Update Dockerfile and package.json to use Prisma migrations, add bcryptjs and next-auth dependencies, and enhance README instructions for database setup. Refactor Prisma schema to include password hashing for users and implement evaluation sharing functionality. Improve admin page with user management features and integrate session handling for authentication. Enhance evaluation detail page with sharing options and update API routes for access control based on user roles.

prisma/migrations/20250220000000_init/migration.sql

@@ -0,0 +1,100 @@
+-- CreateTable
+CREATE TABLE "User" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "email" TEXT NOT NULL,
+    "name" TEXT,
+    "passwordHash" TEXT,
+    "role" TEXT NOT NULL DEFAULT 'evaluator',
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL
+);
+
+-- CreateTable
+CREATE TABLE "Template" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "name" TEXT NOT NULL,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL
+);
+
+-- CreateTable
+CREATE TABLE "TemplateDimension" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "templateId" TEXT NOT NULL,
+    "slug" TEXT NOT NULL,
+    "orderIndex" INTEGER NOT NULL,
+    "title" TEXT NOT NULL,
+    "rubric" TEXT NOT NULL,
+    "suggestedQuestions" TEXT,
+    CONSTRAINT "TemplateDimension_templateId_fkey" FOREIGN KEY ("templateId") REFERENCES "Template" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "Evaluation" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "candidateName" TEXT NOT NULL,
+    "candidateRole" TEXT NOT NULL,
+    "candidateTeam" TEXT,
+    "evaluatorName" TEXT NOT NULL,
+    "evaluatorId" TEXT,
+    "evaluationDate" DATETIME NOT NULL,
+    "templateId" TEXT NOT NULL,
+    "status" TEXT NOT NULL DEFAULT 'draft',
+    "findings" TEXT,
+    "recommendations" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    CONSTRAINT "Evaluation_evaluatorId_fkey" FOREIGN KEY ("evaluatorId") REFERENCES "User" ("id") ON DELETE SET NULL ON UPDATE CASCADE,
+    CONSTRAINT "Evaluation_templateId_fkey" FOREIGN KEY ("templateId") REFERENCES "Template" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "EvaluationShare" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "evaluationId" TEXT NOT NULL,
+    "userId" TEXT NOT NULL,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    CONSTRAINT "EvaluationShare_evaluationId_fkey" FOREIGN KEY ("evaluationId") REFERENCES "Evaluation" ("id") ON DELETE CASCADE ON UPDATE CASCADE,
+    CONSTRAINT "EvaluationShare_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "DimensionScore" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "evaluationId" TEXT NOT NULL,
+    "dimensionId" TEXT NOT NULL,
+    "score" INTEGER,
+    "justification" TEXT,
+    "examplesObserved" TEXT,
+    "confidence" TEXT,
+    "candidateNotes" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    CONSTRAINT "DimensionScore_evaluationId_fkey" FOREIGN KEY ("evaluationId") REFERENCES "Evaluation" ("id") ON DELETE CASCADE ON UPDATE CASCADE,
+    CONSTRAINT "DimensionScore_dimensionId_fkey" FOREIGN KEY ("dimensionId") REFERENCES "TemplateDimension" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "AuditLog" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "evaluationId" TEXT NOT NULL,
+    "action" TEXT NOT NULL,
+    "field" TEXT,
+    "oldValue" TEXT,
+    "newValue" TEXT,
+    "userId" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    CONSTRAINT "AuditLog_evaluationId_fkey" FOREIGN KEY ("evaluationId") REFERENCES "Evaluation" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "TemplateDimension_templateId_slug_key" ON "TemplateDimension"("templateId", "slug");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "EvaluationShare_evaluationId_userId_key" ON "EvaluationShare"("evaluationId", "userId");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "DimensionScore_evaluationId_dimensionId_key" ON "DimensionScore"("evaluationId", "dimensionId");

prisma/schema.prisma

@@ -12,12 +12,15 @@ datasource db {
 }
 
 model User {
-  id        String   @id @default(cuid())
-  email     String   @unique
-  name      String?
-  role      String   @default("evaluator") // evaluator | admin
-  createdAt DateTime @default(now())
-  updatedAt DateTime @updatedAt
+  id              String           @id @default(cuid())
+  email           String           @unique
+  name            String?
+  passwordHash    String?
+  role            String           @default("evaluator") // evaluator | admin
+  createdAt       DateTime         @default(now())
+  updatedAt       DateTime         @updatedAt
+  evaluations     Evaluation[]     @relation("Evaluator")
+  sharedEvaluations EvaluationShare[]
 }
 
 model Template {
@@ -48,17 +51,31 @@ model Evaluation {
   candidateName   String
   candidateRole   String
   candidateTeam   String?  // équipe du candidat
-  evaluatorName  String
-  evaluationDate DateTime
-  templateId     String
-  template       Template @relation(fields: [templateId], references: [id])
-  status         String   @default("draft") // draft | submitted
-  findings       String?  // auto-generated summary
+  evaluatorName   String
+  evaluatorId     String?
+  evaluator       User?    @relation("Evaluator", fields: [evaluatorId], references: [id], onDelete: SetNull)
+  evaluationDate  DateTime
+  templateId      String
+  template        Template @relation(fields: [templateId], references: [id])
+  status          String   @default("draft") // draft | submitted
+  findings        String?  // auto-generated summary
   recommendations String?
   dimensionScores DimensionScore[]
-  auditLogs      AuditLog[]
-  createdAt      DateTime @default(now())
-  updatedAt      DateTime @updatedAt
+  auditLogs       AuditLog[]
+  sharedWith      EvaluationShare[]
+  createdAt       DateTime @default(now())
+  updatedAt       DateTime @updatedAt
+}
+
+model EvaluationShare {
+  id           String     @id @default(cuid())
+  evaluationId String
+  evaluation   Evaluation @relation(fields: [evaluationId], references: [id], onDelete: Cascade)
+  userId       String
+  user         User       @relation(fields: [userId], references: [id], onDelete: Cascade)
+  createdAt    DateTime   @default(now())
+
+  @@unique([evaluationId, userId])
 }
 
 model DimensionScore {

prisma/seed.ts

@@ -434,15 +434,18 @@ async function main() {
   });
   if (!template) throw new Error("Template not found");
 
-  await prisma.user.upsert({
-    where: { email: "admin@cars-front.local" },
-    create: {
-      email: "admin@cars-front.local",
-      name: "Admin User",
-      role: "admin",
-    },
-    update: {},
-  });
+    const bcrypt = require("bcryptjs");
+    const adminHash = bcrypt.hashSync("admin123", 10);
+    const admin = await prisma.user.upsert({
+      where: { email: "admin@cars-front.local" },
+      create: {
+        email: "admin@cars-front.local",
+        name: "Admin User",
+        passwordHash: adminHash,
+        role: "admin",
+      },
+      update: { passwordHash: adminHash },
+    });
 
   const dims = await prisma.templateDimension.findMany({
     where: { templateId: template.id },
@@ -485,6 +488,7 @@ async function main() {
       candidateRole: r.role,
       candidateTeam: r.team,
       evaluatorName: r.evaluator,
+      evaluatorId: admin.id,
       evaluationDate: new Date(2025, 1, 15 + i),
       templateId: template.id,
       status: i === 0 ? "submitted" : "draft",
@@ -526,6 +530,13 @@ async function main() {
       });
     }
   }
+
+  // Rattacher les évaluations orphelines (sans evaluatorId) à l'admin
+  await prisma.evaluation.updateMany({
+    where: { evaluatorId: null },
+    data: { evaluatorId: admin.id },
+  });
+
   console.log("Seed complete: templates synced, répondants upserted (évaluations non vidées)");
 }