letsbe
/
MOPC-App
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add file requirements per round and super admin promotion via UI
Build and Push Docker Image / build (push) Successful in 10m11s Details 

Part A: File Requirements per Round
- New FileRequirement model with name, description, accepted MIME types, max size, required flag, sort order
- Added requirementId FK to ProjectFile for linking uploads to requirements
- Backend CRUD (create/update/delete/reorder) in file router with audit logging
- Mime type validation and team member upload authorization in applicant router
- Admin UI: FileRequirementsEditor component in round edit page
- Applicant UI: RequirementUploadSlot/List components in submission detail and team pages
- Viewer UI: RequirementChecklist with fulfillment status in file-viewer

Part B: Super Admin Promotion
- Added SUPER_ADMIN to role enums in user create/update/bulkCreate with guards
- Member detail page: SUPER_ADMIN dropdown option with AlertDialog confirmation
- Invite page: SUPER_ADMIN option visible only to super admins

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Matt 2026-02-08 23:01:33 +01:00
parent e73a676412
commit 829acf8d4e
12 changed files with 1229 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
prisma/schema.prisma
View File

@ -452,6 +452,7 @@ model Round {
taggingJobs TaggingJob[]
reminderLogs ReminderLog[]
projectFiles ProjectFile[]
fileRequirements FileRequirement[]
evaluationDiscussions EvaluationDiscussion[]
messages Message[]
@ -581,10 +582,31 @@ model Project {
@@index([country])
}
model FileRequirement {
id String @id @default(cuid())
roundId String
name String
description String?
acceptedMimeTypes String[] // e.g. ["application/pdf", "video/*"]
maxSizeMB Int? // Max file size in MB
isRequired Boolean @default(true)
sortOrder Int @default(0)
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
// Relations
round Round @relation(fields: [roundId], references: [id], onDelete: Cascade)
files ProjectFile[]
@@index([roundId])
}
model ProjectFile {
id String @id @default(cuid())
projectId String
roundId String? // Which round this file was submitted for
id String @id @default(cuid())
projectId String
roundId String? // Which round this file was submitted for
requirementId String? // FK to FileRequirement (if uploaded against a requirement)
// File info
fileType FileType
@ -605,16 +627,18 @@ model ProjectFile {
createdAt DateTime @default(now())
// Relations
project Project @relation(fields: [projectId], references: [id], onDelete: Cascade)
round Round? @relation(fields: [roundId], references: [id])
replacedBy ProjectFile? @relation("FileVersions", fields: [replacedById], references: [id], onDelete: SetNull)
replacements ProjectFile[] @relation("FileVersions")
project Project @relation(fields: [projectId], references: [id], onDelete: Cascade)
round Round? @relation(fields: [roundId], references: [id])
requirement FileRequirement? @relation(fields: [requirementId], references: [id], onDelete: SetNull)
replacedBy ProjectFile? @relation("FileVersions", fields: [replacedById], references: [id], onDelete: SetNull)
replacements ProjectFile[] @relation("FileVersions")
@@unique([bucket, objectKey])
@@index([projectId])
@@index([roundId])
@@index([projectId, roundId])
@@index([fileType])
@@index([requirementId])
}
// =============================================================================

66
src/app/(admin)/admin/members/[id]/page.tsx
View File

@ -35,6 +35,16 @@ import {
import { toast } from 'sonner'
import { TagInput } from '@/components/shared/tag-input'
import { UserActivityLog } from '@/components/shared/user-activity-log'
import {
AlertDialog,
AlertDialogAction,
AlertDialogCancel,
AlertDialogContent,
AlertDialogDescription,
AlertDialogFooter,
AlertDialogHeader,
AlertDialogTitle,
} from '@/components/ui/alert-dialog'
import {
ArrowLeft,
Save,
@ -51,6 +61,8 @@ export default function MemberDetailPage() {
const userId = params.id as string
const { data: user, isLoading, error, refetch } = trpc.user.get.useQuery({ id: userId })
const { data: currentUser } = trpc.user.me.useQuery()
const isSuperAdmin = currentUser?.role === 'SUPER_ADMIN'
const updateUser = trpc.user.update.useMutation()
const sendInvitation = trpc.user.sendInvitation.useMutation()
@ -65,6 +77,8 @@ export default function MemberDetailPage() {
const [status, setStatus] = useState<string>('INVITED')
const [expertiseTags, setExpertiseTags] = useState<string[]>([])
const [maxAssignments, setMaxAssignments] = useState<string>('')
const [showSuperAdminConfirm, setShowSuperAdminConfirm] = useState(false)
const [pendingSuperAdminRole, setPendingSuperAdminRole] = useState(false)
useEffect(() => {
if (user) {
@ -81,7 +95,7 @@ export default function MemberDetailPage() {
await updateUser.mutateAsync({
id: userId,
name: name || null,
role: role as 'JURY_MEMBER' | 'MENTOR' | 'OBSERVER' | 'PROGRAM_ADMIN',
role: role as 'SUPER_ADMIN' | 'JURY_MEMBER' | 'MENTOR' | 'OBSERVER' | 'PROGRAM_ADMIN',
status: status as 'INVITED' | 'ACTIVE' | 'SUSPENDED',
expertiseTags,
maxAssignments: maxAssignments ? parseInt(maxAssignments) : null,
@ -211,15 +225,28 @@ export default function MemberDetailPage() {
</div>
<div className="space-y-2">
<Label htmlFor="role">Role</Label>
<Select value={role} onValueChange={setRole}>
<Select
value={role}
onValueChange={(v) => {
if (v === 'SUPER_ADMIN') {
setPendingSuperAdminRole(true)
setShowSuperAdminConfirm(true)
} else {
setRole(v)
}
}}
>
<SelectTrigger id="role">
<SelectValue />
</SelectTrigger>
<SelectContent>
{isSuperAdmin && (
<SelectItem value="SUPER_ADMIN">Super Admin</SelectItem>
)}
<SelectItem value="PROGRAM_ADMIN">Program Admin</SelectItem>
<SelectItem value="JURY_MEMBER">Jury Member</SelectItem>
<SelectItem value="MENTOR">Mentor</SelectItem>
<SelectItem value="OBSERVER">Observer</SelectItem>
<SelectItem value="PROGRAM_ADMIN">Program Admin</SelectItem>
</SelectContent>
</Select>
</div>
@ -377,6 +404,39 @@ export default function MemberDetailPage() {
Save Changes
</Button>
</div>
{/* Super Admin Confirmation Dialog */}
<AlertDialog open={showSuperAdminConfirm} onOpenChange={setShowSuperAdminConfirm}>
<AlertDialogContent>
<AlertDialogHeader>
<AlertDialogTitle>Grant Super Admin Access?</AlertDialogTitle>
<AlertDialogDescription>
This will grant <strong>{name || user?.name || 'this user'}</strong> full Super Admin
access, including user management, system settings, and all administrative
capabilities. This action should only be performed for trusted administrators.
</AlertDialogDescription>
</AlertDialogHeader>
<AlertDialogFooter>
<AlertDialogCancel
onClick={() => {
setPendingSuperAdminRole(false)
}}
>
Cancel
</AlertDialogCancel>
<AlertDialogAction
onClick={() => {
setRole('SUPER_ADMIN')
setPendingSuperAdminRole(false)
setShowSuperAdminConfirm(false)
}}
className="bg-red-600 hover:bg-red-700"
>
Confirm Super Admin
</AlertDialogAction>
</AlertDialogFooter>
</AlertDialogContent>
</AlertDialog>
</div>
)
}

26
src/app/(admin)/admin/members/invite/page.tsx
View File

@ -69,7 +69,7 @@ import {
import { cn } from '@/lib/utils'
type Step = 'input' | 'preview' | 'sending' | 'complete'
type Role = 'PROGRAM_ADMIN' | 'JURY_MEMBER' | 'MENTOR' | 'OBSERVER'
type Role = 'SUPER_ADMIN' | 'PROGRAM_ADMIN' | 'JURY_MEMBER' | 'MENTOR' | 'OBSERVER'
interface Assignment {
projectId: string
@ -99,6 +99,7 @@ interface ParsedUser {
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/
const ROLE_LABELS: Record<Role, string> = {
SUPER_ADMIN: 'Super Admin',
PROGRAM_ADMIN: 'Program Admin',
JURY_MEMBER: 'Jury Member',
MENTOR: 'Mentor',
@ -399,16 +400,18 @@ export default function MemberInvitePage() {
const name = nameKey ? row[nameKey]?.trim() : undefined
const rawRole = roleKey ? row[roleKey]?.trim().toUpperCase() : ''
const role: Role =
rawRole === 'PROGRAM_ADMIN'
? 'PROGRAM_ADMIN'
: rawRole === 'MENTOR'
? 'MENTOR'
: rawRole === 'OBSERVER'
? 'OBSERVER'
: 'JURY_MEMBER'
rawRole === 'SUPER_ADMIN'
? 'SUPER_ADMIN'
: rawRole === 'PROGRAM_ADMIN'
? 'PROGRAM_ADMIN'
: rawRole === 'MENTOR'
? 'MENTOR'
: rawRole === 'OBSERVER'
? 'OBSERVER'
: 'JURY_MEMBER'
const isValidFormat = emailRegex.test(email)
const isDuplicate = email ? seenEmails.has(email) : false
const isUnauthorizedAdmin = role === 'PROGRAM_ADMIN' && !isSuperAdmin
const isUnauthorizedAdmin = (role === 'PROGRAM_ADMIN' || role === 'SUPER_ADMIN') && !isSuperAdmin
if (isValidFormat && !isDuplicate && email) seenEmails.add(email)
return {
email,
@ -646,6 +649,11 @@ export default function MemberInvitePage() {
<SelectValue />
</SelectTrigger>
<SelectContent>
{isSuperAdmin && (
<SelectItem value="SUPER_ADMIN">
Super Admin
</SelectItem>
)}
{isSuperAdmin && (
<SelectItem value="PROGRAM_ADMIN">
Program Admin

4
src/app/(admin)/admin/rounds/[id]/edit/page.tsx
View File

@ -32,6 +32,7 @@ import {
type Criterion,
} from '@/components/forms/evaluation-form-builder'
import { RoundTypeSettings } from '@/components/forms/round-type-settings'
import { FileRequirementsEditor } from '@/components/admin/file-requirements-editor'
import { ArrowLeft, Loader2, AlertCircle, AlertTriangle, Bell, GitCompare, MessageSquare, FileText, Calendar, LayoutTemplate } from 'lucide-react'
import {
Dialog,
@ -485,6 +486,9 @@ function EditRoundContent({ roundId }: { roundId: string }) {
</CardContent>
</Card>
{/* File Requirements */}
<FileRequirementsEditor roundId={roundId} />
{/* Jury Features */}
<Card>
<CardHeader>

12
src/app/(public)/my-submission/[id]/submission-detail-client.tsx
View File

@ -20,6 +20,7 @@ import { Alert, AlertDescription, AlertTitle } from '@/components/ui/alert'
import { Tabs, TabsContent, TabsList, TabsTrigger } from '@/components/ui/tabs'
import { StatusTracker } from '@/components/shared/status-tracker'
import { MentorChat } from '@/components/shared/mentor-chat'
import { RequirementUploadList } from '@/components/shared/requirement-upload-slot'
import {
ArrowLeft,
FileText,
@ -321,6 +322,17 @@ export function SubmissionDetailClient() {
{/* Documents Tab */}
<TabsContent value="documents">
{/* File Requirements Upload Slots */}
{project.roundId && (
<div className="mb-4">
<RequirementUploadList
projectId={project.id}
roundId={project.roundId}
disabled={!isDraft}
/>
</div>
)}
<Card>
<CardHeader>
<CardTitle>Uploaded Documents</CardTitle>

19
src/app/(public)/my-submission/[id]/team/page.tsx
View File

@ -27,6 +27,7 @@ import {
SelectTrigger,
SelectValue,
} from '@/components/ui/select'
import { RequirementUploadList } from '@/components/shared/requirement-upload-slot'
import {
Dialog,
DialogContent,
@ -405,6 +406,24 @@ export default function TeamManagementPage() {
</CardContent>
</Card>
{/* Team Documents */}
{teamData?.roundId && (
<Card>
<CardHeader>
<CardTitle className="text-lg">Team Documents</CardTitle>
<CardDescription>
Upload required documents for your project. Any team member can upload files.
</CardDescription>
</CardHeader>
<CardContent>
<RequirementUploadList
projectId={projectId}
roundId={teamData.roundId}
/>
</CardContent>
</Card>
)}
{/* Info Card */}
<Card className="bg-muted/50">
<CardContent className="p-4">

375
src/components/admin/file-requirements-editor.tsx Normal file
View File

@ -0,0 +1,375 @@
'use client'
import { useState } from 'react'
import { trpc } from '@/lib/trpc/client'
import { Button } from '@/components/ui/button'
import { Input } from '@/components/ui/input'
import { Label } from '@/components/ui/label'
import { Textarea } from '@/components/ui/textarea'
import { Switch } from '@/components/ui/switch'
import { Badge } from '@/components/ui/badge'
import {
Card,
CardContent,
CardDescription,
CardHeader,
CardTitle,
} from '@/components/ui/card'
import {
Dialog,
DialogContent,
DialogDescription,
DialogFooter,
DialogHeader,
DialogTitle,
} from '@/components/ui/dialog'
import { toast } from 'sonner'
import {
Plus,
Pencil,
Trash2,
GripVertical,
ArrowUp,
ArrowDown,
FileText,
Loader2,
} from 'lucide-react'
const MIME_TYPE_PRESETS = [
{ label: 'PDF', value: 'application/pdf' },
{ label: 'Images', value: 'image/*' },
{ label: 'Video', value: 'video/*' },
{ label: 'Word Documents', value: 'application/vnd.openxmlformats-officedocument.wordprocessingml.document' },
{ label: 'Excel', value: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet' },
{ label: 'PowerPoint', value: 'application/vnd.openxmlformats-officedocument.presentationml.presentation' },
]
function getMimeLabel(mime: string): string {
const preset = MIME_TYPE_PRESETS.find((p) => p.value === mime)
if (preset) return preset.label
if (mime.endsWith('/*')) return mime.replace('/*', '')
return mime
}
interface FileRequirementsEditorProps {
roundId: string
}
interface RequirementFormData {
name: string
description: string
acceptedMimeTypes: string[]
maxSizeMB: string
isRequired: boolean
}
const emptyForm: RequirementFormData = {
name: '',
description: '',
acceptedMimeTypes: [],
maxSizeMB: '',
isRequired: true,
}
export function FileRequirementsEditor({ roundId }: FileRequirementsEditorProps) {
const utils = trpc.useUtils()
const { data: requirements = [], isLoading } = trpc.file.listRequirements.useQuery({ roundId })
const createMutation = trpc.file.createRequirement.useMutation({
onSuccess: () => {
utils.file.listRequirements.invalidate({ roundId })
toast.success('Requirement created')
},
onError: (err) => toast.error(err.message),
})
const updateMutation = trpc.file.updateRequirement.useMutation({
onSuccess: () => {
utils.file.listRequirements.invalidate({ roundId })
toast.success('Requirement updated')
},
onError: (err) => toast.error(err.message),
})
const deleteMutation = trpc.file.deleteRequirement.useMutation({
onSuccess: () => {
utils.file.listRequirements.invalidate({ roundId })
toast.success('Requirement deleted')
},
onError: (err) => toast.error(err.message),
})
const reorderMutation = trpc.file.reorderRequirements.useMutation({
onSuccess: () => utils.file.listRequirements.invalidate({ roundId }),
onError: (err) => toast.error(err.message),
})
const [dialogOpen, setDialogOpen] = useState(false)
const [editingId, setEditingId] = useState<string | null>(null)
const [form, setForm] = useState<RequirementFormData>(emptyForm)
const openCreate = () => {
setEditingId(null)
setForm(emptyForm)
setDialogOpen(true)
}
const openEdit = (req: typeof requirements[number]) => {
setEditingId(req.id)
setForm({
name: req.name,
description: req.description || '',
acceptedMimeTypes: req.acceptedMimeTypes,
maxSizeMB: req.maxSizeMB?.toString() || '',
isRequired: req.isRequired,
})
setDialogOpen(true)
}
const handleSave = async () => {
if (!form.name.trim()) {
toast.error('Name is required')
return
}
const maxSizeMB = form.maxSizeMB ? parseInt(form.maxSizeMB) : undefined
if (editingId) {
await updateMutation.mutateAsync({
id: editingId,
name: form.name.trim(),
description: form.description.trim() || null,
acceptedMimeTypes: form.acceptedMimeTypes,
maxSizeMB: maxSizeMB || null,
isRequired: form.isRequired,
})
} else {
await createMutation.mutateAsync({
roundId,
name: form.name.trim(),
description: form.description.trim() || undefined,
acceptedMimeTypes: form.acceptedMimeTypes,
maxSizeMB,
isRequired: form.isRequired,
sortOrder: requirements.length,
})
}
setDialogOpen(false)
}
const handleDelete = async (id: string) => {
await deleteMutation.mutateAsync({ id })
}
const handleMove = async (index: number, direction: 'up' | 'down') => {
const newOrder = [...requirements]
const swapIndex = direction === 'up' ? index - 1 : index + 1
if (swapIndex < 0 || swapIndex >= newOrder.length) return
;[newOrder[index], newOrder[swapIndex]] = [newOrder[swapIndex], newOrder[index]]
await reorderMutation.mutateAsync({
roundId,
orderedIds: newOrder.map((r) => r.id),
})
}
const toggleMimeType = (mime: string) => {
setForm((prev) => ({
...prev,
acceptedMimeTypes: prev.acceptedMimeTypes.includes(mime)
? prev.acceptedMimeTypes.filter((m) => m !== mime)
: [...prev.acceptedMimeTypes, mime],
}))
}
const isSaving = createMutation.isPending || updateMutation.isPending
return (
<Card>
<CardHeader>
<div className="flex items-center justify-between">
<div>
<CardTitle className="flex items-center gap-2">
<FileText className="h-5 w-5" />
File Requirements
</CardTitle>
<CardDescription>
Define required files applicants must upload for this round
</CardDescription>
</div>
<Button onClick={openCreate} size="sm">
<Plus className="mr-1 h-4 w-4" />
Add Requirement
</Button>
</div>
</CardHeader>
<CardContent>
{isLoading ? (
<div className="flex items-center justify-center py-8">
<Loader2 className="h-6 w-6 animate-spin text-muted-foreground" />
</div>
) : requirements.length === 0 ? (
<div className="text-center py-8 text-muted-foreground">
No file requirements defined. Applicants can still upload files freely.
</div>
) : (
<div className="space-y-2">
{requirements.map((req, index) => (
<div
key={req.id}
className="flex items-center gap-3 rounded-lg border p-3 bg-background"
>
<div className="flex flex-col gap-0.5">
<Button
variant="ghost"
size="icon"
className="h-6 w-6"
onClick={() => handleMove(index, 'up')}
disabled={index === 0}
>
<ArrowUp className="h-3 w-3" />
</Button>
<Button
variant="ghost"
size="icon"
className="h-6 w-6"
onClick={() => handleMove(index, 'down')}
disabled={index === requirements.length - 1}
>
<ArrowDown className="h-3 w-3" />
</Button>
</div>
<GripVertical className="h-4 w-4 text-muted-foreground shrink-0" />
<div className="flex-1 min-w-0">
<div className="flex items-center gap-2 mb-1">
<span className="font-medium truncate">{req.name}</span>
<Badge variant={req.isRequired ? 'destructive' : 'secondary'} className="text-xs shrink-0">
{req.isRequired ? 'Required' : 'Optional'}
</Badge>
</div>
{req.description && (
<p className="text-sm text-muted-foreground line-clamp-1">{req.description}</p>
)}
<div className="flex flex-wrap gap-1 mt-1">
{req.acceptedMimeTypes.map((mime) => (
<Badge key={mime} variant="outline" className="text-xs">
{getMimeLabel(mime)}
</Badge>
))}
{req.maxSizeMB && (
<Badge variant="outline" className="text-xs">
Max {req.maxSizeMB}MB
</Badge>
)}
</div>
</div>
<div className="flex items-center gap-1 shrink-0">
<Button variant="ghost" size="icon" className="h-8 w-8" onClick={() => openEdit(req)}>
<Pencil className="h-4 w-4" />
</Button>
<Button
variant="ghost"
size="icon"
className="h-8 w-8 text-destructive hover:text-destructive"
onClick={() => handleDelete(req.id)}
disabled={deleteMutation.isPending}
>
<Trash2 className="h-4 w-4" />
</Button>
</div>
</div>
))}
</div>
)}
</CardContent>
{/* Create/Edit Dialog */}
<Dialog open={dialogOpen} onOpenChange={setDialogOpen}>
<DialogContent className="max-w-md">
<DialogHeader>
<DialogTitle>{editingId ? 'Edit' : 'Add'} File Requirement</DialogTitle>
<DialogDescription>
Define what file applicants need to upload for this round.
</DialogDescription>
</DialogHeader>
<div className="space-y-4">
<div className="space-y-2">
<Label htmlFor="req-name">Name *</Label>
<Input
id="req-name"
value={form.name}
onChange={(e) => setForm((p) => ({ ...p, name: e.target.value }))}
placeholder="e.g., Executive Summary"
/>
</div>
<div className="space-y-2">
<Label htmlFor="req-desc">Description</Label>
<Textarea
id="req-desc"
value={form.description}
onChange={(e) => setForm((p) => ({ ...p, description: e.target.value }))}
placeholder="Describe what this file should contain..."
rows={3}
/>
</div>
<div className="space-y-2">
<Label>Accepted File Types</Label>
<div className="flex flex-wrap gap-2">
{MIME_TYPE_PRESETS.map((preset) => (
<Badge
key={preset.value}
variant={form.acceptedMimeTypes.includes(preset.value) ? 'default' : 'outline'}
className="cursor-pointer"
onClick={() => toggleMimeType(preset.value)}
>
{preset.label}
</Badge>
))}
</div>
<p className="text-xs text-muted-foreground">
Leave empty to accept any file type
</p>
</div>
<div className="space-y-2">
<Label htmlFor="req-size">Max File Size (MB)</Label>
<Input
id="req-size"
type="number"
value={form.maxSizeMB}
onChange={(e) => setForm((p) => ({ ...p, maxSizeMB: e.target.value }))}
placeholder="No limit"
min={1}
max={5000}
/>
</div>
<div className="flex items-center justify-between">
<div>
<Label htmlFor="req-required">Required</Label>
<p className="text-xs text-muted-foreground">
Applicants must upload this file
</p>
</div>
<Switch
id="req-required"
checked={form.isRequired}
onCheckedChange={(checked) => setForm((p) => ({ ...p, isRequired: checked }))}
/>
</div>
</div>
<DialogFooter>
<Button variant="outline" onClick={() => setDialogOpen(false)}>
Cancel
</Button>
<Button onClick={handleSave} disabled={isSaving}>
{isSaving && <Loader2 className="mr-2 h-4 w-4 animate-spin" />}
{editingId ? 'Update' : 'Create'}
</Button>
</DialogFooter>
</DialogContent>
</Dialog>
</Card>
)
}

107
src/components/shared/file-viewer.tsx
View File

@ -26,6 +26,7 @@ import {
X,
History,
PackageOpen,
CheckCircle2,
} from 'lucide-react'
import { cn } from '@/lib/utils'
import { toast } from 'sonner'
@ -45,6 +46,13 @@ function isOfficeFile(mimeType: string, fileName: string): boolean {
return OFFICE_EXTENSIONS.includes(ext)
}
interface FileRequirementInfo {
id: string
name: string
description?: string | null
isRequired: boolean
}
interface ProjectFile {
id: string
fileType: 'EXEC_SUMMARY' | 'PRESENTATION' | 'VIDEO' | 'OTHER' | 'BUSINESS_PLAN' | 'VIDEO_PITCH' | 'SUPPORTING_DOC'
@ -55,6 +63,8 @@ interface ProjectFile {
objectKey: string
version?: number
isLate?: boolean
requirementId?: string | null
requirement?: FileRequirementInfo | null
}
interface RoundGroup {
@ -68,6 +78,7 @@ interface FileViewerProps {
files?: ProjectFile[]
groupedFiles?: RoundGroup[]
projectId?: string
roundId?: string
className?: string
}
@ -107,7 +118,7 @@ function getFileTypeLabel(fileType: string) {
}
}
export function FileViewer({ files, groupedFiles, projectId, className }: FileViewerProps) {
export function FileViewer({ files, groupedFiles, projectId, roundId, className }: FileViewerProps) {
// Render grouped view if groupedFiles is provided
if (groupedFiles) {
return <GroupedFileViewer groupedFiles={groupedFiles} className={className} />
@ -129,13 +140,17 @@ export function FileViewer({ files, groupedFiles, projectId, className }: FileVi
}
// Sort files by type order
const sortOrder = ['EXEC_SUMMARY', 'BUSINESS_PLAN', 'PRESENTATION', 'VIDEO', 'VIDEO_PITCH', 'SUPPORTING_DOC', 'OTHER']
const typeSortOrder = ['EXEC_SUMMARY', 'BUSINESS_PLAN', 'PRESENTATION', 'VIDEO', 'VIDEO_PITCH', 'SUPPORTING_DOC', 'OTHER']
const sortedFiles = [...files].sort(
(a, b) => sortOrder.indexOf(a.fileType) - sortOrder.indexOf(b.fileType)
(a, b) => typeSortOrder.indexOf(a.fileType) - typeSortOrder.indexOf(b.fileType)
)
return (
<Card className={className}>
<div className={cn('space-y-4', className)}>
{/* Requirement Fulfillment Checklist */}
{roundId && <RequirementChecklist roundId={roundId} files={files} />}
<Card>
<CardHeader className="flex flex-row items-center justify-between space-y-0">
<CardTitle className="text-lg">Project Files</CardTitle>
{projectId && files.length > 1 && (
@ -147,7 +162,8 @@ export function FileViewer({ files, groupedFiles, projectId, className }: FileVi
<FileItem key={file.id} file={file} />
))}
</CardContent>
</Card>
</Card>
</div>
)
}
@ -719,6 +735,87 @@ function CompactFileItem({ file }: { file: ProjectFile }) {
)
}
/**
* Displays a checklist of file requirements and their fulfillment status.
* Used by admins/jury to see which required files have been uploaded.
*/
function RequirementChecklist({ roundId, files }: { roundId: string; files: ProjectFile[] }) {
const { data: requirements = [] } = trpc.file.listRequirements.useQuery({ roundId })
if (requirements.length === 0) return null
const fulfilled = requirements.filter((req) =>
files.some((f) => f.requirementId === req.id)
).length
const total = requirements.length
const allRequired = requirements.filter((r) => r.isRequired)
const requiredFulfilled = allRequired.filter((req) =>
files.some((f) => f.requirementId === req.id)
).length
return (
<Card>
<CardHeader className="pb-3">
<div className="flex items-center justify-between">
<CardTitle className="text-lg">Document Requirements</CardTitle>
<Badge variant={requiredFulfilled === allRequired.length ? 'default' : 'destructive'}>
{fulfilled}/{total} uploaded
</Badge>
</div>
</CardHeader>
<CardContent className="space-y-2">
{requirements.map((req) => {
const file = files.find((f) => f.requirementId === req.id)
const isFulfilled = !!file
return (
<div
key={req.id}
className={cn(
'flex items-center gap-3 rounded-lg border p-2.5 text-sm',
isFulfilled
? 'border-green-200 bg-green-50 dark:border-green-900 dark:bg-green-950'
: req.isRequired
? 'border-red-200 bg-red-50 dark:border-red-900 dark:bg-red-950'
: 'border-muted'
)}
>
{isFulfilled ? (
<CheckCircle2 className="h-4 w-4 text-green-600 shrink-0" />
) : req.isRequired ? (
<AlertCircle className="h-4 w-4 text-red-500 shrink-0" />
) : (
<File className="h-4 w-4 text-muted-foreground shrink-0" />
)}
<div className="flex-1 min-w-0">
<div className="flex items-center gap-2">
<span className="font-medium">{req.name}</span>
<Badge
variant={req.isRequired ? 'destructive' : 'secondary'}
className="text-xs"
>
{req.isRequired ? 'Required' : 'Optional'}
</Badge>
</div>
{isFulfilled && file ? (
<p className="text-xs text-muted-foreground truncate">
{file.fileName} ({formatFileSize(file.size)})
</p>
) : (
<p className="text-xs text-muted-foreground">Not uploaded</p>
)}
</div>
{isFulfilled && file && (
<FileDownloadButton file={file} />
)}
</div>
)
})}
</CardContent>
</Card>
)
}
export function FileViewerSkeleton() {
return (
<Card>

362
src/components/shared/requirement-upload-slot.tsx Normal file
View File

@ -0,0 +1,362 @@
'use client'
import { useState, useCallback, useRef } from 'react'
import { trpc } from '@/lib/trpc/client'
import { Button } from '@/components/ui/button'
import { Progress } from '@/components/ui/progress'
import { Badge } from '@/components/ui/badge'
import {
Upload,
FileIcon,
CheckCircle2,
AlertCircle,
Loader2,
Trash2,
RefreshCw,
} from 'lucide-react'
import { cn, formatFileSize } from '@/lib/utils'
import { toast } from 'sonner'
function getMimeLabel(mime: string): string {
if (mime === 'application/pdf') return 'PDF'
if (mime.startsWith('image/')) return 'Images'
if (mime.startsWith('video/')) return 'Video'
if (mime.includes('wordprocessingml')) return 'Word'
if (mime.includes('spreadsheetml')) return 'Excel'
if (mime.includes('presentationml')) return 'PowerPoint'
if (mime.endsWith('/*')) return mime.replace('/*', '')
return mime
}
interface FileRequirement {
id: string
name: string
description?: string | null
acceptedMimeTypes: string[]
maxSizeMB?: number | null
isRequired: boolean
}
interface UploadedFile {
id: string
fileName: string
mimeType: string
size: number
createdAt: string | Date
requirementId?: string | null
}
interface RequirementUploadSlotProps {
requirement: FileRequirement
existingFile?: UploadedFile | null
projectId: string
roundId: string
onFileChange?: () => void
disabled?: boolean
}
export function RequirementUploadSlot({
requirement,
existingFile,
projectId,
roundId,
onFileChange,
disabled = false,
}: RequirementUploadSlotProps) {
const [uploading, setUploading] = useState(false)
const [progress, setProgress] = useState(0)
const [deleting, setDeleting] = useState(false)
const fileInputRef = useRef<HTMLInputElement>(null)
const getUploadUrl = trpc.applicant.getUploadUrl.useMutation()
const saveFileMetadata = trpc.applicant.saveFileMetadata.useMutation()
const deleteFile = trpc.applicant.deleteFile.useMutation()
const acceptsMime = useCallback(
(mimeType: string) => {
if (requirement.acceptedMimeTypes.length === 0) return true
return requirement.acceptedMimeTypes.some((pattern) => {
if (pattern.endsWith('/*')) {
return mimeType.startsWith(pattern.replace('/*', '/'))
}
return mimeType === pattern
})
},
[requirement.acceptedMimeTypes]
)
const handleFileSelect = useCallback(
async (e: React.ChangeEvent<HTMLInputElement>) => {
const file = e.target.files?.[0]
if (!file) return
// Reset input
if (fileInputRef.current) fileInputRef.current.value = ''
// Validate mime type
if (!acceptsMime(file.type)) {
toast.error(`File type ${file.type} is not accepted for this requirement`)
return
}
// Validate size
if (requirement.maxSizeMB && file.size > requirement.maxSizeMB * 1024 * 1024) {
toast.error(`File exceeds maximum size of ${requirement.maxSizeMB}MB`)
return
}
setUploading(true)
setProgress(0)
try {
// Get presigned URL
const { url, bucket, objectKey, isLate, roundId: uploadRoundId } =
await getUploadUrl.mutateAsync({
projectId,
fileName: file.name,
mimeType: file.type,
fileType: 'OTHER',
roundId,
requirementId: requirement.id,
})
// Upload file with progress tracking
await new Promise<void>((resolve, reject) => {
const xhr = new XMLHttpRequest()
xhr.upload.addEventListener('progress', (event) => {
if (event.lengthComputable) {
setProgress(Math.round((event.loaded / event.total) * 100))
}
})
xhr.addEventListener('load', () => {
if (xhr.status >= 200 && xhr.status < 300) {
resolve()
} else {
reject(new Error(`Upload failed with status ${xhr.status}`))
}
})
xhr.addEventListener('error', () => reject(new Error('Upload failed')))
xhr.open('PUT', url)
xhr.setRequestHeader('Content-Type', file.type)
xhr.send(file)
})
// Save metadata
await saveFileMetadata.mutateAsync({
projectId,
fileName: file.name,
mimeType: file.type,
size: file.size,
fileType: 'OTHER',
bucket,
objectKey,
roundId: uploadRoundId || roundId,
isLate: isLate || false,
requirementId: requirement.id,
})
toast.success(`${requirement.name} uploaded successfully`)
onFileChange?.()
} catch (err) {
toast.error(err instanceof Error ? err.message : 'Upload failed')
} finally {
setUploading(false)
setProgress(0)
}
},
[projectId, roundId, requirement, acceptsMime, getUploadUrl, saveFileMetadata, onFileChange]
)
const handleDelete = useCallback(async () => {
if (!existingFile) return
setDeleting(true)
try {
await deleteFile.mutateAsync({ fileId: existingFile.id })
toast.success('File deleted')
onFileChange?.()
} catch (err) {
toast.error(err instanceof Error ? err.message : 'Delete failed')
} finally {
setDeleting(false)
}
}, [existingFile, deleteFile, onFileChange])
const isFulfilled = !!existingFile
const statusColor = isFulfilled
? 'border-green-200 bg-green-50 dark:border-green-900 dark:bg-green-950'
: requirement.isRequired
? 'border-red-200 bg-red-50 dark:border-red-900 dark:bg-red-950'
: 'border-muted'
// Build accept string for file input
const acceptStr =
requirement.acceptedMimeTypes.length > 0
? requirement.acceptedMimeTypes.join(',')
: undefined
return (
<div className={cn('rounded-lg border p-4 transition-colors', statusColor)}>
<div className="flex items-start justify-between gap-3">
<div className="flex-1 min-w-0">
<div className="flex items-center gap-2 mb-1">
{isFulfilled ? (
<CheckCircle2 className="h-4 w-4 text-green-600 shrink-0" />
) : requirement.isRequired ? (
<AlertCircle className="h-4 w-4 text-red-500 shrink-0" />
) : (
<FileIcon className="h-4 w-4 text-muted-foreground shrink-0" />
)}
<span className="font-medium text-sm">{requirement.name}</span>
<Badge
variant={requirement.isRequired ? 'destructive' : 'secondary'}
className="text-xs shrink-0"
>
{requirement.isRequired ? 'Required' : 'Optional'}
</Badge>
</div>
{requirement.description && (
<p className="text-xs text-muted-foreground ml-6 mb-2">
{requirement.description}
</p>
)}
<div className="flex flex-wrap gap-1 ml-6 mb-2">
{requirement.acceptedMimeTypes.map((mime) => (
<Badge key={mime} variant="outline" className="text-xs">
{getMimeLabel(mime)}
</Badge>
))}
{requirement.maxSizeMB && (
<Badge variant="outline" className="text-xs">
Max {requirement.maxSizeMB}MB
</Badge>
)}
</div>
{existingFile && (
<div className="ml-6 flex items-center gap-2 text-xs text-muted-foreground">
<FileIcon className="h-3 w-3" />
<span className="truncate">{existingFile.fileName}</span>
<span>({formatFileSize(existingFile.size)})</span>
</div>
)}
{uploading && (
<div className="ml-6 mt-2">
<Progress value={progress} className="h-1.5" />
<p className="text-xs text-muted-foreground mt-1">Uploading... {progress}%</p>
</div>
)}
</div>
{!disabled && (
<div className="flex items-center gap-1 shrink-0">
{existingFile ? (
<>
<Button
variant="outline"
size="sm"
onClick={() => fileInputRef.current?.click()}
disabled={uploading}
>
<RefreshCw className="mr-1 h-3 w-3" />
Replace
</Button>
<Button
variant="ghost"
size="icon"
className="h-8 w-8 text-destructive hover:text-destructive"
onClick={handleDelete}
disabled={deleting}
>
{deleting ? (
<Loader2 className="h-4 w-4 animate-spin" />
) : (
<Trash2 className="h-4 w-4" />
)}
</Button>
</>
) : (
<Button
variant="outline"
size="sm"
onClick={() => fileInputRef.current?.click()}
disabled={uploading}
>
{uploading ? (
<Loader2 className="mr-1 h-3 w-3 animate-spin" />
) : (
<Upload className="mr-1 h-3 w-3" />
)}
Upload
</Button>
)}
</div>
)}
</div>
<input
ref={fileInputRef}
type="file"
className="hidden"
accept={acceptStr}
onChange={handleFileSelect}
/>
</div>
)
}
interface RequirementUploadListProps {
projectId: string
roundId: string
disabled?: boolean
}
export function RequirementUploadList({ projectId, roundId, disabled }: RequirementUploadListProps) {
const utils = trpc.useUtils()
const { data: requirements = [] } = trpc.file.listRequirements.useQuery({ roundId })
const { data: files = [] } = trpc.file.listByProject.useQuery({ projectId, roundId })
if (requirements.length === 0) return null
const handleFileChange = () => {
utils.file.listByProject.invalidate({ projectId, roundId })
}
return (
<div className="space-y-3">
<h3 className="text-sm font-semibold text-muted-foreground uppercase tracking-wide">
Required Documents
</h3>
{requirements.map((req) => {
const existing = files.find(
(f) => (f as { requirementId?: string | null }).requirementId === req.id
)
return (
<RequirementUploadSlot
key={req.id}
requirement={req}
existingFile={
existing
? {
id: existing.id,
fileName: existing.fileName,
mimeType: existing.mimeType,
size: existing.size,
createdAt: existing.createdAt,
requirementId: (existing as { requirementId?: string | null }).requirementId,
}
: null
}
projectId={projectId}
roundId={roundId}
onFileChange={handleFileChange}
disabled={disabled}
/>
)
})}
</div>
)
}

117
src/server/routers/applicant.ts
View File

@ -234,22 +234,33 @@ export const applicantRouter = router({
mimeType: z.string(),
fileType: z.enum(['EXEC_SUMMARY', 'BUSINESS_PLAN', 'VIDEO_PITCH', 'PRESENTATION', 'SUPPORTING_DOC', 'OTHER']),
roundId: z.string().optional(),
requirementId: z.string().optional(),
})
)
.mutation(async ({ ctx, input }) => {
// Only applicants can use this
// Applicants or team members can upload
if (ctx.user.role !== 'APPLICANT') {
throw new TRPCError({
code: 'FORBIDDEN',
message: 'Only applicants can upload files',
// Check if user is a team member of the project
const teamMembership = await ctx.prisma.teamMember.findFirst({
where: { projectId: input.projectId, userId: ctx.user.id },
select: { id: true },
})
if (!teamMembership) {
throw new TRPCError({
code: 'FORBIDDEN',
message: 'Only applicants or team members can upload files',
})
}
}
// Verify project ownership
// Verify project access (owner or team member)
const project = await ctx.prisma.project.findFirst({
where: {
id: input.projectId,
submittedByUserId: ctx.user.id,
OR: [
{ submittedByUserId: ctx.user.id },
{ teamMembers: { some: { userId: ctx.user.id } } },
],
},
include: {
round: { select: { id: true, votingStartAt: true, settingsJson: true } },
@ -263,6 +274,31 @@ export const applicantRouter = router({
})
}
// If uploading against a requirement, validate mime type and size
if (input.requirementId) {
const requirement = await ctx.prisma.fileRequirement.findUnique({
where: { id: input.requirementId },
})
if (!requirement) {
throw new TRPCError({ code: 'NOT_FOUND', message: 'File requirement not found' })
}
// Validate mime type
if (requirement.acceptedMimeTypes.length > 0) {
const accepted = requirement.acceptedMimeTypes.some((pattern) => {
if (pattern.endsWith('/*')) {
return input.mimeType.startsWith(pattern.replace('/*', '/'))
}
return input.mimeType === pattern
})
if (!accepted) {
throw new TRPCError({
code: 'BAD_REQUEST',
message: `File type ${input.mimeType} is not accepted. Accepted types: ${requirement.acceptedMimeTypes.join(', ')}`,
})
}
}
}
// Check round upload deadline policy if roundId provided
let isLate = false
const targetRoundId = input.roundId || project.roundId
@ -331,22 +367,32 @@ export const applicantRouter = router({
objectKey: z.string(),
roundId: z.string().optional(),
isLate: z.boolean().optional(),
requirementId: z.string().optional(),
})
)
.mutation(async ({ ctx, input }) => {
// Only applicants can use this
// Applicants or team members can save files
if (ctx.user.role !== 'APPLICANT') {
throw new TRPCError({
code: 'FORBIDDEN',
message: 'Only applicants can save files',
const teamMembership = await ctx.prisma.teamMember.findFirst({
where: { projectId: input.projectId, userId: ctx.user.id },
select: { id: true },
})
if (!teamMembership) {
throw new TRPCError({
code: 'FORBIDDEN',
message: 'Only applicants or team members can save files',
})
}
}
// Verify project ownership
// Verify project access
const project = await ctx.prisma.project.findFirst({
where: {
id: input.projectId,
submittedByUserId: ctx.user.id,
OR: [
{ submittedByUserId: ctx.user.id },
{ teamMembers: { some: { userId: ctx.user.id } } },
],
},
})
@ -357,16 +403,26 @@ export const applicantRouter = router({
})
}
const { projectId, roundId, isLate, ...fileData } = input
const { projectId, roundId, isLate, requirementId, ...fileData } = input
// Delete existing file of same type, scoped by roundId if provided
await ctx.prisma.projectFile.deleteMany({
where: {
projectId,
fileType: input.fileType,
...(roundId ? { roundId } : {}),
},
})
// Delete existing file: by requirementId if provided, otherwise by fileType+roundId
if (requirementId) {
await ctx.prisma.projectFile.deleteMany({
where: {
projectId,
requirementId,
...(roundId ? { roundId } : {}),
},
})
} else {
await ctx.prisma.projectFile.deleteMany({
where: {
projectId,
fileType: input.fileType,
...(roundId ? { roundId } : {}),
},
})
}
// Create new file record
const file = await ctx.prisma.projectFile.create({
@ -375,6 +431,7 @@ export const applicantRouter = router({
...fileData,
roundId: roundId || null,
isLate: isLate || false,
requirementId: requirementId || null,
},
})
@ -387,21 +444,16 @@ export const applicantRouter = router({
deleteFile: protectedProcedure
.input(z.object({ fileId: z.string() }))
.mutation(async ({ ctx, input }) => {
// Only applicants can use this
if (ctx.user.role !== 'APPLICANT') {
throw new TRPCError({
code: 'FORBIDDEN',
message: 'Only applicants can delete files',
})
}
const file = await ctx.prisma.projectFile.findUniqueOrThrow({
where: { id: input.fileId },
include: { project: true },
include: { project: { include: { teamMembers: { select: { userId: true } } } } },
})
// Verify ownership
if (file.project.submittedByUserId !== ctx.user.id) {
// Verify ownership or team membership
const isOwner = file.project.submittedByUserId === ctx.user.id
const isTeamMember = file.project.teamMembers.some((tm) => tm.userId === ctx.user.id)
if (!isOwner && !isTeamMember) {
throw new TRPCError({
code: 'FORBIDDEN',
message: 'You do not have access to this file',
@ -705,6 +757,7 @@ export const applicantRouter = router({
return {
teamMembers: project.teamMembers,
submittedBy: project.submittedBy,
roundId: project.roundId,
}
}),

134
src/server/routers/file.ts
View File

@ -288,6 +288,7 @@ export const fileRouter = router({
where,
include: {
round: { select: { id: true, name: true, sortOrder: true } },
requirement: { select: { id: true, name: true, description: true, isRequired: true } },
},
orderBy: [{ fileType: 'asc' }, { createdAt: 'asc' }],
})
@ -364,6 +365,7 @@ export const fileRouter = router({
},
include: {
round: { select: { id: true, name: true, sortOrder: true } },
requirement: { select: { id: true, name: true, description: true, isRequired: true } },
},
orderBy: [{ createdAt: 'asc' }],
})
@ -665,4 +667,136 @@ export const fileRouter = router({
return results
}),
// =========================================================================
// FILE REQUIREMENTS
// =========================================================================
/**
* List file requirements for a round (available to any authenticated user)
*/
listRequirements: protectedProcedure
.input(z.object({ roundId: z.string() }))
.query(async ({ ctx, input }) => {
return ctx.prisma.fileRequirement.findMany({
where: { roundId: input.roundId },
orderBy: { sortOrder: 'asc' },
})
}),
/**
* Create a file requirement for a round (admin only)
*/
createRequirement: adminProcedure
.input(
z.object({
roundId: z.string(),
name: z.string().min(1).max(200),
description: z.string().max(1000).optional(),
acceptedMimeTypes: z.array(z.string()).default([]),
maxSizeMB: z.number().int().min(1).max(5000).optional(),
isRequired: z.boolean().default(true),
sortOrder: z.number().int().default(0),
})
)
.mutation(async ({ ctx, input }) => {
const requirement = await ctx.prisma.fileRequirement.create({
data: input,
})
try {
await logAudit({
prisma: ctx.prisma,
userId: ctx.user.id,
action: 'CREATE',
entityType: 'FileRequirement',
entityId: requirement.id,
detailsJson: { name: input.name, roundId: input.roundId },
})
} catch {}
return requirement
}),
/**
* Update a file requirement (admin only)
*/
updateRequirement: adminProcedure
.input(
z.object({
id: z.string(),
name: z.string().min(1).max(200).optional(),
description: z.string().max(1000).optional().nullable(),
acceptedMimeTypes: z.array(z.string()).optional(),
maxSizeMB: z.number().int().min(1).max(5000).optional().nullable(),
isRequired: z.boolean().optional(),
sortOrder: z.number().int().optional(),
})
)
.mutation(async ({ ctx, input }) => {
const { id, ...data } = input
const requirement = await ctx.prisma.fileRequirement.update({
where: { id },
data,
})
try {
await logAudit({
prisma: ctx.prisma,
userId: ctx.user.id,
action: 'UPDATE',
entityType: 'FileRequirement',
entityId: id,
detailsJson: data,
})
} catch {}
return requirement
}),
/**
* Delete a file requirement (admin only)
*/
deleteRequirement: adminProcedure
.input(z.object({ id: z.string() }))
.mutation(async ({ ctx, input }) => {
await ctx.prisma.fileRequirement.delete({
where: { id: input.id },
})
try {
await logAudit({
prisma: ctx.prisma,
userId: ctx.user.id,
action: 'DELETE',
entityType: 'FileRequirement',
entityId: input.id,
})
} catch {}
return { success: true }
}),
/**
* Reorder file requirements (admin only)
*/
reorderRequirements: adminProcedure
.input(
z.object({
roundId: z.string(),
orderedIds: z.array(z.string()),
})
)
.mutation(async ({ ctx, input }) => {
await ctx.prisma.$transaction(
input.orderedIds.map((id, index) =>
ctx.prisma.fileRequirement.update({
where: { id },
data: { sortOrder: index },
})
)
)
return { success: true }
}),
})

31
src/server/routers/user.ts
View File

@ -274,7 +274,7 @@ export const userRouter = router({
z.object({
email: z.string().email(),
name: z.string().optional(),
role: z.enum(['PROGRAM_ADMIN', 'JURY_MEMBER', 'MENTOR', 'OBSERVER']).default('JURY_MEMBER'),
role: z.enum(['SUPER_ADMIN', 'PROGRAM_ADMIN', 'JURY_MEMBER', 'MENTOR', 'OBSERVER']).default('JURY_MEMBER'),
expertiseTags: z.array(z.string()).optional(),
maxAssignments: z.number().int().min(1).max(100).optional(),
})
@ -292,7 +292,13 @@ export const userRouter = router({
})
}
// Prevent non-super-admins from creating admins
// Prevent non-super-admins from creating super admins or program admins
if (input.role === 'SUPER_ADMIN' && ctx.user.role !== 'SUPER_ADMIN') {
throw new TRPCError({
code: 'FORBIDDEN',
message: 'Only super admins can create super admins',
})
}
if (input.role === 'PROGRAM_ADMIN' && ctx.user.role !== 'SUPER_ADMIN') {
throw new TRPCError({
code: 'FORBIDDEN',
@ -333,7 +339,7 @@ export const userRouter = router({
z.object({
id: z.string(),
name: z.string().optional().nullable(),
role: z.enum(['PROGRAM_ADMIN', 'JURY_MEMBER', 'MENTOR', 'OBSERVER']).optional(),
role: z.enum(['SUPER_ADMIN', 'PROGRAM_ADMIN', 'JURY_MEMBER', 'MENTOR', 'OBSERVER']).optional(),
status: z.enum(['INVITED', 'ACTIVE', 'SUSPENDED']).optional(),
expertiseTags: z.array(z.string()).optional(),
maxAssignments: z.number().int().min(1).max(100).optional().nullable(),
@ -356,7 +362,13 @@ export const userRouter = router({
})
}
// Prevent non-super-admins from assigning admin role
// Prevent non-super-admins from assigning super admin or admin role
if (data.role === 'SUPER_ADMIN' && ctx.user.role !== 'SUPER_ADMIN') {
throw new TRPCError({
code: 'FORBIDDEN',
message: 'Only super admins can assign super admin role',
})
}
if (data.role === 'PROGRAM_ADMIN' && ctx.user.role !== 'SUPER_ADMIN') {
throw new TRPCError({
code: 'FORBIDDEN',
@ -452,7 +464,7 @@ export const userRouter = router({
z.object({
email: z.string().email(),
name: z.string().optional(),
role: z.enum(['PROGRAM_ADMIN', 'JURY_MEMBER', 'MENTOR', 'OBSERVER']).default('JURY_MEMBER'),
role: z.enum(['SUPER_ADMIN', 'PROGRAM_ADMIN', 'JURY_MEMBER', 'MENTOR', 'OBSERVER']).default('JURY_MEMBER'),
expertiseTags: z.array(z.string()).optional(),
// Optional pre-assignments for jury members
assignments: z
@ -468,7 +480,14 @@ export const userRouter = router({
})
)
.mutation(async ({ ctx, input }) => {
// Prevent non-super-admins from creating program admins
// Prevent non-super-admins from creating super admins or program admins
const hasSuperAdminRole = input.users.some((u) => u.role === 'SUPER_ADMIN')
if (hasSuperAdminRole && ctx.user.role !== 'SUPER_ADMIN') {
throw new TRPCError({
code: 'FORBIDDEN',
message: 'Only super admins can create super admins',
})
}
const hasAdminRole = input.users.some((u) => u.role === 'PROGRAM_ADMIN')
if (hasAdminRole && ctx.user.role !== 'SUPER_ADMIN') {
throw new TRPCError({