feat: Implement file upload and management features in ProjectViewPage

src/app/api/admin/users/[id]/route.js

@@ -4,8 +4,9 @@ import { withAdminAuth } from "@/lib/middleware/auth";
 
 // GET: Get user by ID (admin only)
 async function getUserHandler(req, { params }) {
+	const { id } = await params;
 	try {
-		const user = getUserById(params.id);
+		const user = getUserById(id);
 		
 		if (!user) {
 			return NextResponse.json(
@@ -29,9 +30,10 @@ async function getUserHandler(req, { params }) {
 
 // PUT: Update user (admin only)
 async function updateUserHandler(req, { params }) {
+	const { id } = await params;
 	try {
 		const data = await req.json();
-		const userId = params.id;
+		const userId = id;
 
 		// Prevent admin from deactivating themselves
 		if (data.is_active === false && userId === req.user.id) {
@@ -92,8 +94,9 @@ async function updateUserHandler(req, { params }) {
 
 // DELETE: Delete user (admin only)
 async function deleteUserHandler(req, { params }) {
+	const { id } = await params;
 	try {
-		const userId = params.id;
+		const userId = id;
 
 		// Prevent admin from deleting themselves
 		if (userId === req.user.id) {

src/app/api/files/[fileId]/route.js

@@ -6,9 +6,9 @@ import path from "path";
 import db from "@/lib/db";
 
 export async function GET(request, { params }) {
-	try {
-		const fileId = params.fileId;
+	const { fileId } = await params;
 
+	try {
 		// Get file info from database
 		const file = db.prepare(`
 			SELECT * FROM file_attachments WHERE file_id = ?
@@ -53,10 +53,94 @@ export async function GET(request, { params }) {
 	}
 }
 
-export async function DELETE(request, { params }) {
+export async function PUT(request, { params }) {
+	const { fileId } = await params;
 	try {
-		const fileId = params.fileId;
+		const body = await request.json();
+		const { description, original_filename } = body;
 
+		// Validate input
+		if (description !== undefined && typeof description !== 'string') {
+			return NextResponse.json(
+				{ error: "Description must be a string" },
+				{ status: 400 }
+			);
+		}
+
+		if (original_filename !== undefined && typeof original_filename !== 'string') {
+			return NextResponse.json(
+				{ error: "Original filename must be a string" },
+				{ status: 400 }
+			);
+		}
+
+		// Check if file exists
+		const existingFile = db.prepare(`
+			SELECT * FROM file_attachments WHERE file_id = ?
+		`).get(parseInt(fileId));
+
+		if (!existingFile) {
+			return NextResponse.json(
+				{ error: "File not found" },
+				{ status: 404 }
+			);
+		}
+
+		// Build update query
+		const updates = [];
+		const values = [];
+
+		if (description !== undefined) {
+			updates.push('description = ?');
+			values.push(description);
+		}
+
+		if (original_filename !== undefined) {
+			updates.push('original_filename = ?');
+			values.push(original_filename);
+		}
+
+		if (updates.length === 0) {
+			return NextResponse.json(
+				{ error: "No valid fields to update" },
+				{ status: 400 }
+			);
+		}
+
+		values.push(parseInt(fileId));
+
+		const result = db.prepare(`
+			UPDATE file_attachments 
+			SET ${updates.join(', ')}
+			WHERE file_id = ?
+		`).run(...values);
+
+		if (result.changes === 0) {
+			return NextResponse.json(
+				{ error: "File not found" },
+				{ status: 404 }
+			);
+		}
+
+		// Get updated file
+		const updatedFile = db.prepare(`
+			SELECT * FROM file_attachments WHERE file_id = ?
+		`).get(parseInt(fileId));
+
+		return NextResponse.json(updatedFile);
+
+	} catch (error) {
+		console.error("Error updating file:", error);
+		return NextResponse.json(
+			{ error: "Failed to update file" },
+			{ status: 500 }
+		);
+	}
+}
+
+export async function DELETE(request, { params }) {
+	const { fileId } = await params;
+	try {
 		// Get file info from database
 		const file = db.prepare(`
 			SELECT * FROM file_attachments WHERE file_id = ?

src/app/api/notes/route.js

@@ -110,7 +110,7 @@ async function createNoteHandler(req) {
 }
 
 async function deleteNoteHandler(req, { params }) {
-	const { id } = params;
+	const { id } = await params;
 
 	// Get note data before deletion for audit log
 	const note = db.prepare("SELECT * FROM notes WHERE note_id = ?").get(id);
@@ -137,7 +137,8 @@ async function deleteNoteHandler(req, { params }) {
 }
 
 async function updateNoteHandler(req, { params }) {
-	const noteId = params.id;
+	const { id } = await params;
+	const noteId = id;
 	const { note } = await req.json();
 
 	if (!note || !noteId) {

src/app/api/tasks/[id]/route.js

@@ -4,10 +4,11 @@ import { withReadAuth, withUserAuth } from "@/lib/middleware/auth";
 
 // GET: Get a specific task template
 async function getTaskHandler(req, { params }) {
+	const { id } = await params;
 	try {
 		const template = db
 			.prepare("SELECT * FROM tasks WHERE task_id = ? AND is_standard = 1")
-			.get(params.id);
+			.get(id);
 
 		if (!template) {
 			return NextResponse.json(
@@ -27,6 +28,7 @@ async function getTaskHandler(req, { params }) {
 
 // PUT: Update a task template
 async function updateTaskHandler(req, { params }) {
+	const { id } = await params;
 	try {
 		const { name, max_wait_days, description } = await req.json();
 
@@ -40,7 +42,7 @@ async function updateTaskHandler(req, { params }) {
 				 SET name = ?, max_wait_days = ?, description = ?
 				 WHERE task_id = ? AND is_standard = 1`
 			)
-			.run(name, max_wait_days || 0, description || null, params.id);
+			.run(name, max_wait_days || 0, description || null, id);
 
 		if (result.changes === 0) {
 			return NextResponse.json(
@@ -60,10 +62,11 @@ async function updateTaskHandler(req, { params }) {
 
 // DELETE: Delete a task template
 async function deleteTaskHandler(req, { params }) {
+	const { id } = await params;
 	try {
 		const result = db
 			.prepare("DELETE FROM tasks WHERE task_id = ? AND is_standard = 1")
-			.run(params.id);
+			.run(id);
 
 		if (result.changes === 0) {
 			return NextResponse.json(