npm - @intranefr/superbackend - Versions diffs - 1.4.3 - Mend

@intranefr/superbackend 1.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (188) hide show

package/.commiat +4 -0
package/.env.example +47 -0
package/README.md +110 -0
package/index.js +94 -0
package/package.json +67 -0
package/public/css/styles.css +139 -0
package/public/js/animations.js +41 -0
package/sdk/error-tracking/browser/package.json +16 -0
package/sdk/error-tracking/browser/src/core.js +270 -0
package/sdk/error-tracking/browser/src/embed.js +18 -0
package/sdk/error-tracking/browser/src/index.js +1 -0
package/server.js +5 -0
package/src/admin/endpointRegistry.js +300 -0
package/src/controllers/admin.controller.js +321 -0
package/src/controllers/adminAssets.controller.js +530 -0
package/src/controllers/adminAssetsStorage.controller.js +260 -0
package/src/controllers/adminEjsVirtual.controller.js +354 -0
package/src/controllers/adminFeatureFlags.controller.js +155 -0
package/src/controllers/adminHeadless.controller.js +1071 -0
package/src/controllers/adminI18n.controller.js +604 -0
package/src/controllers/adminJsonConfigs.controller.js +97 -0
package/src/controllers/adminLlm.controller.js +273 -0
package/src/controllers/adminMigration.controller.js +257 -0
package/src/controllers/adminSeoConfig.controller.js +515 -0
package/src/controllers/adminStats.controller.js +121 -0
package/src/controllers/adminUploadNamespaces.controller.js +208 -0
package/src/controllers/assets.controller.js +248 -0
package/src/controllers/auth.controller.js +93 -0
package/src/controllers/billing.controller.js +223 -0
package/src/controllers/featureFlags.controller.js +35 -0
package/src/controllers/forms.controller.js +217 -0
package/src/controllers/globalSettings.controller.js +252 -0
package/src/controllers/headlessCrud.controller.js +126 -0
package/src/controllers/i18n.controller.js +12 -0
package/src/controllers/invite.controller.js +249 -0
package/src/controllers/jsonConfigs.controller.js +19 -0
package/src/controllers/metrics.controller.js +149 -0
package/src/controllers/notificationAdmin.controller.js +264 -0
package/src/controllers/notifications.controller.js +131 -0
package/src/controllers/org.controller.js +357 -0
package/src/controllers/orgAdmin.controller.js +491 -0
package/src/controllers/stripeAdmin.controller.js +410 -0
package/src/controllers/user.controller.js +361 -0
package/src/controllers/userAdmin.controller.js +277 -0
package/src/controllers/waitingList.controller.js +167 -0
package/src/controllers/webhook.controller.js +200 -0
package/src/middleware/auth.js +66 -0
package/src/middleware/errorCapture.js +170 -0
package/src/middleware/headlessApiTokenAuth.js +57 -0
package/src/middleware/org.js +108 -0
package/src/middleware.js +901 -0
package/src/models/ActionEvent.js +31 -0
package/src/models/ActivityLog.js +41 -0
package/src/models/Asset.js +84 -0
package/src/models/AuditEvent.js +93 -0
package/src/models/EmailLog.js +28 -0
package/src/models/ErrorAggregate.js +72 -0
package/src/models/FormSubmission.js +41 -0
package/src/models/GlobalSetting.js +38 -0
package/src/models/HeadlessApiToken.js +24 -0
package/src/models/HeadlessModelDefinition.js +41 -0
package/src/models/I18nEntry.js +77 -0
package/src/models/I18nLocale.js +33 -0
package/src/models/Invite.js +70 -0
package/src/models/JsonConfig.js +46 -0
package/src/models/Notification.js +60 -0
package/src/models/Organization.js +57 -0
package/src/models/OrganizationMember.js +43 -0
package/src/models/StripeCatalogItem.js +77 -0
package/src/models/StripeWebhookEvent.js +57 -0
package/src/models/User.js +89 -0
package/src/models/VirtualEjsFile.js +60 -0
package/src/models/VirtualEjsFileVersion.js +43 -0
package/src/models/VirtualEjsGroupChange.js +32 -0
package/src/models/WaitingList.js +41 -0
package/src/models/Webhook.js +63 -0
package/src/models/Workflow.js +29 -0
package/src/models/WorkflowExecution.js +12 -0
package/src/routes/admin.routes.js +26 -0
package/src/routes/adminAssets.routes.js +28 -0
package/src/routes/adminAssetsStorage.routes.js +13 -0
package/src/routes/adminAudit.routes.js +196 -0
package/src/routes/adminEjsVirtual.routes.js +17 -0
package/src/routes/adminErrors.routes.js +164 -0
package/src/routes/adminFeatureFlags.routes.js +12 -0
package/src/routes/adminHeadless.routes.js +38 -0
package/src/routes/adminI18n.routes.js +22 -0
package/src/routes/adminJsonConfigs.routes.js +15 -0
package/src/routes/adminLlm.routes.js +12 -0
package/src/routes/adminMigration.routes.js +81 -0
package/src/routes/adminSeoConfig.routes.js +20 -0
package/src/routes/adminUploadNamespaces.routes.js +13 -0
package/src/routes/assets.routes.js +21 -0
package/src/routes/auth.routes.js +12 -0
package/src/routes/billing.routes.js +11 -0
package/src/routes/errorTracking.routes.js +31 -0
package/src/routes/featureFlags.routes.js +9 -0
package/src/routes/forms.routes.js +9 -0
package/src/routes/formsAdmin.routes.js +13 -0
package/src/routes/globalSettings.routes.js +18 -0
package/src/routes/headless.routes.js +15 -0
package/src/routes/i18n.routes.js +8 -0
package/src/routes/invite.routes.js +9 -0
package/src/routes/jsonConfigs.routes.js +8 -0
package/src/routes/log.routes.js +111 -0
package/src/routes/metrics.routes.js +9 -0
package/src/routes/notificationAdmin.routes.js +15 -0
package/src/routes/notifications.routes.js +12 -0
package/src/routes/org.routes.js +31 -0
package/src/routes/orgAdmin.routes.js +20 -0
package/src/routes/publicAssets.routes.js +7 -0
package/src/routes/stripeAdmin.routes.js +20 -0
package/src/routes/user.routes.js +22 -0
package/src/routes/userAdmin.routes.js +15 -0
package/src/routes/waitingList.routes.js +13 -0
package/src/routes/waitingListAdmin.routes.js +9 -0
package/src/routes/webhook.routes.js +32 -0
package/src/routes/workflowWebhook.routes.js +54 -0
package/src/routes/workflows.routes.js +110 -0
package/src/services/assets.service.js +110 -0
package/src/services/audit.service.js +62 -0
package/src/services/auditLogger.js +165 -0
package/src/services/ejsVirtual.service.js +614 -0
package/src/services/email.service.js +351 -0
package/src/services/errorLogger.js +221 -0
package/src/services/featureFlags.service.js +202 -0
package/src/services/forms.service.js +214 -0
package/src/services/globalSettings.service.js +49 -0
package/src/services/headlessApiTokens.service.js +158 -0
package/src/services/headlessCrypto.service.js +31 -0
package/src/services/headlessModels.service.js +356 -0
package/src/services/i18n.service.js +314 -0
package/src/services/i18nInferredKeys.service.js +337 -0
package/src/services/jsonConfigs.service.js +392 -0
package/src/services/llm.service.js +749 -0
package/src/services/migration.service.js +581 -0
package/src/services/migrationAssets/fsLocal.js +58 -0
package/src/services/migrationAssets/index.js +134 -0
package/src/services/migrationAssets/s3.js +75 -0
package/src/services/migrationAssets/sftp.js +92 -0
package/src/services/notification.service.js +212 -0
package/src/services/objectStorage.service.js +514 -0
package/src/services/seoConfig.service.js +402 -0
package/src/services/storage.js +150 -0
package/src/services/stripe.service.js +185 -0
package/src/services/stripeHelper.service.js +264 -0
package/src/services/uploadNamespaces.service.js +326 -0
package/src/services/webhook.service.js +157 -0
package/src/services/workflow.service.js +271 -0
package/src/utils/asyncHandler.js +5 -0
package/src/utils/encryption.js +80 -0
package/src/utils/jwt.js +40 -0
package/src/utils/orgRoles.js +156 -0
package/src/utils/validation.js +26 -0
package/src/utils/webhookRetry.js +93 -0
package/views/admin-assets.ejs +444 -0
package/views/admin-audit.ejs +283 -0
package/views/admin-coolify-deploy.ejs +207 -0
package/views/admin-dashboard-home.ejs +291 -0
package/views/admin-dashboard.ejs +397 -0
package/views/admin-ejs-virtual.ejs +280 -0
package/views/admin-errors.ejs +368 -0
package/views/admin-feature-flags.ejs +390 -0
package/views/admin-forms.ejs +526 -0
package/views/admin-global-settings.ejs +436 -0
package/views/admin-headless.ejs +2020 -0
package/views/admin-i18n-locales.ejs +221 -0
package/views/admin-i18n.ejs +728 -0
package/views/admin-json-configs.ejs +410 -0
package/views/admin-llm.ejs +884 -0
package/views/admin-metrics.ejs +274 -0
package/views/admin-migration.ejs +814 -0
package/views/admin-notifications.ejs +430 -0
package/views/admin-organizations.ejs +984 -0
package/views/admin-seo-config.ejs +673 -0
package/views/admin-stripe-pricing.ejs +558 -0
package/views/admin-test.ejs +342 -0
package/views/admin-users.ejs +452 -0
package/views/admin-waiting-list.ejs +547 -0
package/views/admin-webhooks.ejs +329 -0
package/views/admin-workflows.ejs +310 -0
package/views/partials/admin-assets-script.ejs +2022 -0
package/views/partials/admin-test-sidebar.ejs +14 -0
package/views/partials/dashboard/nav-items.ejs +66 -0
package/views/partials/dashboard/palette.ejs +63 -0
package/views/partials/dashboard/sidebar.ejs +21 -0
package/views/partials/dashboard/tab-bar.ejs +26 -0
package/views/partials/footer.ejs +3 -0

package/src/controllers/billing.controller.js ADDED Viewed

@@ -0,0 +1,223 @@
+const User = require("../models/User");
+const StripeWebhookEvent = require("../models/StripeWebhookEvent");
+const asyncHandler = require("../utils/asyncHandler");
+const stripe = require("stripe")(process.env.STRIPE_SECRET_KEY);
+const stripeService = require("../services/stripe.service");
+// Create Stripe Checkout Session
+const createCheckoutSession = asyncHandler(async (req, res) => {
+  const { priceId, billingMode } = req.body;
+  const userId = req.user._id;
+  if (!priceId) {
+    return res.status(400).json({ error: "priceId is required" });
+  }
+  // Get or create Stripe customer
+  let customerId = req.user.stripeCustomerId;
+  if (!customerId) {
+    const customer = await stripe.customers.create({
+      email: req.user.email,
+      metadata: { userId: userId.toString() },
+    });
+    customerId = customer.id;
+    req.user.stripeCustomerId = customerId;
+    await req.user.save();
+  }
+  const mode = billingMode === "payment" ? "payment" : "subscription";
+  const session = await stripe.checkout.sessions.create({
+    customer: customerId,
+    mode,
+    line_items: [{ price: priceId, quantity: 1 }],
+    success_url: `${process.env.PUBLIC_URL || "http://localhost:3000"}/?checkout=success`,
+    cancel_url: `${process.env.PUBLIC_URL || "http://localhost:3000"}/?checkout=cancelled`,
+    metadata: {
+      userId: userId.toString(),
+      billingMode: mode,
+    },
+  });
+  res.json({ sessionId: session.id, url: session.url });
+});
+// Create Stripe Customer Portal Session
+const createPortalSession = asyncHandler(async (req, res) => {
+  const customerId = req.user.stripeCustomerId;
+  if (!customerId) {
+    return res.status(400).json({ error: "No Stripe customer found" });
+  }
+  const session = await stripe.billingPortal.sessions.create({
+    customer: customerId,
+    return_url: `${process.env.PUBLIC_URL || "http://localhost:3000"}${process.env.BILLING_RETURN_URL_RELATIVE || "/settings/billing"}`,
+  });
+  res.json({ url: session.url });
+});
+// Stripe Webhook Handler
+const handleWebhook = async (req, res) => {
+  const sig = req.headers["stripe-signature"];
+  const webhookSecret = process.env.STRIPE_WEBHOOK_SECRET;
+  let event;
+  try {
+    event = stripe.webhooks.constructEvent(req.body, sig, webhookSecret);
+  } catch (err) {
+    console.error("Webhook signature verification failed:", err.message);
+    return res.status(400).send(`Webhook Error: ${err.message}`);
+  }
+  let webhookEventDoc;
+  try {
+    // Check if webhook event already exists
+    const existingEvent = await StripeWebhookEvent.findOne({ stripeEventId: event.id });
+    if (existingEvent) {
+      console.log(`Webhook event ${event.id} already processed with status: ${existingEvent.status}`);
+      return res.json({ received: true, status: 'duplicate' });
+    }
+    // Persist webhook event to database
+    webhookEventDoc = new StripeWebhookEvent({
+      stripeEventId: event.id,
+      eventType: event.type,
+      data: event.data.object,
+      previousAttributes: event.data.previous_attributes,
+      api_version: event.api_version,
+      request: event.request,
+      status: "received",
+    });
+    await webhookEventDoc.save();
+  } catch (err) {
+    console.error("Error saving webhook event:", err);
+    // If it's a duplicate key error, the event was already processed
+    if (err.code === 11000) {
+      return res.json({ received: true, status: 'duplicate' });
+    }
+    // Continue processing for other errors
+  }
+  try {
+    switch (event.type) {
+      case "checkout.session.completed":
+        await stripeService.handleCheckoutSessionCompleted(event.data.object);
+        break;
+      case "customer.subscription.created":
+        await stripeService.handleSubscriptionCreated(event.data.object);
+        break;
+      case "customer.subscription.updated":
+        await stripeService.handleSubscriptionUpdated(
+          event.data.object,
+          event.data.previous_attributes
+        );
+        break;
+      case "customer.subscription.deleted":
+        await stripeService.handleSubscriptionDeleted(event.data.object);
+        break;
+      case "invoice.payment_succeeded":
+        await stripeService.handleInvoicePaymentSucceeded(event.data.object);
+        break;
+      case "invoice.payment_failed":
+        await stripeService.handleInvoicePaymentFailed(event.data.object);
+        break;
+      default:
+        console.log(`Unhandled event type: ${event.type}`);
+    }
+    // Update webhook event status to processed
+    if (webhookEventDoc) {
+      webhookEventDoc.status = "processed";
+      webhookEventDoc.processedAt = new Date();
+      await webhookEventDoc.save();
+    }
+  } catch (err) {
+    console.error("Error processing webhook:", err);
+    // Update webhook event status to failed
+    if (webhookEventDoc) {
+      webhookEventDoc.status = "failed";
+      webhookEventDoc.retryCount = (webhookEventDoc.retryCount || 0) + 1;
+      webhookEventDoc.processingErrors.push({
+        message: err.message,
+        timestamp: new Date()
+      });
+      await webhookEventDoc.save();
+    }
+    return res.status(500).json({ error: "Webhook processing failed" });
+  }
+  res.json({ received: true });
+};
+// Reconcile subscription for user
+const reconcileSubscription = asyncHandler(async (req, res) => {
+  const user = req.user;
+  if (!user.stripeCustomerId) {
+    return res.json({ status: "success", message: "No Stripe customer found" });
+  }
+  // Fetch latest subscription from Stripe
+  const subscriptions = await stripe.subscriptions.list({
+    customer: user.stripeCustomerId,
+    limit: 1,
+  });
+  if (subscriptions.data.length > 0) {
+    const subscription = subscriptions.data[0];
+    user.stripeSubscriptionId = subscription.id;
+    // Map Stripe subscription status to our schema
+    const statusMapping = {
+      'active': 'active',
+      'past_due': 'past_due',
+      'unpaid': 'unpaid',
+      'canceled': 'cancelled',
+      'incomplete': 'incomplete',
+      'incomplete_expired': 'incomplete_expired',
+      'trialing': 'trialing'
+    };
+    user.subscriptionStatus = statusMapping[subscription.status] || subscription.status;
+    await user.save();
+  } else {
+    // No active subscription found. Check for successful one-off (payment) checkouts
+    const sessions = await stripe.checkout.sessions.list({
+      customer: user.stripeCustomerId,
+      limit: 10,
+    });
+    const lifetimeSession = sessions.data.find((session) => {
+      const mode = session.metadata?.billingMode || session.mode;
+      return (
+        mode === "payment" &&
+        session.payment_status === "paid"
+      );
+    });
+    if (lifetimeSession) {
+      user.subscriptionStatus = "active";
+    } else {
+      user.subscriptionStatus = "none";
+    }
+    await user.save();
+  }
+  res.json({ status: "success", subscriptionStatus: user.subscriptionStatus });
+});
+module.exports = {
+  createCheckoutSession,
+  createPortalSession,
+  handleWebhook,
+  reconcileSubscription,
+};

package/src/controllers/featureFlags.controller.js ADDED Viewed

@@ -0,0 +1,35 @@
+const {
+  evaluateAllForRequest,
+  flagsArrayToMap,
+} = require('../services/featureFlags.service');
+exports.getEvaluatedFlags = async (req, res) => {
+  try {
+    const userId = req.user?._id;
+    const orgId = req.query.orgId || req.headers['x-org-id'] || null;
+    const anonId = req.query.anonId || req.headers['x-anon-id'] || null;
+    const flagsArray = await evaluateAllForRequest({ userId, orgId, anonId });
+    const flags = flagsArrayToMap(flagsArray);
+    res.json({ flags });
+  } catch (error) {
+    console.error('Error evaluating feature flags:', error);
+    res.status(500).json({ error: 'Failed to evaluate feature flags' });
+  }
+};
+exports.getPublicFlags = async (req, res) => {
+  try {
+    const orgId = req.query.orgId || req.headers['x-org-id'] || null;
+    const anonId = req.query.anonId || req.headers['x-anon-id'] || null;
+    const flagsArray = await evaluateAllForRequest({ userId: null, orgId, anonId });
+    const flags = flagsArrayToMap(flagsArray);
+    res.json({ flags });
+  } catch (error) {
+    console.error('Error evaluating public feature flags:', error);
+    res.status(500).json({ error: 'Failed to evaluate feature flags' });
+  }
+};

package/src/controllers/forms.controller.js ADDED Viewed

@@ -0,0 +1,217 @@
+const crypto = require('crypto');
+const { verifyAccessToken } = require('../utils/jwt');
+const User = require('../models/User');
+const FormSubmission = require('../models/FormSubmission');
+const formsService = require('../services/forms.service');
+// --- Form Definition Management (Admin) ---
+exports.getForms = async (req, res) => {
+  try {
+    const forms = await formsService.getForms();
+    res.json(forms);
+  } catch (error) {
+    res.status(500).json({ error: error.message });
+  }
+};
+exports.saveForm = async (req, res) => {
+  try {
+    console.log('[FormsController] Saving form definition:', req.body);
+    const saved = await formsService.saveForm(req.body);
+    res.json(saved);
+  } catch (error) {
+    console.error('[FormsController] Error saving form:', error);
+    res.status(500).json({ error: error.message, stack: process.env.NODE_ENV === 'development' ? error.stack : undefined });
+  }
+};
+exports.deleteForm = async (req, res) => {
+  try {
+    await formsService.deleteForm(req.params.id);
+    res.json({ success: true });
+  } catch (error) {
+    res.status(500).json({ error: error.message });
+  }
+};
+// --- Submission Management (Admin) ---
+exports.adminList = async (req, res) => {
+  try {
+    const { formId, formKey, limit = 50, offset = 0 } = req.query;
+    // Support both formId and formKey (legacy)
+    const filterId = formId || formKey;
+    const result = await formsService.getSubmissions(
+      { formId: filterId },
+      {
+        limit: parseInt(limit, 10) || 50,
+        offset: parseInt(offset, 10) || 0
+      }
+    );
+    // Maintain legacy response format for compatibility
+    res.json({
+      submissions: result.entries,
+      pagination: result.pagination
+    });
+  } catch (error) {
+    console.error('Form admin list error:', error);
+    return res.status(500).json({ error: 'Failed to list submissions' });
+  }
+};
+exports.deleteSubmission = async (req, res) => {
+  try {
+    await formsService.deleteSubmission(req.params.id);
+    res.json({ success: true });
+  } catch (error) {
+    console.error('[FormsController] Error deleting submission:', error);
+    res.status(500).json({ error: 'Failed to delete submission' });
+  }
+};
+// --- Public Submission ---
+function parseCookieHeader(cookieHeader) {
+  const out = {};
+  if (!cookieHeader) return out;
+  const parts = cookieHeader.split(';');
+  for (const p of parts) {
+    const idx = p.indexOf('=');
+    if (idx === -1) continue;
+    const k = p.slice(0, idx).trim();
+    const v = p.slice(idx + 1).trim();
+    if (!k) continue;
+    out[k] = decodeURIComponent(v);
+  }
+  return out;
+}
+async function tryAttachUser(req) {
+  if (req.user?._id) return;
+  const authHeader = req.headers.authorization;
+  if (!authHeader || !authHeader.startsWith('Bearer ')) return;
+  try {
+    const token = authHeader.substring(7);
+    const decoded = verifyAccessToken(token);
+    const user = await User.findById(decoded.userId);
+    if (user) req.user = user;
+  } catch (e) {
+  }
+}
+function getAnonId(req) {
+  const headerAnon = req.get('x-anon-id');
+  if (headerAnon) return String(headerAnon).trim();
+  const cookies = parseCookieHeader(req.headers.cookie);
+  if (cookies.enbauges_anon_id) return String(cookies.enbauges_anon_id).trim();
+  const bodyAnon = req.body?.anonId;
+  if (bodyAnon) return String(bodyAnon).trim();
+  return null;
+}
+function normalizeEmail(email) {
+  return String(email || '').trim().toLowerCase();
+}
+function isValidEmail(email) {
+  if (!email) return false;
+  return /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email);
+}
+exports.submit = async (req, res) => {
+  try {
+    await tryAttachUser(req);
+    const formKey = String(req.params.formId || req.body?.formKey || '').trim();
+    const fields = req.body; // In POST forms, fields are the body itself or nested in fields
+    if (!formKey) {
+      return res.status(400).json({ error: 'formKey is required' });
+    }
+    if (!fields || typeof fields !== 'object') {
+      return res.status(400).json({ error: 'fields is required' });
+    }
+    if (formKey === 'contact') {
+      const email = normalizeEmail(fields.email);
+      const message = String(fields.message || '').trim();
+      if (!isValidEmail(email)) {
+        return res.status(400).json({ error: 'Email invalide', field: 'email' });
+      }
+      if (!message || message.length < 5) {
+        return res.status(400).json({ error: 'Message trop court', field: 'message' });
+      }
+    }
+    let actorType = 'anonymous';
+    let actorId = getAnonId(req);
+    let userId = null;
+    if (req.user?._id) {
+      actorType = 'user';
+      actorId = String(req.user._id);
+      userId = req.user._id;
+    }
+    if (!actorId) {
+      actorId = crypto.randomUUID();
+      res.cookie('enbauges_anon_id', actorId, {
+        httpOnly: false,
+        sameSite: 'lax',
+        maxAge: 1000 * 60 * 60 * 24 * 365,
+        path: '/',
+      });
+    }
+    const meta = {
+      ip: req.headers['x-forwarded-for'] || req.socket?.remoteAddress || null,
+      userAgent: req.get('user-agent') || null,
+      referer: req.get('referer') || null,
+    };
+    const doc = await formsService.submitForm(formKey, fields, {
+      ...meta,
+      actorType,
+      actorId,
+      userId
+    });
+    const formConfig = await formsService.getFormById(formKey);
+    if (formConfig?.successUrl) {
+      return res.redirect(formConfig.successUrl);
+    }
+    return res.status(201).json({ ok: true, id: String(doc._id) });
+  } catch (error) {
+    console.error('Form submit error:', error);
+    return res.status(500).json({ error: 'Failed to submit' });
+  }
+};
+exports.adminList = async (req, res) => {
+  try {
+    const { formKey, limit = 50, offset = 0 } = req.query;
+    const query = {};
+    if (formKey) query.formKey = formKey;
+    const submissions = await FormSubmission.find(query)
+      .sort({ createdAt: -1 })
+      .limit(parseInt(limit))
+      .skip(parseInt(offset))
+      .lean();
+    const total = await FormSubmission.countDocuments(query);
+    return res.json({ submissions, pagination: { total, limit: parseInt(limit), offset: parseInt(offset) } });
+  } catch (error) {
+    console.error('Form admin list error:', error);
+    return res.status(500).json({ error: 'Failed to list submissions' });
+  }
+};