Vets-Who-Code
diff --git a/‎public/fallback-RbGbxko1YjKJf9FN0NjMV.js‎ ‎public/fallback-cAtVg9OZrcBR4pVxhQP15.js‎public/fallback-RbGbxko1YjKJf9FN0NjMV.js renamed to public/fallback-cAtVg9OZrcBR4pVxhQP15.js b/‎public/fallback-RbGbxko1YjKJf9FN0NjMV.js‎ ‎public/fallback-cAtVg9OZrcBR4pVxhQP15.js‎public/fallback-RbGbxko1YjKJf9FN0NjMV.js renamed to public/fallback-cAtVg9OZrcBR4pVxhQP15.js
diff --git a/‎src/lib/rbac.ts‎
Lines changed: 2 additions & 0 deletions b/‎src/lib/rbac.ts‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/pages/api/lms/submissions/[submissionId]/grade.ts‎
Lines changed: 159 additions & 0 deletions b/‎src/pages/api/lms/submissions/[submissionId]/grade.ts‎
Lines changed: 159 additions & 0 deletions
diff --git a/‎src/pages/api/lms/submissions/index.ts‎
Lines changed: 181 additions & 0 deletions b/‎src/pages/api/lms/submissions/index.ts‎
Lines changed: 181 additions & 0 deletions
@@ -7,6 +7,7 @@ export type Role = 'STUDENT' | 'INSTRUCTOR' | 'ADMIN' | 'MENTOR';
 export interface AuthenticatedRequest extends NextApiRequest {
   user?: {
     id: string;
+    name: string | null;
     email: string;
     role: Role;
   };
@@ -33,6 +34,7 @@ export function requireAuth(
 
     req.user = {
       id: session.user.id,
+      name: session.user.name || null,
       email: session.user.email || '',
       role: (session.user.role as Role) || 'STUDENT',
     };
 
@@ -0,0 +1,159 @@
+import { NextApiResponse } from 'next';
+import { requireRole, AuthenticatedRequest } from '@/lib/rbac';
+import prisma from '@/lib/prisma';
+
+/**
+ * PUT /api/lms/submissions/[submissionId]/grade
+ *
+ * Grade a submission. Updates score, feedback, status, and gradedAt timestamp.
+ * Requires INSTRUCTOR, ADMIN, or MENTOR role.
+ *
+ * Request body:
+ * {
+ *   score: number (required, 0 to assignment.maxPoints),
+ *   feedback?: string,
+ *   status?: 'GRADED' | 'NEEDS_REVISION' (default 'GRADED')
+ * }
+ *
+ * Response:
+ * {
+ *   submission: {...},
+ *   message: string
+ * }
+ */
+async function handler(req: AuthenticatedRequest, res: NextApiResponse) {
+  if (req.method !== 'PUT') {
+    return res.status(405).json({ error: 'Method not allowed' });
+  }
+
+  try {
+    const { submissionId } = req.query;
+    const { score, feedback, status = 'GRADED' } = req.body;
+
+    // Validate submissionId
+    if (!submissionId || typeof submissionId !== 'string') {
+      return res.status(400).json({ error: 'Invalid submission ID' });
+    }
+
+    // Validate score is provided
+    if (score === undefined || score === null) {
+      return res.status(400).json({ error: 'Score is required' });
+    }
+
+    // Validate score is a number
+    const scoreNum = Number(score);
+    if (isNaN(scoreNum)) {
+      return res.status(400).json({ error: 'Score must be a number' });
+    }
+
+    // Validate status
+    if (status && !['GRADED', 'NEEDS_REVISION'].includes(status)) {
+      return res.status(400).json({
+        error: 'Invalid status. Must be GRADED or NEEDS_REVISION'
+      });
+    }
+
+    // Fetch submission with assignment data
+    const submission = await prisma.submission.findUnique({
+      where: { id: submissionId },
+      include: {
+        assignment: {
+          select: {
+            id: true,
+            title: true,
+            maxPoints: true,
+            courseId: true,
+          },
+        },
+        user: {
+          select: {
+            id: true,
+            name: true,
+            email: true,
+          },
+        },
+      },
+    });
+
+    if (!submission) {
+      return res.status(404).json({ error: 'Submission not found' });
+    }
+
+    // Validate score is within valid range
+    if (scoreNum < 0) {
+      return res.status(400).json({ error: 'Score cannot be negative' });
+    }
+
+    if (scoreNum > submission.assignment.maxPoints) {
+      return res.status(400).json({
+        error: `Score cannot exceed maximum points (${submission.assignment.maxPoints})`
+      });
+    }
+
+    // Check if submission is in a valid state for grading
+    if (submission.status === 'DRAFT') {
+      return res.status(400).json({
+        error: 'Cannot grade a draft submission'
+      });
+    }
+
+    // Update submission with grade
+    const gradedSubmission = await prisma.submission.update({
+      where: { id: submissionId },
+      data: {
+        score: scoreNum,
+        feedback: feedback || submission.feedback,
+        status,
+        gradedAt: new Date(),
+      },
+      include: {
+        assignment: {
+          select: {
+            id: true,
+            title: true,
+            description: true,
+            maxPoints: true,
+            dueDate: true,
+            type: true,
+            course: {
+              select: {
+                id: true,
+                title: true,
+              },
+            },
+          },
+        },
+        user: {
+          select: {
+            id: true,
+            name: true,
+            email: true,
+            image: true,
+          },
+        },
+      },
+    });
+
+    // Calculate percentage
+    const percentage = (scoreNum / submission.assignment.maxPoints) * 100;
+
+    res.status(200).json({
+      submission: {
+        ...gradedSubmission,
+        percentage: Math.round(percentage * 10) / 10, // Round to 1 decimal
+      },
+      message: 'Submission graded successfully',
+      gradedBy: {
+        id: req.user!.id,
+        name: req.user!.name,
+        role: req.user!.role,
+      },
+    });
+  } catch (error) {
+    console.error('Error grading submission:', error);
+    res.status(500).json({ error: 'Failed to grade submission' });
+  }
+}
+
+// Require INSTRUCTOR, ADMIN, or MENTOR role
+export default requireRole(['INSTRUCTOR', 'ADMIN', 'MENTOR'])(handler);
@@ -0,0 +1,181 @@
+import { NextApiResponse } from 'next';
+import { requireAuth, AuthenticatedRequest } from '@/lib/rbac';
+import prisma from '@/lib/prisma';
+
+/**
+ * POST /api/lms/submissions
+ *
+ * Submit an assignment. Students can create or update their submissions.
+ * Only one submission per user per assignment (enforced by unique constraint).
+ *
+ * Request body:
+ * {
+ *   assignmentId: string,
+ *   githubUrl?: string,
+ *   liveUrl?: string,
+ *   notes?: string,
+ *   files?: string (JSON array of file URLs)
+ * }
+ *
+ * Response:
+ * {
+ *   submission: {...},
+ *   message: string
+ * }
+ */
+export default requireAuth(async (req: AuthenticatedRequest, res: NextApiResponse) => {
+  if (req.method !== 'POST') {
+    return res.status(405).json({ error: 'Method not allowed' });
+  }
+
+  try {
+    const { assignmentId, githubUrl, liveUrl, notes, files } = req.body;
+    const userId = req.user!.id;
+
+    // Validate required fields
+    if (!assignmentId) {
+      return res.status(400).json({ error: 'Assignment ID is required' });
+    }
+
+    // Validate assignment exists
+    const assignment = await prisma.assignment.findUnique({
+      where: { id: assignmentId },
+      include: {
+        course: {
+          include: {
+            enrollments: {
+              where: {
+                userId,
+                status: 'ACTIVE',
+              },
+            },
+          },
+        },
+      },
+    });
+
+    if (!assignment) {
+      return res.status(404).json({ error: 'Assignment not found' });
+    }
+
+    // Verify user is enrolled in the course
+    if (assignment.course.enrollments.length === 0) {
+      return res.status(403).json({
+        error: 'You must be enrolled in the course to submit assignments'
+      });
+    }
+
+    // Validate URL formats if provided
+    const urlRegex = /^https?:\/\/.+/;
+    if (githubUrl && !urlRegex.test(githubUrl)) {
+      return res.status(400).json({ error: 'Invalid GitHub URL format' });
+    }
+    if (liveUrl && !urlRegex.test(liveUrl)) {
+      return res.status(400).json({ error: 'Invalid live demo URL format' });
+    }
+
+    // Check assignment requirements
+    if (assignment.githubRepo && !githubUrl) {
+      return res.status(400).json({
+        error: 'GitHub repository URL is required for this assignment'
+      });
+    }
+    if (assignment.liveDemo && !liveUrl) {
+      return res.status(400).json({
+        error: 'Live demo URL is required for this assignment'
+      });
+    }
+
+    // Check for existing submission
+    const existingSubmission = await prisma.submission.findUnique({
+      where: {
+        userId_assignmentId: {
+          userId,
+          assignmentId,
+        },
+      },
+    });
+
+    let submission;
+
+    if (existingSubmission) {
+      // Update existing submission (allow resubmission before grading)
+      if (existingSubmission.status === 'GRADED') {
+        return res.status(400).json({
+          error: 'Cannot resubmit a graded assignment'
+        });
+      }
+
+      submission = await prisma.submission.update({
+        where: {
+          id: existingSubmission.id,
+        },
+        data: {
+          githubUrl: githubUrl ?? existingSubmission.githubUrl,
+          liveUrl: liveUrl ?? existingSubmission.liveUrl,
+          notes: notes ?? existingSubmission.notes,
+          files: files ?? existingSubmission.files,
+          status: 'SUBMITTED',
+          submittedAt: new Date(),
+        },
+        include: {
+          assignment: {
+            select: {
+              id: true,
+              title: true,
+              maxPoints: true,
+              dueDate: true,
+            },
+          },
+          user: {
+            select: {
+              id: true,
+              name: true,
+              email: true,
+            },
+          },
+        },
+      });
+    } else {
+      // Create new submission
+      submission = await prisma.submission.create({
+        data: {
+          userId,
+          assignmentId,
+          githubUrl,
+          liveUrl,
+          notes,
+          files,
+          status: 'SUBMITTED',
+        },
+        include: {
+          assignment: {
+            select: {
+              id: true,
+              title: true,
+              maxPoints: true,
+              dueDate: true,
+            },
+          },
+          user: {
+            select: {
+              id: true,
+              name: true,
+              email: true,
+            },
+          },
+        },
+      });
+    }
+
+    res.status(existingSubmission ? 200 : 201).json({
+      submission,
+      message: existingSubmission
+        ? 'Submission updated successfully'
+        : 'Submission created successfully',
+    });
+  } catch (error) {
+    console.error('Error creating/updating submission:', error);
+    res.status(500).json({ error: 'Failed to submit assignment' });
+  }
+});