fix subchapter creation bug

This commit is contained in:
corenthin-lebreton 2026-02-27 01:06:46 +01:00
parent 21eaaefd4f
commit 2196937302
2 changed files with 16 additions and 7 deletions

View File

@ -1,18 +1,17 @@
/* eslint-disable @typescript-eslint/no-explicit-any */
import { NextRequest, NextResponse } from 'next/server'
import { createClient } from '@/lib/supabase/server'
import { createClient, createAdminClient } from '@/lib/supabase/server'
export async function POST(request: NextRequest) {
try {
const supabase = await createClient()
const db = supabase as any
const { data: { user }, error: authError } = await supabase.auth.getUser()
if (authError || !user) return NextResponse.json({ error: 'Non autorisé' }, { status: 401 })
const { name, description } = await request.json()
if (!name?.trim()) return NextResponse.json({ error: 'Nom requis' }, { status: 400 })
const { data, error } = await db
const admin = createAdminClient() as any
const { data, error } = await admin
.from('categories')
.insert({ name: name.trim(), description: description?.trim() || null, created_by: user.id })
.select()

View File

@ -1,18 +1,28 @@
/* eslint-disable @typescript-eslint/no-explicit-any */
import { NextRequest, NextResponse } from 'next/server'
import { createClient } from '@/lib/supabase/server'
import { createClient, createAdminClient } from '@/lib/supabase/server'
export async function POST(request: NextRequest) {
try {
const supabase = await createClient()
const db = supabase as any
const { data: { user }, error: authError } = await supabase.auth.getUser()
if (authError || !user) return NextResponse.json({ error: 'Non autorisé' }, { status: 401 })
const { category_id, name } = await request.json()
if (!category_id || !name?.trim()) return NextResponse.json({ error: 'category_id et nom requis' }, { status: 400 })
const { data, error } = await db
// Vérifier que la catégorie appartient bien à cet utilisateur
const admin = createAdminClient() as any
const { data: cat } = await admin
.from('categories')
.select('id')
.eq('id', category_id)
.eq('created_by', user.id)
.single()
if (!cat) return NextResponse.json({ error: 'Catégorie introuvable ou accès refusé' }, { status: 404 })
const { data, error } = await admin
.from('subchapters')
.insert({ category_id, name: name.trim(), created_by: user.id })
.select()