nextworks 0.1.0-alpha.11 → 0.1.0-alpha.14

package/dist/kits/blocks/package-deps.json

@@ -8,13 +8,13 @@
     "@radix-ui/react-alert-dialog": "^1.1.15",
     "@radix-ui/react-dropdown-menu": "^2.1.16",
     "tailwind-merge": "^3.3.1",
-    "tw-animate-css": "^1.3.7",
+    "tw-animate-css": "^1.4.0",
     "next-themes": "^0.4.6",
     "motion": "^12.23.12",
     "sonner": "^2.0.7",
-    "@nextworks/blocks-core": "0.1.0-alpha.0",
-    "@nextworks/blocks-sections": "0.1.0-alpha.0",
-    "@nextworks/blocks-templates": "0.1.0-alpha.0"
+    "@nextworks/blocks-core": "0.1.0-alpha.14",
+    "@nextworks/blocks-sections": "0.1.0-alpha.14",
+    "@nextworks/blocks-templates": "0.1.0-alpha.14"
   },
   "devDependencies": {
     "tailwindcss": "^4.1.12"

package/dist/kits/data/.nextworks/docs/DATA_QUICKSTART.md

@@ -1,112 +1,128 @@
-# nextworks — Data kit quickstart
-
-This document explains how to use the Data (crud) kit in the nextworks starter project.
-
-Prerequisites
-
-- A running PostgreSQL database and `DATABASE_URL` set in `.env`.
-- Auth kit installed and configured (NextAuth + Prisma). The Data kit relies on NextAuth session for access control.
-  - In the monorepo, this is already wired up.
-  - In your own app via the CLI, the recommended alpha setup is to install Blocks (with sections + templates) + Auth Core + Forms first, then Data:
-
-    ```bash
-    npx nextworks add blocks --sections --templates
-    npx nextworks add auth-core
-    npx nextworks add forms
-    npx nextworks add data
-    ```
-
-    then follow the Prisma and `.env` steps below.
-
-- Forms kit (optional but recommended) for form primitives.
-
-Setup
-
-1. Install dependencies and generate Prisma client:
-
-   npm install
-   npx prisma generate
-
-2. Run migrations (creates User/Post tables):
-
-   Make sure you have merged the Auth + Data models into your `prisma/schema.prisma` before running migrations.
-
-   npx prisma migrate dev
-
-3. Seed a demo admin user and posts locally (optional):
-
-   # Set env vars or use defaults
-
-   SEED_ADMIN_EMAIL=admin@example.com SEED_ADMIN_PASSWORD=password123 node ./scripts/seed-demo.mjs
-
-4. Run the dev server:
-
-   npm run dev
-
-Usage & testing
-
-- Sign in at /auth/login using the seeded admin credentials (admin@example.com / password123).
-- Visit /admin/posts to create/edit/delete posts. The UI supports pagination, search (title contains), and sort by createdAt.
-- Visit /admin/users to view users (admin-only).
-
-Notes
-
-- Server-side RBAC: all modifying APIs (POST/PUT/DELETE) require a valid session, and user-level checks ensure only authors or admins can modify posts. The users list API requires admin access.
-- Published flag: posts have a `published` boolean in Prisma. The admin UI exposes the published checkbox when creating or editing posts.
-
-Troubleshooting
-
-- If users list returns 403, ensure your signed-in user has role = 'admin'. You can promote a user with Prisma Studio or by running:
-
-  npx prisma db executeRaw "UPDATE \"User\" SET role = 'admin' WHERE email = 'admin@example.com';"
-
-- If migrations fail, try:
-
-  npx prisma migrate reset
-
-Files & kit manifest
-
-If you plan to package a Data kit, here are the primary files, API routes and components used by the Data example flows. This manifest is intended to help packaging and documentation — adjust paths if you extract the kit into another project.
-
-Files
-
-- app/api/posts/route.ts
-- app/api/posts/[id]/route.ts
-- app/api/users/route.ts
-- app/api/users/[id]/route.ts
-- app/api/users/check-unique/route.ts
-- app/api/users/check-email/route.ts
-- app/api/seed-demo/route.ts
-- app/api/signup/route.ts
-- components/admin/admin-header.tsx
-- components/admin/posts-manager.tsx
-- components/admin/users-manager.tsx
-- app/(protected)/admin/users/page.tsx
-- app/(protected)/admin/posts/page.tsx
-- app/examples/demo/create-post-form.tsx
-- app/examples/demo/page.tsx
-- lib/prisma.ts
-- lib/server/result.ts
-- lib/utils.ts
-- lib/validation/forms.ts
-- scripts/seed-demo.mjs
-
-API routes (list)
-
-- /api/posts (GET/POST) -> app/api/posts/route.ts
-- /api/posts/:id (GET/PUT/DELETE) -> app/api/posts/[id]/route.ts
-- /api/users (GET/POST) -> app/api/users/route.ts
-- /api/users/:id (GET/PUT/DELETE) -> app/api/users/[id]/route.ts
-- /api/users/check-unique -> app/api/users/check-unique/route.ts
-- /api/users/check-email -> app/api/users/check-email/route.ts
-- /api/seed-demo -> app/api/seed-demo/route.ts
-- /api/signup -> app/api/signup/route.ts
-
-Notes
-
-- The Data kit relies on NextAuth sessions for access control — see lib/auth-helpers.ts and lib/auth.ts for server-side helpers and RBAC checks.
-- The API routes return ApiResult envelope objects (see lib/server/result.ts) and the client uses lib/forms/map-errors.ts to map server validation errors into react-hook-form where appropriate.
-
-Feedback
-
-- File issues in the repo; note that CLI packaging for the Data kit is not yet implemented — this quickstart is for the repository as-is.
+# nextworks — Data kit quickstart
+
+This document explains how to use the Data (crud) kit in the nextworks starter project.
+
+Prerequisites
+
+- Prisma is required (this kit is Prisma-coupled by design).
+- A running PostgreSQL database and `DATABASE_URL` set in `.env`.
+- Auth kit installed and configured (NextAuth + Prisma). The Data kit relies on NextAuth session for access control.
+
+  - In the monorepo, this is already wired up.
+  - In your own app via the CLI, the recommended alpha setup is to install Blocks (with sections + templates) + Auth Core + Forms first, then Data:
+
+    ```bash
+    npx nextworks add blocks --sections --templates
+    npx nextworks add auth-core
+    npx nextworks add forms
+    npx nextworks add data
+    ```
+
+    then follow the Prisma and `.env` steps below.
+
+- Forms kit (optional but recommended) for form primitives.
+
+Setup
+
+1. Install dependencies and generate Prisma client:
+
+   npm install
+   npx prisma generate
+
+2. Run migrations (creates User/Post tables):
+
+   Make sure you have merged the Auth + Data models into your `prisma/schema.prisma` before running migrations.
+
+   npx prisma migrate dev
+
+3. Seed a demo admin user and posts locally (optional):
+
+   # Set env vars or use defaults
+
+   SEED_ADMIN_EMAIL=admin@example.com SEED_ADMIN_PASSWORD=password123 node ./scripts/seed-demo.mjs
+
+4. Run the dev server:
+
+   npm run dev
+
+### Windows + Prisma + Next 16 (Turbopack) note
+
+If you are on **Windows** and have installed the **Auth Core** or **Data** kits (which use Prisma under the hood) on **Next 16+**, the Next dev server may need permission to create symlinks for the Prisma client. On Windows, this can cause errors like:
+
+> `create symlink to ../../../../node_modules/@prisma/client`  
+> `Caused by: A required privilege is not held by the client. (os error 1314)`
+
+If you see this (often surfaced as a 500 on `/api/auth/session` or a NextAuth `CLIENT_FETCH_ERROR`), do one of the following:
+
+- **Recommended**: Enable **Developer Mode** in Windows (Settings → For developers → Developer mode). This allows symlinks in normal terminals.
+- Or: Run your dev server from an **elevated PowerShell/terminal** ("Run as administrator").
+
+After doing one of these, restart `npm run dev` and reload your app.
+
+Usage & testing
+
+- Sign in at /auth/login using the seeded admin credentials (admin@example.com / password123).
+- Visit /admin/posts to create/edit/delete posts. The UI supports pagination, search (title contains), and sort by createdAt.
+- Visit /admin/users to view users (admin-only).
+
+Notes
+
+- Server-side RBAC: all modifying APIs (POST/PUT/DELETE) require a valid session, and user-level checks ensure only authors or admins can modify posts. The users list API requires admin access.
+- Published flag: posts have a `published` boolean in Prisma. The admin UI exposes the published checkbox when creating or editing posts.
+
+Troubleshooting
+
+- If users list returns 403, ensure your signed-in user has role = 'admin'. You can promote a user with Prisma Studio or by running:
+
+  npx prisma db executeRaw "UPDATE \"User\" SET role = 'admin' WHERE email = 'admin@example.com';"
+
+- If migrations fail, try:
+
+  npx prisma migrate reset
+
+Files & kit manifest
+
+If you plan to package a Data kit, here are the primary files, API routes and components used by the Data example flows. This manifest is intended to help packaging and documentation — adjust paths if you extract the kit into another project.
+
+Files
+
+- app/api/posts/route.ts
+- app/api/posts/[id]/route.ts
+- app/api/users/route.ts
+- app/api/users/[id]/route.ts
+- app/api/users/check-unique/route.ts
+- app/api/users/check-email/route.ts
+- app/api/seed-demo/route.ts
+- app/api/signup/route.ts
+- components/admin/admin-header.tsx
+- components/admin/posts-manager.tsx
+- components/admin/users-manager.tsx
+- app/(protected)/admin/users/page.tsx
+- app/(protected)/admin/posts/page.tsx
+- app/examples/demo/create-post-form.tsx
+- app/examples/demo/page.tsx
+- lib/prisma.ts
+- lib/server/result.ts
+- lib/utils.ts
+- lib/validation/forms.ts
+- scripts/seed-demo.mjs
+
+API routes (list)
+
+- /api/posts (GET/POST) -> app/api/posts/route.ts
+- /api/posts/:id (GET/PUT/DELETE) -> app/api/posts/[id]/route.ts
+- /api/users (GET/POST) -> app/api/users/route.ts
+- /api/users/:id (GET/PUT/DELETE) -> app/api/users/[id]/route.ts
+- /api/users/check-unique -> app/api/users/check-unique/route.ts
+- /api/users/check-email -> app/api/users/check-email/route.ts
+- /api/seed-demo -> app/api/seed-demo/route.ts
+- /api/signup -> app/api/signup/route.ts
+
+Notes
+
+- The Data kit relies on NextAuth sessions for access control — see lib/auth-helpers.ts and lib/auth.ts for server-side helpers and RBAC checks.
+- The API routes return ApiResult envelope objects (see lib/server/result.ts) and the client uses lib/forms/map-errors.ts to map server validation errors into react-hook-form where appropriate.
+
+Feedback
+
+- File issues in the repo; note that CLI packaging for the Data kit is not yet implemented — this quickstart is for the repository as-is.

package/dist/kits/data/.nextworks/docs/DATA_README.md

@@ -75,7 +75,8 @@ If you choose a different database provider, update the `provider` field in your
 Notes and important behavior
 
 - Kit dependencies:
-  - Data depends on Auth (for RBAC/session) and Forms (for form primitives/validation). The CLI currently auto-installs `auth-core` and `forms` when you run `nextworks add data` to ensure the required pieces are present. If you prefer an interactive prompt instead of auto-install, the CLI can be adjusted to prompt (ask the maintainers).
+  - Data requires Prisma (this kit is Prisma-coupled by design) and depends on Auth (for RBAC/session) and Forms (for form primitives/validation).
+  - The CLI currently auto-installs `auth-core` and `forms` when you run `nextworks add data` to ensure the required pieces are present. If you prefer an interactive prompt instead of auto-install, the CLI can be adjusted to prompt (ask the maintainers).
   - The kit's package-deps.json lists runtime and dev dependencies that the CLI will merge into the project's package.json; after installation you must run npm install in the project.
 
 - Standalone admin components:

package/dist/kits/data/app/api/posts/[id]/route.ts

@@ -1,83 +1,83 @@
-import { prisma } from "@/lib/prisma";
-import { z } from "zod";
-import { postSchema } from "@/lib/validation/forms";
-import { jsonOk, jsonFail, jsonFromZod } from "@/lib/server/result";
-import { getServerSession } from "next-auth";
-import { authOptions } from "@/lib/auth";
-
-// Ensure Prisma runs in Node.js (not Edge)
-export const runtime = "nodejs";
-
-type RouteContext = { params: Promise<{ id: string }> };
-
-export async function PUT(req: Request, { params }: RouteContext) {
-  try {
-    const { id } = await params;
-
-    // Require authenticated session
-    const session = await getServerSession(authOptions);
-    if (!session?.user) {
-      return jsonFail("Unauthorized", { status: 401 });
-    }
-
-    // Only admins or the post author may update
-    const post = await prisma.post.findUnique({ where: { id } });
-    if (!post) return jsonFail("Not found", { status: 404 });
-
-    const isAdmin = (session.user as { role?: string }).role === "admin";
-    const isAuthor = (session.user as { id?: string }).id === post.authorId;
-    if (!isAdmin && !isAuthor) {
-      return jsonFail("Forbidden", { status: 403 });
-    }
-
-    // Validate only the fields we allow to update. Make them optional so partial updates (e.g. { published: true }) work.
-    const updateSchema = postSchema
-      .pick({ title: true, content: true, published: true })
-      .partial();
-    const body = await req.json();
-    const data = updateSchema.parse(body);
-
-    // Build Prisma update object only with provided fields to avoid overwriting with undefined
-    const updateData: any = {};
-    if (data.title !== undefined) updateData.title = data.title;
-    if (data.content !== undefined) updateData.content = data.content ?? null;
-    if (data.published !== undefined) updateData.published = data.published;
-
-    const updated = await prisma.post.update({
-      where: { id },
-      data: updateData,
-    });
-    return jsonOk(updated, { status: 200, message: "Post updated" });
-  } catch (error: unknown) {
-    if (error instanceof z.ZodError) {
-      return jsonFromZod(error, { status: 400, message: "Validation failed" });
-    }
-    return jsonFail("Failed to update post", { status: 500 });
-  }
-}
-
-export async function DELETE(_req: Request, { params }: RouteContext) {
-  try {
-    const { id } = await params; // await params
-
-    const session = await getServerSession(authOptions);
-    if (!session?.user) {
-      return jsonFail("Unauthorized", { status: 401 });
-    }
-
-    const post = await prisma.post.findUnique({ where: { id } });
-    if (!post) return jsonFail("Not found", { status: 404 });
-
-    const isAdmin = (session.user as { role?: string }).role === "admin";
-    const isAuthor = (session.user as { id?: string }).id === post.authorId;
-    if (!isAdmin && !isAuthor) {
-      return jsonFail("Forbidden", { status: 403 });
-    }
-
-    await prisma.post.delete({ where: { id } }); // If Int: id: Number(id)
-    return jsonOk({ ok: true }, { status: 200, message: "Post deleted" });
-  } catch (e) {
-    console.error("DELETE /api/posts/[id] error:", e);
-    return jsonFail("Failed to delete post", { status: 500 });
-  }
-}
+import { prisma } from "@/lib/prisma";
+import { z } from "zod";
+import { postSchema } from "@/lib/validation/forms";
+import { jsonOk, jsonFail, jsonFromZod } from "@/lib/server/result";
+import { getServerSession } from "next-auth";
+import { authOptions } from "@/lib/auth";
+
+// Ensure Prisma runs in Node.js (not Edge)
+export const runtime = "nodejs";
+
+type RouteContext = { params: Promise<{ id: string }> };
+
+export async function PUT(req: Request, { params }: RouteContext) {
+  try {
+    const { id } = await params;
+
+    // Require authenticated session
+    const session = await getServerSession(authOptions);
+    if (!session?.user) {
+      return jsonFail("Unauthorized", { status: 401 });
+    }
+
+    // Only admins or the post author may update
+    const post = await prisma.post.findUnique({ where: { id } });
+    if (!post) return jsonFail("Not found", { status: 404 });
+
+    const isAdmin = (session.user as { role?: string }).role === "admin";
+    const isAuthor = (session.user as { id?: string }).id === post.authorId;
+    if (!isAdmin && !isAuthor) {
+      return jsonFail("Forbidden", { status: 403 });
+    }
+
+    // Validate only the fields we allow to update. Make them optional so partial updates (e.g. { published: true }) work.
+    const updateSchema = postSchema
+      .pick({ title: true, content: true, published: true })
+      .partial();
+    const body = await req.json();
+    const data = updateSchema.parse(body);
+
+    // Build Prisma update object only with provided fields to avoid overwriting with undefined
+    const updateData: Parameters<typeof prisma.post.update>[0]["data"] = {};
+    if (data.title !== undefined) updateData.title = data.title;
+    if (data.content !== undefined) updateData.content = data.content ?? null;
+    if (data.published !== undefined) updateData.published = data.published;
+
+    const updated = await prisma.post.update({
+      where: { id },
+      data: updateData,
+    });
+    return jsonOk(updated, { status: 200, message: "Post updated" });
+  } catch (error: unknown) {
+    if (error instanceof z.ZodError) {
+      return jsonFromZod(error, { status: 400, message: "Validation failed" });
+    }
+    return jsonFail("Failed to update post", { status: 500 });
+  }
+}
+
+export async function DELETE(_req: Request, { params }: RouteContext) {
+  try {
+    const { id } = await params; // await params
+
+    const session = await getServerSession(authOptions);
+    if (!session?.user) {
+      return jsonFail("Unauthorized", { status: 401 });
+    }
+
+    const post = await prisma.post.findUnique({ where: { id } });
+    if (!post) return jsonFail("Not found", { status: 404 });
+
+    const isAdmin = (session.user as { role?: string }).role === "admin";
+    const isAuthor = (session.user as { id?: string }).id === post.authorId;
+    if (!isAdmin && !isAuthor) {
+      return jsonFail("Forbidden", { status: 403 });
+    }
+
+    await prisma.post.delete({ where: { id } }); // If Int: id: Number(id)
+    return jsonOk({ ok: true }, { status: 200, message: "Post deleted" });
+  } catch (e: unknown) {
+    console.error("DELETE /api/posts/[id] error:", e);
+    return jsonFail("Failed to delete post", { status: 500 });
+  }
+}