init-source

init-source/qms-update-3/pages/api/ncrs/[id].ts

@@ -0,0 +1,78 @@
+import type { NextApiRequest, NextApiResponse } from 'next'
+import { prisma } from '@/lib/prisma'
+import { requireAuth, logAction } from '@/lib/auth'
+import { notifySolutionConfirmed } from '@/lib/email'
+import { NCRSeverity, NCRStatus } from '@prisma/client'
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  const user = await requireAuth(req, res, ['ADMIN', 'QC'])
+  if (!user) return
+
+  const { id } = req.query as { id: string }
+
+  const ncr = await prisma.nCR.findUnique({
+    where: { id },
+    include: { raisedBy: { select: { id: true, name: true, email: true } }, capa: { select: { ref: true } } },
+  })
+  if (!ncr) return res.status(404).json({ error: 'NCR not found' })
+
+  if (req.method === 'GET') {
+    return res.json({ data: ncr })
+  }
+
+  if (req.method === 'PATCH') {
+    const before = { ...ncr }
+    const { severity, status, resolution, category, confirmNotify } = req.body as {
+      severity?: NCRSeverity
+      status?: NCRStatus
+      resolution?: string
+      category?: string
+      confirmNotify?: boolean
+    }
+
+    const updateData: any = {}
+
+    if (severity !== undefined) updateData.severity = severity
+
+    if (status !== undefined) updateData.status = status
+
+    if (resolution !== undefined && category !== undefined) {
+      // Resolving — requires both resolution notes and a category, files to library
+      updateData.resolution = resolution
+      updateData.category = category
+      updateData.status = 'RESOLVED'
+      updateData.resolvedAt = new Date()
+    }
+
+    if (confirmNotify) {
+      updateData.notified = true
+      updateData.notifiedAt = new Date()
+    }
+
+    const updated = await prisma.nCR.update({
+      where: { id },
+      data: updateData,
+      include: { raisedBy: { select: { id: true, name: true, email: true } }, capa: { select: { ref: true } } },
+    })
+
+    // File to resolutions library
+    if (resolution !== undefined && category !== undefined) {
+      await prisma.resolution.create({
+        data: {
+          title: ncr.description.length > 80 ? ncr.description.slice(0, 80) + '…' : ncr.description,
+          category, resolution, linkedRef: ncr.ref,
+        }
+      })
+    }
+
+    // Confirm-and-notify: emails/notifies whoever raised the NCR
+    if (confirmNotify && ncr.raisedBy) {
+      await notifySolutionConfirmed(ncr.ref, ncr.description, ncr.raisedBy.email, ncr.raisedBy.id)
+    }
+
+    await logAction(user.id, 'UPDATE', 'NCR', id, before, updated)
+    return res.json({ data: updated })
+  }
+
+  res.status(405).end()
+}

init-source/qms-update-3/pages/api/ncrs/[id]/escalate.ts

@@ -0,0 +1,48 @@
+import type { NextApiRequest, NextApiResponse } from 'next'
+import { prisma } from '@/lib/prisma'
+import { requireAuth, logAction, generateRef } from '@/lib/auth'
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  const user = await requireAuth(req, res, ['ADMIN', 'QC'])
+  if (!user) return
+  if (req.method !== 'POST') return res.status(405).end()
+
+  const { id } = req.query as { id: string }
+  const { title, priority, ownerId, dueDate } = req.body
+
+  if (!title || !ownerId || !dueDate) {
+    return res.status(400).json({ error: 'title, ownerId, dueDate required' })
+  }
+
+  const ncr = await prisma.nCR.findUnique({ where: { id } })
+  if (!ncr) return res.status(404).json({ error: 'NCR not found' })
+
+  const count = await prisma.cAPA.count()
+  const ref = generateRef('CAPA', count)
+
+  const capa = await prisma.cAPA.create({
+    data: {
+      ref, title,
+      description: `Escalated from ${ncr.ref}: ${ncr.description}`,
+      priority: priority || 'MEDIUM',
+      ownerId, raisedById: user.id,
+      dueDate: new Date(dueDate),
+    },
+    include: { owner: { select: { id: true, name: true, email: true } } },
+  })
+
+  await prisma.cAPAEvent.create({
+    data: { capaId: capa.id, event: 'CAPA raised', note: `Escalated from ${ncr.ref} by ${user.name}` }
+  })
+
+  const updatedNcr = await prisma.nCR.update({
+    where: { id },
+    data: { status: 'ESCALATED', capaId: capa.id },
+    include: { raisedBy: { select: { name: true } }, capa: { select: { ref: true } } },
+  })
+
+  await logAction(user.id, 'UPDATE', 'NCR', id, { status: ncr.status }, { status: 'ESCALATED', capaRef: capa.ref })
+  await logAction(user.id, 'CREATE', 'CAPA', capa.id, null, { ref: capa.ref, fromNcr: ncr.ref })
+
+  return res.status(201).json({ data: { ncr: updatedNcr, capa } })
+}

init-source/qms-update-3/pages/api/ncrs/index.ts

@@ -0,0 +1,41 @@
+import type { NextApiRequest, NextApiResponse } from 'next'
+import { prisma } from '@/lib/prisma'
+import { requireAuth, logAction, generateRef } from '@/lib/auth'
+import { NCRStatus } from '@prisma/client'
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  const user = await requireAuth(req, res)
+  if (!user) return
+
+  if (req.method === 'GET') {
+    const { status } = req.query
+    const where: any = {}
+    if (status) where.status = status as NCRStatus
+
+    const ncrs = await prisma.nCR.findMany({
+      where,
+      include: { raisedBy: { select: { name: true } }, capa: { select: { ref: true } } },
+      orderBy: { createdAt: 'desc' },
+    })
+    return res.json({ data: ncrs })
+  }
+
+  if (req.method === 'POST') {
+    // Any authenticated user can report an issue (production intake)
+    const { description, source } = req.body
+    if (!description) return res.status(400).json({ error: 'description required' })
+
+    const count = await prisma.nCR.count()
+    const ref = generateRef('NCR', count)
+
+    const ncr = await prisma.nCR.create({
+      data: { ref, description, source, raisedById: user.id },
+      include: { raisedBy: { select: { name: true } } },
+    })
+
+    await logAction(user.id, 'CREATE', 'NCR', ncr.id, null, { ref, description })
+    return res.status(201).json({ data: ncr })
+  }
+
+  res.status(405).end()
+}