@igstack/app-catalog-backend-core 0.0.1

package/src/modules/appCatalogAdmin/catalogBackupController.ts

@@ -0,0 +1,213 @@
+import type { Request, Response } from 'express'
+import { getDbClient } from '../../db'
+
+/**
+ * Export the complete app catalog as JSON
+ * Includes all fields from DbAppForCatalog and DbApprovalMethod
+ */
+export async function exportCatalog(
+  _req: Request,
+  res: Response,
+): Promise<void> {
+  try {
+    const prisma = getDbClient()
+
+    // Fetch all catalog entries
+    const apps = await prisma.dbAppForCatalog.findMany({
+      orderBy: { slug: 'asc' },
+    })
+
+    // Fetch all approval methods
+    const approvalMethods = await prisma.dbApprovalMethod.findMany({
+      orderBy: { displayName: 'asc' },
+    })
+
+    res.json({
+      version: '2.0',
+      exportDate: new Date().toISOString(),
+      apps,
+      approvalMethods,
+    })
+  } catch (error) {
+    console.error('Error exporting catalog:', error)
+    res.status(500).json({ error: 'Failed to export catalog' })
+  }
+}
+
+/**
+ * Import/restore the complete app catalog from JSON
+ * Overwrites existing data
+ */
+export async function importCatalog(
+  req: Request,
+  res: Response,
+): Promise<void> {
+  try {
+    const prisma = getDbClient()
+    const { apps, approvalMethods } = req.body
+
+    if (!Array.isArray(apps)) {
+      res
+        .status(400)
+        .json({ error: 'Invalid data format: apps must be an array' })
+      return
+    }
+
+    // Use transaction to ensure atomicity
+    await prisma.$transaction(async (tx) => {
+      // Delete all existing approval methods first (due to potential FK references)
+      if (Array.isArray(approvalMethods)) {
+        await tx.dbApprovalMethod.deleteMany({})
+      }
+
+      // Delete all existing catalog entries
+      await tx.dbAppForCatalog.deleteMany({})
+
+      // Insert approval methods first
+      if (Array.isArray(approvalMethods)) {
+        for (const method of approvalMethods) {
+          // Remove id, createdAt, updatedAt to let Prisma generate new ones
+          const { id, createdAt, updatedAt, ...methodData } = method
+
+          await tx.dbApprovalMethod.create({
+            data: methodData,
+          })
+        }
+      }
+
+      // Insert app catalog entries
+      for (const app of apps) {
+        // Remove id, createdAt, updatedAt to let Prisma generate new ones
+        const { id, createdAt, updatedAt, ...appData } = app
+
+        await tx.dbAppForCatalog.create({
+          data: appData,
+        })
+      }
+    })
+
+    res.json({
+      success: true,
+      imported: {
+        apps: apps.length,
+        approvalMethods: Array.isArray(approvalMethods)
+          ? approvalMethods.length
+          : 0,
+      },
+    })
+  } catch (error) {
+    console.error('Error importing catalog:', error)
+    res.status(500).json({ error: 'Failed to import catalog' })
+  }
+}
+
+/**
+ * Export an asset (icon or screenshot) by name
+ */
+export async function exportAsset(req: Request, res: Response): Promise<void> {
+  try {
+    const { name } = req.params
+    const prisma = getDbClient()
+
+    const asset = await prisma.dbAsset.findUnique({
+      where: { name },
+    })
+
+    if (!asset) {
+      res.status(404).json({ error: 'Asset not found' })
+      return
+    }
+
+    // Set appropriate content type and send binary data
+    res.set('Content-Type', asset.mimeType)
+    res.set('Content-Disposition', `attachment; filename="${name}"`)
+    res.send(Buffer.from(asset.content))
+  } catch (error) {
+    console.error('Error exporting asset:', error)
+    res.status(500).json({ error: 'Failed to export asset' })
+  }
+}
+
+/**
+ * List all assets with metadata
+ */
+export async function listAssets(_req: Request, res: Response): Promise<void> {
+  try {
+    const prisma = getDbClient()
+
+    const assets = await prisma.dbAsset.findMany({
+      select: {
+        id: true,
+        name: true,
+        assetType: true,
+        mimeType: true,
+        fileSize: true,
+        width: true,
+        height: true,
+        checksum: true,
+      },
+      orderBy: { name: 'asc' },
+    })
+
+    res.json({ assets })
+  } catch (error) {
+    console.error('Error listing assets:', error)
+    res.status(500).json({ error: 'Failed to list assets' })
+  }
+}
+
+/**
+ * Import an asset (icon or screenshot)
+ */
+export async function importAsset(req: Request, res: Response): Promise<void> {
+  try {
+    const file = req.file
+    const { name, assetType, mimeType, width, height } = req.body
+
+    if (!file) {
+      res.status(400).json({ error: 'No file uploaded' })
+      return
+    }
+
+    const prisma = getDbClient()
+    const crypto = await import('node:crypto')
+
+    // Calculate checksum
+    const checksum = crypto
+      .createHash('sha256')
+      .update(file.buffer)
+      .digest('hex')
+
+    // Convert Buffer to Uint8Array for Prisma Bytes type
+    const content = new Uint8Array(file.buffer)
+
+    // Upsert asset (update if exists, create if not)
+    await prisma.dbAsset.upsert({
+      where: { name },
+      update: {
+        content,
+        checksum,
+        mimeType: mimeType || file.mimetype,
+        fileSize: file.size,
+        width: width ? parseInt(width) : null,
+        height: height ? parseInt(height) : null,
+        assetType: assetType || 'icon',
+      },
+      create: {
+        name,
+        content,
+        checksum,
+        mimeType: mimeType || file.mimetype,
+        fileSize: file.size,
+        width: width ? parseInt(width) : null,
+        height: height ? parseInt(height) : null,
+        assetType: assetType || 'icon',
+      },
+    })
+
+    res.json({ success: true, name, size: file.size })
+  } catch (error) {
+    console.error('Error importing asset:', error)
+    res.status(500).json({ error: 'Failed to import asset' })
+  }
+}

package/src/modules/approvalMethod/approvalMethodRouter.ts

@@ -0,0 +1,169 @@
+import { z } from 'zod'
+import { Prisma } from '@prisma/client'
+import { getDbClient } from '../../db'
+import { adminProcedure, publicProcedure, router } from '../../server/trpcSetup'
+import type {
+  ApprovalMethod,
+  ApprovalMethodConfig,
+  CustomConfig,
+  PersonTeamConfig,
+  ServiceConfig,
+} from '../../types'
+import { generateSlugFromDisplayName } from './slugUtils'
+
+// Zod schemas
+const ReachOutContactSchema = z.object({
+  displayName: z.string(),
+  contact: z.string(),
+})
+
+const ServiceConfigSchema = z.object({
+  url: z.url().optional(),
+  icon: z.string().optional(),
+})
+
+const PersonTeamConfigSchema = z.object({
+  reachOutContacts: z.array(ReachOutContactSchema).optional(),
+})
+
+const CustomConfigSchema = z.object({})
+
+const ApprovalMethodConfigSchema = z.union([
+  ServiceConfigSchema,
+  PersonTeamConfigSchema,
+  CustomConfigSchema,
+])
+
+const CreateApprovalMethodSchema = z.object({
+  type: z.enum(['service', 'personTeam', 'custom']),
+  displayName: z.string().min(1),
+  config: ApprovalMethodConfigSchema.optional(),
+})
+
+const UpdateApprovalMethodSchema = z.object({
+  slug: z.string(),
+  type: z.enum(['service', 'personTeam', 'custom']).optional(),
+  displayName: z.string().min(1).optional(),
+  config: ApprovalMethodConfigSchema.optional(),
+})
+
+/**
+ * Convert Prisma DbApprovalMethod to our ApprovalMethod type.
+ * This ensures tRPC infers proper types for frontend consumers.
+ */
+function toApprovalMethod(db: {
+  slug: string
+  type: ApprovalMethod['type']
+  displayName: string
+  config: ApprovalMethodConfig | null
+  createdAt: Date
+  updatedAt: Date
+}): ApprovalMethod {
+  // Handle discriminated union by explicitly narrowing based on type
+  const baseFields = {
+    slug: db.slug,
+    displayName: db.displayName,
+    createdAt: db.createdAt,
+    updatedAt: db.updatedAt,
+  }
+
+  // Provide default empty config if null, as ApprovalMethod discriminated union requires config
+  const config = db.config ?? {}
+
+  switch (db.type) {
+    case 'service':
+      return { ...baseFields, type: 'service', config: config as ServiceConfig }
+    case 'personTeam':
+      return {
+        ...baseFields,
+        type: 'personTeam',
+        config: config as PersonTeamConfig,
+      }
+    case 'custom':
+      return { ...baseFields, type: 'custom', config: config as CustomConfig }
+  }
+}
+
+export function createApprovalMethodRouter() {
+  return router({
+    // Public: list for selection in app admin
+    list: publicProcedure.query(async (): Promise<Array<ApprovalMethod>> => {
+      const prisma = getDbClient()
+      const results = await prisma.dbApprovalMethod.findMany({
+        orderBy: { displayName: 'asc' },
+      })
+      return results.map(toApprovalMethod)
+    }),
+
+    // Public: get by ID
+    getById: publicProcedure
+      .input(z.object({ slug: z.string() }))
+      .query(async ({ input }): Promise<ApprovalMethod | null> => {
+        const prisma = getDbClient()
+        const result = await prisma.dbApprovalMethod.findUnique({
+          where: { slug: input.slug },
+        })
+        return result ? toApprovalMethod(result) : null
+      }),
+
+    // Admin: create
+    create: adminProcedure
+      .input(CreateApprovalMethodSchema)
+      .mutation(async ({ input }): Promise<ApprovalMethod> => {
+        const prisma = getDbClient()
+        const result = await prisma.dbApprovalMethod.create({
+          data: {
+            slug: generateSlugFromDisplayName(input.displayName),
+            type: input.type,
+            displayName: input.displayName,
+            config: input.config ?? Prisma.JsonNull,
+          },
+        })
+        return toApprovalMethod(result)
+      }),
+
+    // Admin: update
+    update: adminProcedure
+      .input(UpdateApprovalMethodSchema)
+      .mutation(async ({ input }): Promise<ApprovalMethod> => {
+        const prisma = getDbClient()
+        const { slug, ...updateData } = input
+        const result = await prisma.dbApprovalMethod.update({
+          where: { slug },
+          data: {
+            ...(updateData.type !== undefined && { type: updateData.type }),
+            ...(updateData.displayName !== undefined && {
+              displayName: updateData.displayName,
+            }),
+            ...(updateData.config !== undefined && {
+              config: updateData.config ?? Prisma.JsonNull,
+            }),
+          },
+        })
+        return toApprovalMethod(result)
+      }),
+
+    // Admin: delete
+    delete: adminProcedure
+      .input(z.object({ slug: z.string() }))
+      .mutation(async ({ input }): Promise<ApprovalMethod> => {
+        const prisma = getDbClient()
+        const result = await prisma.dbApprovalMethod.delete({
+          where: { slug: input.slug },
+        })
+        return toApprovalMethod(result)
+      }),
+
+    // Admin: search by type
+    listByType: publicProcedure
+      .input(z.object({ type: z.enum(['service', 'personTeam', 'custom']) }))
+      .query(async ({ input }): Promise<Array<ApprovalMethod>> => {
+        const prisma = getDbClient()
+        const results = await prisma.dbApprovalMethod.findMany({
+          where: { type: input.type },
+          orderBy: { displayName: 'asc' },
+        })
+        return results.map(toApprovalMethod)
+      }),
+  })
+}

package/src/modules/approvalMethod/slugUtils.ts

@@ -0,0 +1,17 @@
+/**
+ * Generates a URL-friendly slug from a display name.
+ * Converts to lowercase and replaces non-alphanumeric characters with hyphens.
+ *
+ * @param displayName - The display name to convert
+ * @returns A slug suitable for use as a primary key
+ *
+ * @example
+ * generateSlugFromDisplayName("My Service") // "my-service"
+ * generateSlugFromDisplayName("John's Team") // "john-s-team"
+ */
+export function generateSlugFromDisplayName(displayName: string): string {
+  return displayName
+    .toLowerCase()
+    .replace(/[^a-z0-9]+/g, '-')
+    .replace(/^-+|-+$/g, '')
+}

package/src/modules/approvalMethod/syncApprovalMethods.ts

@@ -0,0 +1,38 @@
+import type { PrismaClient as CorePrismaClient } from '@prisma/client'
+
+export interface ApprovalMethodSyncInput {
+  slug: string
+  type: 'service' | 'personTeam' | 'custom'
+  displayName: string
+}
+
+/**
+ * Syncs approval methods to the database using upsert logic based on type + displayName.
+ *
+ * @param prisma - The PrismaClient instance from the backend-core database
+ * @param methods - Array of approval methods to sync
+ */
+export async function syncApprovalMethods(
+  prisma: CorePrismaClient,
+  methods: Array<ApprovalMethodSyncInput>,
+): Promise<void> {
+  // Use transaction for atomicity
+  await prisma.$transaction(
+    methods.map((method) =>
+      prisma.dbApprovalMethod.upsert({
+        where: {
+          slug: method.slug,
+        },
+        update: {
+          displayName: method.displayName,
+          type: method.type,
+        },
+        create: {
+          slug: method.slug,
+          type: method.type,
+          displayName: method.displayName,
+        },
+      }),
+    ),
+  )
+}

package/src/modules/assets/assetRestController.ts

@@ -0,0 +1,271 @@
+import type { Request, Response, Router } from 'express'
+import multer from 'multer'
+import sharp from 'sharp'
+import { getDbClient } from '../../db'
+import { getImageFormat, isRasterImage, resizeImage } from './assetUtils'
+import { upsertAsset } from './upsertAsset'
+
+// Configure multer for memory storage
+const upload = multer({
+  storage: multer.memoryStorage(),
+  limits: {
+    fileSize: 10 * 1024 * 1024, // 10MB limit
+  },
+  fileFilter: (_req, file, cb) => {
+    // Accept images only
+    if (!file.mimetype.startsWith('image/')) {
+      cb(new Error('Only image files are allowed'))
+      return
+    }
+    cb(null, true)
+  },
+})
+
+export interface AssetRestControllerConfig {
+  /**
+   * Base path for asset endpoints (e.g., '/api/assets')
+   */
+  basePath: string
+}
+
+export interface ParseAssetParams {
+  buffer: Buffer
+  originalFilename: string
+  fileSize?: number
+}
+
+export interface ParseAssetReturn {
+  checksum: string
+  fileSize: number
+  mimeType: string
+  width?: number
+  height?: number
+}
+
+/**
+ * Registers REST endpoints for universal asset upload and retrieval
+ *
+ * Endpoints:
+ * - POST {basePath}/upload - Upload a new asset (multipart/form-data)
+ * - GET {basePath}/:id - Get asset binary by ID
+ * - GET {basePath}/:id/metadata - Get asset metadata only
+ * - GET {basePath}/by-name/:name - Get asset binary by name
+ */
+export function registerAssetRestController(
+  router: Router,
+  config: AssetRestControllerConfig,
+): void {
+  const { basePath } = config
+  const prisma = getDbClient()
+
+  // Upload endpoint - accepts multipart/form-data
+  router.post(
+    `${basePath}/upload`,
+    upload.single('asset'),
+    async (req: Request, res: Response) => {
+      try {
+        if (!req.file) {
+          res.status(400).json({ error: 'No file uploaded' })
+          return
+        }
+
+        const name = req.body['name'] as string
+        const assetType = req.body['assetType']
+
+        if (!name) {
+          res.status(400).json({ error: 'Name is required' })
+          return
+        }
+
+        const id = await upsertAsset({
+          prisma,
+          buffer: req.file.buffer,
+          name,
+          originalFilename: req.file.filename,
+          assetType,
+        })
+
+        res.status(201).json({ id })
+      } catch (error) {
+        console.error('Error uploading asset:', error)
+        res.status(500).json({ error: 'Failed to upload asset' })
+      }
+    },
+  )
+
+  // Get asset binary by ID
+  router.get(`${basePath}/:id`, async (req: Request, res: Response) => {
+    try {
+      const { id } = req.params
+
+      const asset = await prisma.dbAsset.findUnique({
+        where: { id },
+        select: {
+          content: true,
+          mimeType: true,
+          name: true,
+          width: true,
+          height: true,
+        },
+      })
+
+      if (!asset) {
+        res.status(404).json({ error: 'Asset not found' })
+        return
+      }
+
+      const resizeEnabled =
+        String(process.env.EH_ASSETS_RESIZE_ENABLED || 'true') === 'true'
+      const wParam = req.query['w'] as string | undefined
+      const width = wParam ? Number.parseInt(wParam, 10) : undefined
+
+      let outBuffer: Uint8Array = asset.content
+      let outMime = asset.mimeType
+
+      const shouldResize =
+        resizeEnabled &&
+        isRasterImage(asset.mimeType) &&
+        !!width &&
+        Number.isFinite(width) &&
+        width > 0
+
+      if (shouldResize) {
+        const fmt = getImageFormat(asset.mimeType) || 'jpeg'
+        const buf = await resizeImage(
+          Buffer.from(asset.content),
+          width,
+          undefined,
+          fmt,
+        )
+        outBuffer = new Uint8Array(buf)
+        outMime = `image/${fmt}`
+      }
+
+      // Set appropriate headers
+      res.setHeader('Content-Type', outMime)
+      res.setHeader('Content-Disposition', `inline; filename="${asset.name}"`)
+      res.setHeader('Cache-Control', 'public, max-age=86400') // Cache for 1 day
+
+      // Send binary content (resized if requested)
+      res.send(outBuffer)
+    } catch (error) {
+      console.error('Error fetching asset:', error)
+      res.status(500).json({ error: 'Failed to fetch asset' })
+    }
+  })
+
+  // Get asset metadata only (no binary content)
+  router.get(
+    `${basePath}/:id/metadata`,
+    async (req: Request, res: Response) => {
+      try {
+        const { id } = req.params
+
+        const asset = await prisma.dbAsset.findUnique({
+          where: { id },
+          select: {
+            id: true,
+            name: true,
+            assetType: true,
+            mimeType: true,
+            fileSize: true,
+            width: true,
+            height: true,
+            createdAt: true,
+            updatedAt: true,
+          },
+        })
+
+        if (!asset) {
+          res.status(404).json({ error: 'Asset not found' })
+          return
+        }
+
+        res.json(asset)
+      } catch (error) {
+        console.error('Error fetching asset metadata:', error)
+        res.status(500).json({ error: 'Failed to fetch asset metadata' })
+      }
+    },
+  )
+
+  // Get asset binary by name
+  router.get(
+    `${basePath}/by-name/:name`,
+    async (req: Request, res: Response) => {
+      try {
+        const { name } = req.params
+
+        const asset = await prisma.dbAsset.findUnique({
+          where: { name },
+          select: {
+            content: true,
+            mimeType: true,
+            name: true,
+            width: true,
+            height: true,
+          },
+        })
+
+        if (!asset) {
+          res.status(404).json({ error: 'Asset not found' })
+          return
+        }
+
+        const resizeEnabled =
+          String(process.env.EH_ASSETS_RESIZE_ENABLED || 'true') === 'true'
+        const wParam = req.query['w'] as string | undefined
+        const width = wParam ? Number.parseInt(wParam, 10) : undefined
+
+        let outBuffer: Uint8Array = asset.content
+        let outMime = asset.mimeType
+
+        const isRaster =
+          asset.mimeType.startsWith('image/') && !asset.mimeType.includes('svg')
+        const shouldResize =
+          resizeEnabled &&
+          isRaster &&
+          !!width &&
+          Number.isFinite(width) &&
+          width > 0
+
+        if (shouldResize) {
+          const fmt = asset.mimeType.includes('png')
+            ? 'png'
+            : asset.mimeType.includes('webp')
+              ? 'webp'
+              : 'jpeg'
+
+          let buf: Buffer
+          const pipeline = sharp(Buffer.from(asset.content)).resize({
+            width,
+            fit: 'inside',
+            withoutEnlargement: true,
+          })
+          if (fmt === 'png') {
+            buf = await pipeline.png().toBuffer()
+            outMime = 'image/png'
+          } else if (fmt === 'webp') {
+            buf = await pipeline.webp().toBuffer()
+            outMime = 'image/webp'
+          } else {
+            buf = await pipeline.jpeg().toBuffer()
+            outMime = 'image/jpeg'
+          }
+          outBuffer = new Uint8Array(buf)
+        }
+
+        // Set appropriate headers
+        res.setHeader('Content-Type', outMime)
+        res.setHeader('Content-Disposition', `inline; filename="${asset.name}"`)
+        res.setHeader('Cache-Control', 'public, max-age=86400') // Cache for 1 day
+
+        // Send binary content (resized if requested)
+        res.send(outBuffer)
+      } catch (error) {
+        console.error('Error fetching asset by name:', error)
+        res.status(500).json({ error: 'Failed to fetch asset' })
+      }
+    },
+  )
+}