fix api security issues and update pages issue
This commit is contained in:
@@ -50,6 +50,31 @@ export type GradingSectionScorePayload = {
|
||||
missing_ok_map?: Record<string, unknown>
|
||||
}
|
||||
|
||||
export type AllDecisionRow = {
|
||||
student_id: number
|
||||
school_id?: string | null
|
||||
firstname?: string | null
|
||||
lastname?: string | null
|
||||
gender?: string | null
|
||||
class_section_id?: number | string | null
|
||||
class_section_name?: string | null
|
||||
fall_score?: number | string | null
|
||||
spring_score?: number | string | null
|
||||
year_score?: number | string | null
|
||||
decision?: string | null
|
||||
source?: string | null
|
||||
notes?: string | null
|
||||
saved?: boolean
|
||||
is_trophy?: boolean
|
||||
}
|
||||
|
||||
export type AllDecisionsPayload = {
|
||||
ok?: boolean
|
||||
rows?: AllDecisionRow[]
|
||||
generated?: boolean
|
||||
school_year?: string
|
||||
}
|
||||
|
||||
function q(sp: URLSearchParams): string {
|
||||
const s = sp.toString()
|
||||
return s ? `?${s}` : ''
|
||||
@@ -123,6 +148,23 @@ export async function fetchBelowSixty(searchParams: URLSearchParams): Promise<un
|
||||
return apiFetch(`${BASE}/below-sixty${q(searchParams)}`)
|
||||
}
|
||||
|
||||
export async function fetchAllDecisions(
|
||||
searchParams: URLSearchParams,
|
||||
): Promise<AllDecisionsPayload> {
|
||||
return apiFetch(`${BASE}/decisions${q(searchParams)}`)
|
||||
}
|
||||
|
||||
export async function postGenerateAllDecisions(body: Record<string, unknown>): Promise<{
|
||||
ok?: boolean
|
||||
saved_count?: number
|
||||
}> {
|
||||
return apiFetch(`${BASE}/decisions/generate`, {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify(body),
|
||||
})
|
||||
}
|
||||
|
||||
export async function fetchBelowSixtyDecisions(
|
||||
searchParams: URLSearchParams,
|
||||
): Promise<unknown> {
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
/**
|
||||
* Roles & permissions admin (legacy CI rolepermission/*).
|
||||
* Expected under `/api/v1/role-permission`.
|
||||
* Live Laravel routes are exposed under `/api/v1/role-permissions`.
|
||||
*/
|
||||
import { ApiHttpError, apiFetch } from './http'
|
||||
|
||||
const BASE = '/api/v1/role-permission'
|
||||
const BASE = '/api/v1/role-permissions'
|
||||
|
||||
type DataEnvelope<T> = { data?: T }
|
||||
|
||||
|
||||
@@ -125,6 +125,17 @@ export async function fetchDashboardRoute(): Promise<ApiEnvelope<DashboardPayloa
|
||||
return apiFetch<ApiEnvelope<DashboardPayload>>('/api/v1/dashboard/route')
|
||||
}
|
||||
|
||||
export async function postRoleSwitch(role: string): Promise<ApiEnvelope<{
|
||||
role?: string
|
||||
dashboard_route?: string
|
||||
}>> {
|
||||
return apiFetch<ApiEnvelope<{ role?: string; dashboard_route?: string }>>('/api/v1/role-switcher/switch', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify({ role }),
|
||||
})
|
||||
}
|
||||
|
||||
export async function fetchLandingAdminDashboard(kind: 'admin' | 'administrator'): Promise<LandingPageResponse> {
|
||||
return apiFetch<LandingPageResponse>(`/api/v1/landing/${kind}`)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user