update demo-score-board,

03_source/cms_backend/package.json

@@ -28,7 +28,8 @@
     "db:generate": "prisma generate",
     "db:push": "prisma db push --force-reset",
     "db:push:w": "npx nodemon --delay 1 --watch prisma --ext \"ts,tsx,prisma\" --exec \"yarn db:push && yarn seed\"",
-    "db:studio": "prisma studio"
+    "db:studio": "prisma studio",
+    "db:studio:w": "npx nodemon --delay 1 --watch prisma --ext \"prisma\" --exec \"yarn db:studio\""
   },
   "engines": {
     "node": ">=20"

03_source/cms_backend/prisma/schema.prisma

@@ -46,6 +46,9 @@ model Session {
 
 model User {
   id            String    @id @default(cuid())
+  createdAt     DateTime  @default(now())
+  updatedAt     DateTime  @updatedAt
+  //
   name          String?
   username      String?   @unique
   email         String    @unique
@@ -54,8 +57,6 @@ model User {
   image         String?
   bucketImage   String?
   admin         Boolean   @default(false)
-  createdAt     DateTime  @default(now())
-  updatedAt     DateTime  @updatedAt
   accounts      Account[]
   sessions      Session[]
   info          Json?
@@ -70,6 +71,18 @@ model VerificationToken {
   @@unique([identifier, token])
 }
 
+model Student {
+  id        Int      @id @default(autoincrement())
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+  //
+  email     String   @unique
+  metadata  Json     @default("{}")
+}
+
+// ----------------------------------------------------------------
+// frontend/src/_mock/_user.ts
+
 // ----------------------------------------------------------------
 
 // REQ0044/near_by_page
@@ -99,6 +112,9 @@ model Member {
   music             String[] @default([])
   pets              String[] @default([])
   character         String[] @default([])
+  //
+  avatar            String   @default("")
+  sex               String   @default("")
 }
 
 model Order {
@@ -118,7 +134,7 @@ model Event {
   id          Int      @id @default(autoincrement())
   eventDate   DateTime
   title       String
-  joinMembers Member[] // Assuming Member model exists
+  joinMembers Json[] // Assuming Member model exists
   price       Float
   currency    String
   duration_m  Int
@@ -127,6 +143,8 @@ model Event {
   location    String
   avatar      String // Assuming avatar is stored as a file path or URL
   Order       Order[]
+  Member      Member?  @relation(fields: [memberId], references: [id])
+  memberId    Int?
 }
 
 // cms_backend
@@ -516,6 +534,7 @@ model UserCard {
   totalFollowing Float
 }
 
+// `UserItem` obsoleted, use `UserMeta` instead
 model UserItem {
   id          String   @id @default(uuid())
   createdAt   DateTime @default(now())
@@ -537,6 +556,33 @@ model UserItem {
   //
   username    String
   password    String
+  //
+  isAdmin     Boolean  @default(false)
+}
+
+model UserMeta {
+  id          String   @id @default(uuid())
+  createdAt   DateTime @default(now())
+  updatedAt   DateTime @updatedAt
+  //
+  name        String
+  city        String
+  role        String
+  email       String
+  state       String
+  status      String
+  address     String
+  country     String
+  zipCode     String
+  company     String
+  avatarUrl   String
+  phoneNumber String
+  isVerified  Boolean
+  //
+  username    String
+  password    String
+  //
+  isAdmin     Boolean  @default(false)
 }
 
 model UserAccountBillingHistory {
@@ -1078,3 +1124,96 @@ model Kanban {
   columns   KanbanColumn[]
   tasks     KanbanTask[]
 }
+
+// mapped to IEventReview
+model EventReview {
+  id          String     @id @default(uuid())
+  createdAt   DateTime   @default(now())
+  updatedAt   DateTime   @updatedAt
+  //
+  name        String
+  rating      Float
+  comment     String
+  helpful     Float
+  avatarUrl   String
+  postedAt    DateTime   @default(now()) // Assuming IDateValue maps to DateTime
+  isPurchased Boolean
+  attachments String[]
+  //
+  EventItem   EventItem? @relation(fields: [eventItemId], references: [id])
+  eventItemId String?
+}
+
+// mapped to IEventItem
+model EventItem {
+  id             String        @id @default(uuid())
+  createdAt      DateTime      @default(now())
+  updatedAt      DateTime      @updatedAt
+  //
+  sku            String
+  name           String
+  code           String
+  price          Float
+  taxes          Float
+  tags           String[]
+  sizes          String[]
+  publish        String
+  gender         String[]
+  coverUrl       String
+  images         String[]
+  colors         String[]
+  quantity       Int
+  category       String
+  available      Int
+  totalSold      Int
+  description    String
+  totalRatings   Float
+  totalReviews   Int
+  inventoryType  String
+  subDescription String
+  priceSale      Float?
+  newLabel       Json
+  saleLabel      Json
+  ratings        Json[]
+  //
+  eventDate      DateTime      @default(now())
+  joinMembers    Json[]
+  title          String
+  currency       String
+  duration_m     Float
+  ageBottom      Float
+  ageTop         Float
+  location       String
+  avatar         String[]
+  //
+  reviews        EventReview[]
+}
+
+model AppLog {
+  id        String   @id @default(uuid())
+  timestamp DateTime @default(now())
+  //
+  level     Int?     @default(1)
+  message   String?  @default("")
+  //
+  module    String?
+  userId    String?
+  metadata  Json?
+
+  @@index([timestamp])
+  @@index([level])
+  @@index([module])
+}
+
+model AccessLog {
+  id        String   @id @default(uuid())
+  timestamp DateTime @default(now())
+  //
+  userId    String?  @default("")
+  message   String?  @default("")
+  //
+  metadata  Json?
+
+  @@index([timestamp])
+  @@index([userId])
+}

03_source/cms_backend/prisma/seed.ts

@@ -25,6 +25,12 @@ import { FileStore } from './seeds/fileStore';
 import { userItemSeed } from './seeds/userItem';
 import { orderItemSeed } from './seeds/orderItem';
 import { invoiceItemSeed } from './seeds/invoiceItem';
+//
+import { EventItemSeed } from './seeds/eventItem';
+import { EventReviewSeed } from './seeds/eventReview';
+import { appLogSeed } from './seeds/AppLog';
+import { accessLogSeed } from './seeds/AccessLog';
+import { userMetaSeed } from './seeds/userMeta';
 
 //
 // import { Blog } from './seeds/blog';
@@ -41,11 +47,22 @@ import { invoiceItemSeed } from './seeds/invoiceItem';
   await ProductReview;
   await FileStore;
   await ProductItem;
+
   await userItemSeed;
+  await userMetaSeed;
+
   await orderItemSeed;
   await invoiceItemSeed;
+  //
+  await EventReviewSeed;
+  await EventItemSeed;
+  //
+  await appLogSeed;
+  await accessLogSeed;
+
   // await Blog;
   // await Mail;
   // await File;
   // await Chat;
+  console.log('seed done');
 })();

03_source/cms_backend/prisma/seeds/AccessLog.ts

@@ -0,0 +1,36 @@
+import { PrismaClient } from '@prisma/client';
+import { format, parseISO } from 'date-fns';
+
+const L_ERROR = 0;
+const L_WARN = 1;
+const L_INFO = 2;
+const L_DEBUG = 3;
+const L_TRACE = 4;
+
+const prisma = new PrismaClient();
+
+async function accessLog() {
+  await prisma.accessLog.upsert({
+    where: { id: '0' },
+    update: {},
+    create: {
+      userId: '0',
+      message: 'helloworld',
+      metadata: { hello: 'world' },
+    },
+  });
+
+  console.log('seed AccessLog done');
+}
+
+const accessLogSeed = accessLog()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { accessLogSeed };

03_source/cms_backend/prisma/seeds/AppLog.ts

@@ -0,0 +1,71 @@
+import { PrismaClient } from '@prisma/client';
+import { format, parseISO } from 'date-fns';
+
+const L_ERROR = 0;
+const L_WARN = 1;
+const L_INFO = 2;
+const L_DEBUG = 3;
+const L_TRACE = 4;
+
+const prisma = new PrismaClient();
+
+async function appLog() {
+  await prisma.appLog.upsert({
+    where: { id: '0' },
+    update: {},
+    create: {
+      message: 'helloworld',
+      level: L_ERROR,
+    },
+  });
+
+  await prisma.appLog.upsert({
+    where: { id: '1' },
+    update: {},
+    create: {
+      message: 'warning message',
+      level: L_WARN,
+    },
+  });
+
+  await prisma.appLog.upsert({
+    where: { id: '2' },
+    update: {},
+    create: {
+      message: 'info message',
+      level: L_INFO,
+    },
+  });
+
+  await prisma.appLog.upsert({
+    where: { id: '3' },
+    update: {},
+    create: {
+      message: 'debug message',
+      level: L_DEBUG,
+    },
+  });
+
+  await prisma.appLog.upsert({
+    where: { id: '4' },
+    update: {},
+    create: {
+      message: 'trace message',
+      level: L_TRACE,
+    },
+  });
+
+  console.log('seed AppLog done');
+}
+
+const appLogSeed = appLog()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { appLogSeed };

03_source/cms_backend/prisma/seeds/Member.ts

@@ -2,12 +2,43 @@ import { PrismaClient } from '@prisma/client';
 const prisma = new PrismaClient();
 
 async function member() {
-  for (let i = 0; i < 100; i++) {
+  [
+    {
+      email: 'tom@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1671656349322-41de944d259b`,
+      sex: 'M',
+    },
+    {
+      email: 'may@exampl.com',
+      avatar: `https://images.unsplash.com/photo-1522075469751-3a6694fb2f61`,
+      sex: 'F',
+    },
+    {
+      email: 'june@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1723867331866-e112500178a4`,
+      sex: 'M',
+    },
+    {
+      email: 'april@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1682089894837-e01e5cb8e471`,
+      sex: 'F',
+    },
+    {
+      email: 'susan@exampl.com',
+      avatar: `https://images.unsplash.com/photo-1485893086445-ed75865251e0`,
+      sex: 'M',
+    },
+    {
+      email: 'peter@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1722945763962-305a5a769cc8`,
+      sex: 'F',
+    },
+  ].forEach(async (m, i) => {
     const john = await prisma.member.upsert({
-      where: { email: `member${i}@example.com` },
+      where: { email: m.email },
       update: {},
       create: {
-        email: `member${i}@example.com`,
+        email: m.email,
         name: `member_${i}`,
         age: 20 + i,
         rank: i % 2 ? 'VIP' : 'NON_VIP',
@@ -25,11 +56,42 @@ async function member() {
         self_introduction: 'Get me know me before you love me. Get me know me before you love me.',
         music: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic'],
         pets: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic'],
-        character: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic']
-      }
+        character: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic'],
+        avatar: m.avatar,
+        sex: m.sex,
+      },
+    });
+  });
+
+  for (let i = 0; i < 3; i++) {
+    const john = await prisma.member.upsert({
+      where: { email: `member${i}@example.com` },
+      update: {},
+      create: {
+        email: `member${i}@example.com`,
+        name: `member_${i}`,
+        age: 20 + i,
+        rank: i % 2 ? 'VIP' : 'NON_VIP',
+        verified: i % 3 ? 'NOT_VERIFIED' : 'VERIFIED',
+        hobbies: ['fishing', 'basketball', 'piano'],
+        distance: `${40 + Math.random() * 40}km`,
+        location_area: 'Sai Kung',
+        greetings: 'Hi, I am ',
+        gender: 'man',
+        tall_cm: 172 + Math.random() * 10,
+        weight_kg: 60 + Math.random() * 50,
+        occupation: 'doctor',
+        language: ['English', 'French', 'Chinese'],
+        education: ['Degree of Computer'],
+        self_introduction: 'Get me know me before you love me. Get me know me before you love me.',
+        music: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic'],
+        pets: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic'],
+        character: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic'],
+        avatar: '',
+        sex: i % 2 ? 'M' : 'F',
+      },
     });
   }
-
   console.log('seed member done');
 }
 

03_source/cms_backend/prisma/seeds/_mock.ts

@@ -78,11 +78,12 @@ export const _mock = {
     avatar: (index: number) => `${CONFIG.basePath}/assets/images/avatar/avatar-${index + 1}.webp`,
     travel: (index: number) => `${CONFIG.basePath}/assets/images/travel/travel-${index + 1}.webp`,
     course: (index: number) => `${CONFIG.basePath}/assets/images/course/course-${index + 1}.webp`,
-    company: (index: number) =>
-      `${CONFIG.basePath}/assets/images/company/company-${index + 1}.webp`,
-    product: (index: number) =>
-      `${CONFIG.basePath}/assets/images/m-product/product-${index + 1}.webp`,
-    portrait: (index: number) =>
-      `${CONFIG.basePath}/assets/images/portrait/portrait-${index + 1}.webp`,
+    company: (index: number) => `${CONFIG.basePath}/assets/images/company/company-${index + 1}.webp`,
+    product: (index: number) => `${CONFIG.basePath}/assets/images/m-product/product-${index + 1}.webp`,
+    portrait: (index: number) => `${CONFIG.basePath}/assets/images/portrait/portrait-${index + 1}.webp`,
+    //
+    event: (index: number) => `${CONFIG.basePath}/assets/images/m-product/product-${index + 1}.webp`,
   },
+  //
+  eventName: (index: number) => _eventNames[index],
 };

03_source/cms_backend/prisma/seeds/eventItem.ts

@@ -0,0 +1,277 @@
+import { _mock } from './_mock';
+import { _tags } from './assets';
+
+import { PrismaClient, EventReview } from '@prisma/client';
+import { _eventsReview } from './eventReview';
+import { CONFIG } from './global-config';
+
+import _ from 'lodash';
+
+const prisma = new PrismaClient();
+
+const COLORS = ['#FF4842', '#1890FF', '#FFC0CB', '#00AB55', '#FFC107', '#7F00FF', '#000000', '#FFFFFF'];
+
+const DESCRIPTION = `
+<h6>Specifications</h6>
+<table>
+  <tbody>
+    <tr>
+      <td>Category</td>
+      <td>Mobile</td>
+    </tr>
+    <tr>
+      <td>Manufacturer</td>
+      <td>Apple</td>
+    </tr>
+    <tr>
+      <td>Warranty</td>
+      <td>12 Months</td>
+    </tr>
+    <tr>
+      <td>Serial number</td>
+      <td>358607726380311</td>
+    </tr>
+    <tr>
+      <td>Ships from</td>
+      <td>United States</td>
+    </tr>
+  </tbody>
+</table>
+
+<h6>Event details</h6>
+<ul>
+  <li>
+    <p>The foam sockliner feels soft and comfortable</p>
+  </li>
+  <li>
+    <p>Pull tab</p>
+  </li>
+  <li>
+    <p>Not intended for use as Personal Protective Equipment</p>
+  </li>
+  <li>
+    <p>Colour Shown: White/Black/Oxygen Purple/Action Grape</p>
+  </li>
+  <li>
+    <p>Style: 921826-109</p>
+  </li>
+  <li>
+    <p>Country/Region of Origin: China</p>
+  </li>
+</ul>
+<h6>Benefits</h6>
+<ul>
+  <li>
+    <p>Mesh and synthetic materials on the upper keep the fluid look of the OG while adding comfort</p>
+    and durability.
+  </li>
+  <li>
+    <p>Originally designed for performance running, the full-length Max Air unit adds soft, comfortable cushio</p>
+    ning underfoot.
+  </li>
+  <li>
+    <p>The foam midsole feels springy and soft.</p>
+  </li>
+  <li>
+    <p>The rubber outsole adds traction and durability.</p>
+  </li>
+</ul>
+<h6>Delivery and returns</h6>
+<p>Your order of $200 or more gets free standard delivery.</p>
+<ul>
+  <li>
+    <p>Standard delivered 4-5 Business Days</p>
+  </li>
+  <li>
+    <p>Express delivered 2-4 Business Days</p>
+  </li>
+</ul>
+<p>Orders are processed and delivered Monday-Friday (excluding public holidays)</p>
+
+`;
+
+const getColorSliceForIndex = (index: number) => {
+  if (index === 0) return COLORS.slice(0, 2);
+  if (index === 1) return COLORS.slice(1, 3);
+  if (index === 2) return COLORS.slice(2, 4);
+  if (index === 3) return COLORS.slice(3, 6);
+  if (index === 4 || index === 16 || index === 19) return COLORS.slice(4, 6);
+  if (index === 5 || index === 17) return COLORS.slice(5, 6);
+  if (index === 6 || index === 18) return COLORS.slice(0, 2);
+  if (index === 7) return COLORS.slice(4, 6);
+  if (index === 8) return COLORS.slice(2, 4);
+  if (index === 9 || index === 11) return COLORS.slice(2, 6);
+  if (index === 10) return COLORS.slice(3, 6);
+  if (index === 12) return COLORS.slice(2, 7);
+  if (index === 13) return COLORS.slice(4, 7);
+  if (index === 14) return COLORS.slice(0, 2);
+  if (index === 15) return COLORS.slice(5, 8);
+  return COLORS.slice(2, 6); // Default case
+};
+
+const generateAttachments = () => Array.from({ length: 20 }, (_, index) => _mock.image.event(index));
+
+const generateReviews = () => {
+  const attachments = generateAttachments();
+};
+
+const generateRatings = () =>
+  Array.from({ length: 5 }, (_, index) => ({
+    name: `${index + 1} Star`,
+    starCount: _mock.number.nativeL(index),
+    reviewCount: _mock.number.nativeL(index + 1),
+  }));
+
+const generateImages = () => Array.from({ length: 8 }, (_, index) => _mock.image.event(index));
+
+const _events = () =>
+  Array.from({ length: 2 }, (_, index) => {
+    const reviews = generateReviews();
+    const images = generateImages();
+    const ratings = generateRatings();
+    //
+    const publish = index % 3 ? 'published' : 'draft';
+
+    const category = (index % 2 && 'Shose') || (index % 3 && 'Apparel') || 'Accessories';
+
+    const gender = (index % 2 && ['Men']) || (index % 3 && ['Women', 'Kids']) || ['Kids'];
+
+    const available = (index % 2 && 72) || (index % 3 && 10) || 0;
+
+    const inventoryType = (index % 2 && 'in stock') || (index % 3 && 'low stock') || 'out of stock';
+
+    const priceSale = index % 3 ? undefined : _mock.number.price(index);
+
+    return {
+      id: _mock.id(index).toString(),
+      sku: `WW75K521${index}YW/SV`,
+      name: _mock.eventName(index),
+      gender,
+      images,
+      reviews,
+      publish,
+      ratings,
+      category,
+      available,
+      priceSale,
+      taxes: 10,
+      quantity: 80,
+      inventoryType,
+      tags: _tags.slice(0, 5),
+      code: `38BEE27${index}`,
+      description: DESCRIPTION,
+      createdAt: _mock.time(index),
+      price: _mock.number.price(index),
+      coverUrl: _mock.image.event(index),
+      colors: getColorSliceForIndex(index),
+      totalRatings: _mock.number.rating(index),
+      totalSold: _mock.number.nativeM(index + 1),
+      totalReviews: _mock.number.nativeL(index + 1),
+      newLabel: { enabled: [1, 2, 3].includes(index), content: 'NEW' },
+      saleLabel: { enabled: [4, 5].includes(index), content: 'SALE' },
+      sizes: ['6', '7', '8', '8.5', '9', '9.5', '10', '10.5', '11', '11.5', '12', '13'],
+      subDescription: 'Featuring the original ripple design inspired by Japanese bullet trains, the Nike Air Max 97 lets you push your style full-speed ahead.',
+    };
+  });
+
+const memberList = (num_of_member: number) =>
+  _.shuffle([
+    {
+      email: 'tom@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1671656349322-41de944d259b`,
+      sex: 'M',
+    },
+    {
+      email: 'may@exampl.com',
+      avatar: `https://images.unsplash.com/photo-1522075469751-3a6694fb2f61`,
+      sex: 'F',
+    },
+    {
+      email: 'june@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1723867331866-e112500178a4`,
+      sex: 'M',
+    },
+    {
+      email: 'april@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1682089894837-e01e5cb8e471`,
+      sex: 'F',
+    },
+    {
+      email: 'susan@exampl.com',
+      avatar: `https://images.unsplash.com/photo-1485893086445-ed75865251e0`,
+      sex: 'M',
+    },
+    {
+      email: 'peter@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1722945763962-305a5a769cc8`,
+      sex: 'F',
+    },
+  ]).slice(0, num_of_member);
+
+async function eventItem() {
+  const temp_events = _events();
+
+  for (let i = 0; i < temp_events.length; i++) {
+    const temp_pr = _eventsReview();
+
+    const temp = await prisma.eventItem.upsert({
+      where: { id: temp_events[i].id.toString() },
+      update: {},
+      create: {
+        id: temp_events[i].id,
+        //
+        name: temp_events[i].name,
+        code: temp_events[i].code,
+        price: temp_events[i].price,
+        taxes: temp_events[i].taxes,
+        tags: temp_events[i].tags,
+        sizes: temp_events[i].sizes,
+        publish: temp_events[i].publish,
+        gender: temp_events[i].gender,
+        coverUrl: temp_events[i].coverUrl,
+        images: temp_events[i].images,
+        colors: temp_events[i].colors,
+        quantity: temp_events[i].quantity,
+        category: temp_events[i].category,
+        available: temp_events[i].available,
+        totalSold: temp_events[i].totalSold,
+        description: temp_events[i].description,
+        totalRatings: temp_events[i].totalRatings,
+        totalReviews: temp_events[i].totalReviews,
+        inventoryType: temp_events[i].inventoryType,
+        subDescription: temp_events[i].subDescription,
+        priceSale: temp_events[i].priceSale,
+        newLabel: temp_events[i].newLabel,
+        saleLabel: temp_events[i].saleLabel,
+        ratings: temp_events[i].ratings,
+        // review: { create: temp_pr },
+        reviews: { create: temp_pr },
+        sku: temp_events[i].sku,
+        //
+        eventDate: new Date(_mock.time(i)),
+        title: temp_events[i].name,
+        currency: 'HKD',
+        duration_m: 120,
+        ageBottom: 18,
+        ageTop: 60,
+        location: 'Hong Kong',
+        avatar: temp_events[i].images,
+        //
+        joinMembers: memberList(5 - i),
+      },
+    });
+  }
+  console.log('seed eventItem done');
+}
+
+const EventItem = eventItem()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { EventItem as EventItemSeed };

03_source/cms_backend/prisma/seeds/eventReview.ts

@@ -0,0 +1,61 @@
+import { _mock } from './_mock';
+import { _tags } from './assets';
+
+import { PrismaClient } from '@prisma/client';
+const prisma = new PrismaClient();
+
+const generateAttachments = () => Array.from({ length: 20 }, (_, index) => _mock.image.event(index));
+
+const generateReviews = () => {
+  const attachments = generateAttachments();
+
+  return Array.from({ length: 8 }, (_, index) => ({
+    // id: _mock.id(index),
+    name: _mock.fullName(index),
+    postedAt: _mock.time(index),
+    comment: _mock.sentence(index),
+    isPurchased: _mock.boolean(index),
+    rating: _mock.number.rating(index),
+    avatarUrl: _mock.image.avatar(index),
+    helpful: _mock.number.nativeL(index),
+    attachments: (index === 1 && attachments.slice(0, 1)) || (index === 3 && attachments.slice(2, 4)) || (index === 5 && attachments.slice(5, 8)) || [],
+  }));
+};
+
+export const _eventsReview = () => {
+  return generateReviews();
+};
+
+async function eventReview() {
+  const temp_pr = _eventsReview();
+
+  for (let i = 0; i < temp_pr.length; i++) {
+    const temp = await prisma.eventReview.upsert({
+      where: { id: i.toString() },
+      update: {},
+      create: {
+        name: temp_pr[i].name,
+        rating: temp_pr[i].rating,
+        comment: temp_pr[i].comment,
+        helpful: temp_pr[i].helpful,
+        avatarUrl: temp_pr[i].avatarUrl,
+        isPurchased: temp_pr[i].isPurchased,
+        attachments: temp_pr[i].attachments,
+        postedAt: temp_pr[i].postedAt,
+      },
+    });
+  }
+  console.log('seed eventReview done');
+}
+
+const EventReview = eventReview()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { EventReview as EventReviewSeed };

03_source/cms_backend/prisma/seeds/productReview.ts

@@ -4,16 +4,7 @@ import { _tags } from './assets';
 import { PrismaClient } from '@prisma/client';
 const prisma = new PrismaClient();
 
-const COLORS = [
-  '#FF4842',
-  '#1890FF',
-  '#FFC0CB',
-  '#00AB55',
-  '#FFC107',
-  '#7F00FF',
-  '#000000',
-  '#FFFFFF'
-];
+const COLORS = ['#FF4842', '#1890FF', '#FFC0CB', '#00AB55', '#FFC107', '#7F00FF', '#000000', '#FFFFFF'];
 
 const DESCRIPTION = `
 <h6>Specifications</h6>
@@ -113,8 +104,7 @@ const getColorSliceForIndex = (index: number) => {
   return COLORS.slice(2, 6); // Default case
 };
 
-const generateAttachments = () =>
-  Array.from({ length: 20 }, (_, index) => _mock.image.product(index));
+const generateAttachments = () => Array.from({ length: 20 }, (_, index) => _mock.image.product(index));
 
 const generateReviews = () => {
   const attachments = generateAttachments();
@@ -128,11 +118,7 @@ const generateReviews = () => {
     rating: _mock.number.rating(index),
     avatarUrl: _mock.image.avatar(index),
     helpful: _mock.number.nativeL(index),
-    attachments:
-      (index === 1 && attachments.slice(0, 1)) ||
-      (index === 3 && attachments.slice(2, 4)) ||
-      (index === 5 && attachments.slice(5, 8)) ||
-      []
+    attachments: (index === 1 && attachments.slice(0, 1)) || (index === 3 && attachments.slice(2, 4)) || (index === 5 && attachments.slice(5, 8)) || [],
   }));
 };
 
@@ -140,7 +126,7 @@ const generateRatings = () =>
   Array.from({ length: 5 }, (_, index) => ({
     name: `${index + 1} Star`,
     starCount: _mock.number.nativeL(index),
-    reviewCount: _mock.number.nativeL(index + 1)
+    reviewCount: _mock.number.nativeL(index + 1),
   }));
 
 const generateImages = () => Array.from({ length: 8 }, (_, index) => _mock.image.product(index));
@@ -164,8 +150,8 @@ async function productReview() {
         avatarUrl: temp_pr[i].avatarUrl,
         isPurchased: temp_pr[i].isPurchased,
         attachments: temp_pr[i].attachments,
-        postedAt: temp_pr[i].postedAt
-      }
+        postedAt: temp_pr[i].postedAt,
+      },
     });
   }
   console.log('seed productReview done');

03_source/cms_backend/prisma/seeds/superuser.ts

@@ -8,8 +8,9 @@ async function superuser() {
     create: {
       email: 'admin1@123.com',
       name: 'Admin1',
-      password: 'Aa12345678'
-    }
+      password: 'Aa12345678',
+      admin: true,
+    },
   });
 
   // swagger test
@@ -19,8 +20,9 @@ async function superuser() {
     create: {
       email: 'fake@example.com',
       name: 'swagger user',
-      password: 'password1'
-    }
+      password: 'password1',
+      admin: true,
+    },
   });
 
   console.log('seed superuser done');

03_source/cms_backend/prisma/seeds/user.ts

@@ -9,16 +9,29 @@ async function user() {
       email: 'alice@prisma.io',
       name: 'Alice',
       password: 'Aa12345678',
+      emailVerified: new Date(),
     },
   });
 
-  const bob = await prisma.user.upsert({
+  await prisma.user.upsert({
+    where: { email: 'demo@minimals.cc' },
+    update: {},
+    create: {
+      email: 'demo@minimals.cc',
+      name: 'Demo',
+      password: '@2Minimal',
+      emailVerified: new Date(),
+    },
+  });
+
+  await prisma.user.upsert({
     where: { email: 'bob@prisma.io' },
     update: {},
     create: {
       email: 'bob@prisma.io',
       name: 'Bob',
       password: 'Aa12345678',
+      emailVerified: new Date(),
     },
   });
   console.log('seed user done');

03_source/cms_backend/prisma/seeds/userItem.ts

@@ -39,10 +39,12 @@ async function userItem() {
       //
       username: 'admin@123.com',
       password: await generateHash('Aa1234567'),
+      //
+      isAdmin: true,
     },
   });
 
-  for (let i = 1; i < 20; i++) {
+  for (let i = 1; i < 3; i++) {
     const CJK_LOCALES = {
       en: enFaker,
       zh: zhFaker,
@@ -77,6 +79,8 @@ async function userItem() {
         //
         username: randomFaker.internet.username(),
         password: await generateHash('Abc1234!'),
+        //
+        isAdmin: false,
       },
     });
   }

03_source/cms_backend/prisma/seeds/userMeta.ts

@@ -0,0 +1,130 @@
+import { PrismaClient } from '@prisma/client';
+import { generateHash } from 'src/utils/hash';
+import { Config, names, uniqueNamesGenerator } from 'unique-names-generator';
+import { faker } from '@faker-js/faker';
+
+import { faker as enFaker } from '@faker-js/faker/locale/en_US';
+import { faker as zhFaker } from '@faker-js/faker/locale/zh_CN';
+import { faker as jaFaker } from '@faker-js/faker/locale/ja';
+import { faker as koFaker } from '@faker-js/faker/locale/ko';
+import { faker as twFaker } from '@faker-js/faker/locale/zh_TW';
+
+const SEED_EMAIL_DOMAIN = 'seed.com';
+
+const prisma = new PrismaClient();
+
+async function userMeta() {
+  const config: Config = { dictionaries: [names] };
+  const firstName = uniqueNamesGenerator(config);
+  const lastName = uniqueNamesGenerator(config);
+  const username = `${firstName.toLowerCase()}-${lastName.toLowerCase()}`;
+
+  const alice = await prisma.userMeta.upsert({
+    where: { id: 'admin_uuid' },
+    update: {},
+    create: {
+      name: `admin test`,
+      city: '',
+      role: '',
+      email: `admin@123.com`,
+      state: '',
+      status: '',
+      address: '',
+      country: '',
+      zipCode: '',
+      company: '',
+      avatarUrl: '',
+      phoneNumber: '',
+      isVerified: true,
+      //
+      username: 'admin@123.com',
+      password: await generateHash('Aa1234567'),
+      //
+      isAdmin: true,
+    },
+  });
+
+  for (let i = 1; i < 3; i++) {
+    const CJK_LOCALES = {
+      en: enFaker,
+      zh: zhFaker,
+      ja: jaFaker,
+      ko: koFaker,
+      tw: twFaker,
+    };
+    function getRandomCJKFaker() {
+      const locales = Object.keys(CJK_LOCALES);
+      const randomKey = locales[Math.floor(Math.random() * locales.length)] as keyof typeof CJK_LOCALES;
+      return CJK_LOCALES[randomKey];
+    }
+    const randomFaker = getRandomCJKFaker();
+
+    await prisma.userMeta.upsert({
+      where: { id: i.toString() },
+      update: {},
+      create: {
+        name: randomFaker.person.fullName(),
+        city: randomFaker.location.city(),
+        role: ROLE[Math.floor(Math.random() * ROLE.length)],
+        email: randomFaker.internet.email(),
+        state: randomFaker.location.state(),
+        status: STATUS[Math.floor(Math.random() * STATUS.length)],
+        address: randomFaker.location.streetAddress(),
+        country: randomFaker.location.country(),
+        zipCode: randomFaker.location.zipCode(),
+        company: randomFaker.company.name(),
+        avatarUrl: randomFaker.image.avatar(),
+        phoneNumber: randomFaker.phone.number(),
+        isVerified: true,
+        //
+        username: randomFaker.internet.username(),
+        password: await generateHash('Abc1234!'),
+        //
+        isAdmin: false,
+      },
+    });
+  }
+
+  console.log('seed userMeta done');
+}
+
+const userMetaSeed = userMeta()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { userMetaSeed };
+
+const ROLE = [
+  `CEO`,
+  `CTO`,
+  `Project Coordinator`,
+  `Team Leader`,
+  `Software Developer`,
+  `Marketing Strategist`,
+  `Data Analyst`,
+  `Product Owner`,
+  `Graphic Designer`,
+  `Operations Manager`,
+  `Customer Support Specialist`,
+  `Sales Manager`,
+  `HR Recruiter`,
+  `Business Consultant`,
+  `Financial Planner`,
+  `Network Engineer`,
+  `Content Creator`,
+  `Quality Assurance Tester`,
+  `Public Relations Officer`,
+  `IT Administrator`,
+  `Compliance Officer`,
+  `Event Planner`,
+  `Legal Counsel`,
+  `Training Coordinator`,
+];
+
+const STATUS = ['active', 'pending', 'banned'];

03_source/cms_backend/src/_mock/_auth.ts

@@ -4,7 +4,7 @@ import { _mock } from 'src/_mock';
 
 export const JWT_SECRET = 'minimal-secret-key';
 
-export const JWT_EXPIRES_IN = '3 days';
+export const JWT_EXPIRES_IN = '14 days';
 
 export const _users = [
   {

03_source/cms_backend/src/app/api/AccessLog/_GUIDELINES.md

@@ -0,0 +1,24 @@
+# GUIDELINE
+
+- this is a AppLog api endpoint
+- this is a demo to handle AppLog record
+- use single file for single db table/collection only
+
+## `route.ts`
+
+`route.ts` - handle `GET`, `POST`, `PUT`, `DELETE`
+`detail/route.ts` - handle `GET` request of specific `AppLog` by id
+
+## `test.http`
+
+store test request
+
+## `../../services/AppLog.service.ts`
+
+AppLog schema CRUD handler
+
+`listAppLogs` - list AppLog record
+`getAppLog` - get AppLog record by id
+`createNewAppLog` - create AppLog record
+`updateAppLog` - update AppLog record by id
+`deleteAppLog` - delete AppLog record by id

03_source/cms_backend/src/app/api/AccessLog/detail/route.ts

@@ -0,0 +1,38 @@
+// src/app/api/AccessLog/detail/route.ts
+//
+// PURPOSE:
+// Get single AccessLog record detail
+//
+// RULES:
+// - Return complete AccessLog details
+//
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { AccessLogService } from '../../../../modules/AccessLog/AccessLog.service';
+
+// ----------------------------------------------------------------------
+
+/**
+ **************************************
+ * GET - Get AccessLog details
+ **************************************
+ */
+export async function GET(req: NextRequest) {
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: accessLogId must exist
+    const accessLogId = searchParams.get('accessLogId');
+    if (!accessLogId) return response({ message: 'accessLogId is required!' }, STATUS.BAD_REQUEST);
+
+    const accessLog = await AccessLogService.findById(accessLogId);
+
+    if (!accessLog) return response({ message: 'AccessLog not found!' }, STATUS.NOT_FOUND);
+
+    return response({ accessLog }, STATUS.OK);
+  } catch (error) {
+    return handleError('AccessLog - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/AccessLog/detail/test.http

@@ -0,0 +1,7 @@
+###
+
+GET http://localhost:7272/api/AppLog/detail?appLogId=e1bb8e4a-da37-4dbc-b8f2-9ad233a102ad
+
+###
+
+GET http://localhost:7272/api/AppLog/detail?start=2025-01-01&end=2025-12-31

03_source/cms_backend/src/app/api/AccessLog/route.ts

@@ -0,0 +1,76 @@
+import type { NextRequest, NextResponse } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { listAccessLogs } from 'src/app/services/AccessLog.service';
+
+// import prisma from '../../lib/prisma';
+
+export async function GET(req: NextRequest, res: NextResponse) {
+  try {
+    const result = await listAccessLogs();
+
+    return response(result, STATUS.OK);
+  } catch (error) {
+    return handleError('AccessLog - Get all', error);
+  }
+}
+
+// /**
+//  ***************************************
+//  * POST - create AccessLog
+//  ***************************************
+//  */
+// export async function POST(req: NextRequest) {
+//   const { data } = await req.json();
+
+//   try {
+//     const createResult = await AccessLogService.create(data);
+
+//     return response(createResult, STATUS.OK);
+//   } catch (error) {
+//     return handleError('AccessLog - Create', error);
+//   }
+// }
+
+// /**
+//  ***************************************
+//  * PUT - update AccessLog
+//  ***************************************
+//  */
+// export async function PUT(req: NextRequest) {
+//   const { searchParams } = req.nextUrl;
+//   const accessLogId = searchParams.get('accessLogId');
+
+//   const { data } = await req.json();
+
+//   try {
+//     if (!accessLogId) throw new Error('accessLogId cannot be null');
+
+//     const updateResult = await AccessLogService.update(accessLogId, data);
+
+//     return response(updateResult, STATUS.OK);
+//   } catch (error) {
+//     return handleError('AccessLog - Update', error);
+//   }
+// }
+
+// /**
+//  ***************************************
+//  * DELETE - delete AccessLog
+//  ***************************************
+//  */
+// export async function DELETE(req: NextRequest) {
+//   const { searchParams } = req.nextUrl;
+//   const accessLogId = searchParams.get('accessLogId');
+
+//   try {
+//     if (!accessLogId) throw new Error('accessLogId cannot be null');
+
+//     const deleteResult = await AccessLogService.delete(accessLogId);
+
+//     return response(deleteResult, STATUS.OK);
+//   } catch (error) {
+//     return handleError('AccessLog - Delete', error);
+//   }
+// }

03_source/cms_backend/src/app/api/AccessLog/test.http

@@ -0,0 +1,33 @@
+###
+GET http://localhost:7272/api/AccessLog
+
+###
+GET http://localhost:7272/api/AccessLog?accessLogId=51f2f5dd-78be-4069-ba29-09d2a5026191
+
+###
+POST http://localhost:7272/api/AccessLog
+content-type: application/json
+
+{
+  "data": {
+    "userId": "user123",
+    "ipAddress": "192.168.1.1",
+    "userAgent": "Mozilla/5.0",
+    "action": "LOGIN",
+    "path": "/api/auth/login",
+    "status": 200
+  }
+}
+
+###
+PUT http://localhost:7272/api/AccessLog?accessLogId=51f2f5dd-78be-4069-ba29-09d2a5026191
+content-type: application/json
+
+{
+  "data": {
+    "status": 404
+  }
+}
+
+###
+DELETE http://localhost:7272/api/AccessLog?accessLogId=51f2f5dd-78be-4069-ba29-09d2a5026191

03_source/cms_backend/src/app/api/AppLog/_GUIDELINES.md

@@ -0,0 +1,24 @@
+# GUIDELINE
+
+- this is a AppLog api endpoint
+- this is a demo to handle AppLog record
+- use single file for single db table/collection only
+
+## `route.ts`
+
+`route.ts` - handle `GET`, `POST`, `PUT`, `DELETE`
+`detail/route.ts` - handle `GET` request of specific `AppLog` by id
+
+## `test.http`
+
+store test request
+
+## `../../services/AppLog.service.ts`
+
+AppLog schema CRUD handler
+
+`listAppLogs` - list AppLog record
+`getAppLog` - get AppLog record by id
+`createNewAppLog` - create AppLog record
+`updateAppLog` - update AppLog record by id
+`deleteAppLog` - delete AppLog record by id

03_source/cms_backend/src/app/api/AppLog/detail/route.ts

@@ -0,0 +1,39 @@
+// src/app/api/AppLog/detail/route.ts
+//
+// PURPOSE:
+// Get single AppLog record detail
+//
+// RULES:
+// - Return complete AppLog details
+//
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/**
+ **************************************
+ * GET - Get AppLog details
+ **************************************
+ */
+export async function GET(req: NextRequest) {
+  // Original user details functionality
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: appLogId must exist
+    const appLogId = searchParams.get('appLogId');
+    if (!appLogId) return response({ message: 'appLogId is required!' }, STATUS.BAD_REQUEST);
+
+    const appLog = await prisma.appLog.findFirst({ where: { id: appLogId } });
+
+    if (!appLog) return response({ message: 'AppLog not found!' }, STATUS.NOT_FOUND);
+
+    return response({ appLog }, STATUS.OK);
+  } catch (error) {
+    return handleError('AppLog - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/AppLog/detail/test.http

@@ -0,0 +1,7 @@
+###
+
+GET http://localhost:7272/api/AppLog/detail?appLogId=e1bb8e4a-da37-4dbc-b8f2-9ad233a102ad
+
+###
+
+GET http://localhost:7272/api/AppLog/detail?start=2025-01-01&end=2025-12-31

03_source/cms_backend/src/app/api/AppLog/route.ts

@@ -0,0 +1,81 @@
+import type { NextRequest, NextResponse } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { listAppLogs, deleteAppLog, updateAppLog, createNewAppLog } from 'src/app/services/AppLog.service';
+
+// import prisma from '../../lib/prisma';
+
+export async function GET(req: NextRequest, res: NextResponse) {
+  try {
+    const result = await listAppLogs();
+
+    return response(result, STATUS.OK);
+  } catch (error) {
+    return handleError('Post - Get latest', error);
+  }
+}
+
+/**
+ ***************************************
+ * POST - create AppLog
+ ***************************************
+ */
+export async function POST(req: NextRequest) {
+  const { data } = await req.json();
+
+  try {
+    // TODO: obsolete createNewAppLog
+    const createResult = await createNewAppLog(data);
+
+    return response(createResult, STATUS.OK);
+  } catch (error) {
+    return handleError('AppLog - Create', error);
+  }
+}
+
+/**
+ ***************************************
+ * PUT - update AppLog
+ ***************************************
+ */
+export async function PUT(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const appLogId = searchParams.get('appLogId');
+
+  const { data } = await req.json();
+
+  try {
+    if (!appLogId) throw new Error('appLogId cannot null');
+    const id: number = parseInt(appLogId);
+
+    const updateResult = await updateAppLog(id, data);
+
+    return response(updateResult, STATUS.OK);
+  } catch (error) {
+    return handleError('AppLog - Update', error);
+  }
+}
+
+/**
+ ***************************************
+ * DELETE - update AppLog
+ ***************************************
+ */
+export async function DELETE(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const appLogId = searchParams.get('appLogId');
+
+  const { data } = await req.json();
+
+  try {
+    if (!appLogId) throw new Error('appLogId cannot null');
+    const id: number = parseInt(appLogId);
+
+    const deleteResult = await deleteAppLog(id);
+
+    return response(deleteResult, STATUS.OK);
+  } catch (error) {
+    return handleError('AppLog - Update', error);
+  }
+}

03_source/cms_backend/src/app/api/AppLog/test.http

@@ -0,0 +1,25 @@
+###
+GET http://localhost:7272/api/AppLog
+
+###
+GET http://localhost:7272/api/AppLog?appLogId=51f2f5dd-78be-4069-ba29-09d2a5026191
+
+###
+POST http://localhost:7272/api/AppLog?appLogId=1
+content-type: application/json
+
+{
+  "data":{"hello": "test"}
+}
+
+###
+PUT http://localhost:7272/api/AppLog?appLogId=1
+content-type: application/json
+
+{
+  "data": {"hello": "test"}
+}
+
+
+###
+DELETE http://localhost:7272/api/AppLog?appLogId=1

03_source/cms_backend/src/app/api/auth/me/route.ts

@@ -1,13 +1,20 @@
+import type { User } from '@prisma/client';
+import type { NextRequest } from 'next/server';
+
 import { headers } from 'next/headers';
 
 import { verify } from 'src/utils/jwt';
 import { STATUS, response, handleError } from 'src/utils/response';
 
-import { _users, JWT_SECRET } from 'src/_mock/_auth';
+import { JWT_SECRET } from 'src/_mock/_auth';
+import { getUserById } from 'src/app/services/user.service';
+import { createAccessLog } from 'src/app/services/AccessLog.service';
+
+import { flattenNextjsRequest } from '../sign-in/flattenNextjsRequest';
 
 // ----------------------------------------------------------------------
 
-export const runtime = 'edge';
+// export const runtime = 'edge';
 
 /**
  * This API is used for demo purpose only
@@ -17,25 +24,44 @@ export const runtime = 'edge';
  * You should not expose the JWT_SECRET in the client side
  */
 
-export async function GET() {
+const USER_TOKEN_CHECK_FAILED = 'user token check failed';
+const INVALID_AUTH_TOKEN = 'Invalid authorization token';
+const USER_ID_NOT_FOUND = 'userId not found';
+const USER_TOKEN_OK = 'user token check ok';
+const AUTHORIZATION_TOKEN_MISSING_OR_INVALID = 'Authorization token missing or invalid';
+
+export async function GET(req: NextRequest) {
+  const debug = { 'req.headers': flattenNextjsRequest(req) };
+
   try {
     const headersList = headers();
     const authorization = headersList.get('authorization');
 
     if (!authorization || !authorization.startsWith('Bearer ')) {
-      return response({ message: 'Authorization token missing or invalid' }, STATUS.UNAUTHORIZED);
+      return response({ message: AUTHORIZATION_TOKEN_MISSING_OR_INVALID }, STATUS.UNAUTHORIZED);
     }
 
     const accessToken = `${authorization}`.split(' ')[1];
     const data = await verify(accessToken, JWT_SECRET);
+    console.log(data.userId);
 
-    const currentUser = _users.find((user) => user.id === data.userId);
+    if (data.userId) {
+      // TODO: remove me
+      // const currentUser = _users.find((user) => user.id === data.userId);
+      const currentUser: User | null = await getUserById(data.userId);
 
-    if (!currentUser) {
-      return response({ message: 'Invalid authorization token' }, STATUS.UNAUTHORIZED);
+      if (!currentUser) {
+        createAccessLog('', USER_TOKEN_CHECK_FAILED, debug);
+
+        return response({ message: INVALID_AUTH_TOKEN }, STATUS.UNAUTHORIZED);
+      }
+
+      createAccessLog(currentUser.id, USER_TOKEN_OK, debug);
+
+      return response({ user: currentUser }, STATUS.OK);
+    } else {
+      return response({ message: USER_ID_NOT_FOUND }, STATUS.ERROR);
     }
-
-    return response({ user: currentUser }, 200);
   } catch (error) {
     return handleError('[Auth] - Me', error);
   }

03_source/cms_backend/src/app/api/auth/me/test.http

@@ -0,0 +1,25 @@
+###
+# username and password ok
+GET http://localhost:7272/api/auth/me
+Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiJjbWJnbnUyengwMDBjaHEzaGZ3dmtjejlvIiwiaWF0IjoxNzQ4OTY0ODkyLCJleHAiOjE3NTAxNzQ0OTJ9.lo04laCxtm0IVeYaETEV3hXKyDmXPEn7SyWtY2VR4dI
+
+
+###
+# There is no user corresponding to the email address.
+POST http://localhost:7272/api/auth/sign-in
+content-type: application/json
+
+{
+    "email": "demo@minimals1.cc",
+    "password": "@2Minimal"
+}
+
+###
+# Wrong password
+POST http://localhost:7272/api/auth/sign-in
+content-type: application/json
+
+{
+    "email": "demo@minimals.cc",
+    "password": "@2Min111imal"
+}

03_source/cms_backend/src/app/api/auth/sign-in/flattenNextjsRequest.ts

@@ -0,0 +1,5 @@
+import type { NextRequest } from 'next/server';
+
+export function flattenNextjsRequest(req: NextRequest) {
+  return Object.fromEntries(req.headers.entries());
+}

03_source/cms_backend/src/app/api/auth/sign-in/route.ts

@@ -3,12 +3,14 @@ import type { NextRequest } from 'next/server';
 import { sign } from 'src/utils/jwt';
 import { STATUS, response, handleError } from 'src/utils/response';
 
-import { _users, JWT_SECRET, JWT_EXPIRES_IN } from 'src/_mock/_auth';
+import { JWT_SECRET, JWT_EXPIRES_IN } from 'src/_mock/_auth';
+import { createAccessLog } from 'src/app/services/AccessLog.service';
+
+import prisma from '../../../lib/prisma';
+import { flattenNextjsRequest } from './flattenNextjsRequest';
 
 // ----------------------------------------------------------------------
 
-export const runtime = 'edge';
-
 /**
  * This API is used for demo purpose only
  * You should use a real database
@@ -17,29 +19,36 @@ export const runtime = 'edge';
  * You should not expose the JWT_SECRET in the client side
  */
 
+const ERR_USER_NOT_FOUND = 'There is no user corresponding to the email address.';
+const ERR_WRONG_PASSWORD = 'Wrong password';
+
 export async function POST(req: NextRequest) {
+  const debug = { 'req.headers': flattenNextjsRequest(req) };
+
   try {
     const { email, password } = await req.json();
 
-    const currentUser = _users.find((user) => user.email === email);
-
+    const currentUser = await prisma.user.findFirst({ where: { email } });
     if (!currentUser) {
-      return response(
-        { message: 'There is no user corresponding to the email address.' },
-        STATUS.UNAUTHORIZED
-      );
+      await createAccessLog('', `user tried login with email ${email}`, { debug });
+      return response({ message: ERR_USER_NOT_FOUND }, STATUS.UNAUTHORIZED);
     }
 
     if (currentUser?.password !== password) {
-      return response({ message: 'Wrong password' }, STATUS.UNAUTHORIZED);
+      await createAccessLog(currentUser.id, 'user logged with wrong password', { debug });
+      return response({ message: ERR_WRONG_PASSWORD }, STATUS.UNAUTHORIZED);
     }
 
     const accessToken = await sign({ userId: currentUser?.id }, JWT_SECRET, {
       expiresIn: JWT_EXPIRES_IN,
     });
 
-    return response({ user: currentUser, accessToken }, 200);
+    await createAccessLog(currentUser.id, 'access granted', { debug });
+
+    return response({ user: currentUser, accessToken }, STATUS.OK);
   } catch (error) {
+    await createAccessLog('', 'attempted login but failed', { debug, error });
+
     return handleError('Auth - Sign in', error);
   }
 }

03_source/cms_backend/src/app/api/auth/sign-in/test.http

@@ -0,0 +1,29 @@
+###
+# username and password ok
+POST http://localhost:7272/api/auth/sign-in
+content-type: application/json
+
+{
+    "email": "demo@minimals.cc",
+    "password": "@2Minimal"
+}
+
+###
+# There is no user corresponding to the email address.
+POST http://localhost:7272/api/auth/sign-in
+content-type: application/json
+
+{
+    "email": "demo@minimals1.cc",
+    "password": "@2Minimal"
+}
+
+###
+# Wrong password
+POST http://localhost:7272/api/auth/sign-in
+content-type: application/json
+
+{
+    "email": "demo@minimals.cc",
+    "password": "@2Min111imal"
+}

03_source/cms_backend/src/app/api/auth/sign-up/route.ts

@@ -24,10 +24,7 @@ export async function POST(req: NextRequest) {
     const userExists = _users.find((user) => user.email === email);
 
     if (userExists) {
-      return response(
-        { message: 'There already exists an account with the given email address.' },
-        STATUS.CONFLICT
-      );
+      return response({ message: 'There already exists an account with the given email address.' }, STATUS.CONFLICT);
     }
 
     const newUser = {

03_source/cms_backend/src/app/api/event/_GUIDELINES.md

@@ -0,0 +1,25 @@
+# GUIDELINE
+
+## Event / event
+
+- this is a `event` api endpoint
+- this is a demo to handle `event` record
+- use single file for single db table/collection only
+
+## `route.ts`
+
+handle `GET`, `POST`, `PUT`, `DELETE`
+
+## `test.http`
+
+store test request
+
+## `../../services/event.service.ts`
+
+event schema CRUD handler
+
+`listEvents` - list `event` record
+`getEvent` - get `event` record by id
+`createNewEvent` - create `event` record
+`updateEvent` - update `event` record by id
+`deleteEvent` - delete `event` record by id

03_source/cms_backend/src/app/api/event/createEvent/route.ts

@@ -0,0 +1,75 @@
+// src/app/api/product/createEvent/route.ts
+//
+// PURPOSE:
+// create product to db
+//
+// RULES:
+// T.B.A.
+//
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * POST - Events
+ *************************************** */
+export async function POST(req: NextRequest) {
+  // logger('[Event] list', events.length);
+  const { data } = await req.json();
+  const createForm: CreateEventData = data as unknown as CreateEventData;
+
+  console.log({ createForm });
+
+  try {
+    console.log({ data });
+    await prisma.productItem.create({ data: createForm });
+    return response({ hello: 'world' }, STATUS.OK);
+  } catch (error) {
+    console.log({ hello: 'world', data });
+    return handleError('Event - Create', error);
+  }
+}
+
+type CreateEventData = {
+  // id: string;
+  sku: string;
+  name: string;
+  code: string;
+  price: number;
+  taxes: number;
+  tags: string[];
+  sizes: string[];
+  publish: string;
+  gender: string[];
+  coverUrl: string;
+  images: string[];
+  colors: string[];
+  quantity: number;
+  category: string;
+  available: number;
+  totalSold: number;
+  description: string;
+  totalRatings: number;
+  totalReviews: number;
+  inventoryType: string;
+  subDescription: string;
+  priceSale: number;
+  newLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  saleLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  // ratings: {
+  //   name: string;
+  //   starCount: number;
+  //   reviewCount: number;
+  // }[];
+};

03_source/cms_backend/src/app/api/event/deleteEvent/route.ts

@@ -0,0 +1,44 @@
+// src/app/api/event/deleteEvent/route.ts
+//
+// PURPOSE:
+// delete event from db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * handle Delete Events
+ *************************************** */
+export async function DELETE(req: NextRequest) {
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: eventId must exist
+    const eventId = searchParams.get('eventId');
+    if (!eventId) {
+      return response({ message: 'Event ID is required!' }, STATUS.BAD_REQUEST);
+    }
+
+    // NOTE: eventId confirmed exist, run below
+    const event = await prisma.eventItem.delete({ where: { id: eventId } });
+
+    if (!event) {
+      return response({ message: 'Event not found!' }, STATUS.NOT_FOUND);
+    }
+
+    logger('[Event] details', event.id);
+
+    return response({ event }, STATUS.OK);
+  } catch (error) {
+    return handleError('Event - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/event/deleteEvent/test.http

@@ -0,0 +1,3 @@
+###
+
+DELETE http://localhost:7272/api/event/deleteEvent?eventId=e99f09a7-dd88-49d5-b1c8-1daf80c2d7b06

03_source/cms_backend/src/app/api/event/details/route.ts

@@ -0,0 +1,51 @@
+// src/app/api/event/details/route.ts
+//
+// PURPOSE:
+// save event to db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { L_INFO, L_ERROR } from 'src/constants';
+import { getEvent } from 'src/app/services/eventItem.service';
+import { createAppLog } from 'src/app/services/AppLog.service';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET Event detail
+ *************************************** */
+export async function GET(req: NextRequest) {
+  const debug = { 'req.headers': Object.fromEntries(req.headers.entries()) };
+
+  const { searchParams } = req.nextUrl;
+  // RULES: for the incoming request, the `eventId` must exist
+  const eventId = searchParams.get('eventId');
+
+  try {
+    if (!eventId) {
+      return response({ message: 'Event ID is required!' }, STATUS.BAD_REQUEST);
+    }
+
+    // NOTE: `eventId` confirmed exist, run below
+    const event = await getEvent(eventId);
+    console.log({ event });
+
+    // RULES: show error if not found
+    if (!event) {
+      return response({ message: 'Event not found!' }, STATUS.NOT_FOUND);
+    }
+
+    // logger('[Event] details', event.id);
+    await createAppLog(L_INFO, 'get event detail ok', { eventId });
+
+    return response({ event }, STATUS.OK);
+  } catch (error) {
+    await createAppLog(L_ERROR, 'error during getting event detail', { debug, eventId });
+    return handleError('Event - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/event/details/test.http

@@ -0,0 +1,5 @@
+###
+GET http://localhost:7272/api/event/details?eventId=e99f09a7-dd88-49d5-b1c8-1daf80c2d7b01
+
+###
+GET http://localhost:7272/api/event/details

03_source/cms_backend/src/app/api/event/image/upload/route.ts

@@ -0,0 +1,30 @@
+// src/app/api/event/image/upload/route.ts
+//
+// PURPOSE:
+// handle upload event image
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+// import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET - Events
+ *************************************** */
+export async function POST(req: NextRequest) {
+  try {
+    const { data } = await req.json();
+    console.log('helloworld');
+
+    return response({ hello: 'world' }, STATUS.OK);
+  } catch (error) {
+    console.log({ hello: 'world' });
+    return handleError('Event - store event image', error);
+  }
+}

03_source/cms_backend/src/app/api/event/list/route.ts

@@ -0,0 +1,22 @@
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+// src/app/api/event/list/route.ts
+import { listEvents } from 'src/app/services/eventItem.service';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET - Events, obsoleted
+ *************************************** */
+export async function GET() {
+  try {
+    const events = await listEvents();
+
+    logger('[Event] list', events.length);
+
+    return response({ events }, STATUS.OK);
+  } catch (error) {
+    return handleError('Event - Get list', error);
+  }
+}

03_source/cms_backend/src/app/api/event/list/test.http

@@ -0,0 +1,3 @@
+###
+
+GET http://localhost:7272/api/event/list

03_source/cms_backend/src/app/api/event/saveEvent/route.ts

@@ -0,0 +1,129 @@
+// src/app/api/event/saveEvent/route.ts
+//
+// PURPOSE:
+// save event to db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET - Events
+ *************************************** */
+export async function POST(req: NextRequest) {
+  // logger('[Event] list', events.length);
+  const { data } = await req.json();
+
+  try {
+    const events = await prisma.eventItem.updateMany({
+      data: {
+        name: data.name,
+        sku: data.sku,
+        code: data.code,
+        price: data.price,
+        taxes: data.taxes,
+        tags: data.tags,
+        sizes: data.sizes,
+        publish: data.publish,
+        gender: data.gender,
+        coverUrl: data.coverUrl,
+        images: data.images,
+        colors: data.colors,
+        quantity: data.quantity,
+        category: data.category,
+        available: data.available,
+        totalSold: data.totalSold,
+        description: data.description,
+        totalRatings: data.totalRatings,
+        totalReviews: data.totalReviews,
+        inventoryType: data.inventoryType,
+        subDescription: data.subDescription,
+        priceSale: data.priceSale,
+        //
+        newLabel: {
+          content: data.newLabel?.content || '',
+          enabled: data.newLabel?.enabled ?? false,
+        },
+        saleLabel: {
+          content: data.saleLabel?.content || '',
+          enabled: data.saleLabel?.enabled ?? false,
+        },
+        ratings: {
+          set: data.ratings.map((rating: { name: string; starCount: number; reviewCount: number }) => ({
+            name: rating.name,
+            starCount: rating.starCount,
+            reviewCount: rating.reviewCount,
+          })),
+        },
+      },
+      where: { id: data.id },
+    });
+
+    return response({ data }, STATUS.OK);
+  } catch (error) {
+    console.log({ data });
+    return handleError('Event - Get list', error);
+  }
+}
+
+export type IEventItem = {
+  id: string;
+  sku: string;
+  name: string;
+  code: string;
+  price: number;
+  taxes: number;
+  tags: string[];
+  sizes: string[];
+  publish: string;
+  gender: string[];
+  coverUrl: string;
+  images: string[];
+  colors: string[];
+  quantity: number;
+  category: string;
+  available: number;
+  totalSold: number;
+  description: string;
+  totalRatings: number;
+  totalReviews: number;
+  // createdAt: IDateValue;
+  inventoryType: string;
+  subDescription: string;
+  priceSale: number | null;
+  // reviews: IEventReview[];
+  newLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  saleLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  ratings: {
+    name: string;
+    starCount: number;
+    reviewCount: number;
+  }[];
+};
+
+export type IDateValue = string | number | null;
+
+export type IEventReview = {
+  id: string;
+  name: string;
+  rating: number;
+  comment: string;
+  helpful: number;
+  avatarUrl: string;
+  postedAt: IDateValue;
+  isPurchased: boolean;
+  attachments?: string[];
+};

03_source/cms_backend/src/app/api/event/search/route.ts

@@ -0,0 +1,35 @@
+import type { NextRequest } from 'next/server';
+
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { _events } from 'src/_mock/_event';
+
+// ----------------------------------------------------------------------
+
+export const runtime = 'edge';
+
+/** **************************************
+ * GET - Search events
+ *************************************** */
+export async function GET(req: NextRequest) {
+  try {
+    const { searchParams } = req.nextUrl;
+    const query = searchParams.get('query')?.trim().toLowerCase();
+
+    if (!query) {
+      return response({ results: [] }, STATUS.OK);
+    }
+
+    const events = _events();
+
+    // Accept search by name or sku
+    const results = events.filter(({ name, sku }) => name.toLowerCase().includes(query) || sku?.toLowerCase().includes(query));
+
+    logger('[Event] search-results', results.length);
+
+    return response({ results }, STATUS.OK);
+  } catch (error) {
+    return handleError('Event - Get search', error);
+  }
+}

03_source/cms_backend/src/app/api/helloworld/_GUIDELINES.md

@@ -1,7 +1,8 @@
 # GUIDELINE
 
-this is a helloworld api endpoint
-this is a demo to handle helloworld record
+- this is a helloworld api endpoint
+- this is a demo to handle helloworld record
+- use single file for single db table/collection only
 
 ## `route.ts`
 

03_source/cms_backend/src/app/api/helloworld/detail/route.ts

@@ -0,0 +1,49 @@
+// src/app/api/helloworld/detail/route.ts
+//
+// PURPOSE:
+// Get single helloworld record detail
+//
+// RULES:
+// - For helloworld requests, return simple response
+//
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { L_INFO, L_ERROR } from 'src/constants';
+import { createAppLog } from 'src/app/services/AppLog.service';
+
+import prisma from '../../../lib/prisma';
+import { flattenNextjsRequest } from '../../auth/sign-in/flattenNextjsRequest';
+
+// ----------------------------------------------------------------------
+
+/**
+ **************************************
+ * GET - Handle both helloworld and user details
+ **************************************
+ */
+export async function GET(req: NextRequest) {
+  // Original user details functionality
+  const debug = { 'req.headers': flattenNextjsRequest(req) };
+
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: helloworldId must exist
+    const helloworldId = searchParams.get('helloworldId');
+    if (!helloworldId) return response({ message: 'helloworldId is required!' }, STATUS.BAD_REQUEST);
+
+    const helloworld = await prisma.userItem.findFirst({ where: { id: helloworldId } });
+
+    if (!helloworld) return response({ message: 'User not found!' }, STATUS.NOT_FOUND);
+
+    createAppLog(L_INFO, 'Get OK', debug);
+
+    return response({ helloworld }, STATUS.OK);
+  } catch (error) {
+    createAppLog(L_ERROR, 'Get error', debug);
+
+    return handleError('Product - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/helloworld/detail/test.http

@@ -0,0 +1,4 @@
+###
+
+GET http://localhost:7272/api/helloworld/details?helloworldId=1165ce3a-29b8-4e1a-9148-1ae08d7e8e01
+

03_source/cms_backend/src/app/api/helloworld/route.ts

@@ -6,6 +6,11 @@ import { listHelloworlds, deleteHelloworld, updateHelloworld, createNewHelloworl
 
 // import prisma from '../../lib/prisma';
 
+/**
+ ***************************************
+ * GET - list all Helloworlds
+ ***************************************
+ */
 export async function GET(req: NextRequest, res: NextResponse) {
   try {
     const result = await listHelloworlds();

03_source/cms_backend/src/app/api/order/_GUIDELINES.md

@@ -0,0 +1,23 @@
+# GUIDELINE
+
+- this is a helloworld api endpoint
+- this is a demo to handle helloworld record
+- use single file for single db table/collection only
+
+## `route.ts`
+
+handle `GET`, `POST`, `PUT`, `DELETE`
+
+## `test.http`
+
+store test request
+
+## `../../services/helloworld.service.ts`
+
+helloworld schema CRUD handler
+
+`listHelloworlds` - list helloworld record
+`getHelloworld` - get helloworld record by id
+`createNewHelloworld` - create helloworld record
+`updateHelloworld` - update helloworld record by id
+`deleteHelloworld` - delete helloworld record by id

03_source/cms_backend/src/app/api/order/route.ts

@@ -0,0 +1,76 @@
+import type { NextRequest, NextResponse } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { listOrders, deleteOrder, updateOrder, createOrder } from 'src/app/services/order.service';
+
+/**
+ **************************************
+ * GET - Order
+ ***************************************
+ */
+export async function GET(req: NextRequest, res: NextResponse) {
+  try {
+    const orders = await listOrders();
+    return response(orders, STATUS.OK);
+  } catch (error) {
+    return handleError('Order - Get list', error);
+  }
+}
+
+/**
+ ***************************************
+ * POST - Create Order
+ ***************************************
+ */
+export async function POST(req: NextRequest) {
+  const { data } = await req.json();
+
+  try {
+    const order = await createOrder(data);
+    return response(order, STATUS.CREATED);
+  } catch (error) {
+    return handleError('Order - Create', error);
+  }
+}
+
+/**
+ ***************************************
+ * PUT - Update Order
+ ***************************************
+ */
+export async function PUT(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const orderId = searchParams.get('orderId');
+  const { data } = await req.json();
+
+  try {
+    if (!orderId) throw new Error('orderId cannot be null');
+    const id: number = parseInt(orderId);
+
+    const updatedOrder = await updateOrder(id, data);
+    return response(updatedOrder, STATUS.OK);
+  } catch (error) {
+    return handleError('Order - Update', error);
+  }
+}
+
+/**
+ ***************************************
+ * DELETE - Delete Order
+ ***************************************
+ */
+export async function DELETE(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const orderId = searchParams.get('orderId');
+
+  try {
+    if (!orderId) throw new Error('orderId cannot be null');
+    const id: number = parseInt(orderId);
+
+    await deleteOrder(id);
+    return response({ success: true }, STATUS.OK);
+  } catch (error) {
+    return handleError('Order - Delete', error);
+  }
+}

03_source/cms_backend/src/app/api/order/test.http

@@ -0,0 +1,32 @@
+###
+GET http://localhost:7272/api/order
+
+###
+GET http://localhost:7272/api/order?orderId=1
+
+###
+POST http://localhost:7272/api/order
+content-type: application/json
+
+{
+  "data": {
+    "product": "Sample Product",
+    "quantity": 1,
+    "price": 99.99
+  }
+}
+
+###
+PUT http://localhost:7272/api/order?orderId=1
+content-type: application/json
+
+{
+  "data": {
+    "product": "Updated Product",
+    "quantity": 2,
+    "price": 199.98
+  }
+}
+
+###
+DELETE http://localhost:7272/api/order?orderId=1

03_source/cms_backend/src/app/api/product/_GUIDELINES.md

@@ -0,0 +1,3 @@
+# GUIDELINES
+
+T.B.A.

03_source/cms_backend/src/app/api/product/details/route.ts

@@ -1,7 +1,7 @@
 // src/app/api/product/details/route.ts
 //
 // PURPOSE:
-// save product to db by id
+// get product from db by id
 //
 // RULES:
 // T.B.A.
@@ -11,14 +11,22 @@ import type { NextRequest } from 'next/server';
 import { logger } from 'src/utils/logger';
 import { STATUS, response, handleError } from 'src/utils/response';
 
-import prisma from '../../../lib/prisma';
+import { L_INFO, L_ERROR } from 'src/constants';
+import { getProduct } from 'src/app/services/product.service';
+import { createAppLog } from 'src/app/services/AppLog.service';
+
+import { flattenNextjsRequest } from '../../auth/sign-in/flattenNextjsRequest';
 
 // ----------------------------------------------------------------------
 
-/** **************************************
+/**
+ **************************************
  * GET Product detail
- *************************************** */
+ ***************************************
+ */
 export async function GET(req: NextRequest) {
+  const debug = { 'req.headers': flattenNextjsRequest(req) };
+
   try {
     const { searchParams } = req.nextUrl;
 
@@ -29,10 +37,7 @@ export async function GET(req: NextRequest) {
     }
 
     // NOTE: productId confirmed exist, run below
-    const product = await prisma.productItem.findFirst({
-      include: { reviews: true },
-      where: { id: productId },
-    });
+    const product = await getProduct(productId);
 
     if (!product) {
       return response({ message: 'Product not found!' }, STATUS.NOT_FOUND);
@@ -40,8 +45,12 @@ export async function GET(req: NextRequest) {
 
     logger('[Product] details', product.id);
 
+    createAppLog(L_INFO, 'Get product detail OK', debug);
+
     return response({ product }, STATUS.OK);
   } catch (error) {
+    createAppLog(L_ERROR, 'product detail error', debug);
+
     return handleError('Product - Get details', error);
   }
 }

03_source/cms_backend/src/app/api/product/details/test.http

@@ -0,0 +1,3 @@
+###
+
+GET http://localhost:7272/api/product/details?productId=e99f09a7-dd88-49d5-b1c8-1daf80c2d7b01

03_source/cms_backend/src/app/api/product/list/route.ts

@@ -1,22 +1,41 @@
 // src/app/api/product/list/route.ts
-import { logger } from 'src/utils/logger';
+//
+// PURPOSE:
+// save product to db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
 import { STATUS, response, handleError } from 'src/utils/response';
 
-import prisma from '../../../lib/prisma';
+import { L_INFO, L_ERROR } from 'src/constants';
+import { createAppLog } from 'src/app/services/AppLog.service';
+import { listProducts } from 'src/app/services/product.service';
+
+import { flattenNextjsRequest } from '../../auth/sign-in/flattenNextjsRequest';
 
 // ----------------------------------------------------------------------
 
 /** **************************************
- * GET - Products
+ * GET - Products list
  *************************************** */
-export async function GET() {
-  try {
-    const products = await prisma.productItem.findMany();
+export async function GET(req: NextRequest) {
+  const debug = { 'req.headers': flattenNextjsRequest(req) };
 
-    logger('[Product] list', products.length);
+  try {
+    // const products = await prisma.productItem.findMany();
+    const products = await listProducts();
+
+    // logger('[Product] list', products.length);
+
+    createAppLog(L_INFO, 'product list ok', {});
 
     return response({ products }, STATUS.OK);
   } catch (error) {
+    createAppLog(L_ERROR, 'product list error', debug);
+
     return handleError('Product - Get list', error);
   }
 }

03_source/cms_backend/src/app/api/product/list/test.http

@@ -0,0 +1,3 @@
+###
+
+GET http://localhost:7272/api/product/list

03_source/cms_backend/src/app/api/product/route.ts

@@ -0,0 +1,74 @@
+import type { NextRequest, NextResponse } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { listProducts, deleteProduct, updateProduct, createProduct } from 'src/app/services/product.service';
+
+/**
+ **************************************
+ * GET - Product
+ ***************************************
+ */
+export async function GET(req: NextRequest, res: NextResponse) {
+  try {
+    const products = await listProducts();
+    return response(products, STATUS.OK);
+  } catch (error) {
+    return handleError('Product - Get list', error);
+  }
+}
+
+/**
+ ***************************************
+ * POST - Create Product
+ ***************************************
+ */
+export async function POST(req: NextRequest) {
+  const { data } = await req.json();
+
+  try {
+    const product = await createProduct(data);
+    return response(product, STATUS.CREATED);
+  } catch (error) {
+    return handleError('Product - Create', error);
+  }
+}
+
+/**
+ ***************************************
+ * PUT - Update Product
+ ***************************************
+ */
+export async function PUT(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const productId = searchParams.get('productId');
+  const { data } = await req.json();
+
+  try {
+    if (!productId) throw new Error('productId cannot be null');
+
+    const result = await updateProduct(productId, data);
+    return response(result, STATUS.OK);
+  } catch (error) {
+    return handleError('Product - Update', error);
+  }
+}
+
+/**
+ ***************************************
+ * DELETE - Delete Product
+ ***************************************
+ */
+export async function DELETE(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const productId = searchParams.get('productId');
+
+  try {
+    if (!productId) throw new Error('productId cannot be null');
+
+    await deleteProduct(productId);
+    return response({ success: true }, STATUS.OK);
+  } catch (error) {
+    return handleError('Product - Delete', error);
+  }
+}

03_source/cms_backend/src/app/api/product/test.http

@@ -0,0 +1,33 @@
+###
+GET http://localhost:7272/api/product
+
+###
+GET http://localhost:7272/api/product?productId=1
+
+###
+POST http://localhost:7272/api/product
+content-type: application/json
+
+{
+  "data": {
+    "sku": "PROD-001",
+    "name": "Premium Product",
+    "price": 99.99,
+    "quantity": 100,
+    "category": "Electronics",
+  }
+}
+
+###
+PUT http://localhost:7272/api/product?productId=1
+content-type: application/json
+
+{
+  "data": {
+    "price": 89.99,
+    "quantity": 95
+  }
+}
+
+###
+DELETE http://localhost:7272/api/product?productId=1

03_source/cms_backend/src/app/api/student/_GUIDELINES.md

@@ -0,0 +1,23 @@
+# GUIDELINE
+
+- this is a helloworld api endpoint
+- this is a demo to handle helloworld record
+- use single file for single db table/collection only
+
+## `route.ts`
+
+handle `GET`, `POST`, `PUT`, `DELETE`
+
+## `test.http`
+
+store test request
+
+## `../../services/helloworld.service.ts`
+
+helloworld schema CRUD handler
+
+`listHelloworlds` - list helloworld record
+`getHelloworld` - get helloworld record by id
+`createNewHelloworld` - create helloworld record
+`updateHelloworld` - update helloworld record by id
+`deleteHelloworld` - delete helloworld record by id

03_source/cms_backend/src/app/api/student/detail/route.ts

@@ -0,0 +1,39 @@
+// src/app/api/helloworld/detail/route.ts
+//
+// PURPOSE:
+// Get single helloworld record detail
+//
+// RULES:
+// - For helloworld requests, return simple response
+//
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/**
+ **************************************
+ * GET - Handle both helloworld and user details
+ **************************************
+ */
+export async function GET(req: NextRequest) {
+  // Original user details functionality
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: helloworldId must exist
+    const helloworldId = searchParams.get('helloworldId');
+    if (!helloworldId) return response({ message: 'helloworldId is required!' }, STATUS.BAD_REQUEST);
+
+    const helloworld = await prisma.userItem.findFirst({ where: { id: helloworldId } });
+
+    if (!helloworld) return response({ message: 'User not found!' }, STATUS.NOT_FOUND);
+
+    return response({ helloworld }, STATUS.OK);
+  } catch (error) {
+    return handleError('Product - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/student/detail/test.http

@@ -0,0 +1,4 @@
+###
+
+GET http://localhost:7272/api/helloworld/details?helloworldId=1165ce3a-29b8-4e1a-9148-1ae08d7e8e01
+

03_source/cms_backend/src/app/api/student/route.ts

@@ -0,0 +1,34 @@
+import prisma from '@/lib/prisma';
+import { NextResponse } from 'next/server';
+
+// GET: 获取所有学生
+export async function GET() {
+  try {
+    const students = await prisma.student.findMany();
+    return NextResponse.json(students);
+  } catch (error) {
+    return NextResponse.json({ error: 'Failed to fetch students' }, { status: 500 });
+  }
+}
+
+// POST: 创建新学生
+export async function POST(request: Request) {
+  try {
+    const { email, metadata } = await request.json();
+
+    if (!email) {
+      return NextResponse.json({ error: 'Email is required' }, { status: 400 });
+    }
+
+    const student = await prisma.student.create({
+      data: {
+        email,
+        metadata: metadata || {},
+      },
+    });
+
+    return NextResponse.json(student, { status: 201 });
+  } catch (error) {
+    return NextResponse.json({ error: 'Failed to create student' }, { status: 500 });
+  }
+}

03_source/cms_backend/src/app/api/student/test.http

@@ -0,0 +1,25 @@
+###
+GET http://localhost:7272/api/helloworld
+
+###
+GET http://localhost:7272/api/helloworld?helloworldId=1
+
+###
+POST http://localhost:7272/api/helloworld?helloworldId=1
+content-type: application/json
+
+{
+  "data":{"hello": "hell"}
+}
+
+###
+PUT http://localhost:7272/api/helloworld?helloworldId=1
+content-type: application/json
+
+{
+  "data": {"hello": "hell"}
+}
+
+
+###
+DELETE http://localhost:7272/api/helloworld?helloworldId=1

03_source/cms_backend/src/app/api/user/changeToAdmin/route.ts

@@ -0,0 +1,36 @@
+// src/app/api/user/promoteToAdmin/route.ts
+//
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { changeToAdmin } from 'src/app/services/userItem.service';
+
+/**
+ ***************************************
+ * PUT - promote user to admin
+ ***************************************
+ */
+export async function PUT(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+
+  // userId, the userId going to be admin
+  // {data: requestUserId}, the userId sending request to promote admin
+  // the requestUserId should be a admin admin already
+
+  const userId = searchParams.get('userId');
+  const {
+    data: { requestUserId },
+  } = await req.json();
+
+  try {
+    if (!userId) return response('userId cannot be null', STATUS.BAD_REQUEST);
+    if (!requestUserId) return response('requestUserId cannot be null', STATUS.BAD_REQUEST);
+
+    const result = await changeToAdmin(userId, requestUserId);
+
+    return response(result, STATUS.OK);
+  } catch (error) {
+    return handleError('promote to admin', JSON.stringify(error));
+  }
+}

03_source/cms_backend/src/app/api/user/changeToAdmin/test.http

@@ -0,0 +1,33 @@
+# step 1 check not a admin
+###
+GET http://localhost:7272/api/user/details?userId=00b8b53b-dfe6-4b07-8d23-0dc9f75e7a2c
+
+# step 1 check not a admin
+###
+GET http://localhost:7272/api/user/details?userId=5e072d02-919c-49c4-98b4-9659b8eff231
+
+
+# step 2 request to change admin
+###
+PUT http://localhost:7272/api/user/changeToAdmin?userId=00b8b53b-dfe6-4b07-8d23-0dc9f75e7a2c
+content-type: application/json
+
+{
+  "data": {"requestUserId": "5e072d02-919c-49c4-98b4-9659b8eff231"}
+}
+
+
+
+# step 2 request to change user
+###
+PUT http://localhost:7272/api/user/changeToUser?userId=00b8b53b-dfe6-4b07-8d23-0dc9f75e7a2c
+content-type: application/json
+
+{
+  "data": {"requestUserId": "5e072d02-919c-49c4-98b4-9659b8eff231"}
+}
+
+
+#  step 3 it is now admin
+###
+GET http://localhost:7272/api/user/details?userId=00b8b53b-dfe6-4b07-8d23-0dc9f75e7a2c

03_source/cms_backend/src/app/api/user/changeToUser/route.ts

@@ -0,0 +1,36 @@
+// src/app/api/user/changeToUser/route.ts
+//
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { changeToUser } from 'src/app/services/userItem.service';
+
+/**
+ ***************************************
+ * PUT - change admin back to regular user
+ ***************************************
+ */
+export async function PUT(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+
+  // userId, the userId going to be changed to regular user
+  // {data: requestUserId}, the userId sending request to change role
+  // the requestUserId should be an admin
+
+  const userId = searchParams.get('userId');
+  const {
+    data: { requestUserId },
+  } = await req.json();
+
+  try {
+    if (!userId) throw new Error('userId cannot be null');
+    if (!requestUserId) throw new Error('requestUserId cannot be null');
+
+    const result = await changeToUser(userId, requestUserId);
+
+    return response(result, STATUS.OK);
+  } catch (error) {
+    return handleError('change to regular user', JSON.stringify(error));
+  }
+}

03_source/cms_backend/src/app/api/user/changeToUser/test.http

@@ -0,0 +1,17 @@
+###
+PUT http://localhost:7272/api/user/changeToUser?userId=cmbfx38e30000ssek6ufjewcp
+content-type: application/json
+
+{
+  "data": {"requestUserId": "cmbfx38kk000esseka9qo8lpt"}
+}
+
+
+###
+GET http://localhost:7272/api/user/changeToUser?userId=
+
+###
+GET http://localhost:7272/api/user
+
+###
+GET http://localhost:7272/api/user?userId=cmbfx38e30000ssek6ufjewcp

03_source/cms_backend/src/app/api/user/checkAdmin/route.ts

@@ -0,0 +1,21 @@
+import type { NextRequest, NextResponse } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { isAdmin } from 'src/app/services/userItem.service';
+
+// import prisma from '../../lib/prisma';
+
+export async function GET(req: NextRequest, res: NextResponse) {
+  const { searchParams } = req.nextUrl;
+  const userId = searchParams.get('userId');
+
+  try {
+    if (!userId) throw new Error('userId cannot be null');
+    const result = await isAdmin(userId);
+
+    return response(result, STATUS.OK);
+  } catch (error) {
+    return handleError('Post - Get latest', error);
+  }
+}

03_source/cms_backend/src/app/api/user/checkAdmin/test.http

@@ -0,0 +1,9 @@
+###
+GET http://localhost:7272/api/user/checkAdmin?userId=cmbfx38ey0001ssek5pr05o70
+
+###
+GET http://localhost:7272/api/user/checkAdmin?userId=cmbfvonkx000411ykuah8pp8s
+
+
+###
+GET http://localhost:7272/api/user/checkAdmin

03_source/cms_backend/src/app/api/user/details/route.ts

@@ -1,4 +1,4 @@
-// src/app/api/product/details/route.ts
+// src/app/api/user/details/route.ts
 //
 // PURPOSE:
 // read user from db by id
@@ -24,9 +24,7 @@ export async function GET(req: NextRequest) {
 
     // RULES: userId must exist
     const userId = searchParams.get('userId');
-    if (!userId) {
-      return response({ message: 'userId is required!' }, STATUS.BAD_REQUEST);
-    }
+    if (!userId) return response({ message: 'userId is required!' }, STATUS.BAD_REQUEST);
 
     // NOTE: userId confirmed exist, run below
     const user = await prisma.userItem.findFirst({
@@ -34,9 +32,7 @@ export async function GET(req: NextRequest) {
       where: { id: userId },
     });
 
-    if (!user) {
-      return response({ message: 'User not found!' }, STATUS.NOT_FOUND);
-    }
+    if (!user) return response({ message: 'User not found!' }, STATUS.NOT_FOUND);
 
     logger('[User] details', user.id);
 

03_source/cms_backend/src/app/api/user/helloworld/route.ts

@@ -0,0 +1,21 @@
+import type { NextRequest, NextResponse } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { isAdmin } from 'src/app/services/userItem.service';
+
+// import prisma from '../../lib/prisma';
+
+export async function GET(req: NextRequest, res: NextResponse) {
+  const { searchParams } = req.nextUrl;
+  const userId = searchParams.get('userId');
+
+  try {
+    if (!userId) throw new Error('userId cannot be null');
+    const result = await isAdmin(userId);
+
+    return response(result, STATUS.OK);
+  } catch (error) {
+    return handleError('Post - Get latest', error);
+  }
+}

03_source/cms_backend/src/app/api/user/helloworld/test.http

@@ -0,0 +1,2 @@
+###
+GET http://localhost:7272/api/user

03_source/cms_backend/src/app/api/user/list/route.ts

@@ -1,17 +1,20 @@
 // src/app/api/product/list/route.ts
+//
 import { logger } from 'src/utils/logger';
 import { STATUS, response, handleError } from 'src/utils/response';
 
-import prisma from '../../../lib/prisma';
+import { listUsers } from 'src/app/services/userItem.service';
 
 // ----------------------------------------------------------------------
 
-/** **************************************
+/**
+ ***************************************
  * GET - Products
- *************************************** */
+ ***************************************
+ */
 export async function GET() {
   try {
-    const users = await prisma.userItem.findMany();
+    const users = await listUsers();
 
     logger('[User] list', users.length);
 

03_source/cms_backend/src/app/api/user/route.ts

@@ -0,0 +1,80 @@
+import type { NextRequest, NextResponse } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { listUsers, deleteUser, updateUser, createNewUser } from 'src/app/services/userItem.service';
+
+// import prisma from '../../lib/prisma';
+
+export async function GET(req: NextRequest, res: NextResponse) {
+  try {
+    const result = await listUsers();
+
+    return response(result, STATUS.OK);
+  } catch (error) {
+    return handleError('User - Get latest', error);
+  }
+}
+
+/**
+ ***************************************
+ * POST - create User
+ ***************************************
+ */
+export async function POST(req: NextRequest) {
+  const { data } = await req.json();
+
+  try {
+    const createResult = await createNewUser(data);
+
+    return response(createResult, STATUS.OK);
+  } catch (error) {
+    return handleError('User - Create', error);
+  }
+}
+
+/**
+ ***************************************
+ * PUT - update User
+ ***************************************
+ */
+export async function PUT(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const userId = searchParams.get('userId');
+
+  const { data } = await req.json();
+
+  try {
+    if (!userId) throw new Error('userId cannot null');
+    const id: number = parseInt(userId);
+
+    const updateResult = await updateUser(id, data);
+
+    return response(updateResult, STATUS.OK);
+  } catch (error) {
+    return handleError('User - Update', error);
+  }
+}
+
+/**
+ ***************************************
+ * DELETE - update User
+ ***************************************
+ */
+export async function DELETE(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const userId = searchParams.get('userId');
+
+  const { data } = await req.json();
+
+  try {
+    if (!userId) throw new Error('userId cannot null');
+    const id: number = parseInt(userId);
+
+    const deleteResult = await deleteUser(id);
+
+    return response(deleteResult, STATUS.OK);
+  } catch (error) {
+    return handleError('User - Update', error);
+  }
+}

03_source/cms_backend/src/app/api/user/test.http

@@ -0,0 +1,26 @@
+###
+GET http://localhost:7272/api/user
+
+###
+GET http://localhost:7272/api/user?userId=cmbfvonhl000011ykdi345yc9
+
+###
+POST http://localhost:7272/api/user?userId=1
+content-type: application/json
+
+{
+  "data":{"name": "John Doe"}
+}
+
+###
+PUT http://localhost:7272/api/user?userId=1
+content-type: application/json
+
+{
+  "data": {"name": "John Doe"}
+}
+
+
+###
+DELETE http://localhost:7272/api/user?userId=1
+

03_source/cms_backend/src/app/services/AccessLog.service.ts

@@ -0,0 +1,66 @@
+// src/app/services/AccessLog.service.ts
+//
+// PURPOSE:
+// Service for handling AccessLog records
+//
+// RULES:
+// - All methods return Promises
+// - Input validation should be done at controller level
+// - Errors should be propagated to caller
+
+import type { AccessLog } from '@prisma/client';
+
+import prisma from '../lib/prisma';
+
+// type CreateAccessLog = {
+//   userId?: string;
+//   message?: string;
+//   metadata?: Record<string, any>;
+// };
+
+// type UpdateAccessLog = {
+//   status?: number;
+//   metadata?: object;
+// };
+
+async function listAccessLogs(): Promise<AccessLog[]> {
+  return prisma.accessLog.findMany({
+    orderBy: { timestamp: 'desc' },
+    take: 100,
+  });
+}
+
+async function getAccessLog(id: string): Promise<AccessLog | null> {
+  return prisma.accessLog.findUnique({ where: { id } });
+}
+
+async function createAccessLog(userId?: string, message?: string, metadata?: Record<string, any>): Promise<AccessLog> {
+  return prisma.accessLog.create({
+    data: {
+      userId,
+      message,
+      metadata,
+    },
+  });
+}
+
+// async function update(id: string, data: UpdateAccessLog): Promise<AccessLog> {
+//   return prisma.accessLog.update({
+//     where: { id },
+//     data: {
+//       ...data,
+//       metadata: data.metadata || {},
+//     },
+//   });
+// }
+
+// async function deleteAccessLog(id: string): Promise<AccessLog> {
+//   return prisma.accessLog.delete({ where: { id } });
+// }
+
+export {
+  //
+  getAccessLog,
+  listAccessLogs,
+  createAccessLog,
+};

03_source/cms_backend/src/app/services/AppLog.service.ts

@@ -0,0 +1,58 @@
+// src/app/services/AppLog.service.ts
+//
+// REQ0047/T.B.A.
+//
+// PURPOSE:
+// - AppLog example for handling AppLog Record
+//
+// RULES:
+// - T.B.A.
+//
+
+import type { AppLog } from '@prisma/client';
+
+import prisma from '../lib/prisma';
+
+type CreateAppLog = {
+  level: number;
+  message: string;
+  metadata: Record<string, any>;
+};
+
+// type UpdateAppLog = {
+//   level: number;
+//   message: string;
+// };
+
+async function listAppLogs(): Promise<AppLog[]> {
+  return prisma.appLog.findMany();
+}
+
+async function getAppLog(appLogId: string) {
+  return prisma.appLog.findFirst({ where: { id: appLogId } });
+}
+
+async function createAppLog(level: number, message: string, metadata: Record<string, any>) {
+  return prisma.appLog.create({ data: { level, message, metadata } });
+}
+
+async function createNewAppLog(createForm: CreateAppLog) {
+  return prisma.appLog.create({ data: createForm });
+}
+
+// async function updateAppLog(appLogId: string, updateForm: UpdateAppLog) {
+//   return prisma.appLog.update({ where: { id: appLogId }, data: updateForm });
+// }
+
+async function deleteAppLog(appLogId: string) {
+  return prisma.appLog.delete({ where: { id: appLogId } });
+}
+
+export {
+  getAppLog,
+  listAppLogs,
+  // updateAppLog,
+  deleteAppLog,
+  createAppLog,
+  createNewAppLog,
+};

03_source/cms_backend/src/app/services/_PROMPTS/clone_srevice.md

@@ -0,0 +1,7 @@
+with knowledge in schema.prisma file,
+please refer the below helloworld example `helloworld.service.ts`
+and create `user.service.ts` to cover user record
+
+thanks
+
+`/home/logic/_wsl_workspace/001_github_ws/HKSingleParty-ws/HKSingleParty/03_source/cms_backend/src/app/services/helloworld.service.ts`

03_source/cms_backend/src/app/services/event.service.ts

@@ -0,0 +1,67 @@
+// src/app/services/event.service.ts
+//
+// PURPOSE:
+// - Service for handling Event records
+//
+// RULES:
+// - Follows same pattern as helloworld.service.ts
+//
+
+type CreateEvent = {
+  eventDate: DateTime;
+  title: string;
+  joinMembers?: Json[];
+  price: number;
+  currency: string;
+  duration_m: number;
+  ageBottom: number;
+  ageTop: number;
+  location: string;
+  avatar?: string;
+  memberId?: number;
+};
+
+type UpdateEvent = {
+  eventDate?: DateTime;
+  title?: string;
+  joinMembers?: Json[];
+  price?: number;
+  currency?: string;
+  duration_m?: number;
+  ageBottom?: number;
+  ageTop?: number;
+  location?: string;
+  avatar?: string;
+  memberId?: number;
+};
+
+// async function listEvents(): Promise<Event[]> {
+//   return prisma.event.findMany();
+// }
+
+// async function getEvent(eventId: number) {
+//   return prisma.event.findFirst({ where: { id: eventId } });
+// }
+
+// async function createNewEvent(createForm: CreateEvent) {
+//   return prisma.event.create({ data: createForm });
+// }
+
+// async function updateEvent(eventId: number, updateForm: UpdateEvent) {
+//   return prisma.event.update({
+//     where: { id: eventId },
+//     data: updateForm,
+//   });
+// }
+
+// async function deleteEvent(eventId: number) {
+//   return prisma.event.delete({ where: { id: eventId } });
+// }
+
+export {
+  listEvents,
+  // getEvent,
+  // updateEvent,
+  // deleteEvent,
+  // createNewEvent,
+};

03_source/cms_backend/src/app/services/eventItem.service.ts

@@ -0,0 +1,71 @@
+// src/app/services/event.service.ts
+//
+// PURPOSE:
+// - Service for handling Event records
+//
+// RULES:
+// - Follows same pattern as helloworld.service.ts
+//
+
+import type { EventItem } from '@prisma/client';
+
+import prisma from '../lib/prisma';
+
+type CreateEvent = {
+  eventDate: DateTime;
+  title: string;
+  joinMembers?: Json[];
+  price: number;
+  currency: string;
+  duration_m: number;
+  ageBottom: number;
+  ageTop: number;
+  location: string;
+  avatar?: string;
+  memberId?: number;
+};
+
+type UpdateEvent = {
+  eventDate?: DateTime;
+  title?: string;
+  joinMembers?: Json[];
+  price?: number;
+  currency?: string;
+  duration_m?: number;
+  ageBottom?: number;
+  ageTop?: number;
+  location?: string;
+  avatar?: string;
+  memberId?: number;
+};
+
+async function listEvents(): Promise<EventItem[]> {
+  return prisma.eventItem.findMany();
+}
+
+async function getEvent(eventId: string): Promise<EventItem | null> {
+  return prisma.eventItem.findFirst({ where: { id: eventId } });
+}
+
+// async function createNewEvent(createForm: CreateEvent) {
+//   return prisma.event.create({ data: createForm });
+// }
+
+// async function updateEvent(eventId: number, updateForm: UpdateEvent) {
+//   return prisma.event.update({
+//     where: { id: eventId },
+//     data: updateForm,
+//   });
+// }
+
+// async function deleteEvent(eventId: number) {
+//   return prisma.event.delete({ where: { id: eventId } });
+// }
+
+export {
+  getEvent,
+  listEvents,
+  // updateEvent,
+  // deleteEvent,
+  // createNewEvent,
+};

03_source/cms_backend/src/app/services/order.service.ts

@@ -0,0 +1,70 @@
+// src/app/services/order.service.ts
+//
+// PURPOSE:
+// - Handle Order Record CRUD operations
+// - Manage order status transitions
+// - Handle order-event relationships
+//
+
+import type { OrderItem } from '@prisma/client';
+
+import prisma from '../lib/prisma';
+
+type CreateOrderItem = {
+  orderNumber?: string;
+  // status?: string;
+  // eventIds?: number[];
+};
+
+type UpdateOrderItem = {
+  orderNumber?: string;
+  // status?: string;
+  // last_payment_date?: Date;
+  // eventIds?: number[];
+};
+
+async function listOrders(): Promise<OrderItem[]> {
+  return prisma.orderItem.findMany();
+}
+
+async function getOrder(orderId: string): Promise<OrderItem | null> {
+  return prisma.orderItem.findFirst({
+    where: { id: orderId },
+  });
+}
+
+async function createOrder(createForm: CreateOrderItem): Promise<OrderItem> {
+  return prisma.orderItem.create({
+    data: createForm,
+  });
+}
+
+async function updateOrder(orderId: string, updateForm: UpdateOrderItem): Promise<OrderItem> {
+  return prisma.orderItem.update({
+    where: { id: orderId },
+    data: updateForm,
+  });
+}
+
+async function deleteOrder(orderId: string): Promise<OrderItem> {
+  return prisma.orderItem.delete({
+    where: { id: orderId },
+  });
+}
+
+async function getOrdersByStatus(status: string): Promise<OrderItem[]> {
+  return prisma.orderItem.findMany({
+    where: { status },
+  });
+}
+
+export {
+  getOrder,
+  listOrders,
+  createOrder,
+  updateOrder,
+  deleteOrder,
+  getOrdersByStatus,
+  type CreateOrderItem as CreateOrder,
+  type UpdateOrderItem as UpdateOrder,
+};

03_source/cms_backend/src/app/services/product.service.ts

@@ -0,0 +1,114 @@
+// src/app/services/product.service.ts
+//
+// PURPOSE:
+// - Service for handling ProductItem Record
+//
+
+import type { ProductItem } from '@prisma/client';
+
+import prisma from '../lib/prisma';
+
+type CreateProduct = {
+  sku: string;
+  name: string;
+  // price: number;
+  // code?: string;
+  // taxes?: number;
+  // tags?: string[];
+  // sizes?: string[];
+  // gender?: string[];
+  // colors?: string[];
+  // category?: string;
+  // quantity?: number;
+  // available?: number;
+  // coverUrl?: string;
+  // images?: string[];
+  // description?: string;
+  // subDescription?: string;
+  // publish?: string;
+  // totalSold?: number;
+  // totalRatings?: number;
+  // totalReviews?: number;
+  // inventoryType?: string;
+  // ratings?: number[];
+  // reviews?: string[];
+  // result?: string;
+  // thanks?: string;
+};
+
+type UpdateProduct = {
+  sku?: string;
+  name?: string;
+  // price?: number;
+  // code?: string;
+  // taxes?: number;
+  // tags?: string[];
+  // sizes?: string[];
+  // gender?: string[];
+  // colors?: string[];
+  // category?: string;
+  // quantity?: number;
+  // available?: number;
+  // coverUrl?: string;
+  // images?: string[];
+  // description?: string;
+  // subDescription?: string;
+  // publish?: string;
+  // totalSold?: number;
+  // totalRatings?: number;
+  // totalReviews?: number;
+  // inventoryType?: string;
+  // ratings?: number[];
+  // reviews?: string[];
+  // result?: string;
+  // thanks?: string;
+};
+
+async function listProducts(): Promise<ProductItem[]> {
+  return prisma.productItem.findMany();
+}
+
+async function getProduct(productId: string): Promise<ProductItem | null> {
+  return prisma.productItem.findUnique({ where: { id: productId } });
+}
+
+async function createProduct(createForm: CreateProduct) {
+  //   return prisma.productItem.create({
+  //     data: {
+  //       ...createForm,
+  //       code: createForm.code || '',
+  //       taxes: createForm.taxes || 0,
+  //       tags: createForm.tags || [],
+  //       sizes: createForm.sizes || [],
+  //       gender: createForm.gender || [],
+  //       colors: createForm.colors || [],
+  //       category: createForm.category || '',
+  //       quantity: createForm.quantity || 0,
+  //       available: createForm.available || 0,
+  //       coverUrl: createForm.coverUrl || '',
+  //       images: createForm.images || [],
+  //       description: createForm.description || '',
+  //       subDescription: createForm.subDescription || '',
+  //       publish: createForm.publish || 'published',
+  //       totalSold: createForm.totalSold || 0,
+  //       totalRatings: createForm.totalRatings || 0,
+  //       totalReviews: createForm.totalReviews || 0,
+  //       inventoryType: createForm.inventoryType || '',
+  //       ratings: createForm.ratings || [],
+  //       reviews: createForm.reviews || [],
+  //     },
+  //   });
+}
+
+async function updateProduct(productId: string, updateForm: UpdateProduct) {
+  return prisma.productItem.update({
+    where: { id: productId },
+    data: updateForm,
+  });
+}
+
+async function deleteProduct(productId: string) {
+  return prisma.productItem.delete({ where: { id: productId } });
+}
+
+export { getProduct, listProducts, createProduct, updateProduct, deleteProduct, type CreateProduct, type UpdateProduct };

03_source/cms_backend/src/app/services/user.service.ts

@@ -0,0 +1,127 @@
+// src/app/services/user.service.ts
+//
+// PURPOSE:
+// - Handle User Record CRUD operations
+//
+// RULES:
+// - Follow Prisma best practices for database operations
+// - Validate input data before processing
+//
+
+import type { User } from '@prisma/client';
+
+import prisma from '../lib/prisma';
+
+type CreateUser = {
+  email: string;
+  // name?: string;
+  // password: string;
+  // role?: Role;
+  // isEmailVerified?: boolean;
+  // admin?: boolean;
+};
+
+type UpdateUser = {
+  email?: string;
+  // name?: string;
+  // password?: string;
+  // role?: Role;
+  // isEmailVerified?: boolean;
+  isAdmin?: boolean;
+};
+
+// async function listUsers(): Promise<UserItem[]> {
+//   return prisma.userItem.findMany();
+// }
+
+// async function getUserItem(userId: string): Promise<UserItem | null> {
+//   return prisma.userItem.findFirst({ where: { id: userId } });
+// }
+
+// async function updateUser(userId: string, updateForm: UpdateUser): Promise<User> {
+//   return prisma.userItem.update({
+//     where: { id: userId },
+//     data: updateForm,
+//   });
+// }
+
+// // check if userId is a admin
+// // check if userId is a admin
+// async function isAdmin(userId: string): Promise<boolean> {
+//   const user = await getUserItem(userId);
+//   return user?.isAdmin === true;
+// }
+
+// async function changeToAdmin(userIdToPromote: string, userIdOfApplicant: string) {
+//   // check the applicant is admin or not
+//   const userApplicant = await getUserItem(userIdOfApplicant);
+//   let promoteResult = {};
+
+//   if (userApplicant && userApplicant.isAdmin) {
+//     // applicant is an admin
+//     promoteResult = await updateUser(userIdToPromote, { isAdmin: true });
+//   } else {
+//     promoteResult = { status: 'failed', message: 'applicant is not a admin' };
+//   }
+
+//   return promoteResult;
+// }
+
+// async function changeToUser(userIdToPromote: string, userIdOfApplicant: string) {
+//   // check the applicant is admin or not
+//   const userApplicant = await getUserItem(userIdOfApplicant);
+//   let promoteResult = {};
+
+//   if (userApplicant && userApplicant.isAdmin) {
+//     // applicant is an admin
+//     promoteResult = await updateUser(userIdToPromote, { isAdmin: false });
+//   } else {
+//     promoteResult = { status: 'failed', message: 'applicant is not a admin' };
+//   }
+
+//   return promoteResult;
+// }
+
+async function getUserById(id: string): Promise<User | null> {
+  return prisma.user.findFirst({ where: { id } });
+}
+
+// async function getUserByEmail(email: string): Promise<void> {
+//   //   return prisma.userItem.findUnique({
+//   //     where: { email },
+//   //     include: {
+//   //       Token: true,
+//   //     },
+//   //   });
+// }
+
+// async function createNewUser(createForm: CreateUser): Promise<void> {
+//   //   return prisma.userItem.create({
+//   //     data: {
+//   //       email: createForm.email,
+//   //       name: createForm.name,
+//   //       password: createForm.password,
+//   //       role: createForm.role || 'USER',
+//   //       isEmailVerified: createForm.isEmailVerified || false,
+//   //     },
+//   //   });
+// }
+
+// async function deleteUser(userId: number): Promise<void> {
+//   //   return prisma.userItem.delete({ where: { id: userId } });
+// }
+
+export {
+  // getUser,
+  getUserById,
+  // isAdmin,
+  // listUsers,
+  // updateUser,
+  // deleteUser,
+  // changeToUser,
+  // createNewUser,
+  // changeToAdmin,
+  // getUserByEmail,
+  // type CreateUser,
+  // type UpdateUser,
+};

03_source/cms_backend/src/app/services/userItem.service.ts

@@ -0,0 +1,127 @@
+// src/app/services/user.service.ts
+//
+// PURPOSE:
+// - Handle User Record CRUD operations
+//
+// RULES:
+// - Follow Prisma best practices for database operations
+// - Validate input data before processing
+//
+
+import type { UserItem } from '@prisma/client';
+
+import prisma from '../lib/prisma';
+
+type CreateUser = {
+  email: string;
+  // name?: string;
+  // password: string;
+  // role?: Role;
+  // isEmailVerified?: boolean;
+  // admin?: boolean;
+};
+
+type UpdateUser = {
+  email?: string;
+  // name?: string;
+  // password?: string;
+  // role?: Role;
+  // isEmailVerified?: boolean;
+  isAdmin?: boolean;
+};
+
+async function listUsers(): Promise<UserItem[]> {
+  return prisma.userItem.findMany();
+}
+
+async function getUserItem(userId: string): Promise<UserItem | null> {
+  return prisma.userItem.findFirst({ where: { id: userId } });
+}
+
+async function updateUser(userId: string, updateForm: UpdateUser): Promise<User> {
+  return prisma.userItem.update({
+    where: { id: userId },
+    data: updateForm,
+  });
+}
+
+// check if userId is a admin
+// check if userId is a admin
+async function isAdmin(userId: string): Promise<boolean> {
+  const user = await getUserItem(userId);
+  return user?.isAdmin === true;
+}
+
+async function changeToAdmin(userIdToPromote: string, userIdOfApplicant: string) {
+  // check the applicant is admin or not
+  const userApplicant = await getUserItem(userIdOfApplicant);
+  let promoteResult = {};
+
+  if (userApplicant && userApplicant.isAdmin) {
+    // applicant is an admin
+    promoteResult = await updateUser(userIdToPromote, { isAdmin: true });
+  } else {
+    promoteResult = { status: 'failed', message: 'applicant is not a admin' };
+  }
+
+  return promoteResult;
+}
+
+async function changeToUser(userIdToPromote: string, userIdOfApplicant: string) {
+  // check the applicant is admin or not
+  const userApplicant = await getUserItem(userIdOfApplicant);
+  let promoteResult = {};
+
+  if (userApplicant && userApplicant.isAdmin) {
+    // applicant is an admin
+    promoteResult = await updateUser(userIdToPromote, { isAdmin: false });
+  } else {
+    promoteResult = { status: 'failed', message: 'applicant is not a admin' };
+  }
+
+  return promoteResult;
+}
+
+async function getUserById1(id: string): Promise<UserItem | null> {
+  return prisma.userItem.findFirst({ where: { id } });
+}
+
+async function getUserByEmail(email: string): Promise<void> {
+  //   return prisma.userItem.findUnique({
+  //     where: { email },
+  //     include: {
+  //       Token: true,
+  //     },
+  //   });
+}
+
+async function createNewUser(createForm: CreateUser): Promise<void> {
+  //   return prisma.userItem.create({
+  //     data: {
+  //       email: createForm.email,
+  //       name: createForm.name,
+  //       password: createForm.password,
+  //       role: createForm.role || 'USER',
+  //       isEmailVerified: createForm.isEmailVerified || false,
+  //     },
+  //   });
+}
+
+async function deleteUser(userId: number): Promise<void> {
+  //   return prisma.userItem.delete({ where: { id: userId } });
+}
+
+export {
+  // getUser,
+  isAdmin,
+  listUsers,
+  updateUser,
+  deleteUser,
+  getUserById,
+  changeToUser,
+  createNewUser,
+  changeToAdmin,
+  getUserByEmail,
+  type CreateUser,
+  type UpdateUser,
+};

03_source/cms_backend/src/constants.ts

@@ -0,0 +1,7 @@
+const L_ERROR = 0;
+const L_WARN = 1;
+const L_INFO = 2;
+const L_DEBUG = 3;
+const L_TRACE = 4;
+
+export { L_WARN, L_INFO, L_ERROR, L_DEBUG, L_TRACE };

03_source/cms_backend/src/utils/jwt.ts

@@ -12,11 +12,7 @@ type Token = {
  * SignJWT
  * https://github.com/panva/jose/blob/main/docs/classes/jwt_sign.SignJWT.md
  */
-export async function sign(
-  payload: Token,
-  secret: string,
-  options: { expiresIn: string | number }
-): Promise<string> {
+export async function sign(payload: Token, secret: string, options: { expiresIn: string | number }): Promise<string> {
   const iat = Math.floor(Date.now() / 1000);
 
   return new SignJWT({ ...payload })

03_source/cms_backend/src/utils/response.ts

@@ -7,7 +7,7 @@ export const STATUS = {
   UNAUTHORIZED: 401,
 };
 
-export function response(data: string | Record<string, unknown>, status: number): Response {
+export function response(data: string | Record<string, unknown> | Record<string, unknown>[], status: number): Response {
   const value = typeof data === 'string' ? data : JSON.stringify(data);
 
   return new Response(value, {

03_source/frontend/dev.sh

@@ -1,7 +1,11 @@
 #!/usr/bin/env bash
 
+yarn --dev
+
 while true; do
-  yarn --dev
+
+  # yarn tsc:print
+  yarn lint:print
 
   yarn dev --force --clearScreen
 

03_source/frontend/package.json

@@ -105,6 +105,7 @@
     "react-organizational-chart": "^2.2.1",
     "react-phone-number-input": "^3.4.12",
     "react-router": "^7.4.1",
+    "react-use": "^17.6.0",
     "rehype-highlight": "^7.0.2",
     "rehype-raw": "^7.0.0",
     "remark-gfm": "^4.0.1",

03_source/frontend/src/actions/invoice.ts

@@ -1,7 +1,7 @@
 // src/actions/invoice.ts
 import { useMemo } from 'react';
 import axiosInstance, { endpoints, fetcher } from 'src/lib/axios';
-import type { IInvoiceItem } from 'src/types/invoice';
+import type { IInvoiceItem, SaveInvoiceData } from 'src/types/invoice';
 import type { SWRConfiguration } from 'swr';
 import useSWR from 'swr';
 
@@ -97,7 +97,7 @@ export function useSearchInvoices(query: string) {
 
 // ----------------------------------------------------------------------
 
-type SaveInvoiceData = IInvoiceItem;
+// type SaveInvoiceData = IInvoiceItem;
 
 export async function saveInvoice(invoiceId: string, saveInvoiceData: SaveInvoiceData) {
   const url = endpoints.invoice.saveInvoice(invoiceId);

03_source/frontend/src/actions/product.ts

@@ -99,6 +99,7 @@ export function useSearchProducts(query: string) {
 
 type SaveProductData = {
   // id: string;
+
   sku: string;
   name: string;
   code: string;

03_source/frontend/src/auth/context/jwt/action.ts

@@ -17,6 +17,8 @@ export type SignUpParams = {
   lastName: string;
 };
 
+const ERR_ACCESS_TOKEN_NOT_FOUND = `Access token not found in response`;
+
 /** **************************************
  * Sign in
  *************************************** */
@@ -29,7 +31,7 @@ export const signInWithPassword = async ({ email, password }: SignInParams): Pro
     const { accessToken } = res.data;
 
     if (!accessToken) {
-      throw new Error('Access token not found in response');
+      throw new Error(ERR_ACCESS_TOKEN_NOT_FOUND);
     }
 
     setSession(accessToken);

03_source/frontend/src/auth/context/jwt/utils.ts

@@ -69,6 +69,8 @@ export function tokenExpired(exp: number) {
 
 // ----------------------------------------------------------------------
 
+const INVALID_ACCESS_TOKEN = 'Invalid access token!';
+
 export async function setSession(accessToken: string | null) {
   try {
     if (accessToken) {
@@ -81,7 +83,7 @@ export async function setSession(accessToken: string | null) {
       if (decodedToken && 'exp' in decodedToken) {
         tokenExpired(decodedToken.exp);
       } else {
-        throw new Error('Invalid access token!');
+        throw new Error(INVALID_ACCESS_TOKEN);
       }
     } else {
       sessionStorage.removeItem(JWT_STORAGE_KEY);

03_source/frontend/src/pages/dashboard/user/edit.tsx

@@ -11,7 +11,7 @@ const metadata = { title: `User edit | Dashboard - ${CONFIG.appName}` };
 export default function Page() {
   const { id = '' } = useParams();
 
-  // TODO: remove me
+  // TODO: remove unused code
   // const currentUser = _userList.find((user) => user.id === id);
   const { user } = useGetUser(id);
 

03_source/frontend/src/sections/calendar/calendar-toolbar.tsx

@@ -106,7 +106,8 @@ export function CalendarToolbar({
             <Iconify icon="eva:arrow-ios-back-fill" />
           </IconButton>
 
-          <Typography variant="h6">{date}</Typography>
+          {/* FIXME: no raw json output in html  */}
+          <Typography variant="h6">{JSON.stringify({ date })}</Typography>
 
           <IconButton onClick={onNextDate}>
             <Iconify icon="eva:arrow-ios-forward-fill" />

03_source/frontend/src/sections/invoice/invoice-details.tsx

@@ -37,19 +37,22 @@ export function InvoiceDetails({ invoice }: Props) {
   const { t } = useTranslation();
   const [currentStatus, setCurrentStatus] = useState(invoice?.status);
 
-  const handleChangeStatus = useCallback((event: React.ChangeEvent<HTMLInputElement>) => {
-    // setCurrentStatus(event.target.value);
+  const handleChangeStatus = useCallback(
+    (event: React.ChangeEvent<HTMLInputElement | HTMLTextAreaElement>) => {
+      // setCurrentStatus(event.target.value);
 
-    try {
-      changeStatus(invoice.id, event.target.value);
-      setCurrentStatus(event.target.value);
+      try {
+        changeStatus(invoice.id, event.target.value);
+        setCurrentStatus(event.target.value);
 
-      toast.success('status changed!');
-    } catch (error) {
-      console.error(error);
-      toast.warning('error during changing status');
-    }
-  }, []);
+        toast.success('status changed!');
+      } catch (error) {
+        console.error(error);
+        toast.warning('error during changing status');
+      }
+    },
+    []
+  );
 
   const renderFooter = () => (
     <Box

03_source/frontend/src/sections/invoice/invoice-new-edit-details.tsx

@@ -1,4 +1,4 @@
-import type { IInvoiceItem } from 'src/types/invoice';
+import type { IInvoiceItem, IInvoiceItemItem } from 'src/types/invoice';
 
 import { sumBy } from 'es-toolkit';
 import { useEffect, useCallback } from 'react';
@@ -22,7 +22,7 @@ import { InvoiceTotalSummary } from './invoice-total-summary';
 
 // ----------------------------------------------------------------------
 
-export const defaultItem: Omit<IInvoiceItem, 'id'> = {
+export const defaultItem: Omit<IInvoiceItemItem, 'id'> = {
   title: '',
   description: '',
   service: INVOICE_SERVICE_OPTIONS[0].name,
@@ -50,7 +50,7 @@ export function InvoiceNewEditDetails() {
   const discount = getValues('discount');
   const shipping = getValues('shipping');
 
-  const subtotal = sumBy(items, (item: IInvoiceItem) => item.quantity * item.price);
+  const subtotal = sumBy(items, (item: IInvoiceItemItem) => item.quantity * item.price);
   const subtotalWithTax = subtotal + subtotal * (taxes / 100);
   const totalAmount = subtotalWithTax - discount - shipping;
 

03_source/frontend/src/sections/invoice/invoice-new-edit-form.tsx

@@ -81,6 +81,8 @@ export function InvoiceNewEditForm({ currentInvoice }: Props) {
   const loadingSend = useBoolean();
 
   const defaultValues: NewInvoiceSchemaType = {
+    id: '',
+    sent: 0,
     invoiceNumber: 'INV-1990',
     createDate: today(),
     dueDate: null,
@@ -129,6 +131,8 @@ export function InvoiceNewEditForm({ currentInvoice }: Props) {
 
     try {
       if (currentInvoice) {
+        data.dueDate = '2029-01-01';
+
         await saveInvoice(currentInvoice.id, data);
       }
 

03_source/frontend/src/sections/invoice/invoice-toolbar.tsx

@@ -27,7 +27,7 @@ type Props = {
   invoice?: IInvoiceItem;
   currentStatus: string;
   statusOptions: { value: string; label: string }[];
-  onChangeStatus: (event: React.ChangeEvent<HTMLInputElement>) => void;
+  onChangeStatus: (event: React.ChangeEvent<HTMLInputElement | HTMLTextAreaElement>) => void;
 };
 
 export function InvoiceToolbar({ invoice, currentStatus, statusOptions, onChangeStatus }: Props) {

03_source/frontend/src/types/common.ts

@@ -19,7 +19,7 @@ export type IAddressItem = {
   addressType?: string;
 };
 
-export type IDateValue = string | number | null;
+export type IDateValue = string | number | Date | null;
 
 export type IDatePickerControl = Dayjs | null;
 

03_source/frontend/src/types/invoice.ts

@@ -13,15 +13,16 @@ export type IInvoiceTableFilters = {
 export type IInvoiceItemItem = {
   id: string;
   title: string;
+  service: string;
   price: number;
   total: number;
-  service: string;
   quantity: number;
   description: string;
 };
 
 export type IInvoiceItem = {
   id: string;
+
   sent: number;
   taxes: number;
   status: string;
@@ -36,3 +37,26 @@ export type IInvoiceItem = {
   invoiceTo: IAddressItem;
   invoiceFrom: IAddressItem;
 };
+
+export type SaveInvoiceData = {
+  sent: number;
+  taxes: number;
+  status: string;
+  subtotal: number;
+  discount: number;
+  shipping: number;
+  totalAmount: number;
+  dueDate: IDateValue;
+  invoiceNumber: string;
+  items: {
+    title: string;
+    service: string;
+    price: number;
+    total: number;
+    quantity: number;
+    description: string;
+  }[];
+  createDate: IDateValue;
+  invoiceTo: IAddressItem | null;
+  invoiceFrom: IAddressItem | null;
+};