 Server : Apache/2 System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : gositeme ( 1004) PHP Version : 8.2.29 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory : /home/gositeme/domains/lavocat.ca/private_html/.next/server/pages/api/ |
"use strict";(()=>{var e={};e.id=8621,e.ids=[8621],e.modules={8667:(e,r)=>{Object.defineProperty(r,"A",{enumerable:!0,get:function(){return t}});var t=function(e){return e.PAGES="PAGES",e.PAGES_API="PAGES_API",e.APP_PAGE="APP_PAGE",e.APP_ROUTE="APP_ROUTE",e.IMAGE="IMAGE",e}({})},15806:e=>{e.exports=require("next-auth/next")},16382:e=>{e.exports=require("next-auth/providers/credentials")},21229:(e,r,t)=>{t.a(e,async(e,i)=>{try{t.r(r),t.d(r,{config:()=>d,default:()=>c,routeModule:()=>u});var a=t(33480),n=t(8667),s=t(86435),o=t(60371),l=e([o]);o=(l.then?(await l)():l)[0];let c=(0,s.M)(o,"default"),d=(0,s.M)(o,"config"),u=new a.PagesAPIRouteModule({definition:{kind:n.A.PAGES_API,page:"/api/comments",pathname:"/api/comments",bundlePath:"",filename:""},userland:o});i()}catch(e){i(e)}})},33480:(e,r,t)=>{e.exports=t(75600)},41822:(e,r,t)=>{t.d(r,{N:()=>o});var i=t(16382),a=t.n(i),n=t(74729),s=t(76760);let o={providers:[a()({name:"Credentials",credentials:{email:{label:"Email",type:"email"},password:{label:"Password",type:"password"}},async authorize(e){if(!e?.email||!e?.password)return null;try{let r=await s.z.user.findUnique({where:{email:e.email},select:{id:!0,email:!0,password:!0,role:!0,name:!0,isVerified:!0,verificationStatus:!0}});if(!r||!await (0,n.compare)(e.password,r.password))return null;let{password:t,...i}=r;return{...i,name:i.name||i.email}}catch(e){return console.error("Auth error:",e),null}}})],session:{strategy:"jwt",maxAge:2592e3},cookies:{sessionToken:{name:"__Secure-next-auth.session-token",options:{httpOnly:!0,sameSite:"lax",path:"/",secure:!0,domain:process.env.COOKIE_DOMAIN}}},pages:{signIn:"/auth/login",signOut:"/auth/login",error:"/auth/error"},callbacks:{async jwt({token:e,user:r,trigger:t}){try{if(console.log("JWT Callback - trigger:",t),console.log("JWT Callback - user:",r?{id:r.id,email:r.email,role:r.role}:null),r)e.id=r.id,e.role=r.role,e.email=r.email,e.name=r.name||r.email,e.profilePicture=r.profilePicture||void 0,e.username=r.username||void 0,e.isVerified=r.isVerified||!1,e.verificationStatus=r.verificationStatus||"PENDING",e.isImpersonating=r.isImpersonating||!1,e.originalUser=r.originalUser||void 0,console.log("JWT Callback - Updated token from user:",{id:e.id,role:e.role,isImpersonating:e.isImpersonating});else if(e.id)try{console.log("JWT Callback - Checking for impersonation sessions...");let r=await s.z.impersonationSession.findFirst({where:{originalUserId:e.id,isActive:!0,expiresAt:{gt:new Date}},include:{impersonatedUser:{select:{id:!0,email:!0,name:!0,role:!0,profilePicture:!0,username:!0}},originalUser:{select:{id:!0,email:!0,name:!0,role:!0,profilePicture:!0,username:!0}}}});if(r){let t=r.impersonatedUser;e.id=t.id,e.email=t.email,e.name=t.name||t.email,e.role=t.role,e.profilePicture=t.profilePicture||void 0,e.username=t.username||void 0,e.isImpersonating=!0,e.originalUser={id:r.originalUser.id,email:r.originalUser.email,name:r.originalUser.name||r.originalUser.email,role:r.originalUser.role,profilePicture:r.originalUser.profilePicture||void 0,username:r.originalUser.username||void 0},console.log("JWT Callback - Applied impersonation:",{originalId:e.originalUser.id,impersonatedId:e.id,originalRole:e.originalUser.role,impersonatedRole:e.role})}else e.isImpersonating&&(e.originalUser&&(console.log("JWT Callback - Restoring original user from token"),e.id=e.originalUser.id,e.email=e.originalUser.email,e.name=e.originalUser.name||e.originalUser.email,e.role=e.originalUser.role,e.profilePicture=e.originalUser.profilePicture||void 0,e.username=e.originalUser.username||void 0),e.isImpersonating=!1,e.originalUser=void 0,console.log("JWT Callback - Cleared impersonation state"))}catch(r){console.error("JWT Callback - Database error:",r),e.isImpersonating&&e.originalUser&&(console.log("JWT Callback - Error occurred, restoring original user"),e.id=e.originalUser.id,e.email=e.originalUser.email,e.name=e.originalUser.name||e.originalUser.email,e.role=e.originalUser.role,e.profilePicture=e.originalUser.profilePicture||void 0,e.username=e.originalUser.username||void 0,e.isImpersonating=!1,e.originalUser=void 0)}return console.log("JWT Callback - Final token:",{id:e.id,email:e.email,role:e.role,isImpersonating:e.isImpersonating}),e}catch(r){return console.error("JWT Callback - Error:",r),e}},async session({session:e,token:r}){try{return console.log("Session Callback - token:",{id:r.id,email:r.email,role:r.role,isImpersonating:r.isImpersonating}),console.log("Session Callback - session before:",e),r&&e.user&&(e.user.id=r.id,e.user.role=r.role,e.user.email=r.email,e.user.name=r.name,e.user.profilePicture=r.profilePicture,e.user.username=r.username,e.user.isVerified=r.isVerified,e.user.verificationStatus=r.verificationStatus,e.user.isImpersonating=r.isImpersonating,e.user.originalUser=r.originalUser),console.log("Session Callback - session after:",e),console.log("Session Callback - Final user ID:",e.user?.id),e}catch(r){return console.error("Session Callback - Error:",r),e}},redirect:async({url:e,baseUrl:r})=>e===r||e===`${r}/`||e.endsWith("/auth/login")?r:e.startsWith("/")?`${r}${e}`:e.startsWith(r)?e:r},secret:process.env.NEXTAUTH_SECRET||"3560f921b7bbf968e64fbc2835960840d184fcb95977e960a2124de6bbbed2d3",debug:!1}},42971:e=>{e.exports=import("zod")},60371:(e,r,t)=>{t.a(e,async(e,i)=>{try{t.r(r),t.d(r,{default:()=>c});var a=t(15806),n=t(41822),s=t(76760),o=t(42971),l=e([o]);let f=(o=(l.then?(await l)():l)[0]).z.object({content:o.z.string().min(1,"Comment cannot be empty").max(5e3,"Comment too long"),caseId:o.z.string().uuid("Invalid case ID"),parentId:o.z.string().uuid("Invalid parent ID").optional(),attachments:o.z.array(o.z.object({name:o.z.string(),url:o.z.string().url(),type:o.z.string(),size:o.z.number().positive()})).optional()}),I=o.z.object({content:o.z.string().min(1,"Comment cannot be empty").max(5e3,"Comment too long"),attachments:o.z.array(o.z.object({name:o.z.string(),url:o.z.string().url(),type:o.z.string(),size:o.z.number().positive()})).optional()});async function c(e,r){let t=await (0,a.getServerSession)(e,r,n.N);if(!t?.user?.id)return r.status(401).json({error:"Authentication required"});try{switch(e.method){case"GET":return await d(e,r,t.user.id);case"POST":return await u(e,r,t.user.id);case"PUT":return await m(e,r,t.user.id);case"DELETE":return await p(e,r,t.user.id);default:return r.status(405).json({error:"Method not allowed"})}}catch(e){return console.error("Comments API error:",e),r.status(500).json({error:"Internal server error"})}}async function d(e,r,t){let{caseId:i,page:a="1",limit:n="20",parentId:o}=e.query;if(!i||"string"!=typeof i)return r.status(400).json({error:"Case ID is required"});let l=await s.z.user.findUnique({where:{id:t},select:{role:!0}}),c=l?.role==="SUPERADMIN"||l?.role==="ADMIN",d=parseInt(a),u=parseInt(n),m=(d-1)*u;if(!await s.z.legalCase.findFirst({where:c?{id:i}:{id:i,isPublic:!0}}))return r.status(404).json({error:"Case not found"});try{let e={caseId:i,isDeleted:!1,...o?{parentId:o}:{parentId:null}},[t,a]=await Promise.all([s.z.caseComment.findMany({where:e,include:{user:{select:{id:!0,name:!0,profilePicture:!0,role:!0,isVerified:!0}},attachments:!0,reactions:{include:{user:{select:{id:!0,name:!0}}}},_count:{select:{replies:{where:{isDeleted:!1}},reactions:!0}}},orderBy:{createdAt:"desc"},skip:m,take:u}),s.z.caseComment.count({where:e})]);return r.status(200).json({comments:t.map(e=>({...e,createdAt:e.createdAt.toISOString(),updatedAt:e.updatedAt.toISOString()})),pagination:{page:d,limit:u,total:a,pages:Math.ceil(a/u)}})}catch(e){return console.error("Error fetching comments:",e),r.status(500).json({error:"Failed to fetch comments"})}}async function u(e,r,t){try{let i=f.parse(e.body),a=await s.z.user.findUnique({where:{id:t},select:{role:!0}}),n=a?.role==="SUPERADMIN"||a?.role==="ADMIN";if(!await s.z.legalCase.findFirst({where:n?{id:i.caseId}:{id:i.caseId,isPublic:!0}}))return r.status(404).json({error:"Case not found"});if(i.parentId&&!await s.z.caseComment.findFirst({where:{id:i.parentId,caseId:i.caseId,isDeleted:!1}}))return r.status(404).json({error:"Parent comment not found"});let o=await s.z.caseComment.create({data:{caseId:i.caseId,userId:t,parentId:i.parentId||null,content:i.content.trim(),attachments:i.attachments?{create:i.attachments}:void 0},include:{user:{select:{id:!0,name:!0,profilePicture:!0,role:!0,isVerified:!0}},attachments:!0,reactions:{include:{user:{select:{id:!0,name:!0}}}},_count:{select:{replies:{where:{isDeleted:!1}},reactions:!0}}}});if(i.parentId){let e=await s.z.caseComment.findFirst({where:{id:i.parentId},include:{user:!0}});e&&e.userId!==t&&await s.z.notification.create({data:{userId:e.userId,type:"COMMENT_REPLY",title:"New reply to your comment",message:"Someone replied to your comment",data:JSON.stringify({caseId:i.caseId,commentId:o.id,parentId:i.parentId})}})}return r.status(201).json({message:"Comment created successfully",comment:{...o,createdAt:o.createdAt.toISOString(),updatedAt:o.updatedAt.toISOString()}})}catch(e){if(e instanceof o.z.ZodError)return r.status(400).json({error:e.errors[0].message});return console.error("Error creating comment:",e),r.status(500).json({error:"Failed to create comment"})}}async function m(e,r,t){let{commentId:i}=e.query;if(!i||"string"!=typeof i)return r.status(400).json({error:"Comment ID is required"});try{let a=I.parse(e.body);if(!await s.z.caseComment.findFirst({where:{id:i,userId:t,isDeleted:!1}}))return r.status(404).json({error:"Comment not found or access denied"});let n=await s.z.caseComment.update({where:{id:i},data:{content:a.content.trim(),isEdited:!0,attachments:a.attachments?{deleteMany:{},create:a.attachments}:void 0},include:{user:{select:{id:!0,name:!0,profilePicture:!0,role:!0,isVerified:!0}},attachments:!0,reactions:{include:{user:{select:{id:!0,name:!0}}}},_count:{select:{replies:{where:{isDeleted:!1}},reactions:!0}}}});return r.status(200).json({message:"Comment updated successfully",comment:{...n,createdAt:n.createdAt.toISOString(),updatedAt:n.updatedAt.toISOString()}})}catch(e){if(e instanceof o.z.ZodError)return r.status(400).json({error:e.errors[0].message});return console.error("Error updating comment:",e),r.status(500).json({error:"Failed to update comment"})}}async function p(e,r,t){let{commentId:i}=e.query;if(!i||"string"!=typeof i)return r.status(400).json({error:"Comment ID is required"});try{let e=await s.z.caseComment.findFirst({where:{id:i,isDeleted:!1},include:{user:!0}});if(!e)return r.status(404).json({error:"Comment not found"});let a=await s.z.user.findUnique({where:{id:t},select:{role:!0}});if(e.userId!==t&&a?.role!=="ADMIN")return r.status(403).json({error:"Access denied"});return await g(i),r.status(200).json({message:"Comment deleted successfully"})}catch(e){return console.error("Error deleting comment:",e),r.status(500).json({error:"Failed to delete comment"})}}async function g(e){for(let r of(await s.z.caseComment.update({where:{id:e},data:{isDeleted:!0}}),await s.z.caseComment.findMany({where:{parentId:e,isDeleted:!1},select:{id:!0}})))await g(r.id)}i()}catch(e){i(e)}})},74729:e=>{e.exports=require("bcryptjs")},75600:e=>{e.exports=require("next/dist/compiled/next-server/pages-api.runtime.prod.js")},76760:(e,r,t)=>{t.d(r,{z:()=>a});var i=t(96330);let a=globalThis.prisma??new i.PrismaClient({log:["error"]})},86435:(e,r)=>{Object.defineProperty(r,"M",{enumerable:!0,get:function(){return function e(r,t){return t in r?r[t]:"then"in r&&"function"==typeof r.then?r.then(r=>e(r,t)):"function"==typeof r&&"default"===t?r:void 0}}})},96330:e=>{e.exports=require("@prisma/client")}};var r=require("../../webpack-api-runtime.js");r.C(e);var t=r(r.s=21229);module.exports=t})();