update profile example,

03_source/cms_backend/package.json

@@ -27,8 +27,9 @@
     "unseed": "tsx ./prisma/unseed.ts",
     "db:generate": "prisma generate",
     "db:push": "prisma db push --force-reset",
-    "db:push:w": "npx nodemon --delay 5 --ext \"ts,tsx,prisma\" --exec \"yarn db:push && yarn seed && yarn db:studio\"",
-    "db:studio": "prisma studio"
+    "db:push:w": "npx nodemon --delay 1 --watch prisma --ext \"ts,tsx,prisma\" --exec \"yarn db:push && yarn seed\"",
+    "db:studio": "prisma studio",
+    "db:studio:w": "npx nodemon --delay 1 --watch prisma --ext \"prisma\" --exec \"yarn db:studio\""
   },
   "engines": {
     "node": ">=20"
@@ -37,6 +38,7 @@
   "dependencies": {
     "@emotion/react": "^11.14.0",
     "@emotion/styled": "^11.14.0",
+    "@faker-js/faker": "^9.8.0",
     "@mui/material": "^6.4.8",
     "@next-auth/prisma-adapter": "^1.0.7",
     "@prisma/adapter-pg": "^6.8.2",
@@ -75,4 +77,4 @@
     "typescript": "^5.8.2",
     "typescript-eslint": "^8.28.0"
   }
-}
+}

03_source/cms_backend/prisma/schema.prisma

@@ -46,6 +46,9 @@ model Session {
 
 model User {
   id            String    @id @default(cuid())
+  createdAt     DateTime  @default(now())
+  updatedAt     DateTime  @updatedAt
+  //
   name          String?
   username      String?   @unique
   email         String    @unique
@@ -54,8 +57,6 @@ model User {
   image         String?
   bucketImage   String?
   admin         Boolean   @default(false)
-  createdAt     DateTime  @default(now())
-  updatedAt     DateTime  @updatedAt
   accounts      Account[]
   sessions      Session[]
   info          Json?
@@ -70,6 +71,18 @@ model VerificationToken {
   @@unique([identifier, token])
 }
 
+model Student {
+  id        Int      @id @default(autoincrement())
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+  //
+  email     String   @unique
+  metadata  Json     @default("{}")
+}
+
+// ----------------------------------------------------------------
+// frontend/src/_mock/_user.ts
+
 // ----------------------------------------------------------------
 
 // REQ0044/near_by_page
@@ -99,6 +112,9 @@ model Member {
   music             String[] @default([])
   pets              String[] @default([])
   character         String[] @default([])
+  //
+  avatar            String   @default("")
+  sex               String   @default("")
 }
 
 model Order {
@@ -118,7 +134,7 @@ model Event {
   id          Int      @id @default(autoincrement())
   eventDate   DateTime
   title       String
-  joinMembers Member[] // Assuming Member model exists
+  joinMembers Json[] // Assuming Member model exists
   price       Float
   currency    String
   duration_m  Int
@@ -127,6 +143,8 @@ model Event {
   location    String
   avatar      String // Assuming avatar is stored as a file path or URL
   Order       Order[]
+  Member      Member?  @relation(fields: [memberId], references: [id])
+  memberId    Int?
 }
 
 // cms_backend
@@ -266,85 +284,85 @@ model Mail {
   // attachments  MailAttachment[]
 }
 
-model OrderHistory {
-  id             Int        @id @default(autoincrement())
-  createdAt      DateTime   @default(now())
-  updatedAt      DateTime   @updatedAt
-  //
-  orderTime      DateTime
-  paymentTime    DateTime
-  deliveryTime   DateTime
-  completionTime DateTime
-  timeline       Json[]
-  OrderItem      OrderItem? @relation(fields: [orderItemId], references: [id])
-  orderItemId    Int?
-}
+// model OrderHistory {
+//   id             Int        @id @default(autoincrement())
+//   createdAt      DateTime   @default(now())
+//   updatedAt      DateTime   @updatedAt
+//   //
+//   orderTime      DateTime   @default(now())
+//   paymentTime    DateTime
+//   deliveryTime   DateTime
+//   completionTime DateTime
+//   timeline       Json[]
+//   OrderItem      OrderItem? @relation(fields: [orderItemId], references: [id])
+//   orderItemId    Int?
+// }
 
-model OrderShippingAddress {
-  id          Int        @id @default(autoincrement())
-  createdAt   DateTime   @default(now())
-  updatedAt   DateTime   @updatedAt
-  //
-  fullAddress String
-  phoneNumber String
-  OrderItem   OrderItem? @relation(fields: [orderItemId], references: [id])
-  orderItemId Int?
-}
+// model OrderShippingAddress {
+//   id          Int        @id @default(autoincrement())
+//   createdAt   DateTime   @default(now())
+//   updatedAt   DateTime   @updatedAt
+//   //
+//   fullAddress String
+//   phoneNumber String
+//   OrderItem   OrderItem? @relation(fields: [orderItemId], references: [id])
+//   orderItemId Int?
+// }
 
-model OrderPayment {
-  id          Int        @id @default(autoincrement())
-  createdAt   DateTime   @default(now())
-  updatedAt   DateTime   @updatedAt
-  //
-  cardType    String
-  cardNumber  String
-  OrderItem   OrderItem? @relation(fields: [orderItemId], references: [id])
-  orderItemId Int?
-}
+// model OrderPayment {
+//   id          Int        @id @default(autoincrement())
+//   createdAt   DateTime   @default(now())
+//   updatedAt   DateTime   @updatedAt
+//   //
+//   cardType    String
+//   cardNumber  String
+//   OrderItem   OrderItem? @relation(fields: [orderItemId], references: [id])
+//   orderItemId Int?
+// }
 
-model OrderDelivery {
-  id             Int        @id @default(autoincrement())
-  createdAt      DateTime   @default(now())
-  updatedAt      DateTime   @updatedAt
-  //
-  shipBy         String
-  speedy         String
-  trackingNumber String
-  OrderItem      OrderItem? @relation(fields: [orderItemId], references: [id])
-  orderItemId    Int?
-}
+// model OrderDelivery {
+//   id             Int        @id @default(autoincrement())
+//   createdAt      DateTime   @default(now())
+//   updatedAt      DateTime   @updatedAt
+//   //
+//   shipBy         String
+//   speedy         String
+//   trackingNumber String
+//   OrderItem      OrderItem? @relation(fields: [orderItemId], references: [id])
+//   orderItemId    Int?
+// }
 
-model OrderCustomer {
-  id          Int        @id @default(autoincrement())
-  createdAt   DateTime   @default(now())
-  updatedAt   DateTime   @updatedAt
-  //
-  name        String
-  email       String
-  avatarUrl   String
-  ipAddress   String
-  OrderItem   OrderItem? @relation(fields: [orderItemId], references: [id])
-  orderItemId Int?
-}
+// model OrderCustomer {
+//   id          Int        @id @default(autoincrement())
+//   createdAt   DateTime   @default(now())
+//   updatedAt   DateTime   @updatedAt
+//   //
+//   name        String
+//   email       String
+//   avatarUrl   String
+//   ipAddress   String
+//   OrderItem   OrderItem? @relation(fields: [orderItemId], references: [id])
+//   orderItemId Int?
+// }
 
-model OrderProductItem {
-  id          Int        @id @default(autoincrement())
-  createdAt   DateTime   @default(now())
-  updatedAt   DateTime   @updatedAt
-  //
-  sku         String
-  name        String
-  price       Float
-  coverUrl    String
-  quantity    Float
-  OrderItem   OrderItem? @relation(fields: [orderItemId], references: [id])
-  orderItemId Int?
-}
+// model OrderProductItem {
+//   id          Int        @id @default(autoincrement())
+//   createdAt   DateTime   @default(now())
+//   updatedAt   DateTime   @updatedAt
+//   //
+//   sku         String
+//   name        String
+//   price       Float
+//   coverUrl    String
+//   quantity    Float
+//   OrderItem   OrderItem? @relation(fields: [orderItemId], references: [id])
+//   orderItemId Int?
+// }
 
 model OrderItem {
-  id              Int                    @id @default(autoincrement())
-  createdAt       DateTime               @default(now())
-  updatedAt       DateTime               @updatedAt
+  id              String   @id @default(uuid())
+  createdAt       DateTime @default(now())
+  updatedAt       DateTime @updatedAt
   //
   taxes           Float
   status          String
@@ -354,12 +372,18 @@ model OrderItem {
   orderNumber     String
   totalAmount     Float
   totalQuantity   Float
-  history         OrderHistory[]
-  payment         OrderPayment[]
-  customer        OrderCustomer[]
-  delivery        OrderDelivery[]
-  items           OrderProductItem[]
-  shippingAddress OrderShippingAddress[]
+  history         Json
+  payment         Json
+  customer        Json
+  delivery        Json
+  items           Json[]
+  shippingAddress Json
+  // OrderProductItem     OrderProductItem[]
+  // OrderHistory         OrderHistory[]
+  // OrderDelivery        OrderDelivery[]
+  // OrderCustomer        OrderCustomer[]
+  // OrderPayment         OrderPayment[]
+  // OrderShippingAddress OrderShippingAddress[]
 }
 
 // src/types/tour.ts
@@ -510,8 +534,9 @@ model UserCard {
   totalFollowing Float
 }
 
+// `UserItem` obsoleted, use `UserMeta` instead
 model UserItem {
-  id          Int      @id @default(autoincrement())
+  id          String   @id @default(uuid())
   createdAt   DateTime @default(now())
   updatedAt   DateTime @updatedAt
   //
@@ -528,6 +553,36 @@ model UserItem {
   avatarUrl   String
   phoneNumber String
   isVerified  Boolean
+  //
+  username    String
+  password    String
+  //
+  isAdmin     Boolean  @default(false)
+}
+
+model UserMeta {
+  id          String   @id @default(uuid())
+  createdAt   DateTime @default(now())
+  updatedAt   DateTime @updatedAt
+  //
+  name        String
+  city        String
+  role        String
+  email       String
+  state       String
+  status      String
+  address     String
+  country     String
+  zipCode     String
+  company     String
+  avatarUrl   String
+  phoneNumber String
+  isVerified  Boolean
+  //
+  username    String
+  password    String
+  //
+  isAdmin     Boolean  @default(false)
 }
 
 model UserAccountBillingHistory {
@@ -777,8 +832,8 @@ model AddressItem {
   addressType     String?
   CheckoutState   CheckoutState[]
   checkoutStateId Int?
-  InvoiceTo       Invoice[]       @relation("invoice_to")
-  InvoiceFrom     Invoice[]       @relation("invoice_from")
+  // InvoiceTo       Invoice[]       @relation("invoice_to")
+  // InvoiceFrom     Invoice[]       @relation("invoice_from")
 }
 
 model SocialLink {
@@ -878,40 +933,45 @@ model InvoiceTableFilters {
 }
 
 model InvoiceItem {
-  id          Int      @id @default(autoincrement())
-  createdAt   DateTime @default(now())
-  updatedAt   DateTime @updatedAt
+  id            String   @id @default(uuid())
+  createdAt     DateTime @default(now())
+  updatedAt     DateTime @updatedAt
   //
-  title       String
-  price       Float
-  total       Float
-  service     String
-  quantity    Int
-  description String
-  Invoice     Invoice? @relation(fields: [invoiceId], references: [id])
-  invoiceId   Int?
-}
-
-model Invoice {
-  id            Int           @id @default(autoincrement())
-  createdAt     DateTime      @default(now())
-  updatedAt     DateTime      @updatedAt
-  //
-  sent          Int
   taxes         Float
   status        String
-  subtotal      Float
   discount      Float
   shipping      Float
+  subtotal      Float
   totalAmount   Float
-  dueDate       DateTime
+  items         Json[]
   invoiceNumber String
-  items         InvoiceItem[]
-  createDate    DateTime
-  invoiceTo     AddressItem[] @relation("invoice_to")
-  invoiceFrom   AddressItem[] @relation("invoice_from")
+  invoiceFrom   Json
+  invoiceTo     Json
+  sent          Float
+  dueDate       DateTime @default(now())
+  createDate    DateTime @default(now())
 }
 
+// model Invoice {
+//   id            Int           @id @default(autoincrement())
+//   createdAt     DateTime      @default(now())
+//   updatedAt     DateTime      @updatedAt
+//   //
+//   sent          Int
+//   taxes         Float
+//   status        String
+//   subtotal      Float
+//   discount      Float
+//   shipping      Float
+//   totalAmount   Float
+//   dueDate       DateTime
+//   invoiceNumber String
+//   items         InvoiceItem[]
+//   createDate    DateTime
+//   invoiceTo     AddressItem[] @relation("invoice_to")
+//   invoiceFrom   AddressItem[] @relation("invoice_from")
+// }
+
 // job.ts
 model JobFilters {
   id        Int      @id @default(autoincrement())
@@ -1064,3 +1124,96 @@ model Kanban {
   columns   KanbanColumn[]
   tasks     KanbanTask[]
 }
+
+// mapped to IEventReview
+model EventReview {
+  id          String     @id @default(uuid())
+  createdAt   DateTime   @default(now())
+  updatedAt   DateTime   @updatedAt
+  //
+  name        String
+  rating      Float
+  comment     String
+  helpful     Float
+  avatarUrl   String
+  postedAt    DateTime   @default(now()) // Assuming IDateValue maps to DateTime
+  isPurchased Boolean
+  attachments String[]
+  //
+  EventItem   EventItem? @relation(fields: [eventItemId], references: [id])
+  eventItemId String?
+}
+
+// mapped to IEventItem
+model EventItem {
+  id             String        @id @default(uuid())
+  createdAt      DateTime      @default(now())
+  updatedAt      DateTime      @updatedAt
+  //
+  sku            String
+  name           String
+  code           String
+  price          Float
+  taxes          Float
+  tags           String[]
+  sizes          String[]
+  publish        String
+  gender         String[]
+  coverUrl       String
+  images         String[]
+  colors         String[]
+  quantity       Int
+  category       String
+  available      Int
+  totalSold      Int
+  description    String
+  totalRatings   Float
+  totalReviews   Int
+  inventoryType  String
+  subDescription String
+  priceSale      Float?
+  newLabel       Json
+  saleLabel      Json
+  ratings        Json[]
+  //
+  eventDate      DateTime      @default(now())
+  joinMembers    Json[]
+  title          String
+  currency       String
+  duration_m     Float
+  ageBottom      Float
+  ageTop         Float
+  location       String
+  avatar         String[]
+  //
+  reviews        EventReview[]
+}
+
+model AppLog {
+  id        String   @id @default(uuid())
+  timestamp DateTime @default(now())
+  //
+  level     Int?     @default(1)
+  message   String?  @default("")
+  //
+  module    String?
+  userId    String?
+  metadata  Json?
+
+  @@index([timestamp])
+  @@index([level])
+  @@index([module])
+}
+
+model AccessLog {
+  id        String   @id @default(uuid())
+  timestamp DateTime @default(now())
+  //
+  userId    String?  @default("")
+  message   String?  @default("")
+  //
+  metadata  Json?
+
+  @@index([timestamp])
+  @@index([userId])
+}

03_source/cms_backend/prisma/seed.ts

@@ -22,6 +22,16 @@ import { userSeed } from './seeds/user';
 import { ProductReview } from './seeds/productReview';
 import { ProductItem } from './seeds/productItem';
 import { FileStore } from './seeds/fileStore';
+import { userItemSeed } from './seeds/userItem';
+import { orderItemSeed } from './seeds/orderItem';
+import { invoiceItemSeed } from './seeds/invoiceItem';
+//
+import { EventItemSeed } from './seeds/eventItem';
+import { EventReviewSeed } from './seeds/eventReview';
+import { appLogSeed } from './seeds/AppLog';
+import { accessLogSeed } from './seeds/AccessLog';
+import { userMetaSeed } from './seeds/userMeta';
+
 //
 // import { Blog } from './seeds/blog';
 // import { Mail } from './seeds/mail';
@@ -37,8 +47,22 @@ import { FileStore } from './seeds/fileStore';
   await ProductReview;
   await FileStore;
   await ProductItem;
+
+  await userItemSeed;
+  await userMetaSeed;
+
+  await orderItemSeed;
+  await invoiceItemSeed;
+  //
+  await EventReviewSeed;
+  await EventItemSeed;
+  //
+  await appLogSeed;
+  await accessLogSeed;
+
   // await Blog;
   // await Mail;
   // await File;
   // await Chat;
+  console.log('seed done');
 })();

03_source/cms_backend/prisma/seeds/AccessLog.ts

@@ -0,0 +1,36 @@
+import { PrismaClient } from '@prisma/client';
+import { format, parseISO } from 'date-fns';
+
+const L_ERROR = 0;
+const L_WARN = 1;
+const L_INFO = 2;
+const L_DEBUG = 3;
+const L_TRACE = 4;
+
+const prisma = new PrismaClient();
+
+async function accessLog() {
+  await prisma.accessLog.upsert({
+    where: { id: '0' },
+    update: {},
+    create: {
+      userId: '0',
+      message: 'helloworld',
+      metadata: { hello: 'world' },
+    },
+  });
+
+  console.log('seed AccessLog done');
+}
+
+const accessLogSeed = accessLog()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { accessLogSeed };

03_source/cms_backend/prisma/seeds/AppLog.ts

@@ -0,0 +1,71 @@
+import { PrismaClient } from '@prisma/client';
+import { format, parseISO } from 'date-fns';
+
+const L_ERROR = 0;
+const L_WARN = 1;
+const L_INFO = 2;
+const L_DEBUG = 3;
+const L_TRACE = 4;
+
+const prisma = new PrismaClient();
+
+async function appLog() {
+  await prisma.appLog.upsert({
+    where: { id: '0' },
+    update: {},
+    create: {
+      message: 'helloworld',
+      level: L_ERROR,
+    },
+  });
+
+  await prisma.appLog.upsert({
+    where: { id: '1' },
+    update: {},
+    create: {
+      message: 'warning message',
+      level: L_WARN,
+    },
+  });
+
+  await prisma.appLog.upsert({
+    where: { id: '2' },
+    update: {},
+    create: {
+      message: 'info message',
+      level: L_INFO,
+    },
+  });
+
+  await prisma.appLog.upsert({
+    where: { id: '3' },
+    update: {},
+    create: {
+      message: 'debug message',
+      level: L_DEBUG,
+    },
+  });
+
+  await prisma.appLog.upsert({
+    where: { id: '4' },
+    update: {},
+    create: {
+      message: 'trace message',
+      level: L_TRACE,
+    },
+  });
+
+  console.log('seed AppLog done');
+}
+
+const appLogSeed = appLog()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { appLogSeed };

03_source/cms_backend/prisma/seeds/Member.ts

@@ -2,12 +2,43 @@ import { PrismaClient } from '@prisma/client';
 const prisma = new PrismaClient();
 
 async function member() {
-  for (let i = 0; i < 100; i++) {
+  [
+    {
+      email: 'tom@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1671656349322-41de944d259b`,
+      sex: 'M',
+    },
+    {
+      email: 'may@exampl.com',
+      avatar: `https://images.unsplash.com/photo-1522075469751-3a6694fb2f61`,
+      sex: 'F',
+    },
+    {
+      email: 'june@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1723867331866-e112500178a4`,
+      sex: 'M',
+    },
+    {
+      email: 'april@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1682089894837-e01e5cb8e471`,
+      sex: 'F',
+    },
+    {
+      email: 'susan@exampl.com',
+      avatar: `https://images.unsplash.com/photo-1485893086445-ed75865251e0`,
+      sex: 'M',
+    },
+    {
+      email: 'peter@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1722945763962-305a5a769cc8`,
+      sex: 'F',
+    },
+  ].forEach(async (m, i) => {
     const john = await prisma.member.upsert({
-      where: { email: `member${i}@example.com` },
+      where: { email: m.email },
       update: {},
       create: {
-        email: `member${i}@example.com`,
+        email: m.email,
         name: `member_${i}`,
         age: 20 + i,
         rank: i % 2 ? 'VIP' : 'NON_VIP',
@@ -25,11 +56,42 @@ async function member() {
         self_introduction: 'Get me know me before you love me. Get me know me before you love me.',
         music: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic'],
         pets: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic'],
-        character: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic']
-      }
+        character: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic'],
+        avatar: m.avatar,
+        sex: m.sex,
+      },
+    });
+  });
+
+  for (let i = 0; i < 3; i++) {
+    const john = await prisma.member.upsert({
+      where: { email: `member${i}@example.com` },
+      update: {},
+      create: {
+        email: `member${i}@example.com`,
+        name: `member_${i}`,
+        age: 20 + i,
+        rank: i % 2 ? 'VIP' : 'NON_VIP',
+        verified: i % 3 ? 'NOT_VERIFIED' : 'VERIFIED',
+        hobbies: ['fishing', 'basketball', 'piano'],
+        distance: `${40 + Math.random() * 40}km`,
+        location_area: 'Sai Kung',
+        greetings: 'Hi, I am ',
+        gender: 'man',
+        tall_cm: 172 + Math.random() * 10,
+        weight_kg: 60 + Math.random() * 50,
+        occupation: 'doctor',
+        language: ['English', 'French', 'Chinese'],
+        education: ['Degree of Computer'],
+        self_introduction: 'Get me know me before you love me. Get me know me before you love me.',
+        music: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic'],
+        pets: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic'],
+        character: ['Classic', 'Classic', 'Classic', 'Classic', 'Classic', 'Classic'],
+        avatar: '',
+        sex: i % 2 ? 'M' : 'F',
+      },
     });
   }
-
   console.log('seed member done');
 }
 

03_source/cms_backend/prisma/seeds/Order.ts

@@ -10,8 +10,8 @@ async function order() {
         title: 'Single Party with Dating',
         order_time: new Date(),
         last_payment_date: new Date(),
-        status: 'Pending'
-      }
+        status: 'Pending',
+      },
     });
   }
 

03_source/cms_backend/prisma/seeds/_mock.ts

@@ -78,11 +78,12 @@ export const _mock = {
     avatar: (index: number) => `${CONFIG.basePath}/assets/images/avatar/avatar-${index + 1}.webp`,
     travel: (index: number) => `${CONFIG.basePath}/assets/images/travel/travel-${index + 1}.webp`,
     course: (index: number) => `${CONFIG.basePath}/assets/images/course/course-${index + 1}.webp`,
-    company: (index: number) =>
-      `${CONFIG.basePath}/assets/images/company/company-${index + 1}.webp`,
-    product: (index: number) =>
-      `${CONFIG.basePath}/assets/images/m-product/product-${index + 1}.webp`,
-    portrait: (index: number) =>
-      `${CONFIG.basePath}/assets/images/portrait/portrait-${index + 1}.webp`,
+    company: (index: number) => `${CONFIG.basePath}/assets/images/company/company-${index + 1}.webp`,
+    product: (index: number) => `${CONFIG.basePath}/assets/images/m-product/product-${index + 1}.webp`,
+    portrait: (index: number) => `${CONFIG.basePath}/assets/images/portrait/portrait-${index + 1}.webp`,
+    //
+    event: (index: number) => `${CONFIG.basePath}/assets/images/m-product/product-${index + 1}.webp`,
   },
+  //
+  eventName: (index: number) => _eventNames[index],
 };

03_source/cms_backend/prisma/seeds/_others.ts

@@ -0,0 +1,187 @@
+import { _mock } from './_mock';
+
+// ----------------------------------------------------------------------
+
+export const _carouselsMembers = Array.from({ length: 6 }, (_, index) => ({
+  id: _mock.id(index),
+  name: _mock.fullName(index),
+  role: _mock.role(index),
+  avatarUrl: _mock.image.portrait(index),
+}));
+
+// ----------------------------------------------------------------------
+
+export const _faqs = Array.from({ length: 8 }, (_, index) => ({
+  id: _mock.id(index),
+  value: `panel${index + 1}`,
+  heading: `Questions ${index + 1}`,
+  detail: _mock.description(index),
+}));
+
+// ----------------------------------------------------------------------
+
+export const _addressBooks = Array.from({ length: 24 }, (_, index) => ({
+  id: _mock.id(index),
+  primary: index === 0,
+  name: _mock.fullName(index),
+  email: _mock.email(index + 1),
+  fullAddress: _mock.fullAddress(index),
+  phoneNumber: _mock.phoneNumber(index),
+  company: _mock.companyNames(index + 1),
+  addressType: index === 0 ? 'Home' : 'Office',
+}));
+
+// ----------------------------------------------------------------------
+
+export const _contacts = Array.from({ length: 20 }, (_, index) => {
+  const status = (index % 2 && 'online') || (index % 3 && 'offline') || (index % 4 && 'always') || 'busy';
+
+  return {
+    id: _mock.id(index),
+    status,
+    role: _mock.role(index),
+    email: _mock.email(index),
+    name: _mock.fullName(index),
+    phoneNumber: _mock.phoneNumber(index),
+    lastActivity: _mock.time(index),
+    avatarUrl: _mock.image.avatar(index),
+    address: _mock.fullAddress(index),
+  };
+});
+
+// ----------------------------------------------------------------------
+
+export const _notifications = Array.from({ length: 9 }, (_, index) => ({
+  id: _mock.id(index),
+  avatarUrl: [_mock.image.avatar(1), _mock.image.avatar(2), _mock.image.avatar(3), _mock.image.avatar(4), _mock.image.avatar(5), null, null, null, null, null][
+    index
+  ],
+  type: ['friend', 'project', 'file', 'tags', 'payment', 'order', 'delivery', 'chat', 'mail'][index],
+  category: ['Communication', 'Project UI', 'File manager', 'File manager', 'File manager', 'Order', 'Order', 'Communication', 'Communication'][index],
+  isUnRead: _mock.boolean(index),
+  createdAt: _mock.time(index),
+  title:
+    (index === 0 && `<p><strong>Deja Brady</strong> sent you a friend request</p>`) ||
+    (index === 1 && `<p><strong>Jayvon Hull</strong> mentioned you in <strong><a href='#'>Minimal UI</a></strong></p>`) ||
+    (index === 2 && `<p><strong>Lainey Davidson</strong> added file to <strong><a href='#'>File manager</a></strong></p>`) ||
+    (index === 3 && `<p><strong>Angelique Morse</strong> added new tags to <strong><a href='#'>File manager<a/></strong></p>`) ||
+    (index === 4 && `<p><strong>Giana Brandt</strong> request a payment of <strong>$200</strong></p>`) ||
+    (index === 5 && `<p>Your order is placed waiting for shipping</p>`) ||
+    (index === 6 && `<p>Delivery processing your order is being shipped</p>`) ||
+    (index === 7 && `<p>You have new message 5 unread messages</p>`) ||
+    (index === 8 && `<p>You have new mail`) ||
+    '',
+}));
+
+// ----------------------------------------------------------------------
+
+export const _mapContact = [
+  { latlng: [33, 65], address: _mock.fullAddress(1), phoneNumber: _mock.phoneNumber(1) },
+  { latlng: [-12.5, 18.5], address: _mock.fullAddress(2), phoneNumber: _mock.phoneNumber(2) },
+];
+
+// ----------------------------------------------------------------------
+
+export const _socials = [
+  {
+    value: 'facebook',
+    label: 'Facebook',
+    path: 'https://www.facebook.com/caitlyn.kerluke',
+  },
+  {
+    value: 'instagram',
+    label: 'Instagram',
+    path: 'https://www.instagram.com/caitlyn.kerluke',
+  },
+  {
+    value: 'linkedin',
+    label: 'Linkedin',
+    path: 'https://www.linkedin.com/caitlyn.kerluke',
+  },
+  {
+    value: 'twitter',
+    label: 'Twitter',
+    path: 'https://www.twitter.com/caitlyn.kerluke',
+  },
+];
+
+// ----------------------------------------------------------------------
+
+export const _pricingPlans = [
+  {
+    subscription: 'basic',
+    price: 0,
+    caption: 'Forever',
+    lists: ['3 prototypes', '3 boards', 'Up to 5 team members'],
+    labelAction: 'Current plan',
+  },
+  {
+    subscription: 'starter',
+    price: 4.99,
+    caption: 'Saving $24 a year',
+    lists: ['3 prototypes', '3 boards', 'Up to 5 team members', 'Advanced security', 'Issue escalation'],
+    labelAction: 'Choose starter',
+  },
+  {
+    subscription: 'premium',
+    price: 9.99,
+    caption: 'Saving $124 a year',
+    lists: [
+      '3 prototypes',
+      '3 boards',
+      'Up to 5 team members',
+      'Advanced security',
+      'Issue escalation',
+      'Issue development license',
+      'Permissions & workflows',
+    ],
+    labelAction: 'Choose premium',
+  },
+];
+
+// ----------------------------------------------------------------------
+
+export const _testimonials = [
+  {
+    name: _mock.fullName(1),
+    postedDate: _mock.time(1),
+    ratingNumber: _mock.number.rating(1),
+    avatarUrl: _mock.image.avatar(1),
+    content: `Excellent Work! Thanks a lot!`,
+  },
+  {
+    name: _mock.fullName(2),
+    postedDate: _mock.time(2),
+    ratingNumber: _mock.number.rating(2),
+    avatarUrl: _mock.image.avatar(2),
+    content: `It's a very good dashboard and we are really liking the product . We've done some things, like migrate to TS and implementing a react useContext api, to fit our job methodology but the product is one of the best in terms of design and application architecture. The team did a really good job.`,
+  },
+  {
+    name: _mock.fullName(3),
+    postedDate: _mock.time(3),
+    ratingNumber: _mock.number.rating(3),
+    avatarUrl: _mock.image.avatar(3),
+    content: `Customer support is realy fast and helpful the desgin of this theme is looks amazing also the code is very clean and readble realy good job !`,
+  },
+  {
+    name: _mock.fullName(4),
+    postedDate: _mock.time(4),
+    ratingNumber: _mock.number.rating(4),
+    avatarUrl: _mock.image.avatar(4),
+    content: `Amazing, really good code quality and gives you a lot of examples for implementations.`,
+  },
+  {
+    name: _mock.fullName(5),
+    postedDate: _mock.time(5),
+    ratingNumber: _mock.number.rating(5),
+    avatarUrl: _mock.image.avatar(5),
+    content: `Got a few questions after purchasing the product. The owner responded very fast and very helpfull. Overall the code is excellent and works very good. 5/5 stars!`,
+  },
+  {
+    name: _mock.fullName(6),
+    postedDate: _mock.time(6),
+    ratingNumber: _mock.number.rating(6),
+    avatarUrl: _mock.image.avatar(6),
+    content: `CEO of Codealy.io here. We’ve built a developer assessment platform that makes sense - tasks are based on git repositories and run in virtual machines. We automate the pain points - storing candidates code, running it and sharing test results with the whole team, remotely. Bought this template as we need to provide an awesome dashboard for our early customers. I am super happy with purchase. The code is just as good as the design. Thanks!`,
+  },
+];

03_source/cms_backend/prisma/seeds/eventItem.ts

@@ -0,0 +1,277 @@
+import { _mock } from './_mock';
+import { _tags } from './assets';
+
+import { PrismaClient, EventReview } from '@prisma/client';
+import { _eventsReview } from './eventReview';
+import { CONFIG } from './global-config';
+
+import _ from 'lodash';
+
+const prisma = new PrismaClient();
+
+const COLORS = ['#FF4842', '#1890FF', '#FFC0CB', '#00AB55', '#FFC107', '#7F00FF', '#000000', '#FFFFFF'];
+
+const DESCRIPTION = `
+<h6>Specifications</h6>
+<table>
+  <tbody>
+    <tr>
+      <td>Category</td>
+      <td>Mobile</td>
+    </tr>
+    <tr>
+      <td>Manufacturer</td>
+      <td>Apple</td>
+    </tr>
+    <tr>
+      <td>Warranty</td>
+      <td>12 Months</td>
+    </tr>
+    <tr>
+      <td>Serial number</td>
+      <td>358607726380311</td>
+    </tr>
+    <tr>
+      <td>Ships from</td>
+      <td>United States</td>
+    </tr>
+  </tbody>
+</table>
+
+<h6>Event details</h6>
+<ul>
+  <li>
+    <p>The foam sockliner feels soft and comfortable</p>
+  </li>
+  <li>
+    <p>Pull tab</p>
+  </li>
+  <li>
+    <p>Not intended for use as Personal Protective Equipment</p>
+  </li>
+  <li>
+    <p>Colour Shown: White/Black/Oxygen Purple/Action Grape</p>
+  </li>
+  <li>
+    <p>Style: 921826-109</p>
+  </li>
+  <li>
+    <p>Country/Region of Origin: China</p>
+  </li>
+</ul>
+<h6>Benefits</h6>
+<ul>
+  <li>
+    <p>Mesh and synthetic materials on the upper keep the fluid look of the OG while adding comfort</p>
+    and durability.
+  </li>
+  <li>
+    <p>Originally designed for performance running, the full-length Max Air unit adds soft, comfortable cushio</p>
+    ning underfoot.
+  </li>
+  <li>
+    <p>The foam midsole feels springy and soft.</p>
+  </li>
+  <li>
+    <p>The rubber outsole adds traction and durability.</p>
+  </li>
+</ul>
+<h6>Delivery and returns</h6>
+<p>Your order of $200 or more gets free standard delivery.</p>
+<ul>
+  <li>
+    <p>Standard delivered 4-5 Business Days</p>
+  </li>
+  <li>
+    <p>Express delivered 2-4 Business Days</p>
+  </li>
+</ul>
+<p>Orders are processed and delivered Monday-Friday (excluding public holidays)</p>
+
+`;
+
+const getColorSliceForIndex = (index: number) => {
+  if (index === 0) return COLORS.slice(0, 2);
+  if (index === 1) return COLORS.slice(1, 3);
+  if (index === 2) return COLORS.slice(2, 4);
+  if (index === 3) return COLORS.slice(3, 6);
+  if (index === 4 || index === 16 || index === 19) return COLORS.slice(4, 6);
+  if (index === 5 || index === 17) return COLORS.slice(5, 6);
+  if (index === 6 || index === 18) return COLORS.slice(0, 2);
+  if (index === 7) return COLORS.slice(4, 6);
+  if (index === 8) return COLORS.slice(2, 4);
+  if (index === 9 || index === 11) return COLORS.slice(2, 6);
+  if (index === 10) return COLORS.slice(3, 6);
+  if (index === 12) return COLORS.slice(2, 7);
+  if (index === 13) return COLORS.slice(4, 7);
+  if (index === 14) return COLORS.slice(0, 2);
+  if (index === 15) return COLORS.slice(5, 8);
+  return COLORS.slice(2, 6); // Default case
+};
+
+const generateAttachments = () => Array.from({ length: 20 }, (_, index) => _mock.image.event(index));
+
+const generateReviews = () => {
+  const attachments = generateAttachments();
+};
+
+const generateRatings = () =>
+  Array.from({ length: 5 }, (_, index) => ({
+    name: `${index + 1} Star`,
+    starCount: _mock.number.nativeL(index),
+    reviewCount: _mock.number.nativeL(index + 1),
+  }));
+
+const generateImages = () => Array.from({ length: 8 }, (_, index) => _mock.image.event(index));
+
+const _events = () =>
+  Array.from({ length: 2 }, (_, index) => {
+    const reviews = generateReviews();
+    const images = generateImages();
+    const ratings = generateRatings();
+    //
+    const publish = index % 3 ? 'published' : 'draft';
+
+    const category = (index % 2 && 'Shose') || (index % 3 && 'Apparel') || 'Accessories';
+
+    const gender = (index % 2 && ['Men']) || (index % 3 && ['Women', 'Kids']) || ['Kids'];
+
+    const available = (index % 2 && 72) || (index % 3 && 10) || 0;
+
+    const inventoryType = (index % 2 && 'in stock') || (index % 3 && 'low stock') || 'out of stock';
+
+    const priceSale = index % 3 ? undefined : _mock.number.price(index);
+
+    return {
+      id: _mock.id(index).toString(),
+      sku: `WW75K521${index}YW/SV`,
+      name: _mock.eventName(index),
+      gender,
+      images,
+      reviews,
+      publish,
+      ratings,
+      category,
+      available,
+      priceSale,
+      taxes: 10,
+      quantity: 80,
+      inventoryType,
+      tags: _tags.slice(0, 5),
+      code: `38BEE27${index}`,
+      description: DESCRIPTION,
+      createdAt: _mock.time(index),
+      price: _mock.number.price(index),
+      coverUrl: _mock.image.event(index),
+      colors: getColorSliceForIndex(index),
+      totalRatings: _mock.number.rating(index),
+      totalSold: _mock.number.nativeM(index + 1),
+      totalReviews: _mock.number.nativeL(index + 1),
+      newLabel: { enabled: [1, 2, 3].includes(index), content: 'NEW' },
+      saleLabel: { enabled: [4, 5].includes(index), content: 'SALE' },
+      sizes: ['6', '7', '8', '8.5', '9', '9.5', '10', '10.5', '11', '11.5', '12', '13'],
+      subDescription: 'Featuring the original ripple design inspired by Japanese bullet trains, the Nike Air Max 97 lets you push your style full-speed ahead.',
+    };
+  });
+
+const memberList = (num_of_member: number) =>
+  _.shuffle([
+    {
+      email: 'tom@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1671656349322-41de944d259b`,
+      sex: 'M',
+    },
+    {
+      email: 'may@exampl.com',
+      avatar: `https://images.unsplash.com/photo-1522075469751-3a6694fb2f61`,
+      sex: 'F',
+    },
+    {
+      email: 'june@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1723867331866-e112500178a4`,
+      sex: 'M',
+    },
+    {
+      email: 'april@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1682089894837-e01e5cb8e471`,
+      sex: 'F',
+    },
+    {
+      email: 'susan@exampl.com',
+      avatar: `https://images.unsplash.com/photo-1485893086445-ed75865251e0`,
+      sex: 'M',
+    },
+    {
+      email: 'peter@exampl.com',
+      avatar: `https://plus.unsplash.com/premium_photo-1722945763962-305a5a769cc8`,
+      sex: 'F',
+    },
+  ]).slice(0, num_of_member);
+
+async function eventItem() {
+  const temp_events = _events();
+
+  for (let i = 0; i < temp_events.length; i++) {
+    const temp_pr = _eventsReview();
+
+    const temp = await prisma.eventItem.upsert({
+      where: { id: temp_events[i].id.toString() },
+      update: {},
+      create: {
+        id: temp_events[i].id,
+        //
+        name: temp_events[i].name,
+        code: temp_events[i].code,
+        price: temp_events[i].price,
+        taxes: temp_events[i].taxes,
+        tags: temp_events[i].tags,
+        sizes: temp_events[i].sizes,
+        publish: temp_events[i].publish,
+        gender: temp_events[i].gender,
+        coverUrl: temp_events[i].coverUrl,
+        images: temp_events[i].images,
+        colors: temp_events[i].colors,
+        quantity: temp_events[i].quantity,
+        category: temp_events[i].category,
+        available: temp_events[i].available,
+        totalSold: temp_events[i].totalSold,
+        description: temp_events[i].description,
+        totalRatings: temp_events[i].totalRatings,
+        totalReviews: temp_events[i].totalReviews,
+        inventoryType: temp_events[i].inventoryType,
+        subDescription: temp_events[i].subDescription,
+        priceSale: temp_events[i].priceSale,
+        newLabel: temp_events[i].newLabel,
+        saleLabel: temp_events[i].saleLabel,
+        ratings: temp_events[i].ratings,
+        // review: { create: temp_pr },
+        reviews: { create: temp_pr },
+        sku: temp_events[i].sku,
+        //
+        eventDate: new Date(_mock.time(i)),
+        title: temp_events[i].name,
+        currency: 'HKD',
+        duration_m: 120,
+        ageBottom: 18,
+        ageTop: 60,
+        location: 'Hong Kong',
+        avatar: temp_events[i].images,
+        //
+        joinMembers: memberList(5 - i),
+      },
+    });
+  }
+  console.log('seed eventItem done');
+}
+
+const EventItem = eventItem()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { EventItem as EventItemSeed };

03_source/cms_backend/prisma/seeds/eventReview.ts

@@ -0,0 +1,61 @@
+import { _mock } from './_mock';
+import { _tags } from './assets';
+
+import { PrismaClient } from '@prisma/client';
+const prisma = new PrismaClient();
+
+const generateAttachments = () => Array.from({ length: 20 }, (_, index) => _mock.image.event(index));
+
+const generateReviews = () => {
+  const attachments = generateAttachments();
+
+  return Array.from({ length: 8 }, (_, index) => ({
+    // id: _mock.id(index),
+    name: _mock.fullName(index),
+    postedAt: _mock.time(index),
+    comment: _mock.sentence(index),
+    isPurchased: _mock.boolean(index),
+    rating: _mock.number.rating(index),
+    avatarUrl: _mock.image.avatar(index),
+    helpful: _mock.number.nativeL(index),
+    attachments: (index === 1 && attachments.slice(0, 1)) || (index === 3 && attachments.slice(2, 4)) || (index === 5 && attachments.slice(5, 8)) || [],
+  }));
+};
+
+export const _eventsReview = () => {
+  return generateReviews();
+};
+
+async function eventReview() {
+  const temp_pr = _eventsReview();
+
+  for (let i = 0; i < temp_pr.length; i++) {
+    const temp = await prisma.eventReview.upsert({
+      where: { id: i.toString() },
+      update: {},
+      create: {
+        name: temp_pr[i].name,
+        rating: temp_pr[i].rating,
+        comment: temp_pr[i].comment,
+        helpful: temp_pr[i].helpful,
+        avatarUrl: temp_pr[i].avatarUrl,
+        isPurchased: temp_pr[i].isPurchased,
+        attachments: temp_pr[i].attachments,
+        postedAt: temp_pr[i].postedAt,
+      },
+    });
+  }
+  console.log('seed eventReview done');
+}
+
+const EventReview = eventReview()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { EventReview as EventReviewSeed };

03_source/cms_backend/prisma/seeds/invoiceItem.ts

@@ -0,0 +1,76 @@
+import { PrismaClient } from '@prisma/client';
+
+import { _mock } from './_mock';
+import { _tags } from './assets';
+import { _addressBooks } from './_others';
+import { fSub, fAdd } from './utils/format-time';
+
+const prisma = new PrismaClient();
+
+export const INVOICE_SERVICE_OPTIONS = Array.from({ length: 8 }, (_, index) => ({
+  id: _mock.id(index),
+  name: _tags[index],
+  price: _mock.number.price(index),
+}));
+
+const ITEMS = Array.from({ length: 3 }, (__, index) => {
+  const total = INVOICE_SERVICE_OPTIONS[index].price * _mock.number.nativeS(index);
+
+  return {
+    id: _mock.id(index),
+    total,
+    title: _mock.productName(index),
+    description: _mock.sentence(index),
+    price: INVOICE_SERVICE_OPTIONS[index].price,
+    service: INVOICE_SERVICE_OPTIONS[index].name,
+    quantity: _mock.number.nativeS(index),
+  };
+});
+
+async function invoiceItem() {
+  await prisma.orderItem.deleteMany({});
+
+  for (let index = 1; index < 3 + 1; index++) {
+    const shipping = 10;
+    const discount = 10;
+    const taxes = 10;
+    const items = (index % 2 && ITEMS.slice(0, 1)) || (index % 3 && ITEMS.slice(1, 3)) || ITEMS;
+    const subtotal = items.reduce((accumulator, item) => accumulator + item.price * item.quantity, 0);
+    const totalAmount = subtotal - shipping - discount + taxes;
+
+    const temp = await prisma.invoiceItem.upsert({
+      where: { id: index.toString() },
+      update: {},
+      create: {
+        id: index.toString(),
+        taxes,
+        status: (index % 2 && 'paid') || (index % 3 && 'pending') || (index % 4 && 'overdue') || 'draft',
+        discount,
+        shipping,
+        subtotal: items.reduce((accumulator, item) => accumulator + item.price * item.quantity, 0),
+        totalAmount,
+        items,
+        invoiceNumber: `INV-199${index}`,
+        invoiceFrom: _addressBooks[index],
+        invoiceTo: _addressBooks[index + 1],
+        sent: _mock.number.nativeS(index),
+        dueDate: new Date(fAdd({ days: index + 15, hours: index })),
+        createDate: new Date(fAdd({ days: index + 15, hours: index })),
+      },
+    });
+  }
+
+  console.log('seed invoiceItem done');
+}
+
+const invoiceItemSeed = invoiceItem()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { invoiceItemSeed };

03_source/cms_backend/prisma/seeds/orderItem.ts

@@ -0,0 +1,94 @@
+import { PrismaClient } from '@prisma/client';
+import { _mock } from './_mock';
+
+const prisma = new PrismaClient();
+
+const ITEMS = Array.from({ length: 3 }, (_, index) => ({
+  id: _mock.id(index),
+  sku: `16H9UR${index}`,
+  quantity: index + 1,
+  name: _mock.productName(index),
+  coverUrl: _mock.image.product(index),
+  price: _mock.number.price(index),
+}));
+
+async function orderItem() {
+  await prisma.orderItem.deleteMany({});
+
+  for (let index = 1; index < 20 + 1; index++) {
+    const shipping = 10;
+    const discount = 10;
+    const taxes = 10;
+    const items = (index % 2 && ITEMS.slice(0, 1)) || (index % 3 && ITEMS.slice(1, 3)) || ITEMS;
+    const totalQuantity = items.reduce((accumulator, item) => accumulator + item.quantity, 0);
+    const subtotal = items.reduce((accumulator, item) => accumulator + item.price * item.quantity, 0);
+    const totalAmount = subtotal - shipping - discount + taxes;
+
+    const customer = {
+      id: _mock.id(index),
+      name: _mock.fullName(index),
+      email: _mock.email(index),
+      avatarUrl: _mock.image.avatar(index),
+      ipAddress: '192.158.1.38',
+    };
+
+    const delivery = { shipBy: 'DHL', speedy: 'Standard', trackingNumber: 'SPX037739199373' };
+
+    const history = {
+      orderTime: _mock.time(1),
+      paymentTime: _mock.time(2),
+      deliveryTime: _mock.time(3),
+      completionTime: _mock.time(4),
+      timeline: [
+        { title: 'Delivery successful', time: _mock.time(1) },
+        { title: 'Transporting to [2]', time: _mock.time(2) },
+        { title: 'Transporting to [1]', time: _mock.time(3) },
+        { title: 'The shipping unit has picked up the goods', time: _mock.time(4) },
+        { title: 'Order has been created', time: _mock.time(5) },
+      ],
+    };
+
+    const temp = await prisma.orderItem.upsert({
+      where: { id: index.toString() },
+      update: {},
+      create: {
+        id: index.toString(),
+        orderNumber: `#601${index}`,
+        taxes,
+        items,
+        history,
+        subtotal: items.reduce((accumulator, item) => accumulator + item.price * item.quantity, 0),
+        shipping,
+        discount,
+        customer,
+        delivery,
+        totalAmount,
+        totalQuantity,
+        shippingAddress: {
+          fullAddress: '19034 Verna Unions Apt. 164 - Honolulu, RI / 87535',
+          phoneNumber: '365-374-4961',
+        },
+        payment: {
+          //
+          cardType: 'mastercard',
+          cardNumber: '4111 1111 1111 1111',
+        },
+        status: (index % 2 && 'completed') || (index % 3 && 'pending') || (index % 4 && 'cancelled') || 'refunded',
+      },
+    });
+  }
+
+  console.log('seed orderItem done');
+}
+
+const orderItemSeed = orderItem()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { orderItemSeed };

03_source/cms_backend/prisma/seeds/productReview.ts

@@ -4,16 +4,7 @@ import { _tags } from './assets';
 import { PrismaClient } from '@prisma/client';
 const prisma = new PrismaClient();
 
-const COLORS = [
-  '#FF4842',
-  '#1890FF',
-  '#FFC0CB',
-  '#00AB55',
-  '#FFC107',
-  '#7F00FF',
-  '#000000',
-  '#FFFFFF'
-];
+const COLORS = ['#FF4842', '#1890FF', '#FFC0CB', '#00AB55', '#FFC107', '#7F00FF', '#000000', '#FFFFFF'];
 
 const DESCRIPTION = `
 <h6>Specifications</h6>
@@ -113,8 +104,7 @@ const getColorSliceForIndex = (index: number) => {
   return COLORS.slice(2, 6); // Default case
 };
 
-const generateAttachments = () =>
-  Array.from({ length: 20 }, (_, index) => _mock.image.product(index));
+const generateAttachments = () => Array.from({ length: 20 }, (_, index) => _mock.image.product(index));
 
 const generateReviews = () => {
   const attachments = generateAttachments();
@@ -128,11 +118,7 @@ const generateReviews = () => {
     rating: _mock.number.rating(index),
     avatarUrl: _mock.image.avatar(index),
     helpful: _mock.number.nativeL(index),
-    attachments:
-      (index === 1 && attachments.slice(0, 1)) ||
-      (index === 3 && attachments.slice(2, 4)) ||
-      (index === 5 && attachments.slice(5, 8)) ||
-      []
+    attachments: (index === 1 && attachments.slice(0, 1)) || (index === 3 && attachments.slice(2, 4)) || (index === 5 && attachments.slice(5, 8)) || [],
   }));
 };
 
@@ -140,7 +126,7 @@ const generateRatings = () =>
   Array.from({ length: 5 }, (_, index) => ({
     name: `${index + 1} Star`,
     starCount: _mock.number.nativeL(index),
-    reviewCount: _mock.number.nativeL(index + 1)
+    reviewCount: _mock.number.nativeL(index + 1),
   }));
 
 const generateImages = () => Array.from({ length: 8 }, (_, index) => _mock.image.product(index));
@@ -164,8 +150,8 @@ async function productReview() {
         avatarUrl: temp_pr[i].avatarUrl,
         isPurchased: temp_pr[i].isPurchased,
         attachments: temp_pr[i].attachments,
-        postedAt: temp_pr[i].postedAt
-      }
+        postedAt: temp_pr[i].postedAt,
+      },
     });
   }
   console.log('seed productReview done');

03_source/cms_backend/prisma/seeds/superuser.ts

@@ -8,8 +8,9 @@ async function superuser() {
     create: {
       email: 'admin1@123.com',
       name: 'Admin1',
-      password: 'Aa12345678'
-    }
+      password: 'Aa12345678',
+      admin: true,
+    },
   });
 
   // swagger test
@@ -19,8 +20,9 @@ async function superuser() {
     create: {
       email: 'fake@example.com',
       name: 'swagger user',
-      password: 'password1'
-    }
+      password: 'password1',
+      admin: true,
+    },
   });
 
   console.log('seed superuser done');

03_source/cms_backend/prisma/seeds/user.ts

@@ -8,18 +8,31 @@ async function user() {
     create: {
       email: 'alice@prisma.io',
       name: 'Alice',
-      password: 'Aa12345678'
-    }
+      password: 'Aa12345678',
+      emailVerified: new Date(),
+    },
   });
 
-  const bob = await prisma.user.upsert({
+  await prisma.user.upsert({
+    where: { email: 'demo@minimals.cc' },
+    update: {},
+    create: {
+      email: 'demo@minimals.cc',
+      name: 'Demo',
+      password: '@2Minimal',
+      emailVerified: new Date(),
+    },
+  });
+
+  await prisma.user.upsert({
     where: { email: 'bob@prisma.io' },
     update: {},
     create: {
       email: 'bob@prisma.io',
       name: 'Bob',
-      password: 'Aa12345678'
-    }
+      password: 'Aa12345678',
+      emailVerified: new Date(),
+    },
   });
   console.log('seed user done');
 }

03_source/cms_backend/prisma/seeds/userItem.ts

@@ -0,0 +1,130 @@
+import { PrismaClient } from '@prisma/client';
+import { generateHash } from 'src/utils/hash';
+import { Config, names, uniqueNamesGenerator } from 'unique-names-generator';
+import { faker } from '@faker-js/faker';
+
+import { faker as enFaker } from '@faker-js/faker/locale/en_US';
+import { faker as zhFaker } from '@faker-js/faker/locale/zh_CN';
+import { faker as jaFaker } from '@faker-js/faker/locale/ja';
+import { faker as koFaker } from '@faker-js/faker/locale/ko';
+import { faker as twFaker } from '@faker-js/faker/locale/zh_TW';
+
+const SEED_EMAIL_DOMAIN = 'seed.com';
+
+const prisma = new PrismaClient();
+
+async function userItem() {
+  const config: Config = { dictionaries: [names] };
+  const firstName = uniqueNamesGenerator(config);
+  const lastName = uniqueNamesGenerator(config);
+  const username = `${firstName.toLowerCase()}-${lastName.toLowerCase()}`;
+
+  const alice = await prisma.userItem.upsert({
+    where: { id: 'admin_uuid' },
+    update: {},
+    create: {
+      name: `admin test`,
+      city: '',
+      role: '',
+      email: `admin@123.com`,
+      state: '',
+      status: '',
+      address: '',
+      country: '',
+      zipCode: '',
+      company: '',
+      avatarUrl: '',
+      phoneNumber: '',
+      isVerified: true,
+      //
+      username: 'admin@123.com',
+      password: await generateHash('Aa1234567'),
+      //
+      isAdmin: true,
+    },
+  });
+
+  for (let i = 1; i < 3; i++) {
+    const CJK_LOCALES = {
+      en: enFaker,
+      zh: zhFaker,
+      ja: jaFaker,
+      ko: koFaker,
+      tw: twFaker,
+    };
+    function getRandomCJKFaker() {
+      const locales = Object.keys(CJK_LOCALES);
+      const randomKey = locales[Math.floor(Math.random() * locales.length)] as keyof typeof CJK_LOCALES;
+      return CJK_LOCALES[randomKey];
+    }
+    const randomFaker = getRandomCJKFaker();
+
+    await prisma.userItem.upsert({
+      where: { id: i.toString() },
+      update: {},
+      create: {
+        name: randomFaker.person.fullName(),
+        city: randomFaker.location.city(),
+        role: ROLE[Math.floor(Math.random() * ROLE.length)],
+        email: randomFaker.internet.email(),
+        state: randomFaker.location.state(),
+        status: STATUS[Math.floor(Math.random() * STATUS.length)],
+        address: randomFaker.location.streetAddress(),
+        country: randomFaker.location.country(),
+        zipCode: randomFaker.location.zipCode(),
+        company: randomFaker.company.name(),
+        avatarUrl: randomFaker.image.avatar(),
+        phoneNumber: randomFaker.phone.number(),
+        isVerified: true,
+        //
+        username: randomFaker.internet.username(),
+        password: await generateHash('Abc1234!'),
+        //
+        isAdmin: false,
+      },
+    });
+  }
+
+  console.log('seed user done');
+}
+
+const userItemSeed = userItem()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { userItemSeed };
+
+const ROLE = [
+  `CEO`,
+  `CTO`,
+  `Project Coordinator`,
+  `Team Leader`,
+  `Software Developer`,
+  `Marketing Strategist`,
+  `Data Analyst`,
+  `Product Owner`,
+  `Graphic Designer`,
+  `Operations Manager`,
+  `Customer Support Specialist`,
+  `Sales Manager`,
+  `HR Recruiter`,
+  `Business Consultant`,
+  `Financial Planner`,
+  `Network Engineer`,
+  `Content Creator`,
+  `Quality Assurance Tester`,
+  `Public Relations Officer`,
+  `IT Administrator`,
+  `Compliance Officer`,
+  `Event Planner`,
+  `Legal Counsel`,
+  `Training Coordinator`,
+];
+
+const STATUS = ['active', 'pending', 'banned'];

03_source/cms_backend/prisma/seeds/userMeta.ts

@@ -0,0 +1,130 @@
+import { PrismaClient } from '@prisma/client';
+import { generateHash } from 'src/utils/hash';
+import { Config, names, uniqueNamesGenerator } from 'unique-names-generator';
+import { faker } from '@faker-js/faker';
+
+import { faker as enFaker } from '@faker-js/faker/locale/en_US';
+import { faker as zhFaker } from '@faker-js/faker/locale/zh_CN';
+import { faker as jaFaker } from '@faker-js/faker/locale/ja';
+import { faker as koFaker } from '@faker-js/faker/locale/ko';
+import { faker as twFaker } from '@faker-js/faker/locale/zh_TW';
+
+const SEED_EMAIL_DOMAIN = 'seed.com';
+
+const prisma = new PrismaClient();
+
+async function userMeta() {
+  const config: Config = { dictionaries: [names] };
+  const firstName = uniqueNamesGenerator(config);
+  const lastName = uniqueNamesGenerator(config);
+  const username = `${firstName.toLowerCase()}-${lastName.toLowerCase()}`;
+
+  const alice = await prisma.userMeta.upsert({
+    where: { id: 'admin_uuid' },
+    update: {},
+    create: {
+      name: `admin test`,
+      city: '',
+      role: '',
+      email: `admin@123.com`,
+      state: '',
+      status: '',
+      address: '',
+      country: '',
+      zipCode: '',
+      company: '',
+      avatarUrl: '',
+      phoneNumber: '',
+      isVerified: true,
+      //
+      username: 'admin@123.com',
+      password: await generateHash('Aa1234567'),
+      //
+      isAdmin: true,
+    },
+  });
+
+  for (let i = 1; i < 3; i++) {
+    const CJK_LOCALES = {
+      en: enFaker,
+      zh: zhFaker,
+      ja: jaFaker,
+      ko: koFaker,
+      tw: twFaker,
+    };
+    function getRandomCJKFaker() {
+      const locales = Object.keys(CJK_LOCALES);
+      const randomKey = locales[Math.floor(Math.random() * locales.length)] as keyof typeof CJK_LOCALES;
+      return CJK_LOCALES[randomKey];
+    }
+    const randomFaker = getRandomCJKFaker();
+
+    await prisma.userMeta.upsert({
+      where: { id: i.toString() },
+      update: {},
+      create: {
+        name: randomFaker.person.fullName(),
+        city: randomFaker.location.city(),
+        role: ROLE[Math.floor(Math.random() * ROLE.length)],
+        email: randomFaker.internet.email(),
+        state: randomFaker.location.state(),
+        status: STATUS[Math.floor(Math.random() * STATUS.length)],
+        address: randomFaker.location.streetAddress(),
+        country: randomFaker.location.country(),
+        zipCode: randomFaker.location.zipCode(),
+        company: randomFaker.company.name(),
+        avatarUrl: randomFaker.image.avatar(),
+        phoneNumber: randomFaker.phone.number(),
+        isVerified: true,
+        //
+        username: randomFaker.internet.username(),
+        password: await generateHash('Abc1234!'),
+        //
+        isAdmin: false,
+      },
+    });
+  }
+
+  console.log('seed userMeta done');
+}
+
+const userMetaSeed = userMeta()
+  .then(async () => {
+    await prisma.$disconnect();
+  })
+  .catch(async (e) => {
+    console.error(e);
+    await prisma.$disconnect();
+    process.exit(1);
+  });
+
+export { userMetaSeed };
+
+const ROLE = [
+  `CEO`,
+  `CTO`,
+  `Project Coordinator`,
+  `Team Leader`,
+  `Software Developer`,
+  `Marketing Strategist`,
+  `Data Analyst`,
+  `Product Owner`,
+  `Graphic Designer`,
+  `Operations Manager`,
+  `Customer Support Specialist`,
+  `Sales Manager`,
+  `HR Recruiter`,
+  `Business Consultant`,
+  `Financial Planner`,
+  `Network Engineer`,
+  `Content Creator`,
+  `Quality Assurance Tester`,
+  `Public Relations Officer`,
+  `IT Administrator`,
+  `Compliance Officer`,
+  `Event Planner`,
+  `Legal Counsel`,
+  `Training Coordinator`,
+];
+
+const STATUS = ['active', 'pending', 'banned'];

03_source/cms_backend/prisma/seeds/utils/format-time.ts

@@ -0,0 +1,257 @@
+import type { Dayjs, OpUnitType } from 'dayjs';
+
+import dayjs from 'dayjs';
+import duration from 'dayjs/plugin/duration';
+import relativeTime from 'dayjs/plugin/relativeTime';
+
+// ----------------------------------------------------------------------
+
+/**
+ * @Docs
+ * https://day.js.org/docs/en/display/format
+ */
+
+/**
+ * Default timezones
+ * https://day.js.org/docs/en/timezone/set-default-timezone#docsNav
+ *
+ */
+
+/**
+ * UTC
+ * https://day.js.org/docs/en/plugin/utc
+ * @install
+ * import utc from 'dayjs/plugin/utc';
+ * dayjs.extend(utc);
+ * @usage
+ * dayjs().utc().format()
+ *
+ */
+
+dayjs.extend(duration);
+dayjs.extend(relativeTime);
+
+// ----------------------------------------------------------------------
+
+export type DatePickerFormat = Dayjs | Date | string | number | null | undefined;
+
+export const formatPatterns = {
+  dateTime: 'DD MMM YYYY h:mm a', // 17 Apr 2022 12:00 am
+  date: 'DD MMM YYYY', // 17 Apr 2022
+  time: 'h:mm a', // 12:00 am
+  split: {
+    dateTime: 'DD/MM/YYYY h:mm a', // 17/04/2022 12:00 am
+    date: 'DD/MM/YYYY', // 17/04/2022
+  },
+  paramCase: {
+    dateTime: 'DD-MM-YYYY h:mm a', // 17-04-2022 12:00 am
+    date: 'DD-MM-YYYY', // 17-04-2022
+  },
+};
+
+const isValidDate = (date: DatePickerFormat) => date !== null && date !== undefined && dayjs(date).isValid();
+
+// ----------------------------------------------------------------------
+
+export function today(template?: string): string {
+  return dayjs(new Date()).startOf('day').format(template);
+}
+
+// ----------------------------------------------------------------------
+
+/**
+ * @output 17 Apr 2022 12:00 am
+ */
+export function fDateTime(date: DatePickerFormat, template?: string): string {
+  if (!isValidDate(date)) {
+    return 'Invalid date';
+  }
+
+  return dayjs(date).format(template ?? formatPatterns.dateTime);
+}
+
+// ----------------------------------------------------------------------
+
+/**
+ * @output 17 Apr 2022
+ */
+export function fDate(date: DatePickerFormat, template?: string): string {
+  if (!isValidDate(date)) {
+    return 'Invalid date';
+  }
+
+  return dayjs(date).format(template ?? formatPatterns.date);
+}
+
+// ----------------------------------------------------------------------
+
+/**
+ * @output 12:00 am
+ */
+export function fTime(date: DatePickerFormat, template?: string): string {
+  if (!isValidDate(date)) {
+    return 'Invalid date';
+  }
+
+  return dayjs(date).format(template ?? formatPatterns.time);
+}
+
+// ----------------------------------------------------------------------
+
+/**
+ * @output 1713250100
+ */
+export function fTimestamp(date: DatePickerFormat): number | 'Invalid date' {
+  if (!isValidDate(date)) {
+    return 'Invalid date';
+  }
+
+  return dayjs(date).valueOf();
+}
+
+// ----------------------------------------------------------------------
+
+/**
+ * @output a few seconds, 2 years
+ */
+export function fToNow(date: DatePickerFormat): string {
+  if (!isValidDate(date)) {
+    return 'Invalid date';
+  }
+
+  return dayjs(date).toNow(true);
+}
+
+// ----------------------------------------------------------------------
+
+/**
+ * @output boolean
+ */
+export function fIsBetween(inputDate: DatePickerFormat, startDate: DatePickerFormat, endDate: DatePickerFormat): boolean {
+  if (!isValidDate(inputDate) || !isValidDate(startDate) || !isValidDate(endDate)) {
+    return false;
+  }
+
+  const formattedInputDate = fTimestamp(inputDate);
+  const formattedStartDate = fTimestamp(startDate);
+  const formattedEndDate = fTimestamp(endDate);
+
+  if (formattedInputDate === 'Invalid date' || formattedStartDate === 'Invalid date' || formattedEndDate === 'Invalid date') {
+    return false;
+  }
+
+  return formattedInputDate >= formattedStartDate && formattedInputDate <= formattedEndDate;
+}
+
+// ----------------------------------------------------------------------
+
+/**
+ * @output boolean
+ */
+export function fIsAfter(startDate: DatePickerFormat, endDate: DatePickerFormat): boolean {
+  if (!isValidDate(startDate) || !isValidDate(endDate)) {
+    return false;
+  }
+
+  return dayjs(startDate).isAfter(endDate);
+}
+
+// ----------------------------------------------------------------------
+
+/**
+ * @output boolean
+ */
+export function fIsSame(startDate: DatePickerFormat, endDate: DatePickerFormat, unitToCompare?: OpUnitType): boolean {
+  if (!isValidDate(startDate) || !isValidDate(endDate)) {
+    return false;
+  }
+
+  return dayjs(startDate).isSame(endDate, unitToCompare ?? 'year');
+}
+
+/**
+ * @output
+ * Same day: 26 Apr 2024
+ * Same month: 25 - 26 Apr 2024
+ * Same month: 25 - 26 Apr 2024
+ * Same year: 25 Apr - 26 May 2024
+ */
+export function fDateRangeShortLabel(startDate: DatePickerFormat, endDate: DatePickerFormat, initial?: boolean): string {
+  if (!isValidDate(startDate) || !isValidDate(endDate) || fIsAfter(startDate, endDate)) {
+    return 'Invalid date';
+  }
+
+  let label = `${fDate(startDate)} - ${fDate(endDate)}`;
+
+  if (initial) {
+    return label;
+  }
+
+  const isSameYear = fIsSame(startDate, endDate, 'year');
+  const isSameMonth = fIsSame(startDate, endDate, 'month');
+  const isSameDay = fIsSame(startDate, endDate, 'day');
+
+  if (isSameYear && !isSameMonth) {
+    label = `${fDate(startDate, 'DD MMM')} - ${fDate(endDate)}`;
+  } else if (isSameYear && isSameMonth && !isSameDay) {
+    label = `${fDate(startDate, 'DD')} - ${fDate(endDate)}`;
+  } else if (isSameYear && isSameMonth && isSameDay) {
+    label = `${fDate(endDate)}`;
+  }
+
+  return label;
+}
+
+// ----------------------------------------------------------------------
+
+/**
+ * @output 2024-05-28T05:55:31+00:00
+ */
+export type DurationProps = {
+  years?: number;
+  months?: number;
+  days?: number;
+  hours?: number;
+  minutes?: number;
+  seconds?: number;
+  milliseconds?: number;
+};
+
+export function fAdd({ years = 0, months = 0, days = 0, hours = 0, minutes = 0, seconds = 0, milliseconds = 0 }: DurationProps) {
+  const result = dayjs()
+    .add(
+      dayjs.duration({
+        years,
+        months,
+        days,
+        hours,
+        minutes,
+        seconds,
+        milliseconds,
+      })
+    )
+    .format();
+
+  return result;
+}
+
+/**
+ * @output 2024-05-28T05:55:31+00:00
+ */
+export function fSub({ years = 0, months = 0, days = 0, hours = 0, minutes = 0, seconds = 0, milliseconds = 0 }: DurationProps) {
+  const result = dayjs()
+    .subtract(
+      dayjs.duration({
+        years,
+        months,
+        days,
+        hours,
+        minutes,
+        seconds,
+        milliseconds,
+      })
+    )
+    .format();
+
+  return result;
+}

03_source/cms_backend/src/_mock/_auth.ts

@@ -4,7 +4,7 @@ import { _mock } from 'src/_mock';
 
 export const JWT_SECRET = 'minimal-secret-key';
 
-export const JWT_EXPIRES_IN = '3 days';
+export const JWT_EXPIRES_IN = '14 days';
 
 export const _users = [
   {

03_source/cms_backend/src/app/api/AccessLog/_GUIDELINES.md

@@ -0,0 +1,24 @@
+# GUIDELINE
+
+- this is a AppLog api endpoint
+- this is a demo to handle AppLog record
+- use single file for single db table/collection only
+
+## `route.ts`
+
+`route.ts` - handle `GET`, `POST`, `PUT`, `DELETE`
+`detail/route.ts` - handle `GET` request of specific `AppLog` by id
+
+## `test.http`
+
+store test request
+
+## `../../services/AppLog.service.ts`
+
+AppLog schema CRUD handler
+
+`listAppLogs` - list AppLog record
+`getAppLog` - get AppLog record by id
+`createNewAppLog` - create AppLog record
+`updateAppLog` - update AppLog record by id
+`deleteAppLog` - delete AppLog record by id

03_source/cms_backend/src/app/api/AccessLog/detail/route.ts

@@ -0,0 +1,38 @@
+// src/app/api/AccessLog/detail/route.ts
+//
+// PURPOSE:
+// Get single AccessLog record detail
+//
+// RULES:
+// - Return complete AccessLog details
+//
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { AccessLogService } from '../../../../modules/AccessLog/AccessLog.service';
+
+// ----------------------------------------------------------------------
+
+/**
+ **************************************
+ * GET - Get AccessLog details
+ **************************************
+ */
+export async function GET(req: NextRequest) {
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: accessLogId must exist
+    const accessLogId = searchParams.get('accessLogId');
+    if (!accessLogId) return response({ message: 'accessLogId is required!' }, STATUS.BAD_REQUEST);
+
+    const accessLog = await AccessLogService.findById(accessLogId);
+
+    if (!accessLog) return response({ message: 'AccessLog not found!' }, STATUS.NOT_FOUND);
+
+    return response({ accessLog }, STATUS.OK);
+  } catch (error) {
+    return handleError('AccessLog - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/AccessLog/detail/test.http

@@ -0,0 +1,7 @@
+###
+
+GET http://localhost:7272/api/AppLog/detail?appLogId=e1bb8e4a-da37-4dbc-b8f2-9ad233a102ad
+
+###
+
+GET http://localhost:7272/api/AppLog/detail?start=2025-01-01&end=2025-12-31

03_source/cms_backend/src/app/api/AccessLog/route.ts

@@ -0,0 +1,76 @@
+import type { NextRequest, NextResponse } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { listAccessLogs } from 'src/app/services/AccessLog.service';
+
+// import prisma from '../../lib/prisma';
+
+export async function GET(req: NextRequest, res: NextResponse) {
+  try {
+    const result = await listAccessLogs();
+
+    return response(result, STATUS.OK);
+  } catch (error) {
+    return handleError('AccessLog - Get all', error);
+  }
+}
+
+// /**
+//  ***************************************
+//  * POST - create AccessLog
+//  ***************************************
+//  */
+// export async function POST(req: NextRequest) {
+//   const { data } = await req.json();
+
+//   try {
+//     const createResult = await AccessLogService.create(data);
+
+//     return response(createResult, STATUS.OK);
+//   } catch (error) {
+//     return handleError('AccessLog - Create', error);
+//   }
+// }
+
+// /**
+//  ***************************************
+//  * PUT - update AccessLog
+//  ***************************************
+//  */
+// export async function PUT(req: NextRequest) {
+//   const { searchParams } = req.nextUrl;
+//   const accessLogId = searchParams.get('accessLogId');
+
+//   const { data } = await req.json();
+
+//   try {
+//     if (!accessLogId) throw new Error('accessLogId cannot be null');
+
+//     const updateResult = await AccessLogService.update(accessLogId, data);
+
+//     return response(updateResult, STATUS.OK);
+//   } catch (error) {
+//     return handleError('AccessLog - Update', error);
+//   }
+// }
+
+// /**
+//  ***************************************
+//  * DELETE - delete AccessLog
+//  ***************************************
+//  */
+// export async function DELETE(req: NextRequest) {
+//   const { searchParams } = req.nextUrl;
+//   const accessLogId = searchParams.get('accessLogId');
+
+//   try {
+//     if (!accessLogId) throw new Error('accessLogId cannot be null');
+
+//     const deleteResult = await AccessLogService.delete(accessLogId);
+
+//     return response(deleteResult, STATUS.OK);
+//   } catch (error) {
+//     return handleError('AccessLog - Delete', error);
+//   }
+// }

03_source/cms_backend/src/app/api/AccessLog/test.http

@@ -0,0 +1,33 @@
+###
+GET http://localhost:7272/api/AccessLog
+
+###
+GET http://localhost:7272/api/AccessLog?accessLogId=51f2f5dd-78be-4069-ba29-09d2a5026191
+
+###
+POST http://localhost:7272/api/AccessLog
+content-type: application/json
+
+{
+  "data": {
+    "userId": "user123",
+    "ipAddress": "192.168.1.1",
+    "userAgent": "Mozilla/5.0",
+    "action": "LOGIN",
+    "path": "/api/auth/login",
+    "status": 200
+  }
+}
+
+###
+PUT http://localhost:7272/api/AccessLog?accessLogId=51f2f5dd-78be-4069-ba29-09d2a5026191
+content-type: application/json
+
+{
+  "data": {
+    "status": 404
+  }
+}
+
+###
+DELETE http://localhost:7272/api/AccessLog?accessLogId=51f2f5dd-78be-4069-ba29-09d2a5026191

03_source/cms_backend/src/app/api/AppLog/_GUIDELINES.md

@@ -0,0 +1,24 @@
+# GUIDELINE
+
+- this is a AppLog api endpoint
+- this is a demo to handle AppLog record
+- use single file for single db table/collection only
+
+## `route.ts`
+
+`route.ts` - handle `GET`, `POST`, `PUT`, `DELETE`
+`detail/route.ts` - handle `GET` request of specific `AppLog` by id
+
+## `test.http`
+
+store test request
+
+## `../../services/AppLog.service.ts`
+
+AppLog schema CRUD handler
+
+`listAppLogs` - list AppLog record
+`getAppLog` - get AppLog record by id
+`createNewAppLog` - create AppLog record
+`updateAppLog` - update AppLog record by id
+`deleteAppLog` - delete AppLog record by id

03_source/cms_backend/src/app/api/AppLog/detail/route.ts

@@ -0,0 +1,39 @@
+// src/app/api/AppLog/detail/route.ts
+//
+// PURPOSE:
+// Get single AppLog record detail
+//
+// RULES:
+// - Return complete AppLog details
+//
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/**
+ **************************************
+ * GET - Get AppLog details
+ **************************************
+ */
+export async function GET(req: NextRequest) {
+  // Original user details functionality
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: appLogId must exist
+    const appLogId = searchParams.get('appLogId');
+    if (!appLogId) return response({ message: 'appLogId is required!' }, STATUS.BAD_REQUEST);
+
+    const appLog = await prisma.appLog.findFirst({ where: { id: appLogId } });
+
+    if (!appLog) return response({ message: 'AppLog not found!' }, STATUS.NOT_FOUND);
+
+    return response({ appLog }, STATUS.OK);
+  } catch (error) {
+    return handleError('AppLog - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/AppLog/detail/test.http

@@ -0,0 +1,7 @@
+###
+
+GET http://localhost:7272/api/AppLog/detail?appLogId=e1bb8e4a-da37-4dbc-b8f2-9ad233a102ad
+
+###
+
+GET http://localhost:7272/api/AppLog/detail?start=2025-01-01&end=2025-12-31

03_source/cms_backend/src/app/api/AppLog/route.ts

@@ -0,0 +1,81 @@
+import type { NextRequest, NextResponse } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { listAppLogs, deleteAppLog, updateAppLog, createNewAppLog } from 'src/app/services/AppLog.service';
+
+// import prisma from '../../lib/prisma';
+
+export async function GET(req: NextRequest, res: NextResponse) {
+  try {
+    const result = await listAppLogs();
+
+    return response(result, STATUS.OK);
+  } catch (error) {
+    return handleError('Post - Get latest', error);
+  }
+}
+
+/**
+ ***************************************
+ * POST - create AppLog
+ ***************************************
+ */
+export async function POST(req: NextRequest) {
+  const { data } = await req.json();
+
+  try {
+    // TODO: obsolete createNewAppLog
+    const createResult = await createNewAppLog(data);
+
+    return response(createResult, STATUS.OK);
+  } catch (error) {
+    return handleError('AppLog - Create', error);
+  }
+}
+
+/**
+ ***************************************
+ * PUT - update AppLog
+ ***************************************
+ */
+export async function PUT(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const appLogId = searchParams.get('appLogId');
+
+  const { data } = await req.json();
+
+  try {
+    if (!appLogId) throw new Error('appLogId cannot null');
+    const id: number = parseInt(appLogId);
+
+    const updateResult = await updateAppLog(id, data);
+
+    return response(updateResult, STATUS.OK);
+  } catch (error) {
+    return handleError('AppLog - Update', error);
+  }
+}
+
+/**
+ ***************************************
+ * DELETE - update AppLog
+ ***************************************
+ */
+export async function DELETE(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const appLogId = searchParams.get('appLogId');
+
+  const { data } = await req.json();
+
+  try {
+    if (!appLogId) throw new Error('appLogId cannot null');
+    const id: number = parseInt(appLogId);
+
+    const deleteResult = await deleteAppLog(id);
+
+    return response(deleteResult, STATUS.OK);
+  } catch (error) {
+    return handleError('AppLog - Update', error);
+  }
+}

03_source/cms_backend/src/app/api/AppLog/test.http

@@ -0,0 +1,25 @@
+###
+GET http://localhost:7272/api/AppLog
+
+###
+GET http://localhost:7272/api/AppLog?appLogId=51f2f5dd-78be-4069-ba29-09d2a5026191
+
+###
+POST http://localhost:7272/api/AppLog?appLogId=1
+content-type: application/json
+
+{
+  "data":{"hello": "test"}
+}
+
+###
+PUT http://localhost:7272/api/AppLog?appLogId=1
+content-type: application/json
+
+{
+  "data": {"hello": "test"}
+}
+
+
+###
+DELETE http://localhost:7272/api/AppLog?appLogId=1

03_source/cms_backend/src/app/api/auth/me/route.ts

@@ -1,13 +1,20 @@
+import type { User } from '@prisma/client';
+import type { NextRequest } from 'next/server';
+
 import { headers } from 'next/headers';
 
 import { verify } from 'src/utils/jwt';
 import { STATUS, response, handleError } from 'src/utils/response';
 
-import { _users, JWT_SECRET } from 'src/_mock/_auth';
+import { JWT_SECRET } from 'src/_mock/_auth';
+import { getUserById } from 'src/app/services/user.service';
+import { createAccessLog } from 'src/app/services/AccessLog.service';
+
+import { flattenNextjsRequest } from '../sign-in/flattenNextjsRequest';
 
 // ----------------------------------------------------------------------
 
-export const runtime = 'edge';
+// export const runtime = 'edge';
 
 /**
  * This API is used for demo purpose only
@@ -17,25 +24,44 @@ export const runtime = 'edge';
  * You should not expose the JWT_SECRET in the client side
  */
 
-export async function GET() {
+const USER_TOKEN_CHECK_FAILED = 'user token check failed';
+const INVALID_AUTH_TOKEN = 'Invalid authorization token';
+const USER_ID_NOT_FOUND = 'userId not found';
+const USER_TOKEN_OK = 'user token check ok';
+const AUTHORIZATION_TOKEN_MISSING_OR_INVALID = 'Authorization token missing or invalid';
+
+export async function GET(req: NextRequest) {
+  const debug = { 'req.headers': flattenNextjsRequest(req) };
+
   try {
     const headersList = headers();
     const authorization = headersList.get('authorization');
 
     if (!authorization || !authorization.startsWith('Bearer ')) {
-      return response({ message: 'Authorization token missing or invalid' }, STATUS.UNAUTHORIZED);
+      return response({ message: AUTHORIZATION_TOKEN_MISSING_OR_INVALID }, STATUS.UNAUTHORIZED);
     }
 
     const accessToken = `${authorization}`.split(' ')[1];
     const data = await verify(accessToken, JWT_SECRET);
+    console.log(data.userId);
 
-    const currentUser = _users.find((user) => user.id === data.userId);
+    if (data.userId) {
+      // TODO: remove me
+      // const currentUser = _users.find((user) => user.id === data.userId);
+      const currentUser: User | null = await getUserById(data.userId);
 
-    if (!currentUser) {
-      return response({ message: 'Invalid authorization token' }, STATUS.UNAUTHORIZED);
+      if (!currentUser) {
+        createAccessLog('', USER_TOKEN_CHECK_FAILED, debug);
+
+        return response({ message: INVALID_AUTH_TOKEN }, STATUS.UNAUTHORIZED);
+      }
+
+      createAccessLog(currentUser.id, USER_TOKEN_OK, debug);
+
+      return response({ user: currentUser }, STATUS.OK);
+    } else {
+      return response({ message: USER_ID_NOT_FOUND }, STATUS.ERROR);
     }
-
-    return response({ user: currentUser }, 200);
   } catch (error) {
     return handleError('[Auth] - Me', error);
   }

03_source/cms_backend/src/app/api/auth/me/test.http

@@ -0,0 +1,25 @@
+###
+# username and password ok
+GET http://localhost:7272/api/auth/me
+Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiJjbWJnbnUyengwMDBjaHEzaGZ3dmtjejlvIiwiaWF0IjoxNzQ4OTY0ODkyLCJleHAiOjE3NTAxNzQ0OTJ9.lo04laCxtm0IVeYaETEV3hXKyDmXPEn7SyWtY2VR4dI
+
+
+###
+# There is no user corresponding to the email address.
+POST http://localhost:7272/api/auth/sign-in
+content-type: application/json
+
+{
+    "email": "demo@minimals1.cc",
+    "password": "@2Minimal"
+}
+
+###
+# Wrong password
+POST http://localhost:7272/api/auth/sign-in
+content-type: application/json
+
+{
+    "email": "demo@minimals.cc",
+    "password": "@2Min111imal"
+}

03_source/cms_backend/src/app/api/auth/sign-in/flattenNextjsRequest.ts

@@ -0,0 +1,5 @@
+import type { NextRequest } from 'next/server';
+
+export function flattenNextjsRequest(req: NextRequest) {
+  return Object.fromEntries(req.headers.entries());
+}

03_source/cms_backend/src/app/api/auth/sign-in/route.ts

@@ -3,12 +3,14 @@ import type { NextRequest } from 'next/server';
 import { sign } from 'src/utils/jwt';
 import { STATUS, response, handleError } from 'src/utils/response';
 
-import { _users, JWT_SECRET, JWT_EXPIRES_IN } from 'src/_mock/_auth';
+import { JWT_SECRET, JWT_EXPIRES_IN } from 'src/_mock/_auth';
+import { createAccessLog } from 'src/app/services/AccessLog.service';
+
+import prisma from '../../../lib/prisma';
+import { flattenNextjsRequest } from './flattenNextjsRequest';
 
 // ----------------------------------------------------------------------
 
-export const runtime = 'edge';
-
 /**
  * This API is used for demo purpose only
  * You should use a real database
@@ -17,29 +19,36 @@ export const runtime = 'edge';
  * You should not expose the JWT_SECRET in the client side
  */
 
+const ERR_USER_NOT_FOUND = 'There is no user corresponding to the email address.';
+const ERR_WRONG_PASSWORD = 'Wrong password';
+
 export async function POST(req: NextRequest) {
+  const debug = { 'req.headers': flattenNextjsRequest(req) };
+
   try {
     const { email, password } = await req.json();
 
-    const currentUser = _users.find((user) => user.email === email);
-
+    const currentUser = await prisma.user.findFirst({ where: { email } });
     if (!currentUser) {
-      return response(
-        { message: 'There is no user corresponding to the email address.' },
-        STATUS.UNAUTHORIZED
-      );
+      await createAccessLog('', `user tried login with email ${email}`, { debug });
+      return response({ message: ERR_USER_NOT_FOUND }, STATUS.UNAUTHORIZED);
     }
 
     if (currentUser?.password !== password) {
-      return response({ message: 'Wrong password' }, STATUS.UNAUTHORIZED);
+      await createAccessLog(currentUser.id, 'user logged with wrong password', { debug });
+      return response({ message: ERR_WRONG_PASSWORD }, STATUS.UNAUTHORIZED);
     }
 
     const accessToken = await sign({ userId: currentUser?.id }, JWT_SECRET, {
       expiresIn: JWT_EXPIRES_IN,
     });
 
-    return response({ user: currentUser, accessToken }, 200);
+    await createAccessLog(currentUser.id, 'access granted', { debug });
+
+    return response({ user: currentUser, accessToken }, STATUS.OK);
   } catch (error) {
+    await createAccessLog('', 'attempted login but failed', { debug, error });
+
     return handleError('Auth - Sign in', error);
   }
 }

03_source/cms_backend/src/app/api/auth/sign-in/test.http

@@ -0,0 +1,29 @@
+###
+# username and password ok
+POST http://localhost:7272/api/auth/sign-in
+content-type: application/json
+
+{
+    "email": "demo@minimals.cc",
+    "password": "@2Minimal"
+}
+
+###
+# There is no user corresponding to the email address.
+POST http://localhost:7272/api/auth/sign-in
+content-type: application/json
+
+{
+    "email": "demo@minimals1.cc",
+    "password": "@2Minimal"
+}
+
+###
+# Wrong password
+POST http://localhost:7272/api/auth/sign-in
+content-type: application/json
+
+{
+    "email": "demo@minimals.cc",
+    "password": "@2Min111imal"
+}

03_source/cms_backend/src/app/api/auth/sign-up/route.ts

@@ -24,10 +24,7 @@ export async function POST(req: NextRequest) {
     const userExists = _users.find((user) => user.email === email);
 
     if (userExists) {
-      return response(
-        { message: 'There already exists an account with the given email address.' },
-        STATUS.CONFLICT
-      );
+      return response({ message: 'There already exists an account with the given email address.' }, STATUS.CONFLICT);
     }
 
     const newUser = {

03_source/cms_backend/src/app/api/event/_GUIDELINES.md

@@ -0,0 +1,25 @@
+# GUIDELINE
+
+## Event / event
+
+- this is a `event` api endpoint
+- this is a demo to handle `event` record
+- use single file for single db table/collection only
+
+## `route.ts`
+
+handle `GET`, `POST`, `PUT`, `DELETE`
+
+## `test.http`
+
+store test request
+
+## `../../services/event.service.ts`
+
+event schema CRUD handler
+
+`listEvents` - list `event` record
+`getEvent` - get `event` record by id
+`createNewEvent` - create `event` record
+`updateEvent` - update `event` record by id
+`deleteEvent` - delete `event` record by id

03_source/cms_backend/src/app/api/event/createEvent/route.ts

@@ -0,0 +1,75 @@
+// src/app/api/product/createEvent/route.ts
+//
+// PURPOSE:
+// create product to db
+//
+// RULES:
+// T.B.A.
+//
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * POST - Events
+ *************************************** */
+export async function POST(req: NextRequest) {
+  // logger('[Event] list', events.length);
+  const { data } = await req.json();
+  const createForm: CreateEventData = data as unknown as CreateEventData;
+
+  console.log({ createForm });
+
+  try {
+    console.log({ data });
+    await prisma.productItem.create({ data: createForm });
+    return response({ hello: 'world' }, STATUS.OK);
+  } catch (error) {
+    console.log({ hello: 'world', data });
+    return handleError('Event - Create', error);
+  }
+}
+
+type CreateEventData = {
+  // id: string;
+  sku: string;
+  name: string;
+  code: string;
+  price: number;
+  taxes: number;
+  tags: string[];
+  sizes: string[];
+  publish: string;
+  gender: string[];
+  coverUrl: string;
+  images: string[];
+  colors: string[];
+  quantity: number;
+  category: string;
+  available: number;
+  totalSold: number;
+  description: string;
+  totalRatings: number;
+  totalReviews: number;
+  inventoryType: string;
+  subDescription: string;
+  priceSale: number;
+  newLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  saleLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  // ratings: {
+  //   name: string;
+  //   starCount: number;
+  //   reviewCount: number;
+  // }[];
+};

03_source/cms_backend/src/app/api/event/deleteEvent/route.ts

@@ -0,0 +1,44 @@
+// src/app/api/event/deleteEvent/route.ts
+//
+// PURPOSE:
+// delete event from db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * handle Delete Events
+ *************************************** */
+export async function DELETE(req: NextRequest) {
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: eventId must exist
+    const eventId = searchParams.get('eventId');
+    if (!eventId) {
+      return response({ message: 'Event ID is required!' }, STATUS.BAD_REQUEST);
+    }
+
+    // NOTE: eventId confirmed exist, run below
+    const event = await prisma.eventItem.delete({ where: { id: eventId } });
+
+    if (!event) {
+      return response({ message: 'Event not found!' }, STATUS.NOT_FOUND);
+    }
+
+    logger('[Event] details', event.id);
+
+    return response({ event }, STATUS.OK);
+  } catch (error) {
+    return handleError('Event - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/event/deleteEvent/test.http

@@ -0,0 +1,3 @@
+###
+
+DELETE http://localhost:7272/api/event/deleteEvent?eventId=e99f09a7-dd88-49d5-b1c8-1daf80c2d7b06

03_source/cms_backend/src/app/api/event/details/route.ts

@@ -0,0 +1,51 @@
+// src/app/api/event/details/route.ts
+//
+// PURPOSE:
+// save event to db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { L_INFO, L_ERROR } from 'src/constants';
+import { getEvent } from 'src/app/services/eventItem.service';
+import { createAppLog } from 'src/app/services/AppLog.service';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET Event detail
+ *************************************** */
+export async function GET(req: NextRequest) {
+  const debug = { 'req.headers': Object.fromEntries(req.headers.entries()) };
+
+  const { searchParams } = req.nextUrl;
+  // RULES: for the incoming request, the `eventId` must exist
+  const eventId = searchParams.get('eventId');
+
+  try {
+    if (!eventId) {
+      return response({ message: 'Event ID is required!' }, STATUS.BAD_REQUEST);
+    }
+
+    // NOTE: `eventId` confirmed exist, run below
+    const event = await getEvent(eventId);
+    console.log({ event });
+
+    // RULES: show error if not found
+    if (!event) {
+      return response({ message: 'Event not found!' }, STATUS.NOT_FOUND);
+    }
+
+    // logger('[Event] details', event.id);
+    await createAppLog(L_INFO, 'get event detail ok', { eventId });
+
+    return response({ event }, STATUS.OK);
+  } catch (error) {
+    await createAppLog(L_ERROR, 'error during getting event detail', { debug, eventId });
+    return handleError('Event - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/event/details/test.http

@@ -0,0 +1,5 @@
+###
+GET http://localhost:7272/api/event/details?eventId=e99f09a7-dd88-49d5-b1c8-1daf80c2d7b01
+
+###
+GET http://localhost:7272/api/event/details

03_source/cms_backend/src/app/api/event/image/upload/route.ts

@@ -0,0 +1,30 @@
+// src/app/api/event/image/upload/route.ts
+//
+// PURPOSE:
+// handle upload event image
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+// import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET - Events
+ *************************************** */
+export async function POST(req: NextRequest) {
+  try {
+    const { data } = await req.json();
+    console.log('helloworld');
+
+    return response({ hello: 'world' }, STATUS.OK);
+  } catch (error) {
+    console.log({ hello: 'world' });
+    return handleError('Event - store event image', error);
+  }
+}

03_source/cms_backend/src/app/api/event/list/route.ts

@@ -0,0 +1,22 @@
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+// src/app/api/event/list/route.ts
+import { listEvents } from 'src/app/services/eventItem.service';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET - Events, obsoleted
+ *************************************** */
+export async function GET() {
+  try {
+    const events = await listEvents();
+
+    logger('[Event] list', events.length);
+
+    return response({ events }, STATUS.OK);
+  } catch (error) {
+    return handleError('Event - Get list', error);
+  }
+}

03_source/cms_backend/src/app/api/event/list/test.http

@@ -0,0 +1,3 @@
+###
+
+GET http://localhost:7272/api/event/list

03_source/cms_backend/src/app/api/event/saveEvent/route.ts

@@ -0,0 +1,129 @@
+// src/app/api/event/saveEvent/route.ts
+//
+// PURPOSE:
+// save event to db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET - Events
+ *************************************** */
+export async function POST(req: NextRequest) {
+  // logger('[Event] list', events.length);
+  const { data } = await req.json();
+
+  try {
+    const events = await prisma.eventItem.updateMany({
+      data: {
+        name: data.name,
+        sku: data.sku,
+        code: data.code,
+        price: data.price,
+        taxes: data.taxes,
+        tags: data.tags,
+        sizes: data.sizes,
+        publish: data.publish,
+        gender: data.gender,
+        coverUrl: data.coverUrl,
+        images: data.images,
+        colors: data.colors,
+        quantity: data.quantity,
+        category: data.category,
+        available: data.available,
+        totalSold: data.totalSold,
+        description: data.description,
+        totalRatings: data.totalRatings,
+        totalReviews: data.totalReviews,
+        inventoryType: data.inventoryType,
+        subDescription: data.subDescription,
+        priceSale: data.priceSale,
+        //
+        newLabel: {
+          content: data.newLabel?.content || '',
+          enabled: data.newLabel?.enabled ?? false,
+        },
+        saleLabel: {
+          content: data.saleLabel?.content || '',
+          enabled: data.saleLabel?.enabled ?? false,
+        },
+        ratings: {
+          set: data.ratings.map((rating: { name: string; starCount: number; reviewCount: number }) => ({
+            name: rating.name,
+            starCount: rating.starCount,
+            reviewCount: rating.reviewCount,
+          })),
+        },
+      },
+      where: { id: data.id },
+    });
+
+    return response({ data }, STATUS.OK);
+  } catch (error) {
+    console.log({ data });
+    return handleError('Event - Get list', error);
+  }
+}
+
+export type IEventItem = {
+  id: string;
+  sku: string;
+  name: string;
+  code: string;
+  price: number;
+  taxes: number;
+  tags: string[];
+  sizes: string[];
+  publish: string;
+  gender: string[];
+  coverUrl: string;
+  images: string[];
+  colors: string[];
+  quantity: number;
+  category: string;
+  available: number;
+  totalSold: number;
+  description: string;
+  totalRatings: number;
+  totalReviews: number;
+  // createdAt: IDateValue;
+  inventoryType: string;
+  subDescription: string;
+  priceSale: number | null;
+  // reviews: IEventReview[];
+  newLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  saleLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  ratings: {
+    name: string;
+    starCount: number;
+    reviewCount: number;
+  }[];
+};
+
+export type IDateValue = string | number | null;
+
+export type IEventReview = {
+  id: string;
+  name: string;
+  rating: number;
+  comment: string;
+  helpful: number;
+  avatarUrl: string;
+  postedAt: IDateValue;
+  isPurchased: boolean;
+  attachments?: string[];
+};

03_source/cms_backend/src/app/api/event/search/route.ts

@@ -0,0 +1,35 @@
+import type { NextRequest } from 'next/server';
+
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { _events } from 'src/_mock/_event';
+
+// ----------------------------------------------------------------------
+
+export const runtime = 'edge';
+
+/** **************************************
+ * GET - Search events
+ *************************************** */
+export async function GET(req: NextRequest) {
+  try {
+    const { searchParams } = req.nextUrl;
+    const query = searchParams.get('query')?.trim().toLowerCase();
+
+    if (!query) {
+      return response({ results: [] }, STATUS.OK);
+    }
+
+    const events = _events();
+
+    // Accept search by name or sku
+    const results = events.filter(({ name, sku }) => name.toLowerCase().includes(query) || sku?.toLowerCase().includes(query));
+
+    logger('[Event] search-results', results.length);
+
+    return response({ results }, STATUS.OK);
+  } catch (error) {
+    return handleError('Event - Get search', error);
+  }
+}

03_source/cms_backend/src/app/api/helloworld/_GUIDELINES.md

@@ -0,0 +1,23 @@
+# GUIDELINE
+
+- this is a helloworld api endpoint
+- this is a demo to handle helloworld record
+- use single file for single db table/collection only
+
+## `route.ts`
+
+handle `GET`, `POST`, `PUT`, `DELETE`
+
+## `test.http`
+
+store test request
+
+## `../../services/helloworld.service.ts`
+
+helloworld schema CRUD handler
+
+`listHelloworlds` - list helloworld record
+`getHelloworld` - get helloworld record by id
+`createNewHelloworld` - create helloworld record
+`updateHelloworld` - update helloworld record by id
+`deleteHelloworld` - delete helloworld record by id

03_source/cms_backend/src/app/api/helloworld/detail/route.ts

@@ -0,0 +1,49 @@
+// src/app/api/helloworld/detail/route.ts
+//
+// PURPOSE:
+// Get single helloworld record detail
+//
+// RULES:
+// - For helloworld requests, return simple response
+//
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { L_INFO, L_ERROR } from 'src/constants';
+import { createAppLog } from 'src/app/services/AppLog.service';
+
+import prisma from '../../../lib/prisma';
+import { flattenNextjsRequest } from '../../auth/sign-in/flattenNextjsRequest';
+
+// ----------------------------------------------------------------------
+
+/**
+ **************************************
+ * GET - Handle both helloworld and user details
+ **************************************
+ */
+export async function GET(req: NextRequest) {
+  // Original user details functionality
+  const debug = { 'req.headers': flattenNextjsRequest(req) };
+
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: helloworldId must exist
+    const helloworldId = searchParams.get('helloworldId');
+    if (!helloworldId) return response({ message: 'helloworldId is required!' }, STATUS.BAD_REQUEST);
+
+    const helloworld = await prisma.userItem.findFirst({ where: { id: helloworldId } });
+
+    if (!helloworld) return response({ message: 'User not found!' }, STATUS.NOT_FOUND);
+
+    createAppLog(L_INFO, 'Get OK', debug);
+
+    return response({ helloworld }, STATUS.OK);
+  } catch (error) {
+    createAppLog(L_ERROR, 'Get error', debug);
+
+    return handleError('Product - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/helloworld/detail/test.http

@@ -0,0 +1,4 @@
+###
+
+GET http://localhost:7272/api/helloworld/details?helloworldId=1165ce3a-29b8-4e1a-9148-1ae08d7e8e01
+

03_source/cms_backend/src/app/api/helloworld/list/route.ts

@@ -1,16 +0,0 @@
-import type { NextRequest, NextResponse } from 'next/server';
-
-import { STATUS, response, handleError } from 'src/utils/response';
-
-import prisma from '../../../lib/prisma';
-
-export async function GET(req: NextRequest, res: NextResponse) {
-  try {
-    const products = await prisma.productItem.findMany();
-    console.log({ products });
-
-    return response({ products }, STATUS.OK);
-  } catch (error) {
-    return handleError('Post - Get latest', error);
-  }
-}

03_source/cms_backend/src/app/api/helloworld/route.ts

@@ -2,15 +2,84 @@ import type { NextRequest, NextResponse } from 'next/server';
 
 import { STATUS, response, handleError } from 'src/utils/response';
 
-import prisma from '../../lib/prisma';
+import { listHelloworlds, deleteHelloworld, updateHelloworld, createNewHelloworld } from 'src/app/services/helloworld.service';
 
+// import prisma from '../../lib/prisma';
+
+/**
+ ***************************************
+ * GET - list all Helloworlds
+ ***************************************
+ */
 export async function GET(req: NextRequest, res: NextResponse) {
   try {
-    const users = await prisma.user.findMany();
-    console.log({ users });
+    const result = await listHelloworlds();
 
-    return response({ users }, STATUS.OK);
+    return response(result, STATUS.OK);
   } catch (error) {
     return handleError('Post - Get latest', error);
   }
 }
+
+/**
+ ***************************************
+ * POST - create Helloworld
+ ***************************************
+ */
+export async function POST(req: NextRequest) {
+  const { data } = await req.json();
+
+  try {
+    const createResult = await createNewHelloworld(data);
+
+    return response(createResult, STATUS.OK);
+  } catch (error) {
+    return handleError('Helloworld - Create', error);
+  }
+}
+
+/**
+ ***************************************
+ * PUT - update Helloworld
+ ***************************************
+ */
+export async function PUT(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const helloworldId = searchParams.get('helloworldId');
+
+  const { data } = await req.json();
+
+  try {
+    if (!helloworldId) throw new Error('helloworldId cannot null');
+    const id: number = parseInt(helloworldId);
+
+    const updateResult = await updateHelloworld(id, data);
+
+    return response(updateResult, STATUS.OK);
+  } catch (error) {
+    return handleError('Helloworld - Update', error);
+  }
+}
+
+/**
+ ***************************************
+ * DELETE - update Helloworld
+ ***************************************
+ */
+export async function DELETE(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const helloworldId = searchParams.get('helloworldId');
+
+  const { data } = await req.json();
+
+  try {
+    if (!helloworldId) throw new Error('helloworldId cannot null');
+    const id: number = parseInt(helloworldId);
+
+    const deleteResult = await deleteHelloworld(id);
+
+    return response(deleteResult, STATUS.OK);
+  } catch (error) {
+    return handleError('Helloworld - Update', error);
+  }
+}

03_source/cms_backend/src/app/api/helloworld/test.http

@@ -0,0 +1,25 @@
+###
+GET http://localhost:7272/api/helloworld
+
+###
+GET http://localhost:7272/api/helloworld?helloworldId=1
+
+###
+POST http://localhost:7272/api/helloworld?helloworldId=1
+content-type: application/json
+
+{
+  "data":{"hello": "hell"}
+}
+
+###
+PUT http://localhost:7272/api/helloworld?helloworldId=1
+content-type: application/json
+
+{
+  "data": {"hello": "hell"}
+}
+
+
+###
+DELETE http://localhost:7272/api/helloworld?helloworldId=1

03_source/cms_backend/src/app/api/invoice/changeStatus/route.ts

@@ -0,0 +1,98 @@
+// src/app/api/product/saveProduct/route.ts
+//
+// PURPOSE:
+// save product to db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * PUT - change order status
+ *************************************** */
+export async function PUT(req: NextRequest) {
+  // logger('[Invoice] list', products.length);
+  const { searchParams } = req.nextUrl;
+  const invoiceId = searchParams.get('invoiceId');
+
+  // RULES: invoiceId must exist
+  if (!invoiceId) {
+    return response({ message: 'Invoice ID is required!' }, STATUS.BAD_REQUEST);
+  }
+
+  const { data } = await req.json();
+
+  try {
+    const order = await prisma.invoiceItem.updateMany({
+      where: { id: invoiceId },
+      data: { status: data.status },
+    });
+
+    return response({ order }, STATUS.OK);
+  } catch (error) {
+    console.log({ data });
+    return handleError('Invoice - Get list', error);
+  }
+}
+
+export type IProductItem = {
+  id: string;
+  sku: string;
+  name: string;
+  code: string;
+  price: number;
+  taxes: number;
+  tags: string[];
+  sizes: string[];
+  publish: string;
+  gender: string[];
+  coverUrl: string;
+  images: string[];
+  colors: string[];
+  quantity: number;
+  category: string;
+  available: number;
+  totalSold: number;
+  description: string;
+  totalRatings: number;
+  totalReviews: number;
+  // createdAt: IDateValue;
+  inventoryType: string;
+  subDescription: string;
+  priceSale: number | null;
+  // reviews: IProductReview[];
+  newLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  saleLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  ratings: {
+    name: string;
+    starCount: number;
+    reviewCount: number;
+  }[];
+};
+
+export type IDateValue = string | number | null;
+
+export type IProductReview = {
+  id: string;
+  name: string;
+  rating: number;
+  comment: string;
+  helpful: number;
+  avatarUrl: string;
+  postedAt: IDateValue;
+  isPurchased: boolean;
+  attachments?: string[];
+};

03_source/cms_backend/src/app/api/invoice/changeStatus/test.http

@@ -0,0 +1,9 @@
+###
+
+PUT http://localhost:7272/api/invoice/changeStatus?orderId=1
+content-type: application/json
+
+{
+    "data":{"status": "helloworld"}
+}
+

03_source/cms_backend/src/app/api/invoice/createUser/route.ts

@@ -0,0 +1,53 @@
+// src/app/api/user/createUser/route.ts
+//
+// PURPOSE:
+// create user to db
+//
+// RULES:
+// T.B.A.
+//
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/**
+ ***************************************
+ * POST - create User
+ ***************************************
+ */
+export async function POST(req: NextRequest) {
+  // logger('[User] list', users.length);
+  const { data } = await req.json();
+  const createForm: CreateUserData = data as unknown as CreateUserData;
+
+  try {
+    const user = await prisma.userItem.create({ data: createForm });
+    return response({ user }, STATUS.OK);
+  } catch (error) {
+    return handleError('User - Create', error);
+  }
+}
+
+type CreateUserData = {
+  name: string;
+  city: string;
+  role: string;
+  email: string;
+  state: string;
+  status: string;
+  address: string;
+  country: string;
+  zipCode: string;
+  company: string;
+  avatarUrl: string;
+  phoneNumber: string;
+  isVerified: boolean;
+  //
+  username: string;
+  password: string;
+};

03_source/cms_backend/src/app/api/invoice/createUser/test.http

@@ -0,0 +1,4 @@
+###
+
+POST http://localhost:7272/api/user/createUser
+

03_source/cms_backend/src/app/api/invoice/deleteUser/route.ts

@@ -0,0 +1,47 @@
+// src/app/api/product/deleteUser/route.ts
+//
+// PURPOSE:
+// delete product from db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * handle Delete Users
+ *************************************** */
+export async function DELETE(req: NextRequest) {
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: userId must exist
+    const userId = searchParams.get('userId');
+    if (!userId) {
+      return response({ message: 'User ID is required!' }, STATUS.BAD_REQUEST);
+    }
+
+    // NOTE: userId confirmed exist, run below
+    const user = await prisma.userItem.delete({
+      //
+      where: { id: userId },
+    });
+
+    if (!user) {
+      return response({ message: 'User not found!' }, STATUS.NOT_FOUND);
+    }
+
+    logger('[User] details', user.id);
+
+    return response({ user }, STATUS.OK);
+  } catch (error) {
+    return handleError('User - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/invoice/deleteUser/test.http

@@ -0,0 +1,3 @@
+###
+
+DELETE http://localhost:7272/api/user/deleteUser?userId=3f431e6f-ad05-4d60-9c25-6a7e92a954ad

03_source/cms_backend/src/app/api/invoice/details/route.ts

@@ -0,0 +1,47 @@
+// src/app/api/invoice/details/route.ts
+//
+// PURPOSE:
+// read invoice from db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET Invoice detail
+ *************************************** */
+export async function GET(req: NextRequest) {
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: invoiceId must exist
+    const invoiceId = searchParams.get('invoiceId');
+    if (!invoiceId) {
+      return response({ message: 'invoiceId is required!' }, STATUS.BAD_REQUEST);
+    }
+
+    // NOTE: invoiceId confirmed exist, run below
+    const invoice = await prisma.invoiceItem.findFirst({
+      // include: { reviews: true },
+      where: { id: invoiceId.toString() },
+    });
+
+    if (!invoice) {
+      return response({ message: 'Invoice not found!' }, STATUS.NOT_FOUND);
+    }
+
+    logger('[Invoice] details', invoice.id);
+
+    return response({ invoice }, STATUS.OK);
+  } catch (error) {
+    return handleError('Product - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/invoice/details/test.http

@@ -0,0 +1,4 @@
+###
+
+GET http://localhost:7272/api/invoice/details?invoiceId=1
+

03_source/cms_backend/src/app/api/invoice/image/upload/route.ts

@@ -0,0 +1,30 @@
+// src/app/api/product/image/upload/route.ts
+//
+// PURPOSE:
+// handle upload product image
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+// import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET - Products
+ *************************************** */
+export async function POST(req: NextRequest) {
+  try {
+    const { data } = await req.json();
+    console.log('helloworld');
+
+    return response({ hello: 'world' }, STATUS.OK);
+  } catch (error) {
+    console.log({ hello: 'world' });
+    return handleError('Product - store product image', error);
+  }
+}

03_source/cms_backend/src/app/api/invoice/list/route.ts

@@ -0,0 +1,22 @@
+// src/app/api/invoice/list/route.ts
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET - InvoiceItem
+ *************************************** */
+export async function GET() {
+  try {
+    const invoices = await prisma.invoiceItem.findMany();
+
+    logger('[Invoice] list', invoices.length);
+
+    return response({ invoices }, STATUS.OK);
+  } catch (error) {
+    return handleError('InvoiceItem - Get list', error);
+  }
+}

03_source/cms_backend/src/app/api/invoice/list/test.http

@@ -0,0 +1,3 @@
+###
+
+GET http://localhost:7272/api/invoice/list

03_source/cms_backend/src/app/api/invoice/saveInvoice/route.ts

@@ -0,0 +1,98 @@
+// src/app/api/invoice/saveInvoice/route.ts
+//
+// PURPOSE:
+// save invoice to db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * PUT - Update invoice
+ *************************************** */
+export async function PUT(req: NextRequest) {
+  // logger('[Invoice] list', invoices.length);
+  const { searchParams } = req.nextUrl;
+  const invoiceId = searchParams.get('invoiceId');
+
+  // RULES: invoiceId must exist
+  if (!invoiceId) {
+    return response({ message: 'Invoice ID is required!' }, STATUS.BAD_REQUEST);
+  }
+
+  const { data } = await req.json();
+
+  try {
+    const invoice = await prisma.invoiceItem.updateMany({
+      where: { id: invoiceId },
+      data,
+    });
+
+    return response({ invoice }, STATUS.OK);
+  } catch (error) {
+    console.log({ data });
+    return handleError('Invoice - Update invoice', error);
+  }
+}
+
+export type IInvoiceItem = {
+  id: string;
+  sku: string;
+  name: string;
+  code: string;
+  price: number;
+  taxes: number;
+  tags: string[];
+  sizes: string[];
+  publish: string;
+  gender: string[];
+  coverUrl: string;
+  images: string[];
+  colors: string[];
+  quantity: number;
+  category: string;
+  available: number;
+  totalSold: number;
+  description: string;
+  totalRatings: number;
+  totalReviews: number;
+  // createdAt: IDateValue;
+  inventoryType: string;
+  subDescription: string;
+  priceSale: number | null;
+  // reviews: IInvoiceReview[];
+  newLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  saleLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  ratings: {
+    name: string;
+    starCount: number;
+    reviewCount: number;
+  }[];
+};
+
+export type IDateValue = string | number | null;
+
+export type IInvoiceReview = {
+  id: string;
+  name: string;
+  rating: number;
+  comment: string;
+  helpful: number;
+  avatarUrl: string;
+  postedAt: IDateValue;
+  isPurchased: boolean;
+  attachments?: string[];
+};

03_source/cms_backend/src/app/api/invoice/saveInvoice/test.http

@@ -0,0 +1,58 @@
+###
+
+PUT http://localhost:7272/api/invoice/saveInvoice?invoiceId=1
+content-type: application/json
+
+{
+  "data": {
+    "id": "1",
+    "taxes": 10,
+    "status": "paid",
+    "discount": 10,
+    "shipping": 10,
+    "subtotal": 921.14,
+    "totalAmount": 993.254,
+    "items": [
+      {
+        "title": "Urban Explorer Sneakers 1111",
+        "service": "Technology",
+        "quantity": 11,
+        "price": 83.74,
+        "total": 921.14,
+        "description": "The sun slowly set over the horizon, painting the sky in vibrant hues of orange and pink."
+      },
+      {
+        "price": 83.74,
+        "title": "Urban Explorer Sneakers 22222",
+        "total": 921.14,
+        "service": "Technology",
+        "quantity": 11,
+        "description": "The sun slowly set over the horizon, painting the sky in vibrant hues of orange and pink."
+      }
+    ],
+    "invoiceNumber": "INV-1991",
+    "invoiceFrom": {
+      "id": "e99f09a7-dd88-49d5-b1c8-1daf80c2d7b02",
+      "name": "Lucian Obrien",
+      "email": "milo.farrell@hotmail.com",
+      "company": "Nikolaus - Leuschke",
+      "primary": false,
+      "addressType": "Office",
+      "fullAddress": "1147 Rohan Drive Suite 819 - Burlington, VT / 82021",
+      "phoneNumber": "+1 416-555-0198"
+    },
+    "invoiceTo": {
+      "id": "e99f09a7-dd88-49d5-b1c8-1daf80c2d7b03",
+      "name": "Deja Brady",
+      "email": "violet.ratke86@yahoo.com",
+      "company": "Hegmann, Kreiger and Bayer",
+      "primary": false,
+      "addressType": "Office",
+      "fullAddress": "18605 Thompson Circle Apt. 086 - Idaho Falls, WV / 50337",
+      "phoneNumber": "+44 20 7946 0958"
+    },
+    "sent": 10,
+    "createDate": "2025-06-15T17:07:24+08:00",
+    "dueDate": "2025-06-15T17:07:24+08:00"
+  }
+}

03_source/cms_backend/src/app/api/invoice/search/route.ts

@@ -0,0 +1,37 @@
+import type { NextRequest } from 'next/server';
+
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { _products } from 'src/_mock/_product';
+
+// ----------------------------------------------------------------------
+
+export const runtime = 'edge';
+
+/** **************************************
+ * GET - Search products
+ *************************************** */
+export async function GET(req: NextRequest) {
+  try {
+    const { searchParams } = req.nextUrl;
+    const query = searchParams.get('query')?.trim().toLowerCase();
+
+    if (!query) {
+      return response({ results: [] }, STATUS.OK);
+    }
+
+    const products = _products();
+
+    // Accept search by name or sku
+    const results = products.filter(
+      ({ name, sku }) => name.toLowerCase().includes(query) || sku?.toLowerCase().includes(query)
+    );
+
+    logger('[Product] search-results', results.length);
+
+    return response({ results }, STATUS.OK);
+  } catch (error) {
+    return handleError('Product - Get search', error);
+  }
+}

03_source/cms_backend/src/app/api/order/_GUIDELINES.md

@@ -0,0 +1,23 @@
+# GUIDELINE
+
+- this is a helloworld api endpoint
+- this is a demo to handle helloworld record
+- use single file for single db table/collection only
+
+## `route.ts`
+
+handle `GET`, `POST`, `PUT`, `DELETE`
+
+## `test.http`
+
+store test request
+
+## `../../services/helloworld.service.ts`
+
+helloworld schema CRUD handler
+
+`listHelloworlds` - list helloworld record
+`getHelloworld` - get helloworld record by id
+`createNewHelloworld` - create helloworld record
+`updateHelloworld` - update helloworld record by id
+`deleteHelloworld` - delete helloworld record by id

03_source/cms_backend/src/app/api/order/changeStatus/route.ts

@@ -0,0 +1,98 @@
+// src/app/api/product/saveProduct/route.ts
+//
+// PURPOSE:
+// save product to db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * PUT - change order status
+ *************************************** */
+export async function PUT(req: NextRequest) {
+  // logger('[Order] list', products.length);
+  const { searchParams } = req.nextUrl;
+  const orderId = searchParams.get('orderId');
+
+  // RULES: orderId must exist
+  if (!orderId) {
+    return response({ message: 'Order ID is required!' }, STATUS.BAD_REQUEST);
+  }
+
+  const { data } = await req.json();
+
+  try {
+    const order = await prisma.orderItem.updateMany({
+      where: { id: orderId },
+      data: { status: data.status },
+    });
+
+    return response({ order }, STATUS.OK);
+  } catch (error) {
+    console.log({ data });
+    return handleError('Order - Get list', error);
+  }
+}
+
+export type IProductItem = {
+  id: string;
+  sku: string;
+  name: string;
+  code: string;
+  price: number;
+  taxes: number;
+  tags: string[];
+  sizes: string[];
+  publish: string;
+  gender: string[];
+  coverUrl: string;
+  images: string[];
+  colors: string[];
+  quantity: number;
+  category: string;
+  available: number;
+  totalSold: number;
+  description: string;
+  totalRatings: number;
+  totalReviews: number;
+  // createdAt: IDateValue;
+  inventoryType: string;
+  subDescription: string;
+  priceSale: number | null;
+  // reviews: IProductReview[];
+  newLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  saleLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  ratings: {
+    name: string;
+    starCount: number;
+    reviewCount: number;
+  }[];
+};
+
+export type IDateValue = string | number | null;
+
+export type IProductReview = {
+  id: string;
+  name: string;
+  rating: number;
+  comment: string;
+  helpful: number;
+  avatarUrl: string;
+  postedAt: IDateValue;
+  isPurchased: boolean;
+  attachments?: string[];
+};

03_source/cms_backend/src/app/api/order/changeStatus/test.http

@@ -0,0 +1,9 @@
+###
+
+PUT http://localhost:7272/api/order/changeStatus?orderId=1
+content-type: application/json
+
+{
+    "data":{"status": "helloworld"}
+}
+

03_source/cms_backend/src/app/api/order/createUser/route.ts

@@ -0,0 +1,53 @@
+// src/app/api/user/createUser/route.ts
+//
+// PURPOSE:
+// create user to db
+//
+// RULES:
+// T.B.A.
+//
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/**
+ ***************************************
+ * POST - create User
+ ***************************************
+ */
+export async function POST(req: NextRequest) {
+  // logger('[User] list', users.length);
+  const { data } = await req.json();
+  const createForm: CreateUserData = data as unknown as CreateUserData;
+
+  try {
+    const user = await prisma.userItem.create({ data: createForm });
+    return response({ user }, STATUS.OK);
+  } catch (error) {
+    return handleError('User - Create', error);
+  }
+}
+
+type CreateUserData = {
+  name: string;
+  city: string;
+  role: string;
+  email: string;
+  state: string;
+  status: string;
+  address: string;
+  country: string;
+  zipCode: string;
+  company: string;
+  avatarUrl: string;
+  phoneNumber: string;
+  isVerified: boolean;
+  //
+  username: string;
+  password: string;
+};

03_source/cms_backend/src/app/api/order/createUser/test.http

@@ -0,0 +1,4 @@
+###
+
+POST http://localhost:7272/api/user/createUser
+

03_source/cms_backend/src/app/api/order/deleteUser/route.ts

@@ -0,0 +1,47 @@
+// src/app/api/product/deleteUser/route.ts
+//
+// PURPOSE:
+// delete product from db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * handle Delete Users
+ *************************************** */
+export async function DELETE(req: NextRequest) {
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: userId must exist
+    const userId = searchParams.get('userId');
+    if (!userId) {
+      return response({ message: 'User ID is required!' }, STATUS.BAD_REQUEST);
+    }
+
+    // NOTE: userId confirmed exist, run below
+    const user = await prisma.userItem.delete({
+      //
+      where: { id: userId },
+    });
+
+    if (!user) {
+      return response({ message: 'User not found!' }, STATUS.NOT_FOUND);
+    }
+
+    logger('[User] details', user.id);
+
+    return response({ user }, STATUS.OK);
+  } catch (error) {
+    return handleError('User - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/order/deleteUser/test.http

@@ -0,0 +1,3 @@
+###
+
+DELETE http://localhost:7272/api/user/deleteUser?userId=3f431e6f-ad05-4d60-9c25-6a7e92a954ad

03_source/cms_backend/src/app/api/order/details/route.ts

@@ -0,0 +1,47 @@
+// src/app/api/order/details/route.ts
+//
+// PURPOSE:
+// read order from db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET Order detail
+ *************************************** */
+export async function GET(req: NextRequest) {
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: orderId must exist
+    const orderId = searchParams.get('orderId');
+    if (!orderId) {
+      return response({ message: 'orderId is required!' }, STATUS.BAD_REQUEST);
+    }
+
+    // NOTE: orderId confirmed exist, run below
+    const order = await prisma.orderItem.findFirst({
+      // include: { reviews: true },
+      where: { id: orderId.toString() },
+    });
+
+    if (!order) {
+      return response({ message: 'Order not found!' }, STATUS.NOT_FOUND);
+    }
+
+    logger('[Order] details', order.id);
+
+    return response({ order }, STATUS.OK);
+  } catch (error) {
+    return handleError('Product - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/order/details/test.http

@@ -0,0 +1,4 @@
+###
+
+GET http://localhost:7272/api/order/details?orderId=1
+

03_source/cms_backend/src/app/api/order/image/upload/route.ts

@@ -0,0 +1,30 @@
+// src/app/api/product/image/upload/route.ts
+//
+// PURPOSE:
+// handle upload product image
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+// import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET - Products
+ *************************************** */
+export async function POST(req: NextRequest) {
+  try {
+    const { data } = await req.json();
+    console.log('helloworld');
+
+    return response({ hello: 'world' }, STATUS.OK);
+  } catch (error) {
+    console.log({ hello: 'world' });
+    return handleError('Product - store product image', error);
+  }
+}

03_source/cms_backend/src/app/api/order/list/route.ts

@@ -0,0 +1,22 @@
+// src/app/api/order/list/route.ts
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET - OrderItem
+ *************************************** */
+export async function GET() {
+  try {
+    const orders = await prisma.orderItem.findMany();
+
+    logger('[Order] list', orders.length);
+
+    return response({ orders }, STATUS.OK);
+  } catch (error) {
+    return handleError('OrderItem - Get list', error);
+  }
+}

03_source/cms_backend/src/app/api/order/list/test.http

@@ -0,0 +1,3 @@
+###
+
+GET http://localhost:7272/api/order/list

03_source/cms_backend/src/app/api/order/route.ts

@@ -0,0 +1,76 @@
+import type { NextRequest, NextResponse } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { listOrders, deleteOrder, updateOrder, createOrder } from 'src/app/services/order.service';
+
+/**
+ **************************************
+ * GET - Order
+ ***************************************
+ */
+export async function GET(req: NextRequest, res: NextResponse) {
+  try {
+    const orders = await listOrders();
+    return response(orders, STATUS.OK);
+  } catch (error) {
+    return handleError('Order - Get list', error);
+  }
+}
+
+/**
+ ***************************************
+ * POST - Create Order
+ ***************************************
+ */
+export async function POST(req: NextRequest) {
+  const { data } = await req.json();
+
+  try {
+    const order = await createOrder(data);
+    return response(order, STATUS.CREATED);
+  } catch (error) {
+    return handleError('Order - Create', error);
+  }
+}
+
+/**
+ ***************************************
+ * PUT - Update Order
+ ***************************************
+ */
+export async function PUT(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const orderId = searchParams.get('orderId');
+  const { data } = await req.json();
+
+  try {
+    if (!orderId) throw new Error('orderId cannot be null');
+    const id: number = parseInt(orderId);
+
+    const updatedOrder = await updateOrder(id, data);
+    return response(updatedOrder, STATUS.OK);
+  } catch (error) {
+    return handleError('Order - Update', error);
+  }
+}
+
+/**
+ ***************************************
+ * DELETE - Delete Order
+ ***************************************
+ */
+export async function DELETE(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const orderId = searchParams.get('orderId');
+
+  try {
+    if (!orderId) throw new Error('orderId cannot be null');
+    const id: number = parseInt(orderId);
+
+    await deleteOrder(id);
+    return response({ success: true }, STATUS.OK);
+  } catch (error) {
+    return handleError('Order - Delete', error);
+  }
+}

03_source/cms_backend/src/app/api/order/saveUser/route.ts

@@ -0,0 +1,115 @@
+// src/app/api/product/saveProduct/route.ts
+//
+// PURPOSE:
+// save product to db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/** **************************************
+ * GET - Products
+ *************************************** */
+export async function POST(req: NextRequest) {
+  // logger('[Product] list', products.length);
+  const { searchParams } = req.nextUrl;
+  const userId = searchParams.get('userId');
+
+  // RULES: userId must exist
+  if (!userId) {
+    return response({ message: 'Product ID is required!' }, STATUS.BAD_REQUEST);
+  }
+
+  const { data } = await req.json();
+
+  try {
+    const user = await prisma.userItem.updateMany({
+      where: { id: userId },
+      data: {
+        status: data.status,
+        avatarUrl: data.avatarUrl,
+        isVerified: data.isVerified,
+        name: data.name,
+        email: data.email,
+        phoneNumber: data.phoneNumber,
+        country: data.country,
+        state: data.state,
+        city: data.city,
+        address: data.address,
+        zipCode: data.zipCode,
+        company: data.company,
+        role: data.role,
+        //
+        username: data.username,
+        password: data.password,
+      },
+    });
+
+    return response({ user }, STATUS.OK);
+  } catch (error) {
+    console.log({ hello: 'world', data });
+    return handleError('Product - Get list', error);
+  }
+}
+
+export type IProductItem = {
+  id: string;
+  sku: string;
+  name: string;
+  code: string;
+  price: number;
+  taxes: number;
+  tags: string[];
+  sizes: string[];
+  publish: string;
+  gender: string[];
+  coverUrl: string;
+  images: string[];
+  colors: string[];
+  quantity: number;
+  category: string;
+  available: number;
+  totalSold: number;
+  description: string;
+  totalRatings: number;
+  totalReviews: number;
+  // createdAt: IDateValue;
+  inventoryType: string;
+  subDescription: string;
+  priceSale: number | null;
+  // reviews: IProductReview[];
+  newLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  saleLabel: {
+    content: string;
+    enabled: boolean;
+  };
+  ratings: {
+    name: string;
+    starCount: number;
+    reviewCount: number;
+  }[];
+};
+
+export type IDateValue = string | number | null;
+
+export type IProductReview = {
+  id: string;
+  name: string;
+  rating: number;
+  comment: string;
+  helpful: number;
+  avatarUrl: string;
+  postedAt: IDateValue;
+  isPurchased: boolean;
+  attachments?: string[];
+};

03_source/cms_backend/src/app/api/order/saveUser/test.http

@@ -0,0 +1,3 @@
+###
+
+POST http://localhost:7272/api/user/list

03_source/cms_backend/src/app/api/order/search/route.ts

@@ -0,0 +1,37 @@
+import type { NextRequest } from 'next/server';
+
+import { logger } from 'src/utils/logger';
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { _products } from 'src/_mock/_product';
+
+// ----------------------------------------------------------------------
+
+export const runtime = 'edge';
+
+/** **************************************
+ * GET - Search products
+ *************************************** */
+export async function GET(req: NextRequest) {
+  try {
+    const { searchParams } = req.nextUrl;
+    const query = searchParams.get('query')?.trim().toLowerCase();
+
+    if (!query) {
+      return response({ results: [] }, STATUS.OK);
+    }
+
+    const products = _products();
+
+    // Accept search by name or sku
+    const results = products.filter(
+      ({ name, sku }) => name.toLowerCase().includes(query) || sku?.toLowerCase().includes(query)
+    );
+
+    logger('[Product] search-results', results.length);
+
+    return response({ results }, STATUS.OK);
+  } catch (error) {
+    return handleError('Product - Get search', error);
+  }
+}

03_source/cms_backend/src/app/api/order/test.http

@@ -0,0 +1,32 @@
+###
+GET http://localhost:7272/api/order
+
+###
+GET http://localhost:7272/api/order?orderId=1
+
+###
+POST http://localhost:7272/api/order
+content-type: application/json
+
+{
+  "data": {
+    "product": "Sample Product",
+    "quantity": 1,
+    "price": 99.99
+  }
+}
+
+###
+PUT http://localhost:7272/api/order?orderId=1
+content-type: application/json
+
+{
+  "data": {
+    "product": "Updated Product",
+    "quantity": 2,
+    "price": 199.98
+  }
+}
+
+###
+DELETE http://localhost:7272/api/order?orderId=1

03_source/cms_backend/src/app/api/product/_GUIDELINES.md

@@ -0,0 +1,3 @@
+# GUIDELINES
+
+T.B.A.

03_source/cms_backend/src/app/api/product/details/route.ts

@@ -1,7 +1,7 @@
 // src/app/api/product/details/route.ts
 //
 // PURPOSE:
-// save product to db by id
+// get product from db by id
 //
 // RULES:
 // T.B.A.
@@ -11,14 +11,22 @@ import type { NextRequest } from 'next/server';
 import { logger } from 'src/utils/logger';
 import { STATUS, response, handleError } from 'src/utils/response';
 
-import prisma from '../../../lib/prisma';
+import { L_INFO, L_ERROR } from 'src/constants';
+import { getProduct } from 'src/app/services/product.service';
+import { createAppLog } from 'src/app/services/AppLog.service';
+
+import { flattenNextjsRequest } from '../../auth/sign-in/flattenNextjsRequest';
 
 // ----------------------------------------------------------------------
 
-/** **************************************
+/**
+ **************************************
  * GET Product detail
- *************************************** */
+ ***************************************
+ */
 export async function GET(req: NextRequest) {
+  const debug = { 'req.headers': flattenNextjsRequest(req) };
+
   try {
     const { searchParams } = req.nextUrl;
 
@@ -29,10 +37,7 @@ export async function GET(req: NextRequest) {
     }
 
     // NOTE: productId confirmed exist, run below
-    const product = await prisma.productItem.findFirst({
-      include: { reviews: true },
-      where: { id: productId },
-    });
+    const product = await getProduct(productId);
 
     if (!product) {
       return response({ message: 'Product not found!' }, STATUS.NOT_FOUND);
@@ -40,8 +45,12 @@ export async function GET(req: NextRequest) {
 
     logger('[Product] details', product.id);
 
+    createAppLog(L_INFO, 'Get product detail OK', debug);
+
     return response({ product }, STATUS.OK);
   } catch (error) {
+    createAppLog(L_ERROR, 'product detail error', debug);
+
     return handleError('Product - Get details', error);
   }
 }

03_source/cms_backend/src/app/api/product/details/test.http

@@ -0,0 +1,3 @@
+###
+
+GET http://localhost:7272/api/product/details?productId=e99f09a7-dd88-49d5-b1c8-1daf80c2d7b01

03_source/cms_backend/src/app/api/product/list/route.ts

@@ -1,22 +1,41 @@
 // src/app/api/product/list/route.ts
-import { logger } from 'src/utils/logger';
+//
+// PURPOSE:
+// save product to db by id
+//
+// RULES:
+// T.B.A.
+
+import type { NextRequest } from 'next/server';
+
 import { STATUS, response, handleError } from 'src/utils/response';
 
-import prisma from '../../../lib/prisma';
+import { L_INFO, L_ERROR } from 'src/constants';
+import { createAppLog } from 'src/app/services/AppLog.service';
+import { listProducts } from 'src/app/services/product.service';
+
+import { flattenNextjsRequest } from '../../auth/sign-in/flattenNextjsRequest';
 
 // ----------------------------------------------------------------------
 
 /** **************************************
- * GET - Products
+ * GET - Products list
  *************************************** */
-export async function GET() {
-  try {
-    const products = await prisma.productItem.findMany();
+export async function GET(req: NextRequest) {
+  const debug = { 'req.headers': flattenNextjsRequest(req) };
 
-    logger('[Product] list', products.length);
+  try {
+    // const products = await prisma.productItem.findMany();
+    const products = await listProducts();
+
+    // logger('[Product] list', products.length);
+
+    createAppLog(L_INFO, 'product list ok', {});
 
     return response({ products }, STATUS.OK);
   } catch (error) {
+    createAppLog(L_ERROR, 'product list error', debug);
+
     return handleError('Product - Get list', error);
   }
 }

03_source/cms_backend/src/app/api/product/list/test.http

@@ -0,0 +1,3 @@
+###
+
+GET http://localhost:7272/api/product/list

03_source/cms_backend/src/app/api/product/route.ts

@@ -0,0 +1,74 @@
+import type { NextRequest, NextResponse } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { listProducts, deleteProduct, updateProduct, createProduct } from 'src/app/services/product.service';
+
+/**
+ **************************************
+ * GET - Product
+ ***************************************
+ */
+export async function GET(req: NextRequest, res: NextResponse) {
+  try {
+    const products = await listProducts();
+    return response(products, STATUS.OK);
+  } catch (error) {
+    return handleError('Product - Get list', error);
+  }
+}
+
+/**
+ ***************************************
+ * POST - Create Product
+ ***************************************
+ */
+export async function POST(req: NextRequest) {
+  const { data } = await req.json();
+
+  try {
+    const product = await createProduct(data);
+    return response(product, STATUS.CREATED);
+  } catch (error) {
+    return handleError('Product - Create', error);
+  }
+}
+
+/**
+ ***************************************
+ * PUT - Update Product
+ ***************************************
+ */
+export async function PUT(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const productId = searchParams.get('productId');
+  const { data } = await req.json();
+
+  try {
+    if (!productId) throw new Error('productId cannot be null');
+
+    const result = await updateProduct(productId, data);
+    return response(result, STATUS.OK);
+  } catch (error) {
+    return handleError('Product - Update', error);
+  }
+}
+
+/**
+ ***************************************
+ * DELETE - Delete Product
+ ***************************************
+ */
+export async function DELETE(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const productId = searchParams.get('productId');
+
+  try {
+    if (!productId) throw new Error('productId cannot be null');
+
+    await deleteProduct(productId);
+    return response({ success: true }, STATUS.OK);
+  } catch (error) {
+    return handleError('Product - Delete', error);
+  }
+}

03_source/cms_backend/src/app/api/product/saveProduct/route.ts

@@ -66,9 +66,9 @@ export async function POST(req: NextRequest) {
       where: { id: data.id },
     });
 
-    return response({ hello: 'world', data }, STATUS.OK);
+    return response({ data }, STATUS.OK);
   } catch (error) {
-    console.log({ hello: 'world', data });
+    console.log({ data });
     return handleError('Product - Get list', error);
   }
 }

03_source/cms_backend/src/app/api/product/search/route.ts

@@ -24,9 +24,7 @@ export async function GET(req: NextRequest) {
     const products = _products();
 
     // Accept search by name or sku
-    const results = products.filter(
-      ({ name, sku }) => name.toLowerCase().includes(query) || sku?.toLowerCase().includes(query)
-    );
+    const results = products.filter(({ name, sku }) => name.toLowerCase().includes(query) || sku?.toLowerCase().includes(query));
 
     logger('[Product] search-results', results.length);
 

03_source/cms_backend/src/app/api/product/test.http

@@ -0,0 +1,33 @@
+###
+GET http://localhost:7272/api/product
+
+###
+GET http://localhost:7272/api/product?productId=1
+
+###
+POST http://localhost:7272/api/product
+content-type: application/json
+
+{
+  "data": {
+    "sku": "PROD-001",
+    "name": "Premium Product",
+    "price": 99.99,
+    "quantity": 100,
+    "category": "Electronics",
+  }
+}
+
+###
+PUT http://localhost:7272/api/product?productId=1
+content-type: application/json
+
+{
+  "data": {
+    "price": 89.99,
+    "quantity": 95
+  }
+}
+
+###
+DELETE http://localhost:7272/api/product?productId=1

03_source/cms_backend/src/app/api/student/_GUIDELINES.md

@@ -0,0 +1,23 @@
+# GUIDELINE
+
+- this is a helloworld api endpoint
+- this is a demo to handle helloworld record
+- use single file for single db table/collection only
+
+## `route.ts`
+
+handle `GET`, `POST`, `PUT`, `DELETE`
+
+## `test.http`
+
+store test request
+
+## `../../services/helloworld.service.ts`
+
+helloworld schema CRUD handler
+
+`listHelloworlds` - list helloworld record
+`getHelloworld` - get helloworld record by id
+`createNewHelloworld` - create helloworld record
+`updateHelloworld` - update helloworld record by id
+`deleteHelloworld` - delete helloworld record by id

03_source/cms_backend/src/app/api/student/detail/route.ts

@@ -0,0 +1,39 @@
+// src/app/api/helloworld/detail/route.ts
+//
+// PURPOSE:
+// Get single helloworld record detail
+//
+// RULES:
+// - For helloworld requests, return simple response
+//
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import prisma from '../../../lib/prisma';
+
+// ----------------------------------------------------------------------
+
+/**
+ **************************************
+ * GET - Handle both helloworld and user details
+ **************************************
+ */
+export async function GET(req: NextRequest) {
+  // Original user details functionality
+  try {
+    const { searchParams } = req.nextUrl;
+
+    // RULES: helloworldId must exist
+    const helloworldId = searchParams.get('helloworldId');
+    if (!helloworldId) return response({ message: 'helloworldId is required!' }, STATUS.BAD_REQUEST);
+
+    const helloworld = await prisma.userItem.findFirst({ where: { id: helloworldId } });
+
+    if (!helloworld) return response({ message: 'User not found!' }, STATUS.NOT_FOUND);
+
+    return response({ helloworld }, STATUS.OK);
+  } catch (error) {
+    return handleError('Product - Get details', error);
+  }
+}

03_source/cms_backend/src/app/api/student/detail/test.http

@@ -0,0 +1,4 @@
+###
+
+GET http://localhost:7272/api/helloworld/details?helloworldId=1165ce3a-29b8-4e1a-9148-1ae08d7e8e01
+

03_source/cms_backend/src/app/api/student/route.ts

@@ -0,0 +1,34 @@
+import prisma from '@/lib/prisma';
+import { NextResponse } from 'next/server';
+
+// GET: 获取所有学生
+export async function GET() {
+  try {
+    const students = await prisma.student.findMany();
+    return NextResponse.json(students);
+  } catch (error) {
+    return NextResponse.json({ error: 'Failed to fetch students' }, { status: 500 });
+  }
+}
+
+// POST: 创建新学生
+export async function POST(request: Request) {
+  try {
+    const { email, metadata } = await request.json();
+
+    if (!email) {
+      return NextResponse.json({ error: 'Email is required' }, { status: 400 });
+    }
+
+    const student = await prisma.student.create({
+      data: {
+        email,
+        metadata: metadata || {},
+      },
+    });
+
+    return NextResponse.json(student, { status: 201 });
+  } catch (error) {
+    return NextResponse.json({ error: 'Failed to create student' }, { status: 500 });
+  }
+}

03_source/cms_backend/src/app/api/student/test.http

@@ -0,0 +1,25 @@
+###
+GET http://localhost:7272/api/helloworld
+
+###
+GET http://localhost:7272/api/helloworld?helloworldId=1
+
+###
+POST http://localhost:7272/api/helloworld?helloworldId=1
+content-type: application/json
+
+{
+  "data":{"hello": "hell"}
+}
+
+###
+PUT http://localhost:7272/api/helloworld?helloworldId=1
+content-type: application/json
+
+{
+  "data": {"hello": "hell"}
+}
+
+
+###
+DELETE http://localhost:7272/api/helloworld?helloworldId=1

03_source/cms_backend/src/app/api/user/changeToAdmin/route.ts

@@ -0,0 +1,36 @@
+// src/app/api/user/promoteToAdmin/route.ts
+//
+import type { NextRequest } from 'next/server';
+
+import { STATUS, response, handleError } from 'src/utils/response';
+
+import { changeToAdmin } from 'src/app/services/userItem.service';
+
+/**
+ ***************************************
+ * PUT - promote user to admin
+ ***************************************
+ */
+export async function PUT(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+
+  // userId, the userId going to be admin
+  // {data: requestUserId}, the userId sending request to promote admin
+  // the requestUserId should be a admin admin already
+
+  const userId = searchParams.get('userId');
+  const {
+    data: { requestUserId },
+  } = await req.json();
+
+  try {
+    if (!userId) return response('userId cannot be null', STATUS.BAD_REQUEST);
+    if (!requestUserId) return response('requestUserId cannot be null', STATUS.BAD_REQUEST);
+
+    const result = await changeToAdmin(userId, requestUserId);
+
+    return response(result, STATUS.OK);
+  } catch (error) {
+    return handleError('promote to admin', JSON.stringify(error));
+  }
+}

03_source/cms_backend/src/app/api/user/changeToAdmin/test.http

@@ -0,0 +1,33 @@
+# step 1 check not a admin
+###
+GET http://localhost:7272/api/user/details?userId=00b8b53b-dfe6-4b07-8d23-0dc9f75e7a2c
+
+# step 1 check not a admin
+###
+GET http://localhost:7272/api/user/details?userId=5e072d02-919c-49c4-98b4-9659b8eff231
+
+
+# step 2 request to change admin
+###
+PUT http://localhost:7272/api/user/changeToAdmin?userId=00b8b53b-dfe6-4b07-8d23-0dc9f75e7a2c
+content-type: application/json
+
+{
+  "data": {"requestUserId": "5e072d02-919c-49c4-98b4-9659b8eff231"}
+}
+
+
+
+# step 2 request to change user
+###
+PUT http://localhost:7272/api/user/changeToUser?userId=00b8b53b-dfe6-4b07-8d23-0dc9f75e7a2c
+content-type: application/json
+
+{
+  "data": {"requestUserId": "5e072d02-919c-49c4-98b4-9659b8eff231"}
+}
+
+
+#  step 3 it is now admin
+###
+GET http://localhost:7272/api/user/details?userId=00b8b53b-dfe6-4b07-8d23-0dc9f75e7a2c