@internetderdinge/api 1.229.27 → 1.229.31

package/dist/src/admin/adminSearch.validation.js

@@ -0,0 +1,24 @@
+import { z } from "zod";
+export const adminSearchSchema = {
+    query: z.object({
+        search: z.string().max(120).optional(),
+        limit: z.coerce.number().min(1).max(50).optional(),
+    }),
+};
+export const adminStatsSchema = {
+    query: z.object({}),
+};
+export const adminIotDevicesSchema = {
+    query: z.object({
+        page: z.coerce.number().int().min(1).optional(),
+        perPage: z.coerce.number().int().min(1).max(500).optional(),
+        updatedSince: z.string().datetime().optional(),
+    }),
+};
+export const adminDevicesSchema = {
+    query: z.object({
+        page: z.coerce.number().int().min(1).optional(),
+        perPage: z.coerce.number().int().min(1).max(500).optional(),
+        updatedSince: z.string().datetime().optional(),
+    }),
+};

package/dist/src/index.js

@@ -10,6 +10,7 @@ export { default as i18n } from "../src/i18n/i18n";
 export { default as usersRoute } from "../src/users/users.route";
 export { default as usersService } from "../src/users/users.service";
 export { default as accountsRoute } from "../src/accounts/accounts.route";
+export { default as adminSearchRoute } from "../src/admin/adminSearch.route";
 export { default as accountsService } from "../src/accounts/accounts.service";
 export { auth0 } from "../src/accounts/auth0.service";
 export { default as organizationsRoute } from "../src/organizations/organizations.route";

package/dist/src/iotdevice/iotdevice.route.js

@@ -7,7 +7,7 @@ import { getEventsSchema, getDeviceSchema, getEntrySchema, updateEntrySchema, pi
 // add other input schemas as needed
  } from "./iotdevice.validation";
 import { iotDeviceResponseSchema, eventResponseSchema, deviceResponseSchema, shadowAlarmSchema, pingResponseSchema, deviceStatusSchema, apiStatusSchema, entryResponseSchema, } from "./iotdevice.schemas";
-import { getIotDevices, getEvents, getDevice, shadowAlarmGet, shadowAlarmUpdate, shadowAdmin, pingDevice, getDeviceStatus, getApiStatus, getEntry, updateEntry, } from "./iotdevice.controller";
+import { getIotDevices, getEvents, getDevice, shadowAlarmGet, shadowAlarmUpdate, shadowAdmin, pingDevice, getDeviceStatus, getApiStatus, getEntry, updateEntry, ledLightHint, } from "./iotdevice.controller";
 export const iotdeviceRouteSpecs = [
     {
         method: "get",
@@ -74,7 +74,7 @@ export const iotdeviceRouteSpecs = [
         path: "/ledlight/:deviceId",
         validate: [auth("getUsers"), validateAdmin],
         responseSchema: pingResponseSchema,
-        handler: pingDevice,
+        handler: ledLightHint,
         summary: "Ping device LED light",
         description: "Sends a ping to the device’s LED light to test its connectivity or response.",
     },

package/dist/src/utils/buildRouterAndDocs.js

@@ -10,22 +10,19 @@ function hasRoleValidation(validators = []) {
 }
 export default function buildAiRouterAndDocs(router, routeSpecs, basePath = "/", tags = []) {
     routeSpecs.forEach((spec) => {
-        // mount Express
-        if (!spec.validate) {
-            spec.validate = [];
+        const validate = spec.validate || [];
+        const routeMiddleware = spec.validateWithRequestSchema ||
+            (spec.requestSchema
+                ? [validateZod(spec.requestSchema), ...validate]
+                : validate);
+        router[spec.method](spec.path, ...routeMiddleware, spec.handler);
+        const { body, ...rest } = spec.requestSchema || {};
+        const request = { ...rest };
+        if (spec.requestBody) {
+            request.body = spec.requestBody;
         }
-        if (spec.requestSchema) {
-            spec.validateWithRequestSchema = [
-                validateZod(spec.requestSchema),
-                ...spec.validate,
-            ];
-        }
-        if (spec.validateWithRequestSchema) {
-            router[spec.method](spec.path, ...spec.validateWithRequestSchema, spec.handler);
-        }
-        var { body, ...rest } = spec.requestSchema || {};
-        if (body) {
-            rest.body = {
+        else if (body) {
+            request.body = {
                 content: {
                     "application/json": {
                         schema: body,
@@ -34,17 +31,17 @@ export default function buildAiRouterAndDocs(router, routeSpecs, basePath = "/",
             };
         }
         if (spec.responseSchema &&
-            !hasRoleValidation(spec.validate) &&
+            !hasRoleValidation(spec.validateWithRequestSchema || validate) &&
             spec.privateDocs !== true &&
             spec.memoOnly !== true) {
             // collect all middleware fn names (falls back to '<anonymous>' if unnamed)
-            const middlewareNames = (spec.validate || []).map((fn) => `\`${fn.name}\`` || "<anonymous>");
+            const middlewareNames = (spec.validateWithRequestSchema || validate).map((fn) => `\`${fn.name}\`` || "<anonymous>");
             const openApiPath = (basePath + spec.path).replace(/:([A-Za-z0-9_]+)/g, "{$1}");
             registry.registerPath({
                 method: spec.method,
                 path: openApiPath,
                 summary: spec.summary,
-                request: rest,
+                request,
                 // append middleware names to the description
                 description: [
                     spec.description,

package/dist/src/utils/registerOpenApi.js

@@ -3,6 +3,12 @@ import { extendZodWithOpenApi } from "@asteasolutions/zod-to-openapi";
 import { z } from "zod";
 extendZodWithOpenApi(z);
 export const registry = new OpenAPIRegistry();
+export const xApiKey = registry.registerComponent("securitySchemes", "x-api-key", {
+    type: "apiKey",
+    in: "header",
+    name: "x-api-key",
+    description: "API key for authentication",
+});
 // add Bearer JWT auth
 export const bearerAuth = registry.registerComponent("securitySchemes", "bearerAuth", {
     type: "http",
@@ -10,12 +16,6 @@ export const bearerAuth = registry.registerComponent("securitySchemes", "bearerA
     bearerFormat: "JWT",
     description: "JWT Bearer authentication",
 });
-export const xApiKey = registry.registerComponent("securitySchemes", "x-api-key", {
-    type: "apiKey",
-    in: "header",
-    name: "x-api-key",
-    description: "API key for authentication",
-});
 const UserSchema = z
     .object({
     id: z.string().openapi({ example: "1212121" }),
@@ -23,45 +23,29 @@ const UserSchema = z
     age: z.number().openapi({ example: 42 }),
 })
     .openapi("User");
+/*
 registry.registerPath({
-    method: "get",
-    path: "/usersnnn/{id}",
-    summary: "Get a single user",
-    request: {
-        params: z.object({ id: z.string() }),
-    },
-    responses: {
-        200: {
-            description: "Object with user data.",
-            content: {
-                "application/json": {
-                    schema: UserSchema,
-                },
-            },
+  method: "get",
+  path: "/users/{id}",
+  description: "Get user data by its id",
+  summary: "Get a single user",
+  request: {
+    params: z.object({
+      id: z.string().openapi({ example: "1212121" }),
+    }),
+  },
+  responses: {
+    200: {
+      description: "Object with user data.",
+      content: {
+        "application/json": {
+          schema: UserSchema,
         },
+      },
     },
-});
-registry.registerPath({
-    method: "get",
-    path: "/users/{id}",
-    description: "Get user data by its id",
-    summary: "Get a single user",
-    request: {
-        params: z.object({
-            id: z.string().openapi({ example: "1212121" }),
-        }),
-    },
-    responses: {
-        200: {
-            description: "Object with user data.",
-            content: {
-                "application/json": {
-                    schema: UserSchema,
-                },
-            },
-        },
-        204: {
-            description: "No content - successful operation",
-        },
+    204: {
+      description: "No content - successful operation",
     },
+  },
 });
+*/

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@internetderdinge/api",
-  "version": "1.229.27",
+  "version": "1.229.31",
   "description": "Shared OpenIoT API modules",
   "main": "dist/src/index.js",
   "type": "module",

package/src/admin/adminSearch.controller.ts

@@ -0,0 +1,101 @@
+import type { Request, Response } from "express";
+import httpStatus from "http-status";
+import { ApiError } from "../utils/ApiError.js";
+import catchAsync from "../utils/catchAsync.js";
+import {
+  getAdminDevices,
+  getAdminIotDevices,
+  getAdminStats,
+  searchAdminCollections,
+} from "./adminSearch.service.js";
+
+const ADMIN_ROLE_CLAIM = "https://memo.wirewire.de/roles";
+
+type AuthRequest = Request & {
+  auth?: Record<string, unknown>;
+};
+
+const hasAdminRole = (auth: Record<string, unknown> | undefined): boolean => {
+  const roles = auth?.[ADMIN_ROLE_CLAIM];
+  return Array.isArray(roles) && roles.includes("admin");
+};
+
+const readListQuery = (
+  req: Request,
+): {
+  page: number;
+  perPage: number;
+  updatedSince: string | null;
+} => {
+  const rawPage = Number(req.query.page);
+  const rawPerPage = Number(req.query.perPage);
+  const updatedSince = String(req.query.updatedSince ?? "").trim() || null;
+
+  return {
+    page: Number.isFinite(rawPage) ? Math.max(1, Math.floor(rawPage)) : 1,
+    perPage: Number.isFinite(rawPerPage)
+      ? Math.max(1, Math.min(500, Math.floor(rawPerPage)))
+      : 100,
+    updatedSince,
+  };
+};
+
+export const searchAdmin = catchAsync(
+  async (req: AuthRequest, res: Response) => {
+    if (!hasAdminRole(req.auth)) {
+      throw new ApiError(
+        httpStatus.FORBIDDEN,
+        "User is not part of the admin group",
+      );
+    }
+
+    const search = String(req.query.search || "").trim();
+    const rawLimit = Number(req.query.limit);
+    const limit = Number.isFinite(rawLimit)
+      ? Math.max(1, Math.min(50, Math.floor(rawLimit)))
+      : 12;
+
+    const result = await searchAdminCollections({ search, limit });
+    res.send(result);
+  },
+);
+
+export const getStats = catchAsync(async (req: AuthRequest, res: Response) => {
+  if (!hasAdminRole(req.auth)) {
+    throw new ApiError(
+      httpStatus.FORBIDDEN,
+      "User is not part of the admin group",
+    );
+  }
+
+  const result = await getAdminStats();
+  res.send(result);
+});
+
+export const getIotDevices = catchAsync(
+  async (req: AuthRequest, res: Response) => {
+    if (!hasAdminRole(req.auth)) {
+      throw new ApiError(
+        httpStatus.FORBIDDEN,
+        "User is not part of the admin group",
+      );
+    }
+
+    const result = await getAdminIotDevices(readListQuery(req));
+    res.send(result);
+  },
+);
+
+export const getDevices = catchAsync(
+  async (req: AuthRequest, res: Response) => {
+    if (!hasAdminRole(req.auth)) {
+      throw new ApiError(
+        httpStatus.FORBIDDEN,
+        "User is not part of the admin group",
+      );
+    }
+
+    const result = await getAdminDevices(readListQuery(req));
+    res.send(result);
+  },
+);

package/src/admin/adminSearch.route.ts

@@ -0,0 +1,73 @@
+import { Router } from "express";
+import buildRouterAndDocs, { type RouteSpec } from "../utils/buildRouterAndDocs.js";
+import auth from "../middlewares/auth.js";
+import { validateAdmin } from "../middlewares/validateAdmin.js";
+import {
+  getDevices,
+  getIotDevices,
+  getStats,
+  searchAdmin,
+} from "./adminSearch.controller.js";
+import {
+  adminDevicesSchema,
+  adminIotDevicesSchema,
+  adminSearchSchema,
+  adminStatsSchema,
+} from "./adminSearch.validation.js";
+import {
+  adminDevicesResponseSchema,
+  adminIotDevicesResponseSchema,
+  adminSearchResponseSchema,
+  adminStatsResponseSchema,
+} from "./adminSearch.schemas.js";
+
+export const adminSearchRouteSpecs: RouteSpec[] = [
+  {
+    method: "get",
+    path: "/stats",
+    validate: [auth("getUsers"), validateAdmin],
+    requestSchema: adminStatsSchema,
+    responseSchema: adminStatsResponseSchema,
+    handler: getStats,
+    summary: "Get admin stats",
+    description: "Returns total counts for organizations, users, and devices.",
+  },
+  {
+    method: "get",
+    path: "/search",
+    validate: [auth("getUsers"), validateAdmin],
+    requestSchema: adminSearchSchema,
+    responseSchema: adminSearchResponseSchema,
+    handler: searchAdmin,
+    summary: "Search organizations, users, and devices",
+    description:
+      "Performs an admin-only global search over organizations, users, and devices.",
+  },
+  {
+    method: "get",
+    path: "/iotDevices",
+    validate: [auth("getUsers"), validateAdmin],
+    requestSchema: adminIotDevicesSchema,
+    responseSchema: adminIotDevicesResponseSchema,
+    handler: getIotDevices,
+    summary: "List IoT devices",
+    description:
+      "Returns the IoT device status list used for admin device/order sync workflows.",
+  },
+  {
+    method: "get",
+    path: "/devices",
+    validate: [auth("getUsers"), validateAdmin],
+    requestSchema: adminDevicesSchema,
+    responseSchema: adminDevicesResponseSchema,
+    handler: getDevices,
+    summary: "List MongoDB devices",
+    description:
+      "Returns all device documents from MongoDB for admin sync workflows.",
+  },
+];
+
+const router: Router = Router();
+buildRouterAndDocs(router, adminSearchRouteSpecs, "/admin", ["Admin"]);
+
+export default router;

package/src/admin/adminSearch.schemas.ts

@@ -0,0 +1,75 @@
+import { z } from "zod";
+
+const organizationSearchEntrySchema = z.object({
+  id: z.string(),
+  name: z.string().optional(),
+  kind: z.string().optional(),
+});
+
+const userSearchEntrySchema = z.object({
+  id: z.string(),
+  name: z.string().optional(),
+  email: z.string().optional(),
+  role: z.string().optional(),
+  organization: organizationSearchEntrySchema.optional(),
+});
+
+const deviceSearchEntrySchema = z.object({
+  id: z.string(),
+  name: z.string().optional(),
+  deviceId: z.string().optional(),
+  kind: z.string().optional(),
+  timezone: z.string().optional(),
+  eventDate: z.string().optional(),
+  createdAt: z.string().optional(),
+  updatedAt: z.string().optional(),
+  serialNumber: z.string().optional(),
+  paymentId: z.string().optional(),
+  batteryStatus: z.string().optional(),
+  batteryLevel: z.number().optional(),
+  signalStrength: z.number().optional(),
+  lastReachableAgo: z.string().optional(),
+  organization: organizationSearchEntrySchema.optional(),
+  patient: z
+    .object({
+      id: z.string(),
+      name: z.string().optional(),
+    })
+    .optional(),
+});
+
+export const adminSearchResponseSchema = z.object({
+  query: z.string(),
+  organizations: z.array(organizationSearchEntrySchema),
+  users: z.array(userSearchEntrySchema),
+  devices: z.array(deviceSearchEntrySchema),
+  total: z.number(),
+  tookMs: z.number(),
+});
+
+export const adminStatsResponseSchema = z.object({
+  users: z.number(),
+  auth0Users: z.number(),
+  devices: z.number(),
+  organizations: z.number(),
+  total: z.number(),
+  tookMs: z.number(),
+});
+
+export const adminIotDevicesResponseSchema = z.object({
+  results: z.array(z.record(z.string(), z.unknown())),
+  page: z.number(),
+  perPage: z.number(),
+  totalPages: z.number(),
+  total: z.number(),
+  tookMs: z.number(),
+});
+
+export const adminDevicesResponseSchema = z.object({
+  results: z.array(z.record(z.string(), z.unknown())),
+  page: z.number(),
+  perPage: z.number(),
+  totalPages: z.number(),
+  total: z.number(),
+  tookMs: z.number(),
+});