✨ Implement Article Banning and Role-Based Access Control

- Enhance ArticlesController to support banning and unbanning articles, with appropriate role checks for admin users.
- Update ArticleStatsService to include statistics for banned articles.
- Modify Article model to add a banReason field for tracking reasons for article bans.
- Refactor dashboard and articles pages to display banned articles and adjust filtering based on user roles.
- Update routes to include new endpoints for banning and unbanning articles, ensuring proper middleware enforcement.

Author: BrightkyEfoo

app/controllers/articles_controller.ts

@@ -51,12 +51,12 @@ export default class ArticlesController {
   }
 
   async dashboard({ inertia, auth }: HttpContext) {
-    // Chaque utilisateur ne voit que ses propres statistiques
-    const stats = await ArticleStatsService.getStats(auth.user!.id)
+    const isAdmin = auth.user!.role === Role.ADMIN
+    const stats = await ArticleStatsService.getStats(auth.user!.id, isAdmin)
     return inertia.render('dashboard/index', {
       publishedArticles: stats.published,
       draftArticles: stats.drafts,
-      waitingArticles: stats.waiting,
+      bannedArticles: stats.banned,
       discussions: 0,
       questions: 0,
     })
@@ -65,21 +65,49 @@ export default class ArticlesController {
   async articles({ inertia, request, auth }: HttpContext) {
     const page = request.input('page', 1)
     const status = request.input('status', null)
+    const isAdmin = auth.user!.role === Role.ADMIN
 
-    const query = Article.query()
-      .preload('author')
-      .where('author_id', auth.user!.id)
-      .orderBy('created_at', 'desc')
+    let query = Article.query().preload('author').orderBy('created_at', 'desc')
 
-    if (status && Object.values(ArticleStatus).includes(status as ArticleStatus)) {
-      query.where('status', status as ArticleStatus)
+    // Logique différente selon le rôle
+    if (isAdmin) {
+      // Admin : voir tous les articles publiés/banned + ses propres brouillons
+      if (status && Object.values(ArticleStatus).includes(status as ArticleStatus)) {
+        if (status === ArticleStatus.PUBLISHED) {
+          // Voir tous les articles publiés (de tous les auteurs)
+          query.where('status', ArticleStatus.PUBLISHED)
+        } else if (status === ArticleStatus.BANNED) {
+          // Voir tous les articles banned (de tous les auteurs)
+          query.where('status', ArticleStatus.BANNED)
+        } else {
+          // Voir uniquement ses propres brouillons
+          query.where('status', status as ArticleStatus).where('author_id', auth.user!.id)
+        }
+      } else {
+        // Par défaut : tous les publiés + ses brouillons
+        query.where((builder) => {
+          builder
+            .where('status', ArticleStatus.PUBLISHED)
+            .orWhere((subBuilder) => {
+              subBuilder.where('author_id', auth.user!.id).where('status', ArticleStatus.DRAFT)
+            })
+        })
+      }
+    } else {
+      // Membre : voir uniquement ses propres articles
+      query.where('author_id', auth.user!.id)
+
+      if (status && Object.values(ArticleStatus).includes(status as ArticleStatus)) {
+        query.where('status', status as ArticleStatus)
+      }
     }
 
     const articles = await query.paginate(page, 10)
 
     return inertia.render('dashboard/articles', {
       articles: articles.toJSON(),
       currentStatus: status,
+      isAdmin,
     })
   }
 
@@ -184,4 +212,41 @@ export default class ArticlesController {
     session.flash('success', 'Article dépublié avec succès')
     return response.redirect().back()
   }
+
+  /**
+   * Bannir un article (admin seulement)
+   */
+  async ban({ params, request, response, session }: HttpContext) {
+    const article = await Article.query().where('slug', params.slug).firstOrFail()
+    const banReason = request.input('ban_reason')
+
+    article.status = ArticleStatus.BANNED
+    article.banReason = banReason
+    article.publishedAt = null
+    await article.save()
+
+    session.flash('success', 'Article banni avec succès')
+    return response.redirect().back()
+  }
+
+  /**
+   * Débannir un article (admin seulement)
+   */
+  async unban({ params, response, session }: HttpContext) {
+    const article = await Article.query().where('slug', params.slug).firstOrFail()
+
+    // Vérifier que l'article est banni
+    if (article.status !== ArticleStatus.BANNED) {
+      session.flash('error', 'Cet article n\'est pas banni')
+      return response.redirect().back()
+    }
+
+    // Débannir l'article (le repasser en brouillon)
+    article.status = ArticleStatus.DRAFT
+    article.banReason = null
+    await article.save()
+
+    session.flash('success', 'Article débanni avec succès')
+    return response.redirect().back()
+  }
 }

app/models/article.ts

@@ -51,6 +51,9 @@ export default class Article extends BaseModel {
   })
   declare tags: string[]
 
+  @column()
+  declare banReason: string | null
+
   // Generate slug before saving
   public static generateSlug(title: string) {
     return string.slug(title)

app/services/article_stats_service.ts

@@ -2,26 +2,31 @@ import { ArticleStatus } from '#enums/article_status'
 import Article from '#models/article'
 
 export default class ArticleStatsService {
-  static async getStats(userId?: number) {
+  static async getStats(userId?: number, isAdmin: boolean = false) {
     const publishedQuery = Article.query().where('status', ArticleStatus.PUBLISHED)
     const draftQuery = Article.query().where('status', ArticleStatus.DRAFT)
-    const waitingQuery = Article.query().where('status', ArticleStatus.WAITING_APPROVAL)
+    const bannedQuery = Article.query().where('status', ArticleStatus.BANNED)
 
-    // Si userId est fourni, filtrer par l'auteur
-    if (userId) {
+    // Pour les admins, published = tous les articles publiés (pas de filtre userId)
+    // Pour les membres, filtrer tous les comptes par userId
+    if (userId && !isAdmin) {
       publishedQuery.where('author_id', userId)
       draftQuery.where('author_id', userId)
-      waitingQuery.where('author_id', userId)
+      bannedQuery.where('author_id', userId)
+    } else if (userId && isAdmin) {
+      // Admin: published = tous, mais draft/banned = uniquement les siens
+      draftQuery.where('author_id', userId)
+      bannedQuery.where('author_id', userId)
     }
 
     const publishedResult = await publishedQuery.count('* as total')
     const draftResult = await draftQuery.count('* as total')
-    const waitingResult = await waitingQuery.count('* as total')
+    const bannedResult = await bannedQuery.count('* as total')
 
     return {
       published: Number(publishedResult[0].$extras.total),
       drafts: Number(draftResult[0].$extras.total),
-      waiting: Number(waitingResult[0].$extras.total),
+      banned: Number(bannedResult[0].$extras.total),
     }
   }
 }

database/migrations/1761838929142_create_add_ban_reason_to_articles_table.ts

@@ -0,0 +1,17 @@
+import { BaseSchema } from '@adonisjs/lucid/schema'
+
+export default class extends BaseSchema {
+  protected tableName = 'articles'
+
+  async up() {
+    this.schema.alterTable(this.tableName, (table) => {
+      table.text('ban_reason').nullable()
+    })
+  }
+
+  async down() {
+    this.schema.alterTable(this.tableName, (table) => {
+      table.dropColumn('ban_reason')
+    })
+  }
+}

enums/article_status.ts

@@ -1,6 +1,6 @@
 export enum ArticleStatus {
   DRAFT = 'draft',
-  WAITING_APPROVAL = 'waiting_approval',
+  BANNED = 'banned',
   PUBLISHED = 'published',
 }
 

inertia/components/articles/article-card.tsx

@@ -1,5 +1,6 @@
 import { Link } from '@inertiajs/react'
 import { useState } from 'react'
+import { useImageUrl } from '../../utils/image'
 
 interface ArticleCardProps {
   article: {
@@ -16,19 +17,19 @@ interface ArticleCardProps {
 
 export default function ArticleCard({ article }: ArticleCardProps) {
   const [imgError, setImgError] = useState(false)
-  const showFallback = imgError || !article.coverImage
-
-  console.log('article.coverImage', article.coverImage)
+  const displayImageUrl = useImageUrl(article.coverImage)
+  const showFallback = imgError || !displayImageUrl
 
   return (
-    <div className="bg-white rounded-xl shadow flex flex-col h-full cursor-pointer overflow-hidden border-2 border-gray-200 transition-all duration-300 hover:border-indigo-600">
-      <div
-        className={`h-48 flex items-center justify-center overflow-hidden ${showFallback ? 'bg-gray-100' : ''}`}
-        style={{ marginBottom: '0' }}
-      >
+    <Link href={`/articles/${article.slug}`} className="block">
+      <div className="bg-white rounded-xl shadow flex flex-col h-full cursor-pointer overflow-hidden border-2 border-gray-200 transition-all duration-300 hover:border-indigo-600">
+        <div
+          className={`h-48 flex items-center justify-center overflow-hidden ${showFallback ? 'bg-gray-100' : ''}`}
+          style={{ marginBottom: '0' }}
+        >
         {!showFallback ? (
           <img
-            src={article.coverImage!}
+            src={displayImageUrl!}
             alt={article.title}
             className="object-cover w-full h-full"
             onError={() => setImgError(true)}
@@ -57,12 +58,9 @@ export default function ArticleCard({ article }: ArticleCardProps) {
             </span>
           ))}
         </div>
-        <Link
-          href={`/articles/${article.slug}`}
-          className="font-bold text-lg mb-2 hover:text-indigo-600 transition"
-        >
+        <h3 className="font-bold text-lg mb-2 hover:text-indigo-600 transition">
           {article.title}
-        </Link>
+        </h3>
         <p className="text-gray-600 text-sm flex-1">{article.excerpt}</p>
         <div className="flex items-center mt-4">
           {article.author.avatar ? (
@@ -80,5 +78,6 @@ export default function ArticleCard({ article }: ArticleCardProps) {
         </div>
       </div>
     </div>
+    </Link>
   )
 }