npm - @intranefr/superbackend - Versions diffs - 1.5.0 → 1.5.2 - Mend

@intranefr/superbackend 1.5.0 → 1.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (198) hide show

package/.env.example +15 -0
package/README.md +11 -0
package/analysis-only.skill +0 -0
package/index.js +23 -0
package/package.json +8 -2
package/src/admin/endpointRegistry.js +120 -0
package/src/controllers/admin.controller.js +90 -6
package/src/controllers/adminBlockDefinitions.controller.js +127 -0
package/src/controllers/adminBlockDefinitionsAi.controller.js +54 -0
package/src/controllers/adminCache.controller.js +342 -0
package/src/controllers/adminContextBlockDefinitions.controller.js +141 -0
package/src/controllers/adminCrons.controller.js +388 -0
package/src/controllers/adminDbBrowser.controller.js +124 -0
package/src/controllers/adminEjsVirtual.controller.js +13 -3
package/src/controllers/adminExperiments.controller.js +200 -0
package/src/controllers/adminHeadless.controller.js +9 -2
package/src/controllers/adminHealthChecks.controller.js +570 -0
package/src/controllers/adminI18n.controller.js +51 -29
package/src/controllers/adminLlm.controller.js +126 -2
package/src/controllers/adminPages.controller.js +720 -0
package/src/controllers/adminPagesContextBlocksAi.controller.js +54 -0
package/src/controllers/adminProxy.controller.js +113 -0
package/src/controllers/adminRateLimits.controller.js +138 -0
package/src/controllers/adminRbac.controller.js +803 -0
package/src/controllers/adminScripts.controller.js +126 -4
package/src/controllers/adminSeoConfig.controller.js +71 -48
package/src/controllers/blogAdmin.controller.js +279 -0
package/src/controllers/blogAiAdmin.controller.js +224 -0
package/src/controllers/blogAutomationAdmin.controller.js +141 -0
package/src/controllers/blogInternal.controller.js +26 -0
package/src/controllers/blogPublic.controller.js +89 -0
package/src/controllers/experiments.controller.js +85 -0
package/src/controllers/fileManager.controller.js +190 -0
package/src/controllers/fileManagerStoragePolicy.controller.js +23 -0
package/src/controllers/healthChecksPublic.controller.js +196 -0
package/src/controllers/internalExperiments.controller.js +17 -0
package/src/controllers/metrics.controller.js +64 -4
package/src/controllers/orgAdmin.controller.js +80 -0
package/src/helpers/mongooseHelper.js +258 -0
package/src/helpers/scriptBase.js +230 -0
package/src/helpers/scriptRunner.js +335 -0
package/src/middleware/rbac.js +62 -0
package/src/middleware.js +810 -48
package/src/models/BlockDefinition.js +27 -0
package/src/models/BlogAutomationLock.js +14 -0
package/src/models/BlogAutomationRun.js +39 -0
package/src/models/BlogPost.js +42 -0
package/src/models/CacheEntry.js +26 -0
package/src/models/ConsoleEntry.js +32 -0
package/src/models/ConsoleLog.js +23 -0
package/src/models/ContextBlockDefinition.js +33 -0
package/src/models/CronExecution.js +47 -0
package/src/models/CronJob.js +70 -0
package/src/models/Experiment.js +75 -0
package/src/models/ExperimentAssignment.js +23 -0
package/src/models/ExperimentEvent.js +26 -0
package/src/models/ExperimentMetricBucket.js +30 -0
package/src/models/ExternalDbConnection.js +49 -0
package/src/models/FileEntry.js +22 -0
package/src/models/GlobalSetting.js +1 -2
package/src/models/HealthAutoHealAttempt.js +57 -0
package/src/models/HealthCheck.js +132 -0
package/src/models/HealthCheckRun.js +51 -0
package/src/models/HealthIncident.js +49 -0
package/src/models/Page.js +95 -0
package/src/models/PageCollection.js +42 -0
package/src/models/ProxyEntry.js +66 -0
package/src/models/RateLimitCounter.js +19 -0
package/src/models/RateLimitMetricBucket.js +20 -0
package/src/models/RbacGrant.js +25 -0
package/src/models/RbacGroup.js +16 -0
package/src/models/RbacGroupMember.js +13 -0
package/src/models/RbacGroupRole.js +13 -0
package/src/models/RbacRole.js +25 -0
package/src/models/RbacUserRole.js +13 -0
package/src/models/ScriptDefinition.js +1 -0
package/src/models/Webhook.js +2 -0
package/src/routes/admin.routes.js +2 -0
package/src/routes/adminBlog.routes.js +21 -0
package/src/routes/adminBlogAi.routes.js +16 -0
package/src/routes/adminBlogAutomation.routes.js +27 -0
package/src/routes/adminCache.routes.js +20 -0
package/src/routes/adminConsoleManager.routes.js +302 -0
package/src/routes/adminCrons.routes.js +25 -0
package/src/routes/adminDbBrowser.routes.js +65 -0
package/src/routes/adminEjsVirtual.routes.js +2 -1
package/src/routes/adminExperiments.routes.js +29 -0
package/src/routes/adminHeadless.routes.js +2 -1
package/src/routes/adminHealthChecks.routes.js +28 -0
package/src/routes/adminI18n.routes.js +4 -3
package/src/routes/adminLlm.routes.js +4 -2
package/src/routes/adminPages.routes.js +55 -0
package/src/routes/adminProxy.routes.js +15 -0
package/src/routes/adminRateLimits.routes.js +17 -0
package/src/routes/adminRbac.routes.js +38 -0
package/src/routes/adminSeoConfig.routes.js +5 -4
package/src/routes/adminUiComponents.routes.js +2 -1
package/src/routes/blogInternal.routes.js +14 -0
package/src/routes/blogPublic.routes.js +9 -0
package/src/routes/experiments.routes.js +30 -0
package/src/routes/fileManager.routes.js +62 -0
package/src/routes/fileManagerStoragePolicy.routes.js +9 -0
package/src/routes/healthChecksPublic.routes.js +9 -0
package/src/routes/internalExperiments.routes.js +15 -0
package/src/routes/log.routes.js +43 -60
package/src/routes/metrics.routes.js +4 -2
package/src/routes/orgAdmin.routes.js +1 -0
package/src/routes/pages.routes.js +123 -0
package/src/routes/proxy.routes.js +46 -0
package/src/routes/rbac.routes.js +47 -0
package/src/routes/webhook.routes.js +2 -1
package/src/routes/workflows.routes.js +4 -0
package/src/services/blockDefinitionsAi.service.js +247 -0
package/src/services/blog.service.js +99 -0
package/src/services/blogAutomation.service.js +978 -0
package/src/services/blogCronsBootstrap.service.js +185 -0
package/src/services/blogPublishing.service.js +58 -0
package/src/services/cacheLayer.service.js +696 -0
package/src/services/consoleManager.service.js +738 -0
package/src/services/consoleOverride.service.js +7 -1
package/src/services/cronScheduler.service.js +350 -0
package/src/services/dbBrowser.service.js +536 -0
package/src/services/ejsVirtual.service.js +102 -32
package/src/services/experiments.service.js +273 -0
package/src/services/experimentsAggregation.service.js +308 -0
package/src/services/experimentsCronsBootstrap.service.js +118 -0
package/src/services/experimentsRetention.service.js +43 -0
package/src/services/experimentsWs.service.js +134 -0
package/src/services/fileManager.service.js +475 -0
package/src/services/fileManagerStoragePolicy.service.js +285 -0
package/src/services/globalSettings.service.js +15 -0
package/src/services/healthChecks.service.js +650 -0
package/src/services/healthChecksBootstrap.service.js +109 -0
package/src/services/healthChecksScheduler.service.js +106 -0
package/src/services/jsonConfigs.service.js +2 -2
package/src/services/llmDefaults.service.js +190 -0
package/src/services/migrationAssets/s3.js +2 -2
package/src/services/pages.service.js +602 -0
package/src/services/pagesContext.service.js +331 -0
package/src/services/pagesContextBlocksAi.service.js +349 -0
package/src/services/proxy.service.js +535 -0
package/src/services/rateLimiter.service.js +623 -0
package/src/services/rbac.service.js +212 -0
package/src/services/scriptsRunner.service.js +215 -15
package/src/services/uiComponentsAi.service.js +6 -19
package/src/services/workflow.service.js +23 -8
package/src/utils/orgRoles.js +14 -0
package/src/utils/rbac/engine.js +60 -0
package/src/utils/rbac/rightsRegistry.js +33 -0
package/views/admin-blog-automation.ejs +877 -0
package/views/admin-blog-edit.ejs +542 -0
package/views/admin-blog.ejs +399 -0
package/views/admin-cache.ejs +681 -0
package/views/admin-console-manager.ejs +680 -0
package/views/admin-crons.ejs +645 -0
package/views/admin-dashboard.ejs +28 -8
package/views/admin-db-browser.ejs +445 -0
package/views/admin-ejs-virtual.ejs +16 -10
package/views/admin-experiments.ejs +91 -0
package/views/admin-file-manager.ejs +942 -0
package/views/admin-health-checks.ejs +725 -0
package/views/admin-i18n.ejs +59 -5
package/views/admin-llm.ejs +99 -1
package/views/admin-organizations.ejs +163 -1
package/views/admin-pages.ejs +2424 -0
package/views/admin-proxy.ejs +491 -0
package/views/admin-rate-limiter.ejs +625 -0
package/views/admin-rbac.ejs +1331 -0
package/views/admin-scripts.ejs +597 -3
package/views/admin-seo-config.ejs +61 -7
package/views/admin-ui-components.ejs +57 -25
package/views/admin-workflows.ejs +7 -7
package/views/file-manager.ejs +866 -0
package/views/pages/blocks/contact.ejs +27 -0
package/views/pages/blocks/cta.ejs +18 -0
package/views/pages/blocks/faq.ejs +20 -0
package/views/pages/blocks/features.ejs +19 -0
package/views/pages/blocks/hero.ejs +13 -0
package/views/pages/blocks/html.ejs +5 -0
package/views/pages/blocks/image.ejs +14 -0
package/views/pages/blocks/testimonials.ejs +26 -0
package/views/pages/blocks/text.ejs +10 -0
package/views/pages/layouts/default.ejs +51 -0
package/views/pages/layouts/minimal.ejs +42 -0
package/views/pages/layouts/sidebar.ejs +54 -0
package/views/pages/partials/footer.ejs +13 -0
package/views/pages/partials/header.ejs +12 -0
package/views/pages/partials/sidebar.ejs +8 -0
package/views/pages/runtime/page.ejs +10 -0
package/views/pages/templates/article.ejs +20 -0
package/views/pages/templates/default.ejs +12 -0
package/views/pages/templates/landing.ejs +14 -0
package/views/pages/templates/listing.ejs +15 -0
package/views/partials/admin-image-upload-modal.ejs +221 -0
package/views/partials/dashboard/nav-items.ejs +12 -0
package/views/partials/dashboard/palette.ejs +5 -3
package/views/partials/llm-provider-model-picker.ejs +183 -0
package/src/routes/llmUi.routes.js +0 -26

package/src/controllers/blogPublic.controller.js ADDED Viewed

@@ -0,0 +1,89 @@
+const BlogPost = require('../models/BlogPost');
+const { parsePagination } = require('../services/blog.service');
+exports.listPublished = async (req, res) => {
+  try {
+    const { page, limit, skip } = parsePagination({
+      page: req.query.page,
+      limit: req.query.limit,
+      maxLimit: 100,
+      defaultLimit: 20,
+    });
+    const filter = { status: 'published' };
+    const tag = String(req.query.tag || '').trim();
+    if (tag) {
+      filter.tags = tag;
+    }
+    const category = String(req.query.category || '').trim();
+    if (category) {
+      filter.category = category;
+    }
+    const q = String(req.query.q || '').trim();
+    if (q) {
+      const re = new RegExp(q.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'), 'i');
+      filter.$or = [{ title: re }, { excerpt: re }];
+    }
+    const [items, total] = await Promise.all([
+      BlogPost.find(filter)
+        .sort({ publishedAt: -1, createdAt: -1 })
+        .select('title slug excerpt coverImageUrl category tags authorName publishedAt createdAt updatedAt')
+        .skip(skip)
+        .limit(limit)
+        .lean(),
+      BlogPost.countDocuments(filter),
+    ]);
+    res.json({
+      items,
+      pagination: {
+        page,
+        limit,
+        total,
+        pages: Math.ceil(total / limit),
+      },
+    });
+  } catch (error) {
+    console.error('Error listing blog posts:', error);
+    res.status(500).json({ error: 'Failed to list blog posts' });
+  }
+};
+exports.getPublishedBySlug = async (req, res) => {
+  try {
+    const slug = String(req.params.slug || '').trim();
+    if (!slug) return res.status(400).json({ error: 'slug is required' });
+    const post = await BlogPost.findOne({ slug, status: 'published' }).lean();
+    if (!post) return res.status(404).json({ error: 'Not found' });
+    res.json({
+      post: {
+        _id: post._id,
+        title: post.title,
+        slug: post.slug,
+        status: post.status,
+        excerpt: post.excerpt,
+        markdown: post.markdown,
+        html: post.html,
+        coverImageUrl: post.coverImageUrl,
+        category: post.category,
+        tags: post.tags,
+        authorName: post.authorName,
+        seoTitle: post.seoTitle,
+        seoDescription: post.seoDescription,
+        scheduledAt: post.scheduledAt,
+        publishedAt: post.publishedAt,
+        createdAt: post.createdAt,
+        updatedAt: post.updatedAt,
+      },
+    });
+  } catch (error) {
+    console.error('Error getting blog post:', error);
+    res.status(500).json({ error: 'Failed to get blog post' });
+  }
+};

package/src/controllers/experiments.controller.js ADDED Viewed

@@ -0,0 +1,85 @@
+const experimentsService = require('../services/experiments.service');
+function toSafeJsonError(error) {
+  const msg = error?.message || 'Operation failed';
+  const code = error?.code;
+  if (code === 'VALIDATION') return { status: 400, body: { error: msg } };
+  if (code === 'NOT_FOUND') return { status: 404, body: { error: msg } };
+  if (code === 'CONFLICT') return { status: 409, body: { error: msg } };
+  return { status: 500, body: { error: msg } };
+}
+exports.getAssignment = async (req, res) => {
+  try {
+    const orgId = req.headers['x-org-id'] || req.query.orgId || req.body?.orgId;
+    const subjectId = req.query.subjectId || req.body?.subjectId;
+    const context = req.body?.context && typeof req.body.context === 'object' ? req.body.context : {};
+    const { experiment, assignment } = await experimentsService.getOrCreateAssignment({
+      orgId,
+      experimentCode: req.params.code,
+      subjectId,
+      context,
+    });
+    const variant = (experiment.variants || []).find((v) => String(v?.key || '') === String(assignment.variantKey));
+    const config = await experimentsService.resolveVariantConfig(variant);
+    const { snapshot } = await experimentsService.getWinnerSnapshot({ orgId, experimentCode: req.params.code });
+    return res.json({
+      experimentCode: experiment.code,
+      variantKey: assignment.variantKey,
+      assignedAt: assignment.assignedAt,
+      config,
+      winner: {
+        winnerVariantKey: snapshot.winnerVariantKey,
+        decidedAt: snapshot.winnerDecidedAt,
+        reason: snapshot.winnerReason,
+        status: snapshot.status,
+      },
+    });
+  } catch (err) {
+    const safe = toSafeJsonError(err);
+    return res.status(safe.status).json(safe.body);
+  }
+};
+exports.postEvents = async (req, res) => {
+  try {
+    const orgId = req.headers['x-org-id'] || req.query.orgId || req.body?.orgId;
+    const subjectId = req.query.subjectId || req.body?.subjectId;
+    const payload = req.body || {};
+    const events = Array.isArray(payload.events) ? payload.events : [payload];
+    const result = await experimentsService.ingestEvents({
+      orgId,
+      experimentCode: req.params.code,
+      subjectId,
+      events,
+    });
+    return res.status(201).json(result);
+  } catch (err) {
+    const safe = toSafeJsonError(err);
+    return res.status(safe.status).json(safe.body);
+  }
+};
+exports.getWinner = async (req, res) => {
+  try {
+    const orgId = req.headers['x-org-id'] || req.query.orgId || req.body?.orgId;
+    const { snapshot } = await experimentsService.getWinnerSnapshot({ orgId, experimentCode: req.params.code });
+    return res.json({
+      status: snapshot.status,
+      winnerVariantKey: snapshot.winnerVariantKey,
+      decidedAt: snapshot.winnerDecidedAt,
+      reason: snapshot.winnerReason,
+    });
+  } catch (err) {
+    const safe = toSafeJsonError(err);
+    return res.status(safe.status).json(safe.body);
+  }
+};

package/src/controllers/fileManager.controller.js ADDED Viewed

@@ -0,0 +1,190 @@
+const fileManagerService = require('../services/fileManager.service');
+exports.listDrives = async (req, res) => {
+  try {
+    const orgId = req.query.orgId || req.headers['x-org-id'] || null;
+    const payload = await fileManagerService.listDrives({ userId: req.user._id, orgId });
+    return res.json(payload);
+  } catch (error) {
+    const code = error?.code;
+    if (code === 'VALIDATION') return res.status(400).json({ error: error.message });
+    console.error('Error listing file manager drives:', error);
+    return res.status(500).json({ error: 'Failed to list drives' });
+  }
+};
+exports.listFolder = async (req, res) => {
+  try {
+    const orgId = req.query.orgId || req.body?.orgId || req.headers['x-org-id'] || null;
+    const driveType = req.query.driveType || req.body?.driveType;
+    const driveId = req.query.driveId || req.body?.driveId;
+    const folderPath = req.query.folderPath || req.query.path || req.body?.folderPath || '/';
+    const payload = await fileManagerService.listFolder({
+      orgId,
+      driveType,
+      driveId,
+      parentPath: folderPath || '/',
+    });
+    return res.json(payload);
+  } catch (error) {
+    const code = error?.code;
+    if (code === 'VALIDATION') return res.status(400).json({ error: error.message });
+    console.error('Error listing file manager folder:', error);
+    return res.status(500).json({ error: 'Failed to list folder' });
+  }
+};
+exports.upload = async (req, res) => {
+  try {
+    if (!req.file && !req.files?.file) {
+      return res.status(400).json({ error: 'No file provided' });
+    }
+    const file = req.file || req.files.file;
+    const buffer = file.buffer || (file.data ? file.data : null);
+    if (!buffer) {
+      return res.status(400).json({ error: 'Unable to read file buffer' });
+    }
+    const contentType = file.mimetype;
+    const name = req.body?.name || file.originalname || file.name;
+    const overwriteRaw = req.body?.overwrite ?? req.query?.overwrite;
+    const overwrite = overwriteRaw === 'true' || overwriteRaw === true || overwriteRaw === '1';
+    const orgId = req.body?.orgId ?? req.query?.orgId;
+    const driveType = req.body?.driveType ?? req.query?.driveType;
+    const driveId = req.body?.driveId ?? req.query?.driveId;
+    const folderPath = req.body?.folderPath ?? req.query?.folderPath;
+    const payload = await fileManagerService.uploadFile({
+      userId: req.user._id,
+      orgId,
+      driveType,
+      driveId,
+      parentPath: folderPath || '/',
+      name,
+      buffer,
+      contentType,
+      overwrite,
+      requestedVisibility: req.body?.visibility,
+    });
+    return res.status(201).json(payload);
+  } catch (error) {
+    const code = error?.code;
+    if (code === 'VALIDATION') return res.status(400).json({ error: error.message });
+    if (code === 'CONFLICT') return res.status(409).json({ error: error.message, ...error.details });
+    if (code === 'UPLOAD_REJECTED') return res.status(400).json({ error: error.message, ...error.details });
+    console.error('Error uploading file manager file:', error);
+    return res.status(500).json({ error: 'Failed to upload file' });
+  }
+};
+exports.download = async (req, res) => {
+  try {
+    const orgId = req.query.orgId || req.headers['x-org-id'] || null;
+    const driveType = req.query.driveType;
+    const driveId = req.query.driveId;
+    const result = await fileManagerService.downloadFile({
+      orgId,
+      driveType,
+      driveId,
+      fileId: req.params.id,
+    });
+    res.set('Content-Type', result.contentType);
+    if (result.asset?.originalName) {
+      res.set('Content-Disposition', `inline; filename="${result.asset.originalName}"`);
+    }
+    res.send(result.body);
+  } catch (error) {
+    const code = error?.code;
+    if (code === 'VALIDATION') return res.status(400).json({ error: error.message });
+    if (code === 'NOT_FOUND') return res.status(404).json({ error: 'Not found' });
+    console.error('Error downloading file manager file:', error);
+    return res.status(500).json({ error: 'Failed to download file' });
+  }
+};
+exports.delete = async (req, res) => {
+  try {
+    const orgId = req.query.orgId || req.body?.orgId || req.headers['x-org-id'] || null;
+    const driveType = req.query.driveType || req.body?.driveType;
+    const driveId = req.query.driveId || req.body?.driveId;
+    const payload = await fileManagerService.deleteFile({
+      orgId,
+      driveType,
+      driveId,
+      fileId: req.params.id,
+    });
+    return res.json(payload);
+  } catch (error) {
+    const code = error?.code;
+    if (code === 'VALIDATION') return res.status(400).json({ error: error.message });
+    if (code === 'NOT_FOUND') return res.status(404).json({ error: 'Not found' });
+    console.error('Error deleting file manager file:', error);
+    return res.status(500).json({ error: 'Failed to delete file' });
+  }
+};
+exports.update = async (req, res) => {
+  try {
+    const orgId = req.body?.orgId || req.query.orgId || req.headers['x-org-id'] || null;
+    const driveType = req.body?.driveType || req.query.driveType;
+    const driveId = req.body?.driveId || req.query.driveId;
+    const payload = await fileManagerService.updateFile({
+      orgId,
+      driveType,
+      driveId,
+      fileId: req.params.id,
+      name: req.body?.name,
+      parentPath: req.body?.folderPath,
+    });
+    return res.json(payload);
+  } catch (error) {
+    const code = error?.code;
+    if (code === 'VALIDATION') return res.status(400).json({ error: error.message });
+    if (code === 'CONFLICT') return res.status(409).json({ error: error.message, ...error.details });
+    if (code === 'NOT_FOUND') return res.status(404).json({ error: 'Not found' });
+    console.error('Error updating file manager file:', error);
+    return res.status(500).json({ error: 'Failed to update file' });
+  }
+};
+exports.setShare = async (req, res) => {
+  try {
+    const orgId = req.body?.orgId || req.query.orgId || req.headers['x-org-id'] || null;
+    const driveType = req.body?.driveType || req.query.driveType;
+    const driveId = req.body?.driveId || req.query.driveId;
+    const enabled = req.body?.enabled === true || req.body?.enabled === 'true' || req.body?.enabled === '1';
+    const payload = await fileManagerService.setShare({
+      orgId,
+      driveType,
+      driveId,
+      fileId: req.params.id,
+      enabled,
+    });
+    return res.json(payload);
+  } catch (error) {
+    const code = error?.code;
+    if (code === 'VALIDATION') return res.status(400).json({ error: error.message });
+    if (code === 'NOT_FOUND') return res.status(404).json({ error: 'Not found' });
+    if (code === 'VISIBILITY_ENFORCED') return res.status(400).json({ error: error.message });
+    console.error('Error toggling file manager share:', error);
+    return res.status(500).json({ error: 'Failed to update share status' });
+  }
+};

package/src/controllers/fileManagerStoragePolicy.controller.js ADDED Viewed

@@ -0,0 +1,23 @@
+const fileManagerStoragePolicyService = require('../services/fileManagerStoragePolicy.service');
+exports.getStoragePolicy = async (req, res) => {
+  try {
+    const orgId = req.query.orgId || req.headers['x-org-id'] || null;
+    const driveType = req.query.driveType;
+    const driveId = req.query.driveId;
+    const payload = await fileManagerStoragePolicyService.getEffectivePolicy({
+      userId: req.user._id,
+      orgId,
+      driveType,
+      driveId,
+    });
+    return res.json(payload);
+  } catch (error) {
+    const code = error?.code;
+    if (code === 'VALIDATION') return res.status(400).json({ error: error.message });
+    console.error('Error getting file manager storage policy:', error);
+    return res.status(500).json({ error: 'Failed to get storage policy' });
+  }
+};

package/src/controllers/healthChecksPublic.controller.js ADDED Viewed

@@ -0,0 +1,196 @@
+const HealthCheck = require('../models/HealthCheck');
+const HealthIncident = require('../models/HealthIncident');
+const globalSettingsService = require('../services/globalSettings.service');
+const PUBLIC_STATUS_SETTING_KEY = 'healthChecks.publicStatusEnabled';
+function escapeHtml(unsafe) {
+  return String(unsafe || '')
+    .replace(/&/g, '&amp;')
+    .replace(/</g, '&lt;')
+    .replace(/>/g, '&gt;')
+    .replace(/"/g, '&quot;')
+    .replace(/'/g, '&#39;');
+}
+function renderHtml(payload) {
+  const status = payload.status || 'unknown';
+  const badgeClass = status === 'ok' ? 'badge-success' : status === 'degraded' ? 'badge-warning' : 'badge-error';
+  const checks = Array.isArray(payload.checks) ? payload.checks : [];
+  const bodyRows = checks.length > 0
+    ? checks
+        .map((c) => {
+          const cStatus = String(c.status || 'unknown');
+          const cBadgeClass = cStatus === 'healthy' ? 'badge-success' : cStatus === 'unhealthy' ? 'badge-error' : 'badge-ghost';
+          const incident = c.incident;
+          const incidentLabel = incident ? `${incident.status} (${incident.severity})` : '-';
+          return `
+        <tr>
+          <td class="font-medium">${escapeHtml(c.name)}</td>
+          <td><span class="badge ${cBadgeClass}">${escapeHtml(cStatus)}</span></td>
+          <td class="text-slate-500">${c.lastRunAt ? new Date(c.lastRunAt).toLocaleString() : '-'}</td>
+          <td class="text-slate-500">${c.lastLatencyMs != null ? escapeHtml(String(c.lastLatencyMs)) + ' ms' : '-'}</td>
+          <td class="text-xs">${escapeHtml(incidentLabel)}</td>
+        </tr>`;
+        })
+        .join('')
+    : '<tr><td colspan="5" class="text-slate-500 text-center">No checks found</td></tr>';
+  return `<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>Health Checks Status</title>
+    <script src="https://cdn.tailwindcss.com"></script>
+    <link href="https://cdn.jsdelivr.net/npm/daisyui@4.12.10/dist/full.min.css" rel="stylesheet" type="text/css" />
+  </head>
+  <body class="bg-slate-50">
+    <div class="max-w-5xl mx-auto px-6 py-8">
+      <div class="flex items-start justify-between gap-4">
+        <div>
+          <h1 class="text-2xl font-semibold text-slate-900">Health Checks</h1>
+          <div class="text-sm text-slate-500">Public status summary</div>
+        </div>
+        <div class="text-right">
+          <div class="text-sm text-slate-500">Overall</div>
+          <div class="badge ${badgeClass} badge-lg">${escapeHtml(status)}</div>
+          <div class="text-xs text-slate-500 mt-1">Updated: ${escapeHtml(payload.updatedAt || '')}</div>
+        </div>
+      </div>
+      <div class="mt-6 grid grid-cols-2 gap-3">
+        <div class="card bg-white border border-slate-200">
+          <div class="card-body py-4">
+            <div class="text-sm text-slate-500">Total checks</div>
+            <div class="text-xl font-semibold">${payload.totalChecks || 0}</div>
+          </div>
+        </div>
+        <div class="card bg-white border border-slate-200">
+          <div class="card-body py-4">
+            <div class="text-sm text-slate-500">Unhealthy</div>
+            <div class="text-xl font-semibold">${payload.unhealthyCount || 0}</div>
+          </div>
+        </div>
+      </div>
+      <div class="mt-6 card bg-white border border-slate-200">
+        <div class="card-body p-0">
+          <div class="overflow-x-auto">
+            <table class="table table-zebra w-full">
+              <thead>
+                <tr>
+                  <th>Name</th>
+                  <th>Status</th>
+                  <th>Last run</th>
+                  <th>Latency</th>
+                  <th>Incident</th>
+                </tr>
+              </thead>
+              <tbody>
+                ${bodyRows}
+              </tbody>
+            </table>
+          </div>
+        </div>
+      </div>
+      <div class="mt-4 text-xs text-slate-500">
+        Tip: add <code class="px-1 py-0.5 bg-slate-100 rounded">/json</code> to the URL for JSON format.
+      </div>
+    </div>
+  </body>
+</html>`;
+}
+async function computeStatusPayload() {
+  const checks = await HealthCheck.find({ enabled: true }).sort({ name: 1 }).lean();
+  const checkIds = checks.map((c) => String(c._id));
+  const incidents = await HealthIncident.find({
+    healthCheckId: { $in: checkIds },
+    status: { $in: ['open', 'acknowledged'] },
+  }).lean();
+  const incidentMap = {};
+  for (const incident of incidents) {
+    if (!incidentMap[incident.healthCheckId]) {
+      incidentMap[incident.healthCheckId] = incident;
+    }
+  }
+  const summaries = checks.map((check) => {
+    const incident = incidentMap[String(check._id)];
+    return {
+      id: String(check._id),
+      name: check.name,
+      status: incident ? incident.status : (check.lastStatus || 'unknown'),
+      lastRunAt: check.lastRunAt || null,
+      lastLatencyMs: check.lastLatencyMs || null,
+      incident: incident
+        ? {
+            id: String(incident._id),
+            status: incident.status,
+            severity: incident.severity,
+            openedAt: incident.openedAt,
+            lastSeenAt: incident.lastSeenAt,
+          }
+        : null,
+    };
+  });
+  const unhealthyCount = summaries.filter((s) => s.status === 'unhealthy' || s.incident).length;
+  const overallStatus = unhealthyCount > 0 ? 'degraded' : 'ok';
+  return {
+    ok: overallStatus === 'ok',
+    status: overallStatus,
+    updatedAt: new Date().toISOString(),
+    totalChecks: summaries.length,
+    unhealthyCount,
+    checks: summaries,
+  };
+}
+exports.getStatus = async (req, res) => {
+  try {
+    const raw = await globalSettingsService.getSettingValue(PUBLIC_STATUS_SETTING_KEY, 'false');
+    const enabled = String(raw) === 'true';
+    if (!enabled) {
+      return res.status(404).json({ error: 'Not found' });
+    }
+    const payload = await computeStatusPayload();
+    const html = renderHtml(payload);
+    res.setHeader('Content-Type', 'text/html; charset=utf-8');
+    return res.status(200).send(html);
+  } catch (error) {
+    console.error('Failed to compute health checks status:', error);
+    return res.status(500).json({ error: 'Failed to compute status' });
+  }
+};
+exports.getStatusJson = async (req, res) => {
+  try {
+    const raw = await globalSettingsService.getSettingValue(PUBLIC_STATUS_SETTING_KEY, 'false');
+    const enabled = String(raw) === 'true';
+    if (!enabled) {
+      return res.status(404).json({ error: 'Not found' });
+    }
+    const payload = await computeStatusPayload();
+    return res.json(payload);
+  } catch (error) {
+    console.error('Failed to compute health checks status json:', error);
+    return res.status(500).json({ error: 'Failed to compute status' });
+  }
+};

package/src/controllers/internalExperiments.controller.js ADDED Viewed

@@ -0,0 +1,17 @@
+const experimentsAggregation = require('../services/experimentsAggregation.service');
+const experimentsRetention = require('../services/experimentsRetention.service');
+exports.runAggregation = async (req, res) => {
+  const body = req.body || {};
+  const bucketMs = body.bucketMs;
+  const start = body.start;
+  const end = body.end;
+  const data = await experimentsAggregation.runAggregationAndWinner({ bucketMs, start, end });
+  return res.json(data);
+};
+exports.runRetention = async (_req, res) => {
+  const data = await experimentsRetention.runRetentionCleanup();
+  return res.json(data);
+};