feat: add settings and reports pages

- Add settings page with organization, sites, courts, and users tabs
- Add reports page with revenue charts and statistics
- Add users API endpoint
- Add sites/[id] API endpoint for CRUD operations
- Add tabs UI component
- Fix sites API to return isActive field

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

apps/web/app/api/users/route.ts

@@ -0,0 +1,136 @@
+import { NextRequest, NextResponse } from "next/server";
+import { getServerSession } from "next-auth";
+import { authOptions } from "@/lib/auth";
+import { db } from "@/lib/db";
+
+export async function GET(request: NextRequest) {
+  try {
+    const session = await getServerSession(authOptions);
+
+    if (!session?.user) {
+      return NextResponse.json({ error: "No autorizado" }, { status: 401 });
+    }
+
+    const users = await db.user.findMany({
+      where: {
+        organizationId: session.user.organizationId,
+      },
+      select: {
+        id: true,
+        email: true,
+        firstName: true,
+        lastName: true,
+        role: true,
+        isActive: true,
+        createdAt: true,
+        sites: {
+          select: {
+            id: true,
+            name: true,
+          },
+        },
+      },
+      orderBy: {
+        createdAt: "desc",
+      },
+    });
+
+    // Transform to match the expected format
+    const transformedUsers = users.map((user) => ({
+      ...user,
+      site: user.sites.length > 0 ? user.sites[0] : null,
+    }));
+
+    return NextResponse.json({ data: transformedUsers });
+  } catch (error) {
+    console.error("Error fetching users:", error);
+    return NextResponse.json(
+      { error: "Error al obtener usuarios" },
+      { status: 500 }
+    );
+  }
+}
+
+export async function POST(request: NextRequest) {
+  try {
+    const session = await getServerSession(authOptions);
+
+    if (!session?.user) {
+      return NextResponse.json({ error: "No autorizado" }, { status: 401 });
+    }
+
+    // Only super_admin and site_admin can create users
+    if (!["super_admin", "site_admin"].includes(session.user.role)) {
+      return NextResponse.json({ error: "Sin permisos" }, { status: 403 });
+    }
+
+    const body = await request.json();
+    const { email, password, firstName, lastName, role, siteId } = body;
+
+    if (!email || !password || !firstName || !lastName || !role) {
+      return NextResponse.json(
+        { error: "Faltan campos requeridos" },
+        { status: 400 }
+      );
+    }
+
+    // Check if user already exists
+    const existingUser = await db.user.findFirst({
+      where: {
+        organizationId: session.user.organizationId,
+        email,
+      },
+    });
+
+    if (existingUser) {
+      return NextResponse.json(
+        { error: "El email ya está registrado" },
+        { status: 400 }
+      );
+    }
+
+    // Hash password
+    const bcrypt = require("bcryptjs");
+    const hashedPassword = await bcrypt.hash(password, 10);
+
+    const user = await db.user.create({
+      data: {
+        email,
+        password: hashedPassword,
+        firstName,
+        lastName,
+        role,
+        organizationId: session.user.organizationId,
+        siteIds: siteId ? [siteId] : [],
+        isActive: true,
+      },
+      select: {
+        id: true,
+        email: true,
+        firstName: true,
+        lastName: true,
+        role: true,
+        isActive: true,
+        sites: {
+          select: {
+            id: true,
+            name: true,
+          },
+        },
+      },
+    });
+
+    return NextResponse.json({
+      data: {
+        ...user,
+        site: user.sites.length > 0 ? user.sites[0] : null,
+      },
+    }, { status: 201 });
+  } catch (error) {
+    console.error("Error creating user:", error);
+    return NextResponse.json(
+      { error: "Error al crear usuario" },
+      { status: 500 }
+    );
+  }
+}