@knotpad/app 0.1.4 → 0.1.6

package/app/api/restore/route.tsx

@@ -0,0 +1,148 @@
+/**
+ * Restore flow — two paths:
+ *
+ * 1. POST { type: "cloud" } — paid users: trigger cloud pull to repopulate local DB
+ * 2. POST { type: "file-replace", data: <JSON export> } — free/paid: validate
+ *    and replace the current workspace state with a Knotpad JSON export.
+ *
+ * .db file copy-paste (copy brief.db between machines) is handled at the CLI level
+ * in the npx distribution (Phase 9). The web app restore accepts JSON exports.
+ */
+
+import { NextRequest, NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { prisma } from "@/lib/prisma";
+import { runSync } from "@/lib/sync-worker";
+import { writeTombstone } from "@/lib/conflict-resolver";
+import {
+  restoreWorkspaceFromExport,
+  type BriefExport,
+} from "@/lib/backup/restore-workspace-from-export";
+
+const SUPPORTED_EXPORT_VERSION = 1;
+
+function validateExport(data: unknown): { valid: boolean; error?: string } {
+  if (!data || typeof data !== "object") {
+    return { valid: false, error: "Invalid file: not a JSON object" };
+  }
+  const d = data as Record<string, unknown>;
+  if (d.version !== SUPPORTED_EXPORT_VERSION) {
+    return {
+      valid: false,
+      error: `Unsupported export version ${d.version}. Expected ${SUPPORTED_EXPORT_VERSION}.`,
+    };
+  }
+  if (!Array.isArray(d.notes)) {
+    return { valid: false, error: "Invalid file: missing notes array" };
+  }
+  if (!d.workspace || typeof d.workspace !== "object") {
+    return { valid: false, error: "Invalid file: missing workspace info" };
+  }
+  return { valid: true };
+}
+
+export async function POST(req: NextRequest) {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const body = await req.json().catch(() => null);
+  if (!body) return NextResponse.json({ error: "Invalid body" }, { status: 400 });
+
+  const { type } = body as { type: string };
+
+  const member = await prisma.workspaceMember.findFirst({
+    where: { userId: session.user.id, role: { in: ["OWNER", "ADMIN"] } },
+    include: { workspace: true },
+  });
+  if (!member) {
+    return NextResponse.json({ error: "Must be workspace owner or admin" }, { status: 403 });
+  }
+
+  // --- Cloud restore ---
+  if (type === "cloud") {
+    if (!member.workspace.isPro) {
+      return NextResponse.json(
+        { error: "Cloud restore requires an active Pro subscription" },
+        { status: 403 }
+      );
+    }
+    const result = await runSync(member.workspaceId);
+    return NextResponse.json({
+      restored: true,
+      source: "cloud",
+      ...result,
+    });
+  }
+
+  // --- File replace restore ---
+  if (type === "file-replace") {
+    const { data } = body as { data: unknown };
+    const { valid, error } = validateExport(data);
+    if (!valid) {
+      return NextResponse.json({ error }, { status: 422 });
+    }
+
+    const exportData = data as BriefExport;
+    const pushedToCloud = member.workspace.isPro && member.workspace.isCloud;
+
+    await restoreWorkspaceFromExport({
+      workspaceId: member.workspaceId,
+      exportData,
+      pushToCloud: pushedToCloud,
+    });
+
+    return NextResponse.json({
+      restored: true,
+      source: "file-replace",
+      notesRestored: exportData.notes.length,
+      tasksRestored: exportData.notes.reduce((total, note) => total + note.tasks.length, 0),
+      pushedToCloud,
+    });
+  }
+
+  return NextResponse.json(
+    { error: "type must be 'cloud' or 'file-replace'" },
+    { status: 400 }
+  );
+}
+
+// --- DELETE: wipe workspace data before a restore ---
+export async function DELETE() {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const member = await prisma.workspaceMember.findFirst({
+    where: { userId: session.user.id, role: "OWNER" },
+  });
+  if (!member) {
+    return NextResponse.json({ error: "Only the workspace owner can wipe data" }, { status: 403 });
+  }
+
+  const workspaceId = member.workspaceId;
+
+  // Tombstone everything before wiping — prevents ghost resurrection on sync
+  const [notes, tasks] = await Promise.all([
+    prisma.note.findMany({ where: { workspaceId }, select: { id: true } }),
+    prisma.task.findMany({ where: { workspaceId }, select: { id: true } }),
+  ]);
+
+  await Promise.all([
+    ...notes.map((n) => writeTombstone(workspaceId, "note", n.id)),
+    ...tasks.map((t) => writeTombstone(workspaceId, "task", t.id)),
+  ]);
+
+  // Delete notes and tasks (cascade handles references, audit logs)
+  await prisma.$transaction([
+    prisma.task.deleteMany({ where: { workspaceId } }),
+    prisma.note.deleteMany({ where: { workspaceId } }),
+    prisma.conflictLog.deleteMany({ where: { workspaceId } }),
+  ]);
+
+  await prisma.syncState.upsert({
+    where: { workspaceId },
+    update: { lastSyncedAt: null, localVersion: 0, cloudVersion: 0, noteSnapshots: null },
+    create: { workspaceId },
+  });
+
+  return NextResponse.json({ wiped: true });
+}

package/app/api/sync/conflicts/[conflictId]/route.tsx

@@ -0,0 +1,134 @@
+import { NextRequest, NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { prisma, getPrimaryDb } from "@/lib/prisma";
+import { saveSnapshot } from "@/lib/note-sync";
+import { encryptContent, decryptContent } from "@/lib/note-crypto";
+import { getActiveWorkspaceId } from "@/lib/workspace";
+
+const VALID_TASK_STATUSES = ["OPEN", "CLAIMED", "IN_PROGRESS", "REVIEW", "DONE"];
+
+export async function PATCH(
+  req: NextRequest,
+  { params }: { params: Promise<{ conflictId: string }> }
+) {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const { conflictId } = await params;
+  const body = await req.json();
+
+  // resolution: "local" | "cloud" | "custom"
+  // value: required when resolution === "custom"
+  const { resolution, value } = body as {
+    resolution: "local" | "cloud" | "custom";
+    value?: string;
+  };
+
+  if (!["local", "cloud", "custom"].includes(resolution)) {
+    return NextResponse.json({ error: "Invalid resolution" }, { status: 400 });
+  }
+  if (resolution === "custom" && !value) {
+    return NextResponse.json({ error: "value required for custom resolution" }, { status: 400 });
+  }
+
+  const workspaceId = await getActiveWorkspaceId(session.user.id);
+  if (!workspaceId) return NextResponse.json({ error: "No workspace" }, { status: 404 });
+
+  const db = await getPrimaryDb(workspaceId);
+  const conflict = await db.conflictLog.findUnique({ where: { id: conflictId } });
+  if (!conflict || conflict.workspaceId !== workspaceId) {
+    return NextResponse.json({ error: "Not found" }, { status: 404 });
+  }
+  if (conflict.resolvedAt) {
+    return NextResponse.json({ error: "Already resolved" }, { status: 409 });
+  }
+
+  // localValue/cloudValue are ciphertext (notes) or plain status (tasks);
+  // a custom value arrives as plaintext from the editor.
+  const resolvedRaw =
+    resolution === "local"
+      ? conflict.localValue
+      : resolution === "cloud"
+      ? conflict.cloudValue
+      : value!;
+
+  if (conflict.entityType === "task" && !VALID_TASK_STATUSES.includes(resolvedRaw)) {
+    return NextResponse.json({ error: "Invalid task status" }, { status: 400 });
+  }
+
+  // For notes: store ciphertext, but keep the plaintext as the merge-base snapshot.
+  let storedContent = resolvedRaw;
+  let plaintextForSnapshot = resolvedRaw;
+  if (conflict.entityType === "note") {
+    if (resolution === "custom") {
+      plaintextForSnapshot = resolvedRaw; // already plaintext
+      storedContent = await encryptContent(resolvedRaw, workspaceId);
+    } else {
+      storedContent = resolvedRaw; // already ciphertext
+      plaintextForSnapshot = await decryptContent(resolvedRaw, workspaceId);
+    }
+  }
+
+  try {
+    await db.$transaction(async (tx) => {
+      if (conflict.entityType === "note") {
+        await tx.note.update({
+          where: { id: conflict.entityId },
+          data: { content: storedContent, version: { increment: 1 }, pendingSync: false },
+        });
+      } else if (conflict.entityType === "task") {
+        await tx.task.update({
+          where: { id: conflict.entityId },
+          data: { status: resolvedRaw as never, version: { increment: 1 }, pendingSync: false },
+        });
+      }
+
+      await tx.conflictLog.update({
+        where: { id: conflictId },
+        data: { resolvedBy: "user", resolvedAt: new Date() },
+      });
+    });
+  } catch (txErr: unknown) {
+    // P2025 = "Record not found" — the entity was deleted after the conflict was created.
+    // Mark the conflict resolved so it no longer appears in the UI.
+    const code = (txErr as { code?: string })?.code;
+    if (code === "P2025") {
+      await db.conflictLog.update({
+        where: { id: conflictId },
+        data: { resolvedBy: "user", resolvedAt: new Date() },
+      }).catch(() => {});
+      return NextResponse.json(
+        { error: "The entity was deleted before the conflict could be resolved", resolved: true },
+        { status: 410 }
+      );
+    }
+    throw txErr;
+  }
+
+  // Update snapshot so future merges use the resolved (plaintext) content as base.
+  // If the snapshot write fails, undo the resolution so the user can retry cleanly.
+  if (conflict.entityType === "note") {
+    try {
+      await saveSnapshot(workspaceId, conflict.entityId, plaintextForSnapshot, db);
+    } catch (snapshotErr) {
+      console.error("[brief] conflict snapshot failed, reopening conflict:", snapshotErr);
+      try {
+        await db.conflictLog.update({
+          where: { id: conflictId },
+          data: { resolvedBy: null, resolvedAt: null },
+        });
+      } catch { /* best-effort reopen */ }
+      return NextResponse.json({ error: "Failed to save snapshot — please retry" }, { status: 500 });
+    }
+  }
+
+  // Also clear pendingSync on local PGlite if this was a Pro workspace conflict
+  if (db !== prisma && conflict.entityType === "note") {
+    await prisma.note.updateMany({
+      where: { id: conflict.entityId, workspaceId },
+      data: { pendingSync: false },
+    }).catch(() => {});
+  }
+
+  return NextResponse.json({ resolved: true, resolution });
+}

package/app/api/sync/conflicts/route.tsx

@@ -0,0 +1,48 @@
+import { NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { getPrimaryDb } from "@/lib/prisma";
+import { decryptContent } from "@/lib/note-crypto";
+import { getActiveWorkspaceId } from "@/lib/workspace";
+
+export async function GET() {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const workspaceId = await getActiveWorkspaceId(session.user.id);
+  if (!workspaceId) return NextResponse.json({ error: "No workspace" }, { status: 404 });
+
+  const db = await getPrimaryDb(workspaceId);
+  const conflicts = await db.conflictLog.findMany({
+    where: { workspaceId, resolvedAt: null },
+    orderBy: { createdAt: "desc" },
+  });
+
+  // Enrich with note/task titles. Note conflict values are stored as ciphertext,
+  // so decrypt them here for the diff view (tasks store plain status strings).
+  const enriched = await Promise.all(
+    conflicts.map(async (c) => {
+      let label = c.entityId;
+      let { localValue, cloudValue } = c;
+      if (c.entityType === "note") {
+        const note = await db.note.findUnique({
+          where: { id: c.entityId },
+          select: { title: true },
+        });
+        label = note?.title ?? c.entityId;
+        [localValue, cloudValue] = await Promise.all([
+          decryptContent(c.localValue, workspaceId),
+          decryptContent(c.cloudValue, workspaceId),
+        ]);
+      } else if (c.entityType === "task") {
+        const task = await db.task.findUnique({
+          where: { id: c.entityId },
+          select: { title: true },
+        });
+        label = task?.title ?? c.entityId;
+      }
+      return { ...c, label, localValue, cloudValue };
+    })
+  );
+
+  return NextResponse.json(enriched);
+}

package/app/api/sync/status/route.tsx

@@ -0,0 +1,49 @@
+import { NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { prisma, getPrimaryDb } from "@/lib/prisma";
+import { getActiveWorkspaceId } from "@/lib/workspace";
+import { isWorkspacePro, isWorkspaceCloud } from "@/lib/license";
+
+export async function GET() {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const activeWs = await getActiveWorkspaceId(session.user.id);
+  const member = await prisma.workspaceMember.findFirst({
+    where: { userId: session.user.id, workspaceId: activeWs ?? undefined },
+    include: { workspace: { include: { syncState: true } } },
+  });
+  if (!member) return NextResponse.json({ error: "No workspace" }, { status: 404 });
+
+  const { workspace } = member;
+  const db = await getPrimaryDb(workspace.id);
+  const syncState = workspace.syncState;
+
+  // Derive entitlement from canonical license fields (not the cached booleans,
+  // which drift on direct DB edits). See lib/license.ts.
+  const isPro = isWorkspacePro(workspace);
+  const isCloud = isWorkspaceCloud(workspace);
+
+  const unresolvedConflicts = await db.conflictLog.count({
+    where: { workspaceId: workspace.id, resolvedAt: null },
+  });
+
+  // Count locally-buffered writes not yet flushed to Neon (Pro offline mode)
+  const [pendingNotes, pendingTasks] = isPro
+    ? await Promise.all([
+        prisma.note.count({ where: { workspaceId: workspace.id, pendingSync: true } }),
+        prisma.task.count({ where: { workspaceId: workspace.id, pendingSync: true } }),
+      ])
+    : [0, 0];
+
+  return NextResponse.json({
+    isCloud,
+    isPro,
+    cloudFirst: isPro && isCloud,
+    lastSyncedAt: syncState?.lastSyncedAt ?? null,
+    localVersion: syncState?.localVersion ?? 0,
+    cloudVersion: syncState?.cloudVersion ?? 0,
+    unresolvedConflicts,
+    pendingWrites: pendingNotes + pendingTasks,
+  });
+}

package/app/api/sync/trigger/route.tsx

@@ -0,0 +1,15 @@
+import { NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { runProFlush } from "@/lib/pro-flush";
+import { getActiveWorkspaceId } from "@/lib/workspace";
+
+export async function POST() {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const workspaceId = await getActiveWorkspaceId(session.user.id);
+  if (!workspaceId) return NextResponse.json({ error: "No workspace" }, { status: 404 });
+
+  const result = await runProFlush(workspaceId);
+  return NextResponse.json(result);
+}

package/app/api/tasks/[taskId]/detail/route.tsx

@@ -0,0 +1,68 @@
+import { NextRequest, NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { getPrimaryDb } from "@/lib/prisma";
+import { decryptContent } from "@/lib/note-crypto";
+import { getActiveWorkspaceId } from "@/lib/workspace";
+import { extractSnippet } from "@/lib/extract-snippet";
+
+export async function GET(
+  _req: NextRequest,
+  { params }: { params: Promise<{ taskId: string }> }
+) {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const { taskId } = await params;
+
+  const workspaceId = await getActiveWorkspaceId(session.user.id);
+  if (!workspaceId) return NextResponse.json({ error: "No workspace" }, { status: 404 });
+
+  const db = await getPrimaryDb(workspaceId);
+  const task = await db.task.findFirst({
+    where: { id: taskId, workspaceId },
+    include: {
+      note: { select: { id: true, title: true, content: true } },
+      assignee: { select: { id: true, name: true, email: true, image: true } },
+      auditLogs: {
+        orderBy: { createdAt: "desc" },
+        take: 20,
+        include: { user: { select: { id: true, name: true } } },
+      },
+    },
+  });
+
+  if (!task) return NextResponse.json({ error: "Not found" }, { status: 404 });
+
+  // Extract the paragraph context from the source note (decrypt first)
+  const noteContent = await decryptContent(task.note.content, workspaceId);
+  const snippet = extractSnippet(noteContent, task.title);
+
+  // Find other notes that reference this task's title
+  const otherRefs = await db.taskReference.findMany({
+    where: { taskId },
+    include: { note: { select: { id: true, title: true, content: true } } },
+  });
+
+  const references = [
+    {
+      noteId: task.note.id,
+      noteTitle: task.note.title,
+      snippet,
+    },
+    ...await Promise.all(
+      otherRefs
+        .filter((r) => r.noteId !== task.noteId)
+        .map(async (r) => {
+          const refContent = await decryptContent(r.note.content, workspaceId);
+          return {
+            noteId: r.noteId,
+            noteTitle: r.note.title,
+            snippet: r.snippet || extractSnippet(refContent, task.title),
+          };
+        })
+    ),
+  ];
+
+  return NextResponse.json({ ...task, references });
+}
+