good forst commit

2026-06-09 02:02:40 +05:30
parent 801c1d7121
commit 249d759e6a
215 changed files with 15425 additions and 1240 deletions
@@ -0,0 +1,44 @@
+'use client';
+
+import { useRouter } from 'next/navigation';
+import { useState, useTransition } from 'react';
+
+export function GroupOptOutButton({ groupId, groupName }: { groupId: string; groupName: string }) {
+  const router = useRouter();
+  const [pending, startTransition] = useTransition();
+  const [error, setError] = useState<string | null>(null);
+
+  function handleClick() {
+    if (!window.confirm(`Revoke consent for "${groupName}"? Your messages will no longer be archived from this group.`)) {
+      return;
+    }
+    setError(null);
+    startTransition(async () => {
+      const res = await fetch('/api/my/opt-out', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json', Accept: 'application/json' },
+        body: JSON.stringify({ groupId }),
+      });
+      if (!res.ok) {
+        const body = (await res.json().catch(() => ({}))) as { message?: string };
+        setError(body.message ?? 'Opt-out failed');
+        return;
+      }
+      router.refresh();
+    });
+  }
+
+  return (
+    <div className="flex flex-col items-end gap-1">
+      <button
+        type="button"
+        onClick={handleClick}
+        disabled={pending}
+        className="rounded border border-red-200 px-3 py-1 text-xs text-red-700 hover:bg-red-50 disabled:opacity-50"
+      >
+        {pending ? 'Revoking…' : 'Revoke consent'}
+      </button>
+      {error && <span className="text-xs text-red-600">{error}</span>}
+    </div>
+  );
+}
@@ -0,0 +1,88 @@
+import { getApiBaseUrl, getMemberToken } from '../../../_lib/api';
+import Link from 'next/link';
+
+interface MemberGroupSummary {
+  id: string;
+  name: string;
+  tenantId: string;
+  scopes: string[];
+  retentionDays: number;
+  policyVersion: string;
+  consentStatus: 'GRANTED' | 'REVOKED' | 'PENDING';
+  joinedAt: string;
+}
+
+async function fetchGroup(token: string, id: string): Promise<MemberGroupSummary | null> {
+  const res = await fetch(`${getApiBaseUrl()}/my/groups/${id}`, {
+    headers: { Accept: 'application/json', Authorization: `Bearer ${token}` },
+    cache: 'no-store',
+  }).catch(() => null);
+  if (!res || !res.ok) return null;
+  return (await res.json()) as MemberGroupSummary;
+}
+
+export default async function MyGroupDetailPage({ params }: { params: Promise<{ id: string }> }) {
+  const { id } = await params;
+  const token = await getMemberToken();
+  if (!token) {
+    return (
+      <div className="max-w-2xl mx-auto mt-12 p-6 rounded-lg border border-yellow-200 bg-yellow-50">
+        <h1 className="text-lg font-semibold text-yellow-800">Sign in required</h1>
+        <p className="text-sm text-yellow-700">Complete onboarding to view group details.</p>
+      </div>
+    );
+  }
+
+  const group = await fetchGroup(token, id);
+  if (!group) {
+    return (
+      <div className="max-w-2xl mx-auto mt-12 p-6 rounded-lg border border-red-200 bg-red-50">
+        <h1 className="text-lg font-semibold text-red-800">Group not found</h1>
+        <p className="text-sm text-red-700">
+          You aren&apos;t a member of this group, or it has been removed.
+        </p>
+        <Link href="/my/groups" className="text-sm text-blue-600 underline mt-3 inline-block">
+          ← Back to your groups
+        </Link>
+      </div>
+    );
+  }
+
+  return (
+    <div className="max-w-2xl mx-auto mt-12 p-6 rounded-lg border border-gray-200 bg-white">
+      <Link href="/my/groups" className="text-xs text-gray-500 underline">
+        ← All groups
+      </Link>
+      <h1 className="text-xl font-semibold mt-2 mb-4">{group.name}</h1>
+      <dl className="text-sm space-y-2">
+        <div>
+          <dt className="inline font-medium">Status: </dt>
+          <dd className="inline">{group.consentStatus}</dd>
+        </div>
+        <div>
+          <dt className="inline font-medium">Scopes: </dt>
+          <dd className="inline">{group.scopes.join(', ')}</dd>
+        </div>
+        <div>
+          <dt className="inline font-medium">Retention: </dt>
+          <dd className="inline">{group.retentionDays} days</dd>
+        </div>
+        <div>
+          <dt className="inline font-medium">Policy version: </dt>
+          <dd className="inline">{group.policyVersion}</dd>
+        </div>
+        <div>
+          <dt className="inline font-medium">Joined: </dt>
+          <dd className="inline">{new Date(group.joinedAt).toLocaleString()}</dd>
+        </div>
+      </dl>
+      <p className="mt-4 text-xs text-gray-500">
+        Use the &quot;Revoke consent&quot; button on{' '}
+        <Link href="/my/groups" className="underline">
+          your groups list
+        </Link>{' '}
+        to opt out of this group.
+      </p>
+    </div>
+  );
+}
@@ -0,0 +1,89 @@
+import { getApiBaseUrl, getMemberToken } from '../../_lib/api';
+import Link from 'next/link';
+import { GroupOptOutButton } from './GroupOptOutButton';
+
+interface MemberGroupSummary {
+  id: string;
+  name: string;
+  tenantId: string;
+  scopes: string[];
+  retentionDays: number;
+  policyVersion: string;
+  consentStatus: 'GRANTED' | 'REVOKED' | 'PENDING';
+  joinedAt: string;
+}
+
+async function fetchGroups(token: string): Promise<MemberGroupSummary[] | null> {
+  const res = await fetch(`${getApiBaseUrl()}/my/groups`, {
+    headers: { Accept: 'application/json', Authorization: `Bearer ${token}` },
+    cache: 'no-store',
+  }).catch(() => null);
+  if (!res || !res.ok) return null;
+  return (await res.json()) as MemberGroupSummary[];
+}
+
+export default async function MyGroupsPage() {
+  const token = await getMemberToken();
+  if (!token) {
+    return (
+      <div className="max-w-2xl mx-auto mt-12 p-6 rounded-lg border border-yellow-200 bg-yellow-50">
+        <h1 className="text-lg font-semibold text-yellow-800">Sign in required</h1>
+        <p className="text-sm text-yellow-700">Complete onboarding to view your groups.</p>
+      </div>
+    );
+  }
+
+  const groups = await fetchGroups(token);
+  if (!groups) {
+    return (
+      <div className="max-w-2xl mx-auto mt-12 p-6 rounded-lg border border-red-200 bg-red-50">
+        <h1 className="text-lg font-semibold text-red-800">Couldn&apos;t load your groups</h1>
+        <p className="text-sm text-red-700">Your session may have expired. Please try signing out and back in.</p>
+      </div>
+    );
+  }
+
+  return (
+    <div className="max-w-2xl mx-auto mt-12 p-6">
+      <h1 className="text-xl font-semibold mb-4">Your groups</h1>
+      {groups.length === 0 ? (
+        <p className="text-sm text-gray-500">
+          You haven&apos;t joined any TOWER-managed groups yet.
+        </p>
+      ) : (
+        <ul className="flex flex-col gap-3">
+          {groups.map((g) => (
+            <li key={g.id} className="rounded-xl border border-gray-200 bg-white p-4">
+              <div className="flex items-start justify-between gap-4">
+                <div>
+                  <Link href={`/my/groups/${g.id}`} className="text-sm font-medium text-blue-600 underline">
+                    {g.name}
+                  </Link>
+                  <div className="mt-1 text-xs text-gray-500">
+                    Status:{' '}
+                    <span
+                      className={
+                        g.consentStatus === 'GRANTED'
+                          ? 'text-green-700'
+                          : g.consentStatus === 'REVOKED'
+                            ? 'text-red-700'
+                            : 'text-yellow-700'
+                      }
+                    >
+                      {g.consentStatus}
+                    </span>
+                    {' · '}Retention {g.retentionDays}d · Policy {g.policyVersion}
+                  </div>
+                  <div className="mt-1 text-xs text-gray-500">
+                    Scopes: {g.scopes.join(', ')}
+                  </div>
+                </div>
+                {g.consentStatus === 'GRANTED' && <GroupOptOutButton groupId={g.id} groupName={g.name} />}
+              </div>
+            </li>
+          ))}
+        </ul>
+      )}
+    </div>
+  );
+}
@@ -0,0 +1,74 @@
+import { getMemberToken, getApiBaseUrl } from '../_lib/api';
+import Link from 'next/link';
+
+interface MemberProfile {
+  id: string;
+  tenantId: string;
+  jid: string;
+  displayName: string | null;
+  createdAt: string;
+}
+
+async function fetchProfile(token: string): Promise<MemberProfile | null> {
+  const res = await fetch(`${getApiBaseUrl()}/my/profile`, {
+    headers: { Accept: 'application/json', Authorization: `Bearer ${token}` },
+    cache: 'no-store',
+  }).catch(() => null);
+  if (!res || !res.ok) return null;
+  return (await res.json()) as MemberProfile;
+}
+
+export default async function MyPage() {
+  const token = await getMemberToken();
+  if (!token) {
+    return (
+      <div className="max-w-md mx-auto mt-12 p-6 rounded-lg border border-yellow-200 bg-yellow-50">
+        <h1 className="text-lg font-semibold text-yellow-800">Member portal</h1>
+        <p className="text-sm text-yellow-700">
+          No member session. Complete onboarding via the link a group admin sent you.
+        </p>
+      </div>
+    );
+  }
+
+  const profile = await fetchProfile(token);
+  if (!profile) {
+    return (
+      <div className="max-w-md mx-auto mt-12 p-6 rounded-lg border border-red-200 bg-red-50">
+        <h1 className="text-lg font-semibold text-red-800">Couldn&apos;t load your account</h1>
+        <p className="text-sm text-red-700">
+          Your session may have expired. Please complete onboarding again.
+        </p>
+        <form method="POST" action="/api/my/logout" className="mt-4">
+          <button type="submit" className="text-sm text-blue-600 underline">
+            Sign out
+          </button>
+        </form>
+      </div>
+    );
+  }
+
+  return (
+    <div className="max-w-2xl mx-auto mt-12 p-6 rounded-lg border border-gray-200 bg-white">
+      <h1 className="text-xl font-semibold mb-4">Your account</h1>
+      <dl className="text-sm space-y-1 mb-6">
+        <div>
+          <dt className="inline font-medium">Display name: </dt>
+          <dd className="inline">{profile.displayName ?? '—'}</dd>
+        </div>
+        <div>
+          <dt className="inline font-medium">JID: </dt>
+          <dd className="inline">{profile.jid}</dd>
+        </div>
+        <div>
+          <dt className="inline font-medium">Joined: </dt>
+          <dd className="inline">{new Date(profile.createdAt).toLocaleDateString()}</dd>
+        </div>
+      </dl>
+      <div className="flex flex-col gap-2 text-sm">
+        <Link href="/my/groups" className="text-blue-600 underline">Manage your groups →</Link>
+        <Link href="/my/settings" className="text-blue-600 underline">Privacy &amp; account settings →</Link>
+      </div>
+    </div>
+  );
+}
@@ -0,0 +1,44 @@
+'use client';
+
+import { useRouter } from 'next/navigation';
+import { useState, useTransition } from 'react';
+
+export function DeleteAccountButton() {
+  const router = useRouter();
+  const [pending, startTransition] = useTransition();
+  const [error, setError] = useState<string | null>(null);
+
+  function handleClick() {
+    if (
+      !window.confirm(
+        'Permanently delete your TOWER account? This cannot be undone.',
+      )
+    ) {
+      return;
+    }
+    setError(null);
+    startTransition(async () => {
+      const res = await fetch('/api/my/account', { method: 'DELETE' });
+      if (!res.ok) {
+        const body = (await res.json().catch(() => ({}))) as { message?: string };
+        setError(body.message ?? 'Delete failed');
+        return;
+      }
+      router.replace('/');
+    });
+  }
+
+  return (
+    <div className="flex flex-col items-start gap-1">
+      <button
+        type="button"
+        onClick={handleClick}
+        disabled={pending}
+        className="rounded border border-red-300 bg-white px-3 py-1.5 text-sm text-red-700 hover:bg-red-50 disabled:opacity-50"
+      >
+        {pending ? 'Deleting…' : 'Delete my account'}
+      </button>
+      {error && <span className="text-xs text-red-700">{error}</span>}
+    </div>
+  );
+}
@@ -0,0 +1,24 @@
+'use client';
+
+import { useRouter } from 'next/navigation';
+import { useState, useTransition } from 'react';
+
+export function MemberLogoutButton() {
+  const router = useRouter();
+  const [pending, startTransition] = useTransition();
+  return (
+    <button
+      type="button"
+      disabled={pending}
+      onClick={() =>
+        startTransition(async () => {
+          await fetch('/api/my/logout', { method: 'POST' });
+          router.replace('/');
+        })
+      }
+      className="rounded border border-gray-300 px-3 py-1.5 text-sm hover:bg-gray-50 disabled:opacity-50"
+    >
+      {pending ? 'Signing out…' : 'Sign out'}
+    </button>
+  );
+}
@@ -0,0 +1,36 @@
+import { getMemberToken } from '../../_lib/api';
+import { DeleteAccountButton } from './DeleteAccountButton';
+import { MemberLogoutButton } from './MemberLogoutButton';
+
+export default async function MySettingsPage() {
+  const token = await getMemberToken();
+  if (!token) {
+    return (
+      <div className="max-w-2xl mx-auto mt-12 p-6 rounded-lg border border-yellow-200 bg-yellow-50">
+        <h1 className="text-lg font-semibold text-yellow-800">Sign in required</h1>
+        <p className="text-sm text-yellow-700">Complete onboarding to manage your account.</p>
+      </div>
+    );
+  }
+
+  return (
+    <div className="max-w-2xl mx-auto mt-12 p-6 flex flex-col gap-6">
+      <section className="rounded-xl border border-gray-200 bg-white p-5">
+        <h2 className="text-base font-semibold mb-2">Session</h2>
+        <p className="text-sm text-gray-600 mb-3">
+          Sign out of your member portal. Your consent records are kept until you delete your account.
+        </p>
+        <MemberLogoutButton />
+      </section>
+
+      <section className="rounded-xl border border-red-200 bg-red-50 p-5">
+        <h2 className="text-base font-semibold text-red-800 mb-2">Delete your account</h2>
+        <p className="text-sm text-red-700 mb-3">
+          This permanently deletes your TOWER user record, all consent records, opt-out history, and
+          sessions. The messages themselves stay in their original groups. This cannot be undone.
+        </p>
+        <DeleteAccountButton />
+      </section>
+    </div>
+  );
+}