 Server : Apache/2 System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : gositeme ( 1004) PHP Version : 8.2.29 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory : /home/gositeme/.cursor-server/data/User/History/-4fc5e189/ |
import { NextApiRequest, NextApiResponse } from 'next';
import { getServerSession } from 'next-auth/next';
import { authOptions } from '@/lib/auth';
import { PrismaClient } from '@prisma/client';
const prisma = new PrismaClient();
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
const session = await getServerSession(req, res, authOptions);
console.log('🔍 Cases API - Session check:', {
hasSession: !!session,
userId: session?.user?.id,
email: session?.user?.email,
role: session?.user?.role,
allowedRoles: ['SUPERADMIN', 'ADMIN'],
isAllowed: session && ['SUPERADMIN', 'ADMIN'].includes(session.user.role)
});
if (!session || !['SUPERADMIN', 'ADMIN'].includes(session.user.role)) {
console.log('❌ Cases API - Access denied:', {
noSession: !session,
userRole: session?.user?.role,
allowedRoles: ['SUPERADMIN', 'ADMIN']
});
return res.status(403).json({ error: 'Access denied' });
}
switch (req.method) {
case 'GET':
return await getCases(req, res);
case 'POST':
return await createCase(req, res, session);
default:
return res.status(405).json({ error: 'Method not allowed' });
}
}
async function getCases(req: NextApiRequest, res: NextApiResponse) {
try {
const { status, leadLawyerId, limit = 50, offset = 0 } = req.query;
const where: any = {};
if (status) where.status = status;
if (leadLawyerId) where.leadLawyerId = leadLawyerId;
const cases = await prisma.legal_cases.findMany({
where,
include: {
users_legal_cases_leadLawyerIdTousers: {
select: {
id: true,
name: true,
email: true,
title: true,
specialization: true
}
},
users_legal_cases_createdByTousers: {
select: {
id: true,
name: true,
email: true
}
},
Registration: {
select: {
id: true,
firstName: true,
lastName: true,
status: true,
createdAt: true
}
},
case_updates: {
select: {
id: true,
title: true,
updateType: true,
isPublic: true,
createdAt: true
},
orderBy: { createdAt: 'desc' },
take: 3
},
_count: {
select: {
Registration: true,
case_assignments: true,
case_updates: true
}
}
},
orderBy: { createdAt: 'desc' },
take: parseInt(limit as string),
skip: parseInt(offset as string)
});
const total = await prisma.legal_cases.count({ where });
res.status(200).json({
cases,
pagination: {
total,
limit: parseInt(limit as string),
offset: parseInt(offset as string),
hasMore: total > parseInt(offset as string) + parseInt(limit as string)
}
});
} catch (error) {
console.error('Error fetching cases:', error);
res.status(500).json({ error: 'Failed to fetch cases' });
}
}
async function createCase(req: NextApiRequest, res: NextApiResponse, session: any) {
try {
const {
title,
description,
caseNumber,
caseType,
jurisdiction,
court,
leadLawyerId,
filingDate,
expectedDuration,
priority = 'medium',
budget,
isAcceptingApplications = true,
applicationDeadline
} = req.body;
// Validation
if (!title || !description || !caseType || !jurisdiction || !leadLawyerId) {
return res.status(400).json({
error: 'Missing required fields: title, description, caseType, jurisdiction, leadLawyerId'
});
}
// Verify lead lawyer exists and has appropriate role
const leadLawyer = await prisma.users.findUnique({
where: { id: leadLawyerId },
select: { id: true, role: true, name: true, email: true }
});
if (!leadLawyer || !['LAWYER', 'ADMIN', 'SUPERADMIN'].includes(leadLawyer.role)) {
return res.status(400).json({ error: 'Invalid lead lawyer' });
}
// Check if case number already exists (if provided)
if (caseNumber) {
const existingCase = await prisma.legal_cases.findUnique({
where: { caseNumber }
});
if (existingCase) {
return res.status(400).json({ error: 'Case number already exists' });
}
}
const newCase = await prisma.legal_cases.create({
data: {
title,
description,
caseNumber,
caseType,
jurisdiction,
court,
leadLawyerId,
filingDate: filingDate ? new Date(filingDate) : null,
expectedDuration: expectedDuration ? parseInt(expectedDuration) : null,
priority,
budget: budget ? parseFloat(budget) : null,
isAcceptingApplications,
applicationDeadline: applicationDeadline ? new Date(applicationDeadline) : null,
createdBy: session.user.id
},
include: {
leadLawyer: {
select: {
id: true,
name: true,
email: true,
title: true,
specialization: true
}
},
creator: {
select: {
id: true,
name: true,
email: true
}
}
}
});
// Create initial case update
await prisma.caseUpdate.create({
data: {
caseId: newCase.id,
title: 'Case Created',
description: `${newCase.title} has been created and is now available for applications.`,
updateType: 'procedural',
isPublic: true,
createdBy: session.user.id
}
});
res.status(201).json(newCase);
} catch (error) {
console.error('Error creating case:', error);
res.status(500).json({ error: 'Failed to create case' });
}
}