccess) throw createError({ statusCode: 403, message: 'Accès refusé' })
+  }
+  // ── Roles ──────────────────────────────────────────────────────────────────
+  const roles = await db('user_project_roles as upr')
+    .leftJoin('projects as p', 'p.id', 'upr.project_id')
+    .where('upr.user_id', targetId)
+    .select('upr.role', 'upr.project_id', 'p.name as project_name', 'p.color as project_color')
+  // ── Languages ──────────────────────────────────────────────────────────────
+  const projectIds = roles.filter((r: any) => r.project_id).map((r: any) => r.project_id)
+  let languages: any[]
+  if (target.is_super_admin) {
+    languages = await db('languages as l')
+      .join('projects as p', 'p.id', 'l.project_id')
+      .where('p.is_system', false)
+      .select('l.*', 'p.name as project_name', 'p.color as project_color')
+  } else if (projectIds.length) {
+    languages = await db('languages as l')
+      .join('projects as p', 'p.id', 'l.project_id')
+      .whereIn('l.project_id', projectIds)
+      .where('p.is_system', false)
+      .select('l.*', 'p.name as project_name', 'p.color as project_color')
+  } else {
+    languages = []
+  }
+  // ── Stats ──────────────────────────────────────────────────────────────────
+  const weekAgo = new Date(Date.now() - 7 * 24 * 60 * 60 * 1000).toISOString()
+  const monthAgo = new Date(Date.now() - 30 * 24 * 60 * 60 * 1000).toISOString()
+  const [countTotal, countWeek, countMonth] = await Promise.all([
+    db('translation_history').where('changed_by', target.name).count('id as n').first(),
+    db('translation_history').where('changed_by', target.name).where('changed_at', '>=', weekAgo).count('id as n').first(),
+    db('translation_history').where('changed_by', target.name).where('changed_at', '>=', monthAgo).count('id as n').first(),
+  ])
+  // ── Recent translations ────────────────────────────────────────────────────
+  const recentTranslations = await db('translation_history as th')
+    .join('translations as t', 't.id', 'th.translation_id')
+    .join('translation_keys as tk', 'tk.id', 't.key_id')
+    .join('projects as p', 'p.id', 'tk.project_id')
+    .where('th.changed_by', target.name)
+    .orderBy('th.changed_at', 'desc')
+    .limit(20)
+    .select(
+      'th.id',
+      'th.new_value',
+      'th.old_value',
+      'th.changed_at',
+      'tk.key',
+      'tk.id as key_id',
+      'tk.project_id',
+      't.language_code',
+      'p.name as project_name',
+      'p.color as project_color',
+    )
+  return {
+    user: {
+      id: target.id,
+      name: target.name,
+      email: target.email,
+      is_super_admin: !!target.is_super_admin,
+      last_login_at: target.last_login_at ?? null,
+      created_at: target.created_at,
+    },
+    roles,
+    stats: {
+      total: Number(countTotal?.n ?? 0),
+      thisWeek: Number(countWeek?.n ?? 0),
+      thisMonth: Number(countMonth?.n ?? 0),
+    },
+    languages,
+    recentTranslations,
+  }
+})

package/server/api/users/[id]/roles.put.ts ADDED Viewed

@@ -0,0 +1,67 @@
+import { getDb } from '../../../db/index'
+import { getUserRole, canManageUsers } from '../../../utils/auth.util'
+const VALID_ROLES = ['translator', 'moderator', 'admin']
+export default defineEventHandler(async (event) => {
+  const currentUser = event.context.user
+  const targetId = Number(getRouterParam(event, 'id'))
+  const { roles } = await readBody(event)
+  // roles: Array<{ project_id: number | null, role: string | null }>
+  // role = null means remove access for that project
+  if (!Array.isArray(roles)) {
+    throw createError({ statusCode: 400, message: 'roles must be an array' })
+  }
+  const db = getDb()
+  const target = await db('users').where({ id: targetId }).first()
+  if (!target) throw createError({ statusCode: 404, message: 'User not found' })
+  if (target.is_super_admin && !currentUser.is_super_admin) {
+    throw createError({ statusCode: 403, message: 'Forbidden' })
+  }
+  for (const { project_id, role } of roles) {
+    // Validate role value
+    if (role !== null && !VALID_ROLES.includes(role)) {
+      throw createError({ statusCode: 400, message: `Invalid role: ${role}` })
+    }
+    // Permission check per entry
+    if (!currentUser.is_super_admin) {
+      if (project_id === null) {
+        throw createError({ statusCode: 403, message: 'Only super admins can set global access' })
+      }
+      const myRole = await getUserRole(currentUser.id, Number(project_id))
+      if (!canManageUsers(myRole, false)) {
+        throw createError({ statusCode: 403, message: 'Forbidden on this project' })
+      }
+    }
+    // Build the WHERE clause (NULL-safe)
+    const whereClause = (q: any) => {
+      q.where('user_id', targetId)
+      if (project_id === null) q.whereNull('project_id')
+      else q.where('project_id', project_id)
+    }
+    if (role === null) {
+      await db('user_project_roles').where(whereClause).delete()
+    } else {
+      const existing = await db('user_project_roles').where(whereClause).first()
+      if (existing) {
+        await db('user_project_roles').where(whereClause).update({ role })
+      } else {
+        await db('user_project_roles').insert({
+          user_id: targetId,
+          project_id: project_id ?? null,
+          role,
+        })
+      }
+    }
+  }
+  return { success: true }
+})

package/server/api/users/[id].delete.ts ADDED Viewed

@@ -0,0 +1,36 @@
+import { getDb } from '../../db/index'
+import { getUserRole, canManageUsers } from '../../utils/auth.util'
+export default defineEventHandler(async (event) => {
+  const currentUser = event.context.user
+  const targetId = Number(getRouterParam(event, 'id'))
+  if (targetId === currentUser.id) {
+    throw createError({ statusCode: 400, message: 'Vous ne pouvez pas supprimer votre propre compte' })
+  }
+  const db = getDb()
+  const target = await db('users').where({ id: targetId }).first()
+  if (!target) throw createError({ statusCode: 404, message: 'Utilisateur non trouvé' })
+  if (target.is_super_admin && !currentUser.is_super_admin) {
+    throw createError({ statusCode: 403, message: 'Accès refusé' })
+  }
+  if (!currentUser.is_super_admin) {
+    const { project_id } = getQuery(event)
+    if (!project_id) throw createError({ statusCode: 400, message: 'project_id requis' })
+    const role = await getUserRole(currentUser.id, Number(project_id))
+    if (!canManageUsers(role, false)) throw createError({ statusCode: 403, message: 'Accès refusé' })
+    // Project admin can only remove users from their project (not delete globally)
+    await db('user_project_roles')
+      .where({ user_id: targetId, project_id: Number(project_id) })
+      .delete()
+    return { success: true }
+  }
+  // Super admin deletes user globally
+  await db('users').where({ id: targetId }).delete()
+  return { success: true }
+})

package/server/api/users/[id].put.ts ADDED Viewed

@@ -0,0 +1,43 @@
+import { getDb } from '../../db/index'
+import { getUserRole, canManageUsers } from '../../utils/auth.util'
+export default defineEventHandler(async (event) => {
+  const currentUser = event.context.user
+  const targetId = Number(getRouterParam(event, 'id'))
+  const body = await readBody(event)
+  const { name, is_active, role, project_id } = body
+  const db = getDb()
+  // Only super admin can edit super admins
+  const target = await db('users').where({ id: targetId }).first()
+  if (!target) throw createError({ statusCode: 404, message: 'Utilisateur non trouvé' })
+  if (target.is_super_admin && !currentUser.is_super_admin) {
+    throw createError({ statusCode: 403, message: 'Accès refusé' })
+  }
+  // Permission check
+  if (!currentUser.is_super_admin) {
+    if (!project_id) throw createError({ statusCode: 400, message: 'project_id requis' })
+    const userRole = await getUserRole(currentUser.id, Number(project_id))
+    if (!canManageUsers(userRole, false)) throw createError({ statusCode: 403, message: 'Accès refusé' })
+  }
+  // Update user fields
+  const updates: any = {}
+  if (name) updates.name = name.trim()
+  if (is_active !== undefined) updates.is_active = is_active
+  if (Object.keys(updates).length) {
+    await db('users').where({ id: targetId }).update(updates)
+  }
+  // Update role in project if provided
+  if (role && project_id !== undefined) {
+    await db('user_project_roles')
+      .where({ user_id: targetId, project_id: project_id || null })
+      .update({ role })
+  }
+  return { success: true }
+})

package/server/api/users/index.get.ts ADDED Viewed

@@ -0,0 +1,49 @@
+import { getDb } from '../../db/index'
+import { getUserRole, canManageUsers } from '../../utils/auth.util'
+export default defineEventHandler(async (event) => {
+  const currentUser = event.context.user
+  const { project_id } = getQuery(event)
+  const db = getDb()
+  // ── Project-scoped view ────────────────────────────────────────────────────
+  if (project_id) {
+    const pid = Number(project_id)
+    if (!currentUser.is_super_admin) {
+      const role = await getUserRole(currentUser.id, pid)
+      if (!canManageUsers(role, false)) {
+        throw createError({ statusCode: 403, message: 'Accès refusé' })
+      }
+    }
+    const projectRoles = await db('user_project_roles as r')
+      .join('users as u', 'r.user_id', 'u.id')
+      .where('r.project_id', pid)
+      .select('u.id', 'u.email', 'u.name', 'u.is_active', 'u.last_login_at', 'r.role')
+    return projectRoles
+  }
+  // ── Global view (super admin or global admins only) ────────────────────────
+  if (!currentUser.is_super_admin) {
+    const globalAdminRole = await db('user_project_roles')
+      .where({ user_id: currentUser.id, role: 'admin' })
+      .whereNull('project_id')
+      .first()
+    if (!globalAdminRole) throw createError({ statusCode: 403, message: 'Accès refusé' })
+  }
+  const users = await db('users')
+    .select('id', 'email', 'name', 'is_super_admin', 'is_active', 'last_login_at', 'created_at')
+    .orderBy('name')
+  const roles = await db('user_project_roles as r')
+    .leftJoin('projects as p', 'r.project_id', 'p.id')
+    .select('r.user_id', 'r.role', 'r.project_id', 'p.name as project_name', 'p.color as project_color')
+  return users.map((u: any) => ({
+    ...u,
+    roles: roles.filter((r: any) => r.user_id === u.id),
+  }))
+})