From fcc8646ee40aaaaf80b9aec6155aa046dcbe5d34 Mon Sep 17 00:00:00 2001
From: Daniel Adu-Gyan <26229521+danieladugyan@users.noreply.github.com>
Date: Sun, 16 Nov 2025 10:52:11 +0100
Subject: [PATCH 1/9] Move door loading from page to layout

---
 .../(app)/admin/doors/{+page.server.ts => +layout.server.ts}  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename src/routes/(app)/admin/doors/{+page.server.ts => +layout.server.ts} (69%)

diff --git a/src/routes/(app)/admin/doors/+page.server.ts b/src/routes/(app)/admin/doors/+layout.server.ts
similarity index 69%
rename from src/routes/(app)/admin/doors/+page.server.ts
rename to src/routes/(app)/admin/doors/+layout.server.ts
index 5b6457849..140fdaa65 100644
--- a/src/routes/(app)/admin/doors/+page.server.ts
+++ b/src/routes/(app)/admin/doors/+layout.server.ts
@@ -1,8 +1,8 @@
 import apiNames from "$lib/utils/apiNames";
 import { authorize } from "$lib/utils/authorization";
-import type { PageServerLoad } from "./$types";
+import type { LayoutServerLoad } from "./$types";
 
-export const load: PageServerLoad = async ({ locals }) => {
+export const load: LayoutServerLoad = async ({ locals }) => {
   const { prisma, user } = locals;
   authorize(apiNames.DOOR.READ, user);
 

From f8998c904dc47cd0b2e512dd0198ce81a8af22f5 Mon Sep 17 00:00:00 2001
From: Daniel Adu-Gyan <26229521+danieladugyan@users.noreply.github.com>
Date: Sun, 16 Nov 2025 11:36:41 +0100
Subject: [PATCH 2/9] Implement /admin/doors layout

---
 .../(app)/admin/doors/+layout.server.ts       |  3 +-
 src/routes/(app)/admin/doors/+layout.svelte   | 46 +++++++++++++++++++
 2 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 src/routes/(app)/admin/doors/+layout.svelte

diff --git a/src/routes/(app)/admin/doors/+layout.server.ts b/src/routes/(app)/admin/doors/+layout.server.ts
index 140fdaa65..732f5677f 100644
--- a/src/routes/(app)/admin/doors/+layout.server.ts
+++ b/src/routes/(app)/admin/doors/+layout.server.ts
@@ -2,12 +2,13 @@ import apiNames from "$lib/utils/apiNames";
 import { authorize } from "$lib/utils/authorization";
 import type { LayoutServerLoad } from "./$types";
 
-export const load: LayoutServerLoad = async ({ locals }) => {
+export const load: LayoutServerLoad = async ({ locals, params }) => {
   const { prisma, user } = locals;
   authorize(apiNames.DOOR.READ, user);
 
   const doors = await prisma.door.findMany();
   return {
     doors,
+    slug: params.slug,
   };
 };
diff --git a/src/routes/(app)/admin/doors/+layout.svelte b/src/routes/(app)/admin/doors/+layout.svelte
new file mode 100644
index 000000000..4c1c16c76
--- /dev/null
+++ b/src/routes/(app)/admin/doors/+layout.svelte
@@ -0,0 +1,46 @@
+<script lang="ts">
+  import type { LayoutProps } from "./$types";
+  import { CardTitle } from "$lib/components/ui/card";
+  import DoorOpen from "@lucide/svelte/icons/door-open";
+
+  let { data, children }: LayoutProps = $props();
+  let doors = $derived(data.doors);
+  let selectedDoor = $derived(data.slug);
+</script>
+
+<main class="layout-container">
+  <h3 class="mb-3">Doors</h3>
+
+  <div class="grid grid-cols-1 gap-8 lg:grid-cols-[auto_1fr]">
+    <!-- Left column: list of doors -->
+    <section>
+      <div class="space-y-2">
+        {#each doors as door (door.id)}
+          {@const isCurrent = door.name == selectedDoor}
+          <a href="/admin/doors/edit/{door.name}" class="block">
+            <div
+              class={{
+                "rounded-lg border p-4 px-6": true,
+                "ring-rosa-background ring-2": isCurrent,
+                "hover:border-rosa-hover": !isCurrent,
+              }}
+            >
+              <div class="flex items-center justify-between gap-16">
+                <div>
+                  <CardTitle>{door.verboseName}</CardTitle>
+                </div>
+
+                <DoorOpen />
+              </div>
+            </div>
+          </a>
+        {/each}
+      </div>
+    </section>
+
+    <!-- Right column: policies for chosen door -->
+    <section>
+      {@render children()}
+    </section>
+  </div>
+</main>

From 6f2bc2620fae0d7eed04ab0f92f13e7f447c7090 Mon Sep 17 00:00:00 2001
From: Daniel Adu-Gyan <26229521+danieladugyan@users.noreply.github.com>
Date: Sun, 16 Nov 2025 11:37:22 +0100
Subject: [PATCH 3/9] Remove whitespace in doors +page.server.ts

---
 .../admin/doors/edit/[slug]/+page.server.ts   | 28 +++----------------
 1 file changed, 4 insertions(+), 24 deletions(-)

diff --git a/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts b/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
index 0fabe0e68..f5c626516 100644
--- a/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
+++ b/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
@@ -13,32 +13,12 @@ export const load: PageServerLoad = async ({ locals, params }) => {
   const doorAccessPolicies = await prisma.doorAccessPolicy.findMany({
     where: {
       doorName: params.slug,
-      OR: [
-        {
-          endDatetime: {
-            gte: new Date(),
-          },
-        },
-        {
-          endDatetime: null,
-        },
-      ],
+      OR: [{ endDatetime: { gte: new Date() } }, { endDatetime: null }],
     },
-    include: {
-      member: true,
-    },
-    orderBy: [
-      {
-        startDatetime: "asc",
-      },
-      {
-        role: "asc",
-      },
-      {
-        studentId: "asc",
-      },
-    ],
+    include: { member: true },
+    orderBy: [{ startDatetime: "asc" }, { role: "asc" }, { studentId: "asc" }],
   });
+
   return {
     doorAccessPolicies,
     createForm: await superValidate(zod4(createSchema), { id: "createForm" }),

From 2f6fdf1fc49c933d64e2cec20e08d447cb52dac3 Mon Sep 17 00:00:00 2001
From: Daniel Adu-Gyan <26229521+danieladugyan@users.noreply.github.com>
Date: Sun, 16 Nov 2025 11:37:55 +0100
Subject: [PATCH 4/9] Add /admin/doors empty state page

---
 src/routes/(app)/admin/doors/+page.svelte | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/routes/(app)/admin/doors/+page.svelte b/src/routes/(app)/admin/doors/+page.svelte
index 0a8eebb03..6f04679fa 100644
--- a/src/routes/(app)/admin/doors/+page.svelte
+++ b/src/routes/(app)/admin/doors/+page.svelte
@@ -1,5 +1,15 @@
-<script>
-  import NotImplemented from "$lib/components/NotImplemented.svelte";
+<script lang="ts">
+  import { Card, CardContent } from "$lib/components/ui/card";
+  import DoorClosed from "@lucide/svelte/icons/door-closed";
 </script>
 
-<NotImplemented />
+<Card>
+  <CardContent>
+    <div class="flex flex-col items-center gap-8 py-8">
+      <DoorClosed size={96} class="text-muted-foreground" />
+      <p class="text-muted-foreground">
+        Välj en dörr för att hantera åtkomstregler
+      </p>
+    </div>
+  </CardContent>
+</Card>

From 0542c9aab16d11e2a07dd018ef122be8b498167c Mon Sep 17 00:00:00 2001
From: Daniel Adu-Gyan <26229521+danieladugyan@users.noreply.github.com>
Date: Mon, 17 Nov 2025 23:26:24 +0100
Subject: [PATCH 5/9] Add door access rule form

---
 .../admin/doors/edit/[slug]/+page.server.ts   |  82 +++++----
 .../admin/doors/edit/[slug]/+page.svelte      | 156 +++++++++++++++++-
 2 files changed, 190 insertions(+), 48 deletions(-)

diff --git a/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts b/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
index f5c626516..e8dc79773 100644
--- a/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
+++ b/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
@@ -1,10 +1,11 @@
 import apiNames from "$lib/utils/apiNames";
 import { z } from "zod";
 import type { Actions, PageServerLoad } from "./$types";
-import { message, setError, superValidate } from "sveltekit-superforms/server";
+import { message, superValidate } from "sveltekit-superforms/server";
 import { zod4 } from "sveltekit-superforms/adapters";
 import { fail } from "@sveltejs/kit";
 import { authorize } from "$lib/utils/authorization";
+import authorizedPrismaClient from "$lib/server/authorizedPrisma";
 
 export const load: PageServerLoad = async ({ locals, params }) => {
   const { prisma, user } = locals;
@@ -21,23 +22,43 @@ export const load: PageServerLoad = async ({ locals, params }) => {
 
   return {
     doorAccessPolicies,
-    createForm: await superValidate(zod4(createSchema), { id: "createForm" }),
-    banForm: await superValidate(zod4(createSchema), { id: "banForm" }),
+    createForm: await superValidate(zod4(createSchema)),
     deleteForm: await superValidate(zod4(deleteSchema)),
   };
 };
 
 const createSchema = z
   .object({
-    studentId: z.string().min(1).optional(),
-    role: z.string().min(1).optional(),
+    subject: z.string().min(1),
+    type: z.enum(["member", "role"]).default("member"),
+    mode: z.enum(["allow", "deny"]).default("allow"),
     startDatetime: z.date().optional(),
     endDatetime: z.date().optional(),
-    information: z.string().optional(),
+    reason: z.string().optional(),
   })
-  .refine((data) => data.studentId != null || data.role != null, {
-    message: "Du måste ange roll eller student id",
-  });
+  .refine(
+    (data) => (data.startDatetime ?? 0) < (data.endDatetime ?? Infinity),
+    {
+      message: "Slutdatum kan inte vara före startdatum",
+      path: ["endDatetime"],
+    },
+  )
+  .refine(
+    async ({ type, subject }) => {
+      if (type === "member") {
+        // check if member exists
+        return await authorizedPrismaClient.member.findFirst({
+          where: { studentId: subject },
+        });
+      } else {
+        // check if role exists
+        return await authorizedPrismaClient.position.findFirst({
+          where: { id: { startsWith: `${subject}%` } },
+        });
+      }
+    },
+    { message: "Medlemmen/rollen finns inte", path: ["subject"] },
+  );
 
 const deleteSchema = z.object({
   id: z.string(),
@@ -49,47 +70,18 @@ export const actions: Actions = {
     const form = await superValidate(request, zod4(createSchema));
     if (!form.valid) return fail(400, { form });
     const doorName = params.slug;
-    const { studentId } = form.data;
-    if (
-      studentId &&
-      (await prisma.member.count({
-        where: { studentId },
-      })) <= 0
-    ) {
-      return setError(form, "studentId", "Medlemmen finns inte");
-    }
-    await prisma.doorAccessPolicy.create({
-      data: {
-        doorName,
-        ...form.data,
-      },
-    });
-    return message(form, {
-      message: "Dörrpolicy skapad",
-      type: "success",
-    });
-  },
-  ban: async ({ request, locals, params }) => {
-    const { prisma } = locals;
-    const form = await superValidate(request, zod4(createSchema));
-    if (!form.valid) return fail(400, { form });
-    const doorName = params.slug;
-    const { studentId } = form.data;
-    if (
-      studentId &&
-      (await prisma.member.count({
-        where: { studentId },
-      })) <= 0
-    ) {
-      return setError(form, "studentId", "Medlemmen finns inte");
-    }
+    const { mode, subject, type, startDatetime, endDatetime } = form.data;
+
     await prisma.doorAccessPolicy.create({
       data: {
         doorName,
-        isBan: true,
-        ...form.data,
+        startDatetime,
+        endDatetime,
+        isBan: mode === "deny",
+        ...(type === "member" ? { studentId: subject } : { role: subject }),
       },
     });
+
     return message(form, {
       message: "Dörrpolicy skapad",
       type: "success",
diff --git a/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte b/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
index 0a8eebb03..fc0459e20 100644
--- a/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
+++ b/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
@@ -1,5 +1,155 @@
-<script>
-  import NotImplemented from "$lib/components/NotImplemented.svelte";
+<script lang="ts">
+  import type { PageProps } from "./$types";
+  import { page } from "$app/state";
+  import {
+    Card,
+    CardContent,
+    CardDescription,
+    CardHeader,
+    CardTitle,
+  } from "$lib/components/ui/card";
+  import { Button } from "$lib/components/ui/button";
+  import { Label } from "$lib/components/ui/label";
+  import { Input } from "$lib/components/ui/input";
+  import {
+    Select,
+    SelectContent,
+    SelectItem,
+    SelectTrigger,
+  } from "$lib/components/ui/select";
+  import { superForm } from "$lib/utils/client/superForms";
+
+  let { data }: PageProps = $props();
+  const { form, errors, constraints, enhance } = superForm(data.createForm);
+
+  const types = [
+    { value: "member", label: "Member" },
+    { value: "role", label: "Role" },
+  ] as const;
+  let typeTrigger = $derived.by(() => {
+    const found = types.find((t) => t.value === $form.type);
+    return found ? found.label : "Choose type";
+  });
+
+  const modes = [
+    { value: "allow", label: "Allow" },
+    { value: "deny", label: "Deny" },
+  ] as const;
+  let modeTrigger = $derived.by(() => {
+    const found = modes.find((m) => m.value === $form.mode);
+    return found ? found.label : "Choose mode";
+  });
 </script>
 
-<NotImplemented />
+<div class="space-y-6">
+  <!-- Form -->
+  <Card>
+    <CardHeader>
+      <CardTitle>Add Access Rule</CardTitle>
+      <CardDescription>
+        Grant or restrict access to {page.params["slug"]}
+      </CardDescription>
+    </CardHeader>
+    <CardContent>
+      <form class="space-y-4" method="POST" action="?/create" use:enhance>
+        <div class="grid grid-cols-1 gap-4 sm:grid-cols-4">
+          <div class="space-y-2 sm:col-span-2">
+            <Label for="subject">Subject</Label>
+            <Input
+              id="subject"
+              name="subject"
+              placeholder="e.g., John Doe or dsek.cpu"
+              aria-invalid={$errors.subject ? "true" : undefined}
+              bind:value={$form.subject}
+              {...$constraints.subject}
+            />
+          </div>
+
+          <div class="space-y-2">
+            <Label for="type">Type</Label>
+            <Select
+              type="single"
+              name="type"
+              bind:value={$form.type}
+              {...$constraints.type}
+            >
+              <SelectTrigger id="type" class="w-full">
+                {typeTrigger}
+              </SelectTrigger>
+              <SelectContent>
+                {#each types as t (t.value)}
+                  <SelectItem value={t.value} label={t.label}>
+                    {t.label}
+                  </SelectItem>
+                {/each}
+              </SelectContent>
+            </Select>
+          </div>
+
+          <div class="space-y-2">
+            <Label for="mode">Mode</Label>
+            <Select
+              type="single"
+              name="mode"
+              bind:value={$form.mode}
+              {...$constraints.mode}
+            >
+              <SelectTrigger id="mode" class="w-full">
+                {modeTrigger}
+              </SelectTrigger>
+              <SelectContent>
+                {#each modes as m (m.value)}
+                  <SelectItem value={m.value} label={m.label}>
+                    {m.label}
+                  </SelectItem>
+                {/each}
+              </SelectContent>
+            </Select>
+          </div>
+        </div>
+
+        <div class="grid grid-cols-1 gap-4 sm:grid-cols-2">
+          <div class="space-y-2">
+            <Label for="start-date">Start Date (Optional)</Label>
+            <Input
+              id="start-date"
+              type="date"
+              name="startDatetime"
+              aria-invalid={$errors.startDatetime ? "true" : undefined}
+              bind:value={$form.startDatetime}
+              {...$constraints.startDatetime}
+            />
+          </div>
+
+          <div class="space-y-2">
+            <Label for="end-date">End Date (Optional)</Label>
+            <Input
+              id="end-date"
+              type="date"
+              name="endDatetime"
+              aria-invalid={$errors.endDatetime ? "true" : undefined}
+              bind:value={$form.endDatetime}
+              {...$constraints.endDatetime}
+            />
+          </div>
+        </div>
+
+        <div class="space-y-2 sm:col-span-2">
+          <Label for="entity-name">Reason (Optional)</Label>
+          <Input
+            id="entity-name"
+            placeholder="Why is this rule added?"
+            name="reason"
+            aria-invalid={$errors.reason ? "true" : undefined}
+            bind:value={$form.reason}
+            {...$constraints.reason}
+          />
+        </div>
+
+        <Button type="submit" class="w-full">Add Rule</Button>
+      </form>
+    </CardContent>
+  </Card>
+
+  <!-- Access policy list -->
+</div>

From eaa616d03206053747d9322b2a98f91f9d703f4a Mon Sep 17 00:00:00 2001
From: Daniel Adu-Gyan <26229521+danieladugyan@users.noreply.github.com>
Date: Tue, 18 Nov 2025 00:14:41 +0100
Subject: [PATCH 6/9] Add door access list

---
 .../admin/doors/edit/[slug]/+page.server.ts   |  2 +
 .../admin/doors/edit/[slug]/+page.svelte      | 65 +++++++++++++++++++
 2 files changed, 67 insertions(+)

diff --git a/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts b/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
index e8dc79773..5209ce226 100644
--- a/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
+++ b/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
@@ -27,6 +27,8 @@ export const load: PageServerLoad = async ({ locals, params }) => {
   };
 };
 
+// TODO: require reason and end date for member rules
+// TODO: don't allow banning groups since this is not implemented
 const createSchema = z
   .object({
     subject: z.string().min(1),
diff --git a/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte b/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
index fc0459e20..85fc2baac 100644
--- a/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
+++ b/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
@@ -18,8 +18,12 @@
     SelectTrigger,
   } from "$lib/components/ui/select";
   import { superForm } from "$lib/utils/client/superForms";
+  import TrashIcon from "@lucide/svelte/icons/trash";
+  import { getFullName } from "$lib/utils/client/member";
+  import { Badge } from "$lib/components/ui/badge";
 
   let { data }: PageProps = $props();
+  let policies = $derived(data.doorAccessPolicies);
   const { form, errors, constraints, enhance } = superForm(data.createForm);
 
   const types = [
@@ -52,6 +56,7 @@
     </CardHeader>
     <CardContent>
       <form class="space-y-4" method="POST" action="?/create" use:enhance>
+        <!-- TODO: display toast on success and form errors on failure -->
         <div class="grid grid-cols-1 gap-4 sm:grid-cols-4">
           <div class="space-y-2 sm:col-span-2">
             <Label for="subject">Subject</Label>
@@ -152,4 +157,64 @@
   </Card>
 
   <!-- Access policy list -->
+  <Card>
+    <CardHeader>
+      <CardTitle>Current Rules</CardTitle>
+      <CardDescription>
+        {#if policies.length === 0}
+          No access policies configured yet
+        {:else}
+          {policies.length} rule{policies.length !== 1 ? "s" : ""} configured
+        {/if}
+      </CardDescription>
+    </CardHeader>
+    {#if policies.length > 0}
+      <CardContent>
+        <ul class="m-0 space-y-3">
+          {#each policies as policy (policy.id)}
+            {@const type = policy.studentId === null ? "role" : "member"}
+            <li class="flex items-center justify-between rounded-md border p-4">
+              <div>
+                <div class="flex items-center gap-2">
+                  <p class="mt-0 font-medium">
+                    {#if type === "member"}
+                      {getFullName(policy.member!, { hideNickname: true })}
+                    {:else}
+                      {policy.role}
+                    {/if}
+                  </p>
+                  <Badge variant="outline">
+                    {#if type === "member"}
+                      Member
+                    {:else}
+                      Role
+                    {/if}
+                  </Badge>
+                  {#if policy.isBan}
+                    <Badge variant="rosa">Banned</Badge>
+                  {/if}
+                  {#if policy.endDatetime}
+                    <Badge variant="rosa">
+                      Expires {policy.endDatetime.toLocaleDateString("sv")}
+                    </Badge>
+                  {/if}
+                </div>
+                {#if policy.information}
+                  <p class="text-muted-foreground text-sm">
+                    Reason: {policy.information}
+                  </p>
+                {/if}
+              </div>
+              <form method="POST" action="?/delete" class="ml-4">
+                <input type="hidden" name="id" value={policy.id} />
+                <Button type="submit" size="icon" aria-label="Delete">
+                  <TrashIcon />
+                </Button>
+              </form>
+            </li>
+          {/each}
+        </ul>
+      </CardContent>
+    {/if}
+  </Card>
 </div>

From e7525f0f0a72c756fa186712dd1241a7aec8d958 Mon Sep 17 00:00:00 2001
From: Daniel Adu-Gyan <26229521+danieladugyan@users.noreply.github.com>
Date: Tue, 18 Nov 2025 00:51:37 +0100
Subject: [PATCH 7/9] Add door access delete dialog

---
 .../admin/doors/edit/[slug]/+page.svelte      | 64 +++++++++++++++++--
 1 file changed, 58 insertions(+), 6 deletions(-)

diff --git a/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte b/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
index 85fc2baac..30c9e3be6 100644
--- a/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
+++ b/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
@@ -1,6 +1,7 @@
 <script lang="ts">
   import type { PageProps } from "./$types";
   import { page } from "$app/state";
+  import { enhance as svEnhance } from "$app/forms";
   import {
     Card,
     CardContent,
@@ -21,6 +22,16 @@
   import TrashIcon from "@lucide/svelte/icons/trash";
   import { getFullName } from "$lib/utils/client/member";
   import { Badge } from "$lib/components/ui/badge";
+  import {
+    AlertDialog,
+    AlertDialogAction,
+    AlertDialogCancel,
+    AlertDialogContent,
+    AlertDialogDescription,
+    AlertDialogFooter,
+    AlertDialogHeader,
+    AlertDialogTitle,
+  } from "$lib/components/ui/alert-dialog";
 
   let { data }: PageProps = $props();
   let policies = $derived(data.doorAccessPolicies);
@@ -43,6 +54,10 @@
     const found = modes.find((m) => m.value === $form.mode);
     return found ? found.label : "Choose mode";
   });
+
+  let open = $state(false);
+  let selectedPolicy: (typeof data)["doorAccessPolicies"][number] | null =
+    $state(null);
 </script>
 
 <div class="space-y-6">
@@ -205,12 +220,18 @@
                   </p>
                 {/if}
               </div>
-              <form method="POST" action="?/delete" class="ml-4">
-                <input type="hidden" name="id" value={policy.id} />
-                <Button type="submit" size="icon" aria-label="Delete">
-                  <TrashIcon />
-                </Button>
-              </form>
+
+              <Button
+                type="submit"
+                size="icon"
+                aria-label="Delete"
+                onclick={() => {
+                  open = true;
+                  selectedPolicy = policy;
+                }}
+              >
+                <TrashIcon />
+              </Button>
             </li>
           {/each}
         </ul>
@@ -218,3 +239,34 @@
     {/if}
   </Card>
 </div>
+
+<!-- Delete dialog -->
+<AlertDialog bind:open>
+  {#if selectedPolicy}
+    <AlertDialogContent>
+      <AlertDialogHeader>
+        <AlertDialogTitle>Ta bort åtkomstregel</AlertDialogTitle>
+        <AlertDialogDescription>
+          Är du säher på att du vill ta bort åtkomstregeln för <b>
+            {selectedPolicy.role || getFullName(selectedPolicy.member!)}
+          </b>
+          till <b>{selectedPolicy.doorName}</b>?
+        </AlertDialogDescription>
+      </AlertDialogHeader>
+      <AlertDialogFooter>
+        <AlertDialogCancel>Cancel</AlertDialogCancel>
+        <form
+          method="POST"
+          action="?/delete"
+          class="contents"
+          use:svEnhance={() => {
+            open = false;
+          }}
+        >
+          <input type="hidden" name="id" value={selectedPolicy.id} />
+          <AlertDialogAction type="submit">Continue</AlertDialogAction>
+        </form>
+      </AlertDialogFooter>
+    </AlertDialogContent>
+  {/if}
+</AlertDialog>

From 43ace06257265c89bfe40f3b874f3e1b078a08d8 Mon Sep 17 00:00:00 2001
From: Daniel Adu-Gyan <26229521+danieladugyan@users.noreply.github.com>
Date: Wed, 26 Nov 2025 06:27:36 +0100
Subject: [PATCH 8/9] Refactor door access management

- update translations
- enhance error handling
- improve UI components
---
 src/database/seed/data.ts                     |  1 -
 src/routes/(app)/admin/doors/+error.svelte    | 16 ++++
 src/routes/(app)/admin/doors/+layout.svelte   | 13 ++--
 src/routes/(app)/admin/doors/+page.svelte     |  3 +-
 .../admin/doors/edit/[slug]/+page.server.ts   | 19 +++--
 .../admin/doors/edit/[slug]/+page.svelte      | 77 +++++++++++--------
 src/translations/en.json                      | 37 ++++++---
 src/translations/sv.json                      | 37 ++++++---
 8 files changed, 132 insertions(+), 71 deletions(-)
 create mode 100644 src/routes/(app)/admin/doors/+error.svelte

diff --git a/src/database/seed/data.ts b/src/database/seed/data.ts
index 241b45afb..15c4606d7 100644
--- a/src/database/seed/data.ts
+++ b/src/database/seed/data.ts
@@ -218,7 +218,6 @@ export const models: SeedClientOptions["models"] = {
   },
   doorAccessPolicy: {
     data: {
-      role: "dsek",
       startDatetime: () => faker.helpers.maybe(() => faker.date.past()) ?? null,
       endDatetime: (ctx) =>
         ctx.data.startDatetime && Math.random() > 0.5
diff --git a/src/routes/(app)/admin/doors/+error.svelte b/src/routes/(app)/admin/doors/+error.svelte
new file mode 100644
index 000000000..c2e95ea9e
--- /dev/null
+++ b/src/routes/(app)/admin/doors/+error.svelte
@@ -0,0 +1,16 @@
+<script lang="ts">
+  import { page } from "$app/state";
+  import { Card, CardContent } from "$lib/components/ui/card";
+  import Error from "@lucide/svelte/icons/octagon-x";
+</script>
+
+<Card>
+  <CardContent>
+    <div class="flex flex-col items-center gap-8 py-8">
+      <Error size={96} class="text-muted-foreground" />
+      <h1 class="text-muted-foreground">
+        {page.status}: {page.error?.message}
+      </h1>
+    </div>
+  </CardContent>
+</Card>
diff --git a/src/routes/(app)/admin/doors/+layout.svelte b/src/routes/(app)/admin/doors/+layout.svelte
index 4c1c16c76..4ada03aa6 100644
--- a/src/routes/(app)/admin/doors/+layout.svelte
+++ b/src/routes/(app)/admin/doors/+layout.svelte
@@ -2,6 +2,7 @@
   import type { LayoutProps } from "./$types";
   import { CardTitle } from "$lib/components/ui/card";
   import DoorOpen from "@lucide/svelte/icons/door-open";
+  import * as m from "$paraglide/messages";
 
   let { data, children }: LayoutProps = $props();
   let doors = $derived(data.doors);
@@ -9,18 +10,18 @@
 </script>
 
 <main class="layout-container">
-  <h3 class="mb-3">Doors</h3>
+  <h3 class="mb-3">{m.doors()}</h3>
 
   <div class="grid grid-cols-1 gap-8 lg:grid-cols-[auto_1fr]">
     <!-- Left column: list of doors -->
     <section>
-      <div class="space-y-2">
+      <ul class="m-0 space-y-2">
         {#each doors as door (door.id)}
           {@const isCurrent = door.name == selectedDoor}
           <a href="/admin/doors/edit/{door.name}" class="block">
-            <div
+            <li
               class={{
-                "rounded-lg border p-4 px-6": true,
+                "list-none rounded-lg border p-4 px-6": true,
                 "ring-rosa-background ring-2": isCurrent,
                 "hover:border-rosa-hover": !isCurrent,
               }}
@@ -32,10 +33,10 @@
 
                 <DoorOpen />
               </div>
-            </div>
+            </li>
           </a>
         {/each}
-      </div>
+      </ul>
     </section>
 
     <!-- Right column: policies for chosen door -->
diff --git a/src/routes/(app)/admin/doors/+page.svelte b/src/routes/(app)/admin/doors/+page.svelte
index 6f04679fa..5420067cd 100644
--- a/src/routes/(app)/admin/doors/+page.svelte
+++ b/src/routes/(app)/admin/doors/+page.svelte
@@ -1,6 +1,7 @@
 <script lang="ts">
   import { Card, CardContent } from "$lib/components/ui/card";
   import DoorClosed from "@lucide/svelte/icons/door-closed";
+  import * as m from "$paraglide/messages";
 </script>
 
 <Card>
@@ -8,7 +9,7 @@
     <div class="flex flex-col items-center gap-8 py-8">
       <DoorClosed size={96} class="text-muted-foreground" />
       <p class="text-muted-foreground">
-        Välj en dörr för att hantera åtkomstregler
+        {m.admin_doors_choose()}
       </p>
     </div>
   </CardContent>
diff --git a/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts b/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
index 5209ce226..14bc2a184 100644
--- a/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
+++ b/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
@@ -3,14 +3,20 @@ import { z } from "zod";
 import type { Actions, PageServerLoad } from "./$types";
 import { message, superValidate } from "sveltekit-superforms/server";
 import { zod4 } from "sveltekit-superforms/adapters";
-import { fail } from "@sveltejs/kit";
+import { error, fail } from "@sveltejs/kit";
 import { authorize } from "$lib/utils/authorization";
 import authorizedPrismaClient from "$lib/server/authorizedPrisma";
+import * as m from "$paraglide/messages";
 
-export const load: PageServerLoad = async ({ locals, params }) => {
+export const load: PageServerLoad = async ({ locals, params, parent }) => {
   const { prisma, user } = locals;
   authorize(apiNames.DOOR.READ, user);
 
+  const { doors } = await parent();
+  const door = doors.find((door) => door.name === params.slug);
+
+  if (!door) error(404, m.admin_doors_notFound());
+
   const doorAccessPolicies = await prisma.doorAccessPolicy.findMany({
     where: {
       doorName: params.slug,
@@ -21,6 +27,7 @@ export const load: PageServerLoad = async ({ locals, params }) => {
   });
 
   return {
+    door,
     doorAccessPolicies,
     createForm: await superValidate(zod4(createSchema)),
     deleteForm: await superValidate(zod4(deleteSchema)),
@@ -41,7 +48,7 @@ const createSchema = z
   .refine(
     (data) => (data.startDatetime ?? 0) < (data.endDatetime ?? Infinity),
     {
-      message: "Slutdatum kan inte vara före startdatum",
+      message: m.admin_doors_endDateBeforeStart(),
       path: ["endDatetime"],
     },
   )
@@ -59,7 +66,7 @@ const createSchema = z
         });
       }
     },
-    { message: "Medlemmen/rollen finns inte", path: ["subject"] },
+    { message: m.admin_doors_memberOrRoleNotFound(), path: ["subject"] },
   );
 
 const deleteSchema = z.object({
@@ -85,7 +92,7 @@ export const actions: Actions = {
     });
 
     return message(form, {
-      message: "Dörrpolicy skapad",
+      message: m.admin_doors_ruleCreated(),
       type: "success",
     });
   },
@@ -98,7 +105,7 @@ export const actions: Actions = {
       where: { id },
     });
     return message(form, {
-      message: "Dörrpolicy raderad",
+      message: m.admin_doors_ruleDeleted(),
       type: "success",
     });
   },
diff --git a/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte b/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
index 30c9e3be6..448221b4a 100644
--- a/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
+++ b/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
@@ -1,6 +1,5 @@
 <script lang="ts">
   import type { PageProps } from "./$types";
-  import { page } from "$app/state";
   import { enhance as svEnhance } from "$app/forms";
   import {
     Card,
@@ -32,27 +31,29 @@
     AlertDialogHeader,
     AlertDialogTitle,
   } from "$lib/components/ui/alert-dialog";
+  import * as m from "$paraglide/messages";
 
   let { data }: PageProps = $props();
+  let door = $derived(data.door);
   let policies = $derived(data.doorAccessPolicies);
   const { form, errors, constraints, enhance } = superForm(data.createForm);
 
   const types = [
-    { value: "member", label: "Member" },
-    { value: "role", label: "Role" },
+    { value: "member", label: m.admin_doors_member() },
+    { value: "role", label: m.admin_doors_role() },
   ] as const;
   let typeTrigger = $derived.by(() => {
     const found = types.find((t) => t.value === $form.type);
-    return found ? found.label : "Choose type";
+    return found!.label;
   });
 
   const modes = [
-    { value: "allow", label: "Allow" },
-    { value: "deny", label: "Deny" },
+    { value: "allow", label: m.admin_doors_allow() },
+    { value: "deny", label: m.admin_doors_deny() },
   ] as const;
   let modeTrigger = $derived.by(() => {
     const found = modes.find((m) => m.value === $form.mode);
-    return found ? found.label : "Choose mode";
+    return found!.label;
   });
 
   let open = $state(false);
@@ -64,9 +65,9 @@
   <!-- Form -->
   <Card>
     <CardHeader>
-      <CardTitle>Add Access Rule</CardTitle>
+      <CardTitle>{m.admin_doors_addAccessRule()}</CardTitle>
       <CardDescription>
-        Grant or restrict access to {page.params["slug"]}
+        {m.admin_doors_grantOrRestrict({ door: door.verboseName })}
       </CardDescription>
     </CardHeader>
     <CardContent>
@@ -74,11 +75,17 @@
         <!-- TODO: display toast on success and form errors on failure -->
         <div class="grid grid-cols-1 gap-4 sm:grid-cols-4">
           <div class="space-y-2 sm:col-span-2">
-            <Label for="subject">Subject</Label>
+            <Label for="subject">
+              {#if $form.type === "member"}
+                {m.admin_doors_member()}
+              {:else}
+                {m.admin_doors_role()}
+              {/if}
+            </Label>
             <Input
               id="subject"
               name="subject"
-              placeholder="e.g., John Doe or dsek.cpu"
+              placeholder={$form.type === "member" ? "ab1234cd-s" : "dsek.cpu"}
               aria-invalid={$errors.subject ? "true" : undefined}
               bind:value={$form.subject}
               {...$constraints.subject}
@@ -86,7 +93,7 @@
           </div>
 
           <div class="space-y-2">
-            <Label for="type">Type</Label>
+            <Label for="type">{m.admin_doors_type()}</Label>
             <Select
               type="single"
               name="type"
@@ -107,7 +114,7 @@
           </div>
 
           <div class="space-y-2">
-            <Label for="mode">Mode</Label>
+            <Label for="mode">{m.admin_doors_mode()}</Label>
             <Select
               type="single"
               name="mode"
@@ -130,7 +137,7 @@
 
         <div class="grid grid-cols-1 gap-4 sm:grid-cols-2">
           <div class="space-y-2">
-            <Label for="start-date">Start Date (Optional)</Label>
+            <Label for="start-date">{m.admin_doors_startDate()}</Label>
             <Input
               id="start-date"
               type="date"
@@ -142,7 +149,7 @@
           </div>
 
           <div class="space-y-2">
-            <Label for="end-date">End Date (Optional)</Label>
+            <Label for="end-date">{m.admin_doors_endDate()}</Label>
             <Input
               id="end-date"
               type="date"
@@ -155,10 +162,10 @@
         </div>
 
         <div class="space-y-2 sm:col-span-2">
-          <Label for="entity-name">Reason (Optional)</Label>
+          <Label for="entity-name">{m.admin_doors_reasonLabel()}</Label>
           <Input
             id="entity-name"
-            placeholder="Why is this rule added?"
+            placeholder={m.admin_doors_reasonPlaceholder()}
             name="reason"
             aria-invalid={$errors.reason ? "true" : undefined}
             bind:value={$form.reason}
@@ -166,7 +173,9 @@
           />
         </div>
 
-        <Button type="submit" class="w-full">Add Rule</Button>
+        <Button type="submit" class="w-full">
+          {m.admin_doors_add()}
+        </Button>
       </form>
     </CardContent>
   </Card>
@@ -174,12 +183,12 @@
   <!-- Access policy list -->
   <Card>
     <CardHeader>
-      <CardTitle>Current Rules</CardTitle>
+      <CardTitle>{m.admin_doors_currentRules()}</CardTitle>
       <CardDescription>
         {#if policies.length === 0}
-          No access policies configured yet
+          {m.admin_doors_noRules()}
         {:else}
-          {policies.length} rule{policies.length !== 1 ? "s" : ""} configured
+          {m.admin_doors_numRules({ count: policies.length })}
         {/if}
       </CardDescription>
     </CardHeader>
@@ -200,23 +209,24 @@
                   </p>
                   <Badge variant="outline">
                     {#if type === "member"}
-                      Member
+                      {m.admin_doors_member()}
                     {:else}
-                      Role
+                      {m.admin_doors_role()}
                     {/if}
                   </Badge>
                   {#if policy.isBan}
-                    <Badge variant="rosa">Banned</Badge>
+                    <Badge variant="rosa">{m.admin_doors_banned()}</Badge>
                   {/if}
                   {#if policy.endDatetime}
                     <Badge variant="rosa">
-                      Expires {policy.endDatetime.toLocaleDateString("sv")}
+                      {m.admin_doors_expires()}
+                      {policy.endDatetime.toLocaleDateString("sv")}
                     </Badge>
                   {/if}
                 </div>
                 {#if policy.information}
                   <p class="text-muted-foreground text-sm">
-                    Reason: {policy.information}
+                    {m.admin_doors_reason()}: {policy.information}
                   </p>
                 {/if}
               </div>
@@ -243,18 +253,19 @@
 <!-- Delete dialog -->
 <AlertDialog bind:open>
   {#if selectedPolicy}
+    {@const subject =
+      selectedPolicy.role ||
+      getFullName(selectedPolicy.member!, { hideNickname: true })}
     <AlertDialogContent>
       <AlertDialogHeader>
-        <AlertDialogTitle>Ta bort åtkomstregel</AlertDialogTitle>
+        <AlertDialogTitle>{m.admin_doors_removeAccessRule()}</AlertDialogTitle>
         <AlertDialogDescription>
-          Är du säher på att du vill ta bort åtkomstregeln för <b>
-            {selectedPolicy.role || getFullName(selectedPolicy.member!)}
-          </b>
-          till <b>{selectedPolicy.doorName}</b>?
+          <!-- eslint-disable-next-line svelte/no-at-html-tags -->
+          {@html m.admin_doors_areYouSure({ door: door.verboseName, subject })}
         </AlertDialogDescription>
       </AlertDialogHeader>
       <AlertDialogFooter>
-        <AlertDialogCancel>Cancel</AlertDialogCancel>
+        <AlertDialogCancel>{m.cancel()}</AlertDialogCancel>
         <form
           method="POST"
           action="?/delete"
@@ -264,7 +275,7 @@
           }}
         >
           <input type="hidden" name="id" value={selectedPolicy.id} />
-          <AlertDialogAction type="submit">Continue</AlertDialogAction>
+          <AlertDialogAction type="submit">{m.save()}</AlertDialogAction>
         </form>
       </AlertDialogFooter>
     </AlertDialogContent>
diff --git a/src/translations/en.json b/src/translations/en.json
index 4d11bff7a..478f4cde1 100644
--- a/src/translations/en.json
+++ b/src/translations/en.json
@@ -204,22 +204,35 @@
   "admin_alerts_alertCreated": "Global alert created",
   "admin_alerts_alertRemoved": "Global alert removed",
   "admin_doors_door": "Door",
+  "admin_doors_choose": "Choose a door to manage access rules",
   "admin_doors_role": "Role",
   "admin_doors_member": "Member",
-  "admin_doors_roleMember": "Role/member",
-  "admin_doors_startDate": "Start date",
-  "admin_doors_endDate": "End date",
+  "admin_doors_allow": "Allow",
+  "admin_doors_deny": "Deny",
+  "admin_doors_type": "Type",
+  "admin_doors_mode": "Mode",
+  "admin_doors_addAccessRule": "Add access rule",
+  "admin_doors_removeAccessRule": "Remove access rule",
+  "admin_doors_grantOrRestrict": "Grant or restrict access to {door}",
+  "admin_doors_startDate": "Start date (optional)",
+  "admin_doors_endDate": "End date (optional)",
+  "admin_doors_reasonLabel": "Reason (optional)",
+  "admin_doors_reasonPlaceholder": "Why is this rule added?",
+  "admin_doors_add": "Add rule",
   "admin_doors_remove": "Remove",
-  "admin_doors_add": "Add",
   "admin_doors_edit": "Edit",
-  "admin_doors_info": "Additional information",
-  "admin_doors_revokeDoorAccess": "Revoke door access",
-  "admin_doors_grantDoorAccess": "Grant door access",
-  "admin_doors_startDateOptional": "Start date (optional)",
-  "admin_doors_endDateOptional": "End date (optional)",
-  "admin_doors_revokeAreYouSure": "Are you sure you want to revoke access to <b class=\"capitalize\">{door}</b> for <b>{target}</b>?",
-  "admin_doors_revokeBanAreYouSure": "Are you sure you want to rescind the ban to <b class=\"capitalize\">{door}</b> for <b>{target}</b>?",
-  "admin_doors_profileAvatar": "Profile avatar",
+  "admin_doors_currentRules": "Current access rules",
+  "admin_doors_noRules": "No access rules configured yet",
+  "admin_doors_numRules": "{count} rule(s) configured",
+  "admin_doors_banned": "Banned",
+  "admin_doors_expires": "Expires",
+  "admin_doors_reason": "Anledning",
+  "admin_doors_areYouSure": "Are you sure you want to remove the access rule for <b>{subject}</b> to <b>{door}</b>?",
+  "admin_doors_notFound": "Door does not exist",
+  "admin_doors_endDateBeforeStart": "End date cannot be before start date",
+  "admin_doors_memberOrRoleNotFound": "The member/role does not exist",
+  "admin_doors_ruleCreated": "Access rule created",
+  "admin_doors_ruleDeleted": "Access rule removed",
   "admin_emailalias_add": "Create",
   "admin_emailalias_addAlias": "Create an email alias",
   "admin_emailalias_addAliasDescription": "Enter the email alias you'd like to create.",
diff --git a/src/translations/sv.json b/src/translations/sv.json
index 6b8409708..ca4dcd2b3 100644
--- a/src/translations/sv.json
+++ b/src/translations/sv.json
@@ -204,22 +204,35 @@
   "admin_alerts_alertCreated": "Globalt meddelande skapad",
   "admin_alerts_alertRemoved": "Globalt meddelande borttagen",
   "admin_doors_door": "Dörr",
+  "admin_doors_choose": "Välj en dörr för att hantera åtkomstregler",
   "admin_doors_role": "Roll",
   "admin_doors_member": "Medlem",
-  "admin_doors_roleMember": "Roll/medlem",
-  "admin_doors_startDate": "Startdatum",
-  "admin_doors_endDate": "Slutdatum",
+  "admin_doors_allow": "Tillåt",
+  "admin_doors_deny": "Neka",
+  "admin_doors_type": "Typ",
+  "admin_doors_mode": "Läge",
+  "admin_doors_addAccessRule": "Lägg till åtkomstregel",
+  "admin_doors_removeAccessRule": "Ta bort åtkomstregel",
+  "admin_doors_grantOrRestrict": "Ge eller neka åtkomst till {door}",
+  "admin_doors_startDate": "Startdatum (valfritt)",
+  "admin_doors_endDate": "Slutdatum (valfritt)",
+  "admin_doors_reasonLabel": "Anledning (valfritt)",
+  "admin_doors_reasonPlaceholder": "Varför läggs denna regel till?",
+  "admin_doors_add": "Lägg till regel",
   "admin_doors_remove": "Ta bort",
-  "admin_doors_add": "Lägg till",
   "admin_doors_edit": "Redigera",
-  "admin_doors_info": "Extra information",
-  "admin_doors_revokeDoorAccess": "Återkalla dörråtkomst",
-  "admin_doors_grantDoorAccess": "Ge dörråtkomst",
-  "admin_doors_startDateOptional": "Startdatum (frivilligt)",
-  "admin_doors_endDateOptional": "Slutdatum (frivilligt)",
-  "admin_doors_revokeAreYouSure": "Är du säker på att du vill återkalla åtkomst till <b class=\"capitalize\">{door}</b> för <b>{target}</b>?",
-  "admin_doors_revokeBanAreYouSure": "Är du säker på att du vill ta bort spärren till <b class=\"capitalize\">{door}</b> för <b>{target}</b>?",
-  "admin_doors_profileAvatar": "Profilavatar",
+  "admin_doors_currentRules": "Nuvarande åtkomstregler",
+  "admin_doors_noRules": "Inga åtkomstregler konfigurerade än",
+  "admin_doors_numRules": "{count} regel(er) konfigurerade",
+  "admin_doors_banned": "Spärrad",
+  "admin_doors_expires": "Upphör",
+  "admin_doors_reason": "Anledning",
+  "admin_doors_areYouSure": "Är du säher på att du vill ta bort åtkomstregeln för <b>{subject}</b> till <b>{door}</b>?",
+  "admin_doors_notFound": "Dörren finns ej",
+  "admin_doors_endDateBeforeStart": "Slutdatum kan inte vara före startdatum",
+  "admin_doors_memberOrRoleNotFound": "Medlemmen/rollen finns inte",
+  "admin_doors_ruleCreated": "Åtkomstregel skapad",
+  "admin_doors_ruleDeleted": "Åtkomstregel borttagen",
   "admin_emailalias_add": "Skapa",
   "admin_emailalias_addAlias": "Skapa ett nytt mejlalias",
   "admin_emailalias_addAliasDescription": "Fyll i mailaliaset du hade velat skapa.",

From 79f21bcf9b669d12ba43ac664f27035b937316b5 Mon Sep 17 00:00:00 2001
From: Daniel Adu-Gyan <26229521+danieladugyan@users.noreply.github.com>
Date: Wed, 26 Nov 2025 07:35:04 +0100
Subject: [PATCH 9/9] Enhance form validation and fix date handling

- Dates are string instead to align with input element
- Start and end date times are set using correct time zone
---
 .../admin/doors/edit/[slug]/+page.server.ts   | 71 ++++++++++++++-----
 .../admin/doors/edit/[slug]/+page.svelte      |  4 +-
 src/translations/en.json                      |  3 +
 src/translations/sv.json                      |  3 +
 4 files changed, 61 insertions(+), 20 deletions(-)

diff --git a/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts b/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
index 14bc2a184..b05ddb1f9 100644
--- a/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
+++ b/src/routes/(app)/admin/doors/edit/[slug]/+page.server.ts
@@ -7,6 +7,11 @@ import { error, fail } from "@sveltejs/kit";
 import { authorize } from "$lib/utils/authorization";
 import authorizedPrismaClient from "$lib/server/authorizedPrisma";
 import * as m from "$paraglide/messages";
+import dayjs from "dayjs";
+import utc from "dayjs/plugin/utc";
+import timezone from "dayjs/plugin/timezone";
+dayjs.extend(utc);
+dayjs.extend(timezone);
 
 export const load: PageServerLoad = async ({ locals, params, parent }) => {
   const { prisma, user } = locals;
@@ -34,36 +39,58 @@ export const load: PageServerLoad = async ({ locals, params, parent }) => {
   };
 };
 
-// TODO: require reason and end date for member rules
-// TODO: don't allow banning groups since this is not implemented
 const createSchema = z
   .object({
     subject: z.string().min(1),
     type: z.enum(["member", "role"]).default("member"),
     mode: z.enum(["allow", "deny"]).default("allow"),
-    startDatetime: z.date().optional(),
-    endDatetime: z.date().optional(),
+    startDatetime: z.string().date().optional(),
+    endDatetime: z.string().date().optional(),
     reason: z.string().optional(),
   })
+  // These refinements return true for valid data, but it's
+  // easier to express them in terms of what is invalid.
   .refine(
-    (data) => (data.startDatetime ?? 0) < (data.endDatetime ?? Infinity),
-    {
-      message: m.admin_doors_endDateBeforeStart(),
-      path: ["endDatetime"],
-    },
+    // Require the start date to be before the end date
+    ({ startDatetime: start, endDatetime: end }) =>
+      !(start && end && dayjs(end).isBefore(start)),
+    { message: m.admin_doors_endDateBeforeStart(), path: ["endDatetime"] },
+  )
+  .refine(
+    // Require an end date for member rules
+    (data) => !(data.type === "member" && !data.endDatetime),
+    { message: m.admin_doors_memberRuleRequireEnd(), path: ["endDatetime"] },
+  )
+  .refine(
+    // Require a reason for member rules
+    (data) => !(data.type === "member" && !data.reason),
+    { message: m.admin_doors_memberRuleRequireReason(), path: ["reason"] },
   )
   .refine(
-    async ({ type, subject }) => {
-      if (type === "member") {
+    // Require a reason for bans
+    (data) => !(data.mode === "deny" && !data.reason),
+    { message: m.admin_doors_banRuleRequireReason(), path: ["reason"] },
+  )
+  .refine(
+    // TODO: Banning groups is not implemented
+    (data) => !(data.type === "role" && data.mode === "deny"),
+    { message: "Not implemented", path: ["mode"] },
+  )
+  .refine(
+    async (data) => {
+      if (data.type === "member") {
         // check if member exists
         return await authorizedPrismaClient.member.findFirst({
-          where: { studentId: subject },
+          where: { studentId: data.subject },
         });
       } else {
         // check if role exists
-        return await authorizedPrismaClient.position.findFirst({
-          where: { id: { startsWith: `${subject}%` } },
-        });
+        return (
+          data.subject === "*" ||
+          (await authorizedPrismaClient.position.findFirst({
+            where: { id: { startsWith: `${data.subject}%` } },
+          }))
+        );
       }
     },
     { message: m.admin_doors_memberOrRoleNotFound(), path: ["subject"] },
@@ -79,14 +106,22 @@ export const actions: Actions = {
     const form = await superValidate(request, zod4(createSchema));
     if (!form.valid) return fail(400, { form });
     const doorName = params.slug;
-    const { mode, subject, type, startDatetime, endDatetime } = form.data;
+    const { mode, subject, type, startDatetime, endDatetime, reason } =
+      form.data;
 
     await prisma.doorAccessPolicy.create({
       data: {
         doorName,
-        startDatetime,
-        endDatetime,
+        startDatetime: dayjs(startDatetime)
+          .startOf("day")
+          .tz("Europe/Stockholm", true)
+          .toDate(),
+        endDatetime: dayjs(endDatetime)
+          .endOf("day")
+          .tz("Europe/Stockholm", true)
+          .toDate(),
         isBan: mode === "deny",
+        information: reason,
         ...(type === "member" ? { studentId: subject } : { role: subject }),
       },
     });
diff --git a/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte b/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
index 448221b4a..7d2b34b4f 100644
--- a/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
+++ b/src/routes/(app)/admin/doors/edit/[slug]/+page.svelte
@@ -162,9 +162,9 @@
         </div>
 
         <div class="space-y-2 sm:col-span-2">
-          <Label for="entity-name">{m.admin_doors_reasonLabel()}</Label>
+          <Label for="reason">{m.admin_doors_reasonLabel()}</Label>
           <Input
-            id="entity-name"
+            id="reason"
             placeholder={m.admin_doors_reasonPlaceholder()}
             name="reason"
             aria-invalid={$errors.reason ? "true" : undefined}
diff --git a/src/translations/en.json b/src/translations/en.json
index 478f4cde1..df1def5e1 100644
--- a/src/translations/en.json
+++ b/src/translations/en.json
@@ -233,6 +233,9 @@
   "admin_doors_memberOrRoleNotFound": "The member/role does not exist",
   "admin_doors_ruleCreated": "Access rule created",
   "admin_doors_ruleDeleted": "Access rule removed",
+  "admin_doors_memberRuleRequireEnd": "Access rules for members must have an end date",
+  "admin_doors_memberRuleRequireReason": "Access rules for members must have a reason",
+  "admin_doors_banRuleRequireReason": "Ban rules must have a reason",
   "admin_emailalias_add": "Create",
   "admin_emailalias_addAlias": "Create an email alias",
   "admin_emailalias_addAliasDescription": "Enter the email alias you'd like to create.",
diff --git a/src/translations/sv.json b/src/translations/sv.json
index ca4dcd2b3..f53a6845e 100644
--- a/src/translations/sv.json
+++ b/src/translations/sv.json
@@ -233,6 +233,9 @@
   "admin_doors_memberOrRoleNotFound": "Medlemmen/rollen finns inte",
   "admin_doors_ruleCreated": "Åtkomstregel skapad",
   "admin_doors_ruleDeleted": "Åtkomstregel borttagen",
+  "admin_doors_memberRuleRequireEnd": "Regler för medlemmar måste ha ett slutdatum",
+  "admin_doors_memberRuleRequireReason": "Regler för medlemmar måste ha en anledning",
+  "admin_doors_banRuleRequireReason": "Spärrningsregler måste ha en anledning",
   "admin_emailalias_add": "Skapa",
   "admin_emailalias_addAlias": "Skapa ett nytt mejlalias",
   "admin_emailalias_addAliasDescription": "Fyll i mailaliaset du hade velat skapa.",