Durcissement sécurité, fiabilité & polissage du chat

package.json

@@ -32,6 +32,11 @@
     "@modelcontextprotocol/sdk": "^1.29.0",
     "@radix-ui/react-use-controllable-state": "^1.2.2",
     "@tabler/icons-react": "^3.41.1",
+    "@tiptap/extension-link": "^2.27.2",
+    "@tiptap/extension-underline": "^2.27.2",
+    "@tiptap/pm": "^2.27.2",
+    "@tiptap/react": "^2.27.2",
+    "@tiptap/starter-kit": "^2.27.2",
     "@xyflow/react": "^12.10.2",
     "ai": "^6.0.180",
     "bcryptjs": "^3.0.3",

src/app/(app)/admin/cabinet/actions.ts

@@ -1,5 +1,7 @@
 "use server";
 
+import type { ActionResult as BaseActionResult } from "@/lib/actions/result";
+
 import { revalidatePath } from "next/cache";
 import { eq } from "drizzle-orm";
 import { z } from "zod";
@@ -14,9 +16,7 @@ const schema = z.object({
   legalDisclaimer: z.string().trim().max(1000),
 });
 
-export type ActionResult =
-  | { ok: true }
-  | { ok: false; error: string };
+export type ActionResult = BaseActionResult;
 
 export async function updateCabinetSettings(
   _prev: ActionResult | null,

src/app/(app)/admin/users/actions.ts

@@ -1,5 +1,7 @@
 "use server";
 
+import type { ActionResult as BaseActionResult } from "@/lib/actions/result";
+
 import { revalidatePath } from "next/cache";
 import { and, eq, ne, sql } from "drizzle-orm";
 import { z } from "zod";
@@ -16,7 +18,7 @@ const createSchema = z.object({
   role: z.enum(["admin", "member"]),
 });
 
-export type ActionResult = { ok: true } | { ok: false; error: string };
+export type ActionResult = BaseActionResult;
 
 export async function createUser(
   _prev: ActionResult | null,

src/app/(app)/board/actions.ts

@@ -1,9 +1,11 @@
 "use server";
 
+import type { ActionResult as BaseActionResult } from "@/lib/actions/result";
+
 import { revalidatePath } from "next/cache";
 import { and, asc, eq, sql } from "drizzle-orm";
 import { z } from "zod";
-import { auth } from "@/auth";
+import { requireUserId } from "@/lib/auth/permissions";
 import { db } from "@/db";
 import {
   pipelineAgents,
@@ -13,16 +15,8 @@ import {
 } from "@/db/schema";
 import { findPreset, seedPresetsForUser } from "@/lib/orchestrator";
 
-export type ActionResult = { ok: true } | { ok: false; error: string };
-export type ActionResultWith<T> =
-  | ({ ok: true } & T)
-  | { ok: false; error: string };
-
-async function requireUserId(): Promise<string> {
-  const session = await auth();
-  if (!session?.user?.id) throw new Error("Unauthorized");
-  return session.user.id;
-}
+export type ActionResult = BaseActionResult;
+export type ActionResultWith<T> = BaseActionResult<T>;
 
 const pipelineMetaSchema = z.object({
   name: z.string().trim().min(1).max(120),
@@ -136,34 +130,39 @@ export async function clonePipeline(
   const baseName = newName ?? `${source.pipeline.name} (copie)`;
   const slug = await uniqueSlug(userId, source.pipeline.slug);
 
-  const [created] = await db
-    .insert(pipelines)
-    .values({
-      userId,
-      slug,
-      name: baseName,
-      description: source.pipeline.description,
-      isPreset: false,
-    })
-    .returning({ id: pipelines.id });
-
-  if (source.agents.length > 0) {
-    await db.insert(pipelineAgents).values(
-      source.agents.map((a, i) => ({
-        pipelineId: created.id,
-        role: a.role,
-        label: a.label,
-        providerKeyId: a.providerKeyId,
-        modelOverride: a.modelOverride,
-        systemPrompt: a.systemPrompt,
-        toolAllowlist: a.toolAllowlist,
-        position: i,
-      }))
-    );
-  }
+  // Transaction : pipeline + ses agents insérés atomiquement, sinon un échec
+  // après l'insert du pipeline laisse un pipeline sans aucun agent.
+  const newId = await db.transaction(async (tx) => {
+    const [created] = await tx
+      .insert(pipelines)
+      .values({
+        userId,
+        slug,
+        name: baseName,
+        description: source.pipeline.description,
+        isPreset: false,
+      })
+      .returning({ id: pipelines.id });
+
+    if (source.agents.length > 0) {
+      await tx.insert(pipelineAgents).values(
+        source.agents.map((a, i) => ({
+          pipelineId: created.id,
+          role: a.role,
+          label: a.label,
+          providerKeyId: a.providerKeyId,
+          modelOverride: a.modelOverride,
+          systemPrompt: a.systemPrompt,
+          toolAllowlist: a.toolAllowlist,
+          position: i,
+        }))
+      );
+    }
+    return created.id;
+  });
 
   revalidatePath("/board");
-  return { ok: true, id: created.id };
+  return { ok: true, id: newId };
 }
 
 export async function clonePresetBySlug(
@@ -175,37 +174,41 @@ export async function clonePresetBySlug(
 
   const newSlug = await uniqueSlug(userId, slug);
 
-  const [created] = await db
-    .insert(pipelines)
-    .values({
-      userId,
-      slug: newSlug,
-      name: `${preset.name} (copie)`,
-      description: preset.description,
-      isPreset: false,
-      mode: preset.mode ?? "sequential",
-      rounds: preset.rounds ?? 1,
-    })
-    .returning({ id: pipelines.id });
-
-  if (preset.agents.length > 0) {
-    await db.insert(pipelineAgents).values(
-      preset.agents.map((a, i) => ({
-        pipelineId: created.id,
-        role: a.role,
-        label: a.label,
-        providerKeyId: null,
-        modelOverride: null,
-        systemPrompt: a.systemPrompt ?? null,
-        toolAllowlist:
-          a.toolAllowlist === undefined ? null : a.toolAllowlist,
-        position: i,
-      }))
-    );
-  }
+  // Transaction : pipeline + agents atomiques (cf. clonePipeline).
+  const newId = await db.transaction(async (tx) => {
+    const [created] = await tx
+      .insert(pipelines)
+      .values({
+        userId,
+        slug: newSlug,
+        name: `${preset.name} (copie)`,
+        description: preset.description,
+        isPreset: false,
+        mode: preset.mode ?? "sequential",
+        rounds: preset.rounds ?? 1,
+      })
+      .returning({ id: pipelines.id });
+
+    if (preset.agents.length > 0) {
+      await tx.insert(pipelineAgents).values(
+        preset.agents.map((a, i) => ({
+          pipelineId: created.id,
+          role: a.role,
+          label: a.label,
+          providerKeyId: null,
+          modelOverride: null,
+          systemPrompt: a.systemPrompt ?? null,
+          toolAllowlist:
+            a.toolAllowlist === undefined ? null : a.toolAllowlist,
+          position: i,
+        }))
+      );
+    }
+    return created.id;
+  });
 
   revalidatePath("/board");
-  return { ok: true, id: created.id };
+  return { ok: true, id: newId };
 }
 
 export async function updatePipelineMeta(

src/app/(app)/chat/actions.ts

@@ -2,20 +2,14 @@
 
 import { revalidatePath } from "next/cache";
 import { redirect } from "next/navigation";
-import { and, asc, eq, gt } from "drizzle-orm";
+import { and, asc, eq, gt, inArray } from "drizzle-orm";
 import { z } from "zod";
-import { auth } from "@/auth";
+import { requireUserId } from "@/lib/auth/permissions";
 import { db } from "@/db";
 import { agentRuns, conversations, messages } from "@/db/schema";
 
 const titleSchema = z.string().trim().min(1).max(120);
 
-async function requireUserId(): Promise<string> {
-  const session = await auth();
-  if (!session?.user?.id) throw new Error("Unauthorized");
-  return session.user.id;
-}
-
 export async function renameConversation(
   id: string,
   title: string
@@ -113,27 +107,40 @@ export async function editUserMessageAndTrim(
     return { ok: false, error: "Seuls les messages utilisateur sont éditables." };
   }
 
-  // Drop tout ce qui a été écrit après le message édité (réponses
-  // assistant, tool calls, agent events…). Comparaison stricte sur
-  // createdAt pour conserver le message lui-même.
-  await db
-    .delete(messages)
-    .where(
-      and(
-        eq(messages.conversationId, conversationId),
-        gt(messages.createdAt, target.createdAt)
+  // Transaction : élagage + édition doivent être atomiques. Sans ça, un crash
+  // entre le delete et l'update tronquerait l'historique tout en perdant
+  // l'édition. On supprime aussi le trail d'audit des messages élagués
+  // (agent_runs.messageId est ON DELETE SET NULL → suppression explicite).
+  await db.transaction(async (tx) => {
+    // Drop tout ce qui a été écrit après le message édité (réponses
+    // assistant, tool calls, agent events…). Comparaison stricte sur
+    // createdAt pour conserver le message lui-même.
+    const removed = await tx
+      .delete(messages)
+      .where(
+        and(
+          eq(messages.conversationId, conversationId),
+          gt(messages.createdAt, target.createdAt)
+        )
       )
-    );
-
-  await db
-    .update(messages)
-    .set({ content: parsed.data })
-    .where(eq(messages.id, messageId));
-
-  await db
-    .update(conversations)
-    .set({ updatedAt: new Date() })
-    .where(eq(conversations.id, conversationId));
+      .returning({ id: messages.id });
+    if (removed.length > 0) {
+      await tx.delete(agentRuns).where(
+        inArray(
+          agentRuns.messageId,
+          removed.map((r) => r.id)
+        )
+      );
+    }
+    await tx
+      .update(messages)
+      .set({ content: parsed.data })
+      .where(eq(messages.id, messageId));
+    await tx
+      .update(conversations)
+      .set({ updatedAt: new Date() })
+      .where(eq(conversations.id, conversationId));
+  });
 
   revalidatePath("/chat");
   return { ok: true };