Merge pull request #40 from Eshvar-Thevar/Reports

Shivhare-Ayush · web-flow · commit 80eb089e390c · 2025-10-08T18:02:42.000-05:00
Reports table issue finished
diff --git a/.env.example b/.env.example
diff --git a/src/app/api/reports/route.ts b/src/app/api/reports/route.ts
@@ -0,0 +1,56 @@
+// This file defines the API route for POST /api/reports
+// It lets logged-in users submit a report for a specific file.
+
+import { NextResponse } from "next/server"; // Used to send HTTP responses (JSON, status codes)
+import { z } from "zod";                    // Zod validates and parses input data
+
+// Import database connection and the "report" table schema
+import { db } from "@src/server/db";
+import { report } from "@src/server/db/schema/reports";
+
+// Import session helper to check if a user is logged in
+import { getServerAuthSession } from "@src/server/auth";
+
+// This ensures the API only accepts the correct fields
+const CreateReportSchema = z.object({
+  fileId: z.string().min(1), 
+  category: z
+    .enum(["inappropriate", "copyright", "spam", "other"])
+    .default("other"),
+  details: z.string().min(1),
+});
+
+// This function runs when someone sends a POST request to /api/reports
+export async function POST(req: Request) {
+  const session = await getServerAuthSession();
+
+  // If there’s no session or no user ID, reject the request
+  if (!session?.user?.id) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+
+  // Try to parse and validate the incoming request body
+  let body: z.infer<typeof CreateReportSchema>;
+  try {
+    body = CreateReportSchema.parse(await req.json());
+  } catch (e) {
+    return NextResponse.json(
+      { error: "Invalid body", details: (e as Error).message },
+      { status: 400 }
+    );
+  }
+
+  // Insert the validated report into the database
+  const [created] = await db
+    .insert(report)
+    .values({
+      userId: session.user.id,
+      fileId: body.fileId,
+      category: body.category,
+      details: body.details,
+    })
+    .returning(); // return the newly created record
+
+  // Send the inserted report back as JSON
+  return NextResponse.json(created, { status: 201 });
+}
diff --git a/src/server/db/index.ts b/src/server/db/index.ts
@@ -4,10 +4,12 @@ import { env } from '@src/env.mjs';
 import * as user from './schema/user';
 import * as file from './schema/file';
 import * as section from './schema/section';
+import * as report from "./schema/reports";
 const schema = {
   ...file,
   ...section,
   ...user,
+  ...report
 };
 
 export const db = drizzle(env.DATABASE_URL, {
diff --git a/src/server/db/schema/reports.ts b/src/server/db/schema/reports.ts
@@ -0,0 +1,33 @@
+// Minimal table so API can insert a report.
+
+import { sql } from "drizzle-orm";
+import { pgTable, text, varchar, timestamp } from "drizzle-orm/pg-core";
+import { user } from "./user";
+import { file } from "./file";
+
+export const report = pgTable("report", {
+  id: text("id")
+    .default(sql`nanoid(20)`)
+    .primaryKey(),
+
+    userId: text("user_id")
+    .notNull()
+    .references(() => user.id),
+
+    fileId: text("file_id")
+    .notNull()
+    .references(() => file.id),
+
+  // Short category (e.g., "inappropriate", "copyright", "spam", "other")
+  category: varchar("category", { length: 32 })
+    .notNull()
+    .default("other"),
+
+  // Free-text explanation
+  details: text("details").notNull(),
+
+  // Created timestamp
+  createdAt: timestamp("created_at", { mode: "date" })
+    .notNull()
+    .default(sql`now()`),
+});
