feat: sessão #3 — lib (db/auth/email/validations), API routes, NextAuth v5, middleware, páginas account/shelters/shelter-dashboard, Prisma v7 fix

app/api/reservations/[id]/route.ts

@@ -0,0 +1,70 @@
+import { NextResponse } from 'next/server';
+import { auth } from '@/lib/auth/config';
+import { prisma } from '@/lib/db/prisma';
+import { updateReservationSchema } from '@/lib/validations/reservation';
+
+export async function PATCH(
+  request: Request,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  const session = await auth();
+  if (!session?.user?.id) {
+    return NextResponse.json({ error: 'Autenticação necessária.' }, { status: 401 });
+  }
+
+  const { id } = await params;
+  const body = await request.json();
+  const parsed = updateReservationSchema.safeParse(body);
+
+  if (!parsed.success) {
+    return NextResponse.json(
+      { error: 'Dados inválidos.', details: parsed.error.flatten() },
+      { status: 400 }
+    );
+  }
+
+  const reservation = await prisma.reservation.findUnique({
+    where: { id },
+    include: { animal: true },
+  });
+
+  if (!reservation) {
+    return NextResponse.json({ error: 'Reserva não encontrada.' }, { status: 404 });
+  }
+
+  const userRole = (session.user as { role?: string }).role;
+  const isOwner = reservation.userId === session.user.id;
+  const isShelterAdmin = userRole === 'SHELTER_ADMIN' || userRole === 'ADMIN';
+
+  if (!isOwner && !isShelterAdmin) {
+    return NextResponse.json({ error: 'Sem permissão.' }, { status: 403 });
+  }
+
+  const { status } = parsed.data;
+
+  const updated = await prisma.$transaction(async (tx) => {
+    const res = await tx.reservation.update({
+      where: { id },
+      data:  { status },
+    });
+
+    // Se cancelada, devolver animal a AVAILABLE
+    if (status === 'CANCELLED' && reservation.animal.status === 'RESERVED') {
+      await tx.animal.update({
+        where: { id: reservation.animalId },
+        data:  { status: 'AVAILABLE' },
+      });
+    }
+    // Se completada, marcar como ADOPTED
+    if (status === 'COMPLETED') {
+      await tx.animal.update({
+        where: { id: reservation.animalId },
+        data:  { status: 'ADOPTED' },
+      });
+    }
+
+    return res;
+  });
+
+  return NextResponse.json(updated);
+}