var-monorepo/apps/hub/app/(app)/admin/user/action.ts

"use server";
import { prisma, Prisma } from "@repo/db";
import bcrypt from "bcryptjs";
import { sendMailByTemplate } from "../../../../helper/mail";
import { getServerSession } from "api/auth/[...nextauth]/auth";

export const getUser = async (where: Prisma.UserWhereInput) => {
	return await prisma.user.findMany({
		where,
	});
};

export const editUser = async (id: string, data: Prisma.UserUpdateInput) => {
	return await prisma.user.update({
		where: {
			id: id,
		},
		data,
	});
};

export const resetPassword = async (id: string) => {
	const array = new Uint8Array(8);
	crypto.getRandomValues(array);
	const password = Array.from(array, (byte) => ("0" + (byte % 36).toString(36)).slice(-1)).join("");
	const hashedPassword = await bcrypt.hash(password, 12);

	const user = await prisma.user.update({
		where: {
			id: id,
		},
		data: {
			password: hashedPassword,
		},
	});

	await sendMailByTemplate(user.email, "password-change", {
		user: user,
		password: password,
	});

	return { password };
};

export const deleteDispoHistory = async (id: number) => {
	return await prisma.connectedDispatcher.delete({
		where: {
			id: id,
		},
	});
};

export const deletePilotHistory = async (id: number) => {
	return await prisma.connectedAircraft.delete({
		where: {
			id: id,
		},
	});
};
export const deleteUser = async (id: string) => {
	return await prisma.user.delete({
		where: {
			id: id,
		},
	});
};

export const sendVerificationLink = async (userId: string) => {
	const code = Math.floor(10000 + Math.random() * 90000).toString();

	const user = await prisma.user.update({
		where: {
			id: userId,
		},
		data: {
			emailVerificationToken: code,
			emailVerificationExpiresAt: new Date(Date.now() + 24 * 60 * 60 * 1000), // 24 hours
		},
	});

	await sendMailByTemplate(user.email, "email-verification", {
		user: user,
		code,
	});
};

export const markDuplicate = async (params: {
	duplicateUserId: string;
	canonicalPublicId: string;
	reason?: string;
}) => {
	// Then in your function:
	const session = await getServerSession();
	if (!session?.user) throw new Error("Nicht authentifiziert");
	const canonical = await prisma.user.findUnique({
		where: { publicId: params.canonicalPublicId },
		select: { id: true },
	});
	if (!canonical) throw new Error("Original-Account (canonical) nicht gefunden");
	if (canonical.id === params.duplicateUserId)
		throw new Error("Duplikat und Original dürfen nicht identisch sein");

	const updated = await prisma.user.update({
		where: { id: params.duplicateUserId },
		data: {
			canonicalUserId: canonical.id,
			isBanned: true,
			duplicateDetectedAt: new Date(),
			duplicateReason: params.reason ?? undefined,
		},
	});

	await prisma.penalty.create({
		data: {
			userId: params.duplicateUserId,
			type: "BAN",
			reason: `Account als Duplikat von #${params.canonicalPublicId} markiert.`,
			createdUserId: session.user.id,
		},
	});
	return updated;
};

export const clearDuplicateLink = async (duplicateUserId: string) => {
	const updated = await prisma.user.update({
		where: { id: duplicateUserId },
		data: {
			canonicalUserId: null,
			duplicateDetectedAt: null,
			duplicateReason: null,
		},
	});
	return updated;
};