@open-mercato/core 0.4.2-canary-07dbc98202 → 0.4.2-canary-11e19dfb84

package/src/modules/sales/i18n/de.json

@@ -9,26 +9,6 @@
       "title": "Vertriebsmanagement",
       "description": "Angebote, Aufträge, Fulfillment, Rechnungsstellung und Zahlungen verbunden mit dem Produktkatalog."
     },
-    "notifications": {
-      "order": {
-        "created": {
-          "title": "Neue Bestellung",
-          "body": "Bestellung {orderNumber} wurde erstellt{total}"
-        }
-      },
-      "quote": {
-        "created": {
-          "title": "Neues Angebot",
-          "body": "Angebot {quoteNumber} wurde erstellt{total}"
-        }
-      },
-      "renderer": {
-        "viewOrder": "Bestellung anzeigen",
-        "viewQuote": "Angebot anzeigen",
-        "assignedToYou": "Ihnen zugewiesen",
-        "pendingReview": "Ausstehende Prüfung"
-      }
-    },
     "quotes": {
       "send": {
         "action": "An Kunden senden",

package/src/modules/sales/i18n/en.json

@@ -9,26 +9,6 @@
       "title": "Sales Management",
       "description": "Quotes, orders, fulfillment, invoicing, and payments connected to the product catalog."
     },
-    "notifications": {
-      "order": {
-        "created": {
-          "title": "New Sales Order",
-          "body": "Sales order {orderNumber} has been created{total}"
-        }
-      },
-      "quote": {
-        "created": {
-          "title": "New Sales Quote",
-          "body": "Sales quote {quoteNumber} has been created{total}"
-        }
-      },
-      "renderer": {
-        "viewOrder": "View Order",
-        "viewQuote": "View Quote",
-        "assignedToYou": "Assigned to you",
-        "pendingReview": "Pending review"
-      }
-    },
     "quotes": {
       "send": {
         "action": "Send to customer",
@@ -1536,9 +1516,5 @@
   "sales.search.badge.deliveryWindow": "Delivery window",
   "sales.search.badge.paymentMethod": "Payment method",
   "sales.search.badge.taxRate": "Tax rate",
-  "sales.search.badge.documentTag": "Document tag",
-  "sales.notifications.payment.received.title": "Payment Received",
-  "sales.notifications.payment.received.body": "Payment of {amount} received for order #{orderNumber}",
-  "sales.notifications.quote.expiring.title": "Quote Expiring Soon",
-  "sales.notifications.quote.expiring.body": "Quote #{quoteNumber} expires in {daysUntilExpiry} days ({expiresAt})"
+  "sales.search.badge.documentTag": "Document tag"
 }

package/src/modules/sales/i18n/es.json

@@ -9,26 +9,6 @@
       "title": "Gestión de ventas",
       "description": "Cotizaciones, pedidos, cumplimiento, facturación y pagos conectados al catálogo de productos."
     },
-    "notifications": {
-      "order": {
-        "created": {
-          "title": "Nuevo pedido de venta",
-          "body": "El pedido {orderNumber} ha sido creado{total}"
-        }
-      },
-      "quote": {
-        "created": {
-          "title": "Nueva cotización",
-          "body": "La cotización {quoteNumber} ha sido creada{total}"
-        }
-      },
-      "renderer": {
-        "viewOrder": "Ver pedido",
-        "viewQuote": "Ver cotización",
-        "assignedToYou": "Asignado a usted",
-        "pendingReview": "Pendiente de revisión"
-      }
-    },
     "quotes": {
       "send": {
         "action": "Enviar al cliente",

package/src/modules/sales/i18n/pl.json

@@ -9,26 +9,6 @@
       "title": "Sprzedaż",
       "description": "Oferty, zamówienia, realizacja, fakturowanie i płatności powiązane z katalogiem produktów."
     },
-    "notifications": {
-      "order": {
-        "created": {
-          "title": "Nowe zamówienie",
-          "body": "Zamówienie {orderNumber} zostało utworzone{total}"
-        }
-      },
-      "quote": {
-        "created": {
-          "title": "Nowa oferta",
-          "body": "Oferta {quoteNumber} została utworzona{total}"
-        }
-      },
-      "renderer": {
-        "viewOrder": "Zobacz zamówienie",
-        "viewQuote": "Zobacz ofertę",
-        "assignedToYou": "Przypisane do Ciebie",
-        "pendingReview": "Oczekuje na przegląd"
-      }
-    },
     "quotes": {
       "send": {
         "action": "Wyślij do klienta",

package/src/modules/staff/commands/leave-requests.ts

@@ -21,9 +21,6 @@ import {
 } from '../data/validators'
 import { ensureOrganizationScope, ensureTenantScope, extractUndoPayload, requireTeamMember } from './shared'
 import { E } from '#generated/entities.ids.generated'
-import { resolveNotificationService } from '../../notifications/lib/notificationService'
-import { buildFeatureNotificationFromType, buildNotificationFromType } from '../../notifications/lib/notificationBuilder'
-import { notificationTypes } from '../notifications'
 
 const leaveRequestCrudIndexer: CrudIndexerConfig<StaffLeaveRequest> = {
   entityType: E.staff.staff_leave_request,
@@ -261,36 +258,6 @@ const createLeaveRequestCommand: CommandHandler<StaffLeaveRequestCreateInput, {
       indexer: leaveRequestCrudIndexer,
     })
 
-    // Create notification for users who can approve/reject leave requests
-    try {
-      const notificationService = resolveNotificationService(ctx.container)
-      const typeDef = notificationTypes.find((type) => type.type === 'staff.leave_request.pending')
-      if (typeDef) {
-        const memberName = member.displayName || 'Team member'
-        const startDateStr = request.startDate.toLocaleDateString()
-        const endDateStr = request.endDate.toLocaleDateString()
-
-        const notificationInput = buildFeatureNotificationFromType(typeDef, {
-          requiredFeature: 'staff.leave_requests.manage',
-          bodyVariables: {
-            memberName,
-            startDate: startDateStr,
-            endDate: endDateStr,
-          },
-          sourceEntityType: 'staff:leave_request',
-          sourceEntityId: request.id,
-          linkHref: `/backend/staff/leave-requests/${request.id}`,
-        })
-
-        await notificationService.createForFeature(notificationInput, {
-          tenantId: request.tenantId,
-          organizationId: request.organizationId,
-        })
-      }
-    } catch {
-      // Notification creation is non-critical, don't fail the command
-    }
-
     return { requestId: request.id }
   },
   captureAfter: async (_input, result, ctx) => {
@@ -608,36 +575,6 @@ const acceptLeaveRequestCommand: CommandHandler<StaffLeaveRequestDecisionInput,
       ruleIds: createdRuleIds,
     })
 
-    // Send notification to the requester
-    if (request.submittedByUserId) {
-      try {
-        const notificationService = resolveNotificationService(ctx.container)
-        const typeDef = notificationTypes.find((type) => type.type === 'staff.leave_request.approved')
-        if (typeDef) {
-          const startDateStr = request.startDate.toLocaleDateString()
-          const endDateStr = request.endDate.toLocaleDateString()
-
-          const notificationInput = buildNotificationFromType(typeDef, {
-            recipientUserId: request.submittedByUserId,
-            bodyVariables: {
-              startDate: startDateStr,
-              endDate: endDateStr,
-            },
-            sourceEntityType: 'staff:leave_request',
-            sourceEntityId: request.id,
-            linkHref: `/backend/staff/leave-requests/${request.id}`,
-          })
-
-          await notificationService.create(notificationInput, {
-            tenantId: request.tenantId,
-            organizationId: request.organizationId,
-          })
-        }
-      } catch {
-        // Notification creation is non-critical, don't fail the command
-      }
-    }
-
     return { requestId: request.id, ruleIds: createdRuleIds }
   },
   buildLog: async ({ result, ctx, snapshots }) => {
@@ -759,37 +696,6 @@ const rejectLeaveRequestCommand: CommandHandler<StaffLeaveRequestDecisionInput,
       indexer: leaveRequestCrudIndexer,
     })
 
-    // Send notification to the requester
-    if (request.submittedByUserId) {
-      try {
-        const notificationService = resolveNotificationService(ctx.container)
-        const typeDef = notificationTypes.find((type) => type.type === 'staff.leave_request.rejected')
-        if (typeDef) {
-          const startDateStr = request.startDate.toLocaleDateString()
-          const endDateStr = request.endDate.toLocaleDateString()
-
-          const notificationInput = buildNotificationFromType(typeDef, {
-            recipientUserId: request.submittedByUserId,
-            bodyVariables: {
-              startDate: startDateStr,
-              endDate: endDateStr,
-              reason: request.decisionComment ?? '',
-            },
-            sourceEntityType: 'staff:leave_request',
-            sourceEntityId: request.id,
-            linkHref: `/backend/staff/leave-requests/${request.id}`,
-          })
-
-          await notificationService.create(notificationInput, {
-            tenantId: request.tenantId,
-            organizationId: request.organizationId,
-          })
-        }
-      } catch {
-        // Notification creation is non-critical, don't fail the command
-      }
-    }
-
     return { requestId: request.id }
   },
   async prepare(rawInput, ctx) {

package/src/modules/staff/i18n/de.json

@@ -797,10 +797,6 @@
   "staff.teams.tabs.details": "Details",
   "staff.teams.tabs.label": "Teamabschnitte",
   "staff.teams.tabs.members": "Teammitglieder",
-  "staff.notifications.leaveRequest.pending.title": "Urlaubsantrag ausstehend",
-  "staff.notifications.leaveRequest.pending.body": "{memberName} hat Urlaub vom {startDate} bis {endDate} beantragt",
-  "staff.notifications.leaveRequest.actions.approve": "Genehmigen",
-  "staff.notifications.leaveRequest.actions.reject": "Ablehnen",
   "staff.leaveRequests.page.title": "Urlaubsantr\u00e4ge",
   "staff.leaveRequests.page.description": "Urlaubsantr\u00e4ge des Teams pr\u00fcfen.",
   "staff.leaveRequests.my.title": "Meine Urlaubsantr\u00e4ge",

package/src/modules/staff/i18n/en.json

@@ -797,10 +797,6 @@
   "staff.teams.tabs.details": "Details",
   "staff.teams.tabs.label": "Team sections",
   "staff.teams.tabs.members": "Team members",
-  "staff.notifications.leaveRequest.pending.title": "Leave Request Pending",
-  "staff.notifications.leaveRequest.pending.body": "{memberName} has requested leave from {startDate} to {endDate}",
-  "staff.notifications.leaveRequest.actions.approve": "Approve",
-  "staff.notifications.leaveRequest.actions.reject": "Reject",
   "staff.leaveRequests.page.title": "Leave requests",
   "staff.leaveRequests.page.description": "Review leave requests from your team.",
   "staff.leaveRequests.my.title": "My leave requests",
@@ -878,9 +874,5 @@
   "staff.myAvailability.readOnly.body": "Use leave requests to request changes.",
   "staff.teamMembers.self.createTitle": "Create my profile",
   "staff.teamMembers.self.created": "Profile created.",
-  "staff.teamMembers.self.exists": "Team member profile already exists.",
-  "staff.notifications.leaveRequest.approved.title": "Leave Request Approved",
-  "staff.notifications.leaveRequest.approved.body": "Your leave request from {startDate} to {endDate} has been approved",
-  "staff.notifications.leaveRequest.rejected.title": "Leave Request Rejected",
-  "staff.notifications.leaveRequest.rejected.body": "Your leave request from {startDate} to {endDate} has been rejected{reason, select, other { - {reason}}}"
+  "staff.teamMembers.self.exists": "Team member profile already exists."
 }

package/src/modules/staff/i18n/es.json

@@ -797,10 +797,6 @@
   "staff.teams.tabs.details": "Detalles",
   "staff.teams.tabs.label": "Secciones del equipo",
   "staff.teams.tabs.members": "Miembros del equipo",
-  "staff.notifications.leaveRequest.pending.title": "Solicitud de ausencia pendiente",
-  "staff.notifications.leaveRequest.pending.body": "{memberName} ha solicitado ausencia del {startDate} al {endDate}",
-  "staff.notifications.leaveRequest.actions.approve": "Aprobar",
-  "staff.notifications.leaveRequest.actions.reject": "Rechazar",
   "staff.leaveRequests.page.title": "Solicitudes de ausencia",
   "staff.leaveRequests.page.description": "Revisa las solicitudes de ausencia del equipo.",
   "staff.leaveRequests.my.title": "Mis solicitudes de ausencia",

package/src/modules/staff/i18n/pl.json

@@ -797,10 +797,6 @@
   "staff.teams.tabs.details": "Szczeg\u00f3\u0142y",
   "staff.teams.tabs.label": "Sekcje zespo\u0142u",
   "staff.teams.tabs.members": "Cz\u0142onkowie zespo\u0142u",
-  "staff.notifications.leaveRequest.pending.title": "Wniosek urlopowy oczekuje",
-  "staff.notifications.leaveRequest.pending.body": "{memberName} zło\u017cył wniosek o urlop od {startDate} do {endDate}",
-  "staff.notifications.leaveRequest.actions.approve": "Zatwierd\u017a",
-  "staff.notifications.leaveRequest.actions.reject": "Odrzu\u0107",
   "staff.leaveRequests.page.title": "Wnioski urlopowe",
   "staff.leaveRequests.page.description": "Przegl\u0105daj wnioski urlopowe zespo\u0142u.",
   "staff.leaveRequests.my.title": "Moje wnioski urlopowe",

package/src/modules/workflows/i18n/en.json

@@ -676,7 +676,5 @@
       "success": "Sub-workflow completed successfully",
       "failed": "Sub-workflow failed"
     }
-  },
-  "workflows.notifications.task.assigned.title": "Task Assigned",
-  "workflows.notifications.task.assigned.body": "You have been assigned to task \"{taskName}\" in workflow \"{workflowName}\"{dueDate, select, other { (due: {dueDate})}}"
+  }
 }

package/dist/generated/entities/notification/index.js

@@ -1,57 +0,0 @@
-const id = "id";
-const recipient_user_id = "recipient_user_id";
-const type = "type";
-const title_key = "title_key";
-const body_key = "body_key";
-const title_variables = "title_variables";
-const body_variables = "body_variables";
-const title = "title";
-const body = "body";
-const icon = "icon";
-const severity = "severity";
-const status = "status";
-const action_data = "action_data";
-const action_result = "action_result";
-const action_taken = "action_taken";
-const source_module = "source_module";
-const source_entity_type = "source_entity_type";
-const source_entity_id = "source_entity_id";
-const link_href = "link_href";
-const group_key = "group_key";
-const created_at = "created_at";
-const read_at = "read_at";
-const actioned_at = "actioned_at";
-const dismissed_at = "dismissed_at";
-const expires_at = "expires_at";
-const tenant_id = "tenant_id";
-const organization_id = "organization_id";
-export {
-  action_data,
-  action_result,
-  action_taken,
-  actioned_at,
-  body,
-  body_key,
-  body_variables,
-  created_at,
-  dismissed_at,
-  expires_at,
-  group_key,
-  icon,
-  id,
-  link_href,
-  organization_id,
-  read_at,
-  recipient_user_id,
-  severity,
-  source_entity_id,
-  source_entity_type,
-  source_module,
-  status,
-  tenant_id,
-  title,
-  title_key,
-  title_variables,
-  type
-};
-//# sourceMappingURL=index.js.map

package/dist/generated/entities/notification/index.js.map

@@ -1,7 +0,0 @@
-{
-  "version": 3,
-  "sources": ["../../../../generated/entities/notification/index.ts"],
-  "sourcesContent": ["export const id = 'id'\nexport const recipient_user_id = 'recipient_user_id'\nexport const type = 'type'\nexport const title_key = 'title_key'\nexport const body_key = 'body_key'\nexport const title_variables = 'title_variables'\nexport const body_variables = 'body_variables'\nexport const title = 'title'\nexport const body = 'body'\nexport const icon = 'icon'\nexport const severity = 'severity'\nexport const status = 'status'\nexport const action_data = 'action_data'\nexport const action_result = 'action_result'\nexport const action_taken = 'action_taken'\nexport const source_module = 'source_module'\nexport const source_entity_type = 'source_entity_type'\nexport const source_entity_id = 'source_entity_id'\nexport const link_href = 'link_href'\nexport const group_key = 'group_key'\nexport const created_at = 'created_at'\nexport const read_at = 'read_at'\nexport const actioned_at = 'actioned_at'\nexport const dismissed_at = 'dismissed_at'\nexport const expires_at = 'expires_at'\nexport const tenant_id = 'tenant_id'\nexport const organization_id = 'organization_id'\n"],
-  "mappings": "AAAO,MAAM,KAAK;AACX,MAAM,oBAAoB;AAC1B,MAAM,OAAO;AACb,MAAM,YAAY;AAClB,MAAM,WAAW;AACjB,MAAM,kBAAkB;AACxB,MAAM,iBAAiB;AACvB,MAAM,QAAQ;AACd,MAAM,OAAO;AACb,MAAM,OAAO;AACb,MAAM,WAAW;AACjB,MAAM,SAAS;AACf,MAAM,cAAc;AACpB,MAAM,gBAAgB;AACtB,MAAM,eAAe;AACrB,MAAM,gBAAgB;AACtB,MAAM,qBAAqB;AAC3B,MAAM,mBAAmB;AACzB,MAAM,YAAY;AAClB,MAAM,YAAY;AAClB,MAAM,aAAa;AACnB,MAAM,UAAU;AAChB,MAAM,cAAc;AACpB,MAAM,eAAe;AACrB,MAAM,aAAa;AACnB,MAAM,YAAY;AAClB,MAAM,kBAAkB;",
-  "names": []
-}

package/dist/modules/auth/api/profile/route.js

@@ -1,155 +0,0 @@
-import { NextResponse } from "next/server";
-import { z } from "zod";
-import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
-import { getAuthFromRequest } from "@open-mercato/shared/lib/auth/server";
-import { signJwt } from "@open-mercato/shared/lib/auth/jwt";
-import { resolveTranslations } from "@open-mercato/shared/lib/i18n/server";
-import { CrudHttpError } from "@open-mercato/shared/lib/crud/errors";
-import { User } from "@open-mercato/core/modules/auth/data/entities";
-import { findOneWithDecryption } from "@open-mercato/shared/lib/encryption/find";
-const profileResponseSchema = z.object({
-  email: z.string().email()
-});
-const updateSchema = z.object({
-  email: z.string().email().optional(),
-  password: z.string().min(6).optional()
-}).refine((data) => Boolean(data.email || data.password), {
-  message: "Provide an email or password.",
-  path: ["email"]
-});
-const profileUpdateResponseSchema = z.object({
-  ok: z.literal(true),
-  email: z.string().email()
-});
-const metadata = {
-  GET: { requireAuth: true },
-  PUT: { requireAuth: true }
-};
-function buildCommandContext(container, auth, req) {
-  return {
-    container,
-    auth,
-    organizationScope: null,
-    selectedOrganizationId: auth.orgId ?? null,
-    organizationIds: auth.orgId ? [auth.orgId] : null,
-    request: req
-  };
-}
-async function GET(req) {
-  const { translate } = await resolveTranslations();
-  const auth = await getAuthFromRequest(req);
-  if (!auth?.sub) {
-    return NextResponse.json({ error: translate("api.errors.unauthorized", "Unauthorized") }, { status: 401 });
-  }
-  try {
-    const container = await createRequestContainer();
-    const em = container.resolve("em");
-    const user = await findOneWithDecryption(
-      em,
-      User,
-      { id: auth.sub, deletedAt: null },
-      void 0,
-      { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null }
-    );
-    if (!user) {
-      return NextResponse.json({ error: translate("auth.users.form.errors.notFound", "User not found") }, { status: 404 });
-    }
-    return NextResponse.json({ email: String(user.email) });
-  } catch (err) {
-    console.error("auth.profile.load failed", err);
-    return NextResponse.json({ error: translate("auth.profile.form.errors.load", "Failed to load profile.") }, { status: 400 });
-  }
-}
-async function PUT(req) {
-  const { translate } = await resolveTranslations();
-  const auth = await getAuthFromRequest(req);
-  if (!auth?.sub) {
-    return NextResponse.json({ error: translate("api.errors.unauthorized", "Unauthorized") }, { status: 401 });
-  }
-  try {
-    const body = await req.json().catch(() => ({}));
-    const parsed = updateSchema.safeParse(body);
-    if (!parsed.success) {
-      return NextResponse.json(
-        {
-          error: translate("auth.profile.form.errors.invalid", "Invalid profile update."),
-          issues: parsed.error.issues
-        },
-        { status: 400 }
-      );
-    }
-    const container = await createRequestContainer();
-    const commandBus = container.resolve("commandBus");
-    const ctx = buildCommandContext(container, auth, req);
-    const { result } = await commandBus.execute(
-      "auth.users.update",
-      {
-        input: {
-          id: auth.sub,
-          email: parsed.data.email,
-          password: parsed.data.password
-        },
-        ctx
-      }
-    );
-    const authService = container.resolve("authService");
-    const roles = await authService.getUserRoles(result, result.tenantId ? String(result.tenantId) : null);
-    const jwt = signJwt({
-      sub: String(result.id),
-      tenantId: result.tenantId ? String(result.tenantId) : null,
-      orgId: result.organizationId ? String(result.organizationId) : null,
-      email: result.email,
-      roles
-    });
-    const res = NextResponse.json({ ok: true, email: String(result.email) });
-    res.cookies.set("auth_token", jwt, {
-      httpOnly: true,
-      path: "/",
-      sameSite: "lax",
-      secure: process.env.NODE_ENV === "production",
-      maxAge: 60 * 60 * 8
-    });
-    return res;
-  } catch (err) {
-    if (err instanceof CrudHttpError) {
-      return NextResponse.json(err.body, { status: err.status });
-    }
-    console.error("auth.profile.update failed", err);
-    return NextResponse.json({ error: translate("auth.profile.form.errors.save", "Failed to update profile.") }, { status: 400 });
-  }
-}
-const openApi = {
-  tag: "Authentication & Accounts",
-  summary: "Profile settings",
-  methods: {
-    GET: {
-      summary: "Get current profile",
-      description: "Returns the email address for the signed-in user.",
-      responses: [
-        { status: 200, description: "Profile payload", schema: profileResponseSchema },
-        { status: 401, description: "Unauthorized", schema: z.object({ error: z.string() }) },
-        { status: 404, description: "User not found", schema: z.object({ error: z.string() }) }
-      ]
-    },
-    PUT: {
-      summary: "Update current profile",
-      description: "Updates the email address or password for the signed-in user.",
-      requestBody: {
-        contentType: "application/json",
-        schema: updateSchema
-      },
-      responses: [
-        { status: 200, description: "Profile updated", schema: profileUpdateResponseSchema },
-        { status: 400, description: "Invalid payload", schema: z.object({ error: z.string() }) },
-        { status: 401, description: "Unauthorized", schema: z.object({ error: z.string() }) }
-      ]
-    }
-  }
-};
-export {
-  GET,
-  PUT,
-  metadata,
-  openApi
-};
-//# sourceMappingURL=route.js.map

package/dist/modules/auth/api/profile/route.js.map

@@ -1,7 +0,0 @@
-{
-  "version": 3,
-  "sources": ["../../../../../src/modules/auth/api/profile/route.ts"],
-  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport type { CommandBus, CommandRuntimeContext } from '@open-mercato/shared/lib/commands'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { signJwt } from '@open-mercato/shared/lib/auth/jwt'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport { CrudHttpError } from '@open-mercato/shared/lib/crud/errors'\nimport { AuthService } from '@open-mercato/core/modules/auth/services/authService'\nimport { User } from '@open-mercato/core/modules/auth/data/entities'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { findOneWithDecryption } from '@open-mercato/shared/lib/encryption/find'\n\nconst profileResponseSchema = z.object({\n  email: z.string().email(),\n})\n\nconst updateSchema = z.object({\n  email: z.string().email().optional(),\n  password: z.string().min(6).optional(),\n}).refine((data) => Boolean(data.email || data.password), {\n  message: 'Provide an email or password.',\n  path: ['email'],\n})\n\nconst profileUpdateResponseSchema = z.object({\n  ok: z.literal(true),\n  email: z.string().email(),\n})\n\nexport const metadata = {\n  GET: { requireAuth: true },\n  PUT: { requireAuth: true },\n}\n\nfunction buildCommandContext(container: Awaited<ReturnType<typeof createRequestContainer>>, auth: NonNullable<Awaited<ReturnType<typeof getAuthFromRequest>>>, req: Request): CommandRuntimeContext {\n  return {\n    container,\n    auth,\n    organizationScope: null,\n    selectedOrganizationId: auth.orgId ?? null,\n    organizationIds: auth.orgId ? [auth.orgId] : null,\n    request: req,\n  }\n}\n\nexport async function GET(req: Request) {\n  const { translate } = await resolveTranslations()\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.sub) {\n    return NextResponse.json({ error: translate('api.errors.unauthorized', 'Unauthorized') }, { status: 401 })\n  }\n  try {\n    const container = await createRequestContainer()\n    const em = (container.resolve('em') as EntityManager)\n    const user = await findOneWithDecryption(\n      em,\n      User,\n      { id: auth.sub, deletedAt: null },\n      undefined,\n      { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null },\n    )\n    if (!user) {\n      return NextResponse.json({ error: translate('auth.users.form.errors.notFound', 'User not found') }, { status: 404 })\n    }\n    return NextResponse.json({ email: String(user.email) })\n  } catch (err) {\n    console.error('auth.profile.load failed', err)\n    return NextResponse.json({ error: translate('auth.profile.form.errors.load', 'Failed to load profile.') }, { status: 400 })\n  }\n}\n\nexport async function PUT(req: Request) {\n  const { translate } = await resolveTranslations()\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.sub) {\n    return NextResponse.json({ error: translate('api.errors.unauthorized', 'Unauthorized') }, { status: 401 })\n  }\n  try {\n    const body = await req.json().catch(() => ({}))\n    const parsed = updateSchema.safeParse(body)\n    if (!parsed.success) {\n      return NextResponse.json(\n        {\n          error: translate('auth.profile.form.errors.invalid', 'Invalid profile update.'),\n          issues: parsed.error.issues,\n        },\n        { status: 400 },\n      )\n    }\n    const container = await createRequestContainer()\n    const commandBus = (container.resolve('commandBus') as CommandBus)\n    const ctx = buildCommandContext(container, auth, req)\n    const { result } = await commandBus.execute<{ id: string; email?: string; password?: string }, User>(\n      'auth.users.update',\n      {\n        input: {\n          id: auth.sub,\n          email: parsed.data.email,\n          password: parsed.data.password,\n        },\n        ctx,\n      },\n    )\n    const authService = container.resolve('authService') as AuthService\n    const roles = await authService.getUserRoles(result, result.tenantId ? String(result.tenantId) : null)\n    const jwt = signJwt({\n      sub: String(result.id),\n      tenantId: result.tenantId ? String(result.tenantId) : null,\n      orgId: result.organizationId ? String(result.organizationId) : null,\n      email: result.email,\n      roles,\n    })\n    const res = NextResponse.json({ ok: true, email: String(result.email) })\n    res.cookies.set('auth_token', jwt, {\n      httpOnly: true,\n      path: '/',\n      sameSite: 'lax',\n      secure: process.env.NODE_ENV === 'production',\n      maxAge: 60 * 60 * 8,\n    })\n    return res\n  } catch (err) {\n    if (err instanceof CrudHttpError) {\n      return NextResponse.json(err.body, { status: err.status })\n    }\n    console.error('auth.profile.update failed', err)\n    return NextResponse.json({ error: translate('auth.profile.form.errors.save', 'Failed to update profile.') }, { status: 400 })\n  }\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: 'Authentication & Accounts',\n  summary: 'Profile settings',\n  methods: {\n    GET: {\n      summary: 'Get current profile',\n      description: 'Returns the email address for the signed-in user.',\n      responses: [\n        { status: 200, description: 'Profile payload', schema: profileResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: z.object({ error: z.string() }) },\n        { status: 404, description: 'User not found', schema: z.object({ error: z.string() }) },\n      ],\n    },\n    PUT: {\n      summary: 'Update current profile',\n      description: 'Updates the email address or password for the signed-in user.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: updateSchema,\n      },\n      responses: [\n        { status: 200, description: 'Profile updated', schema: profileUpdateResponseSchema },\n        { status: 400, description: 'Invalid payload', schema: z.object({ error: z.string() }) },\n        { status: 401, description: 'Unauthorized', schema: z.object({ error: z.string() }) },\n      ],\n    },\n  },\n}\n"],
-  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAGlB,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,eAAe;AACxB,SAAS,2BAA2B;AACpC,SAAS,qBAAqB;AAE9B,SAAS,YAAY;AAErB,SAAS,6BAA6B;AAEtC,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,OAAO,EAAE,OAAO,EAAE,MAAM;AAC1B,CAAC;AAED,MAAM,eAAe,EAAE,OAAO;AAAA,EAC5B,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS;AAAA,EACnC,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS;AACvC,CAAC,EAAE,OAAO,CAAC,SAAS,QAAQ,KAAK,SAAS,KAAK,QAAQ,GAAG;AAAA,EACxD,SAAS;AAAA,EACT,MAAM,CAAC,OAAO;AAChB,CAAC;AAED,MAAM,8BAA8B,EAAE,OAAO;AAAA,EAC3C,IAAI,EAAE,QAAQ,IAAI;AAAA,EAClB,OAAO,EAAE,OAAO,EAAE,MAAM;AAC1B,CAAC;AAEM,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,KAAK;AAAA,EACzB,KAAK,EAAE,aAAa,KAAK;AAC3B;AAEA,SAAS,oBAAoB,WAA+D,MAAmE,KAAqC;AAClM,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA,mBAAmB;AAAA,IACnB,wBAAwB,KAAK,SAAS;AAAA,IACtC,iBAAiB,KAAK,QAAQ,CAAC,KAAK,KAAK,IAAI;AAAA,IAC7C,SAAS;AAAA,EACX;AACF;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,EAAE,UAAU,IAAI,MAAM,oBAAoB;AAChD,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,KAAK;AACd,WAAO,aAAa,KAAK,EAAE,OAAO,UAAU,2BAA2B,cAAc,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3G;AACA,MAAI;AACF,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAM,UAAU,QAAQ,IAAI;AAClC,UAAM,OAAO,MAAM;AAAA,MACjB;AAAA,MACA;AAAA,MACA,EAAE,IAAI,KAAK,KAAK,WAAW,KAAK;AAAA,MAChC;AAAA,MACA,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,KAAK,SAAS,KAAK;AAAA,IACxE;AACA,QAAI,CAAC,MAAM;AACT,aAAO,aAAa,KAAK,EAAE,OAAO,UAAU,mCAAmC,gBAAgB,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACrH;AACA,WAAO,aAAa,KAAK,EAAE,OAAO,OAAO,KAAK,KAAK,EAAE,CAAC;AAAA,EACxD,SAAS,KAAK;AACZ,YAAQ,MAAM,4BAA4B,GAAG;AAC7C,WAAO,aAAa,KAAK,EAAE,OAAO,UAAU,iCAAiC,yBAAyB,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC5H;AACF;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,EAAE,UAAU,IAAI,MAAM,oBAAoB;AAChD,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,KAAK;AACd,WAAO,aAAa,KAAK,EAAE,OAAO,UAAU,2BAA2B,cAAc,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3G;AACA,MAAI;AACF,UAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AAC9C,UAAM,SAAS,aAAa,UAAU,IAAI;AAC1C,QAAI,CAAC,OAAO,SAAS;AACnB,aAAO,aAAa;AAAA,QAClB;AAAA,UACE,OAAO,UAAU,oCAAoC,yBAAyB;AAAA,UAC9E,QAAQ,OAAO,MAAM;AAAA,QACvB;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AACA,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,aAAc,UAAU,QAAQ,YAAY;AAClD,UAAM,MAAM,oBAAoB,WAAW,MAAM,GAAG;AACpD,UAAM,EAAE,OAAO,IAAI,MAAM,WAAW;AAAA,MAClC;AAAA,MACA;AAAA,QACE,OAAO;AAAA,UACL,IAAI,KAAK;AAAA,UACT,OAAO,OAAO,KAAK;AAAA,UACnB,UAAU,OAAO,KAAK;AAAA,QACxB;AAAA,QACA;AAAA,MACF;AAAA,IACF;AACA,UAAM,cAAc,UAAU,QAAQ,aAAa;AACnD,UAAM,QAAQ,MAAM,YAAY,aAAa,QAAQ,OAAO,WAAW,OAAO,OAAO,QAAQ,IAAI,IAAI;AACrG,UAAM,MAAM,QAAQ;AAAA,MAClB,KAAK,OAAO,OAAO,EAAE;AAAA,MACrB,UAAU,OAAO,WAAW,OAAO,OAAO,QAAQ,IAAI;AAAA,MACtD,OAAO,OAAO,iBAAiB,OAAO,OAAO,cAAc,IAAI;AAAA,MAC/D,OAAO,OAAO;AAAA,MACd;AAAA,IACF,CAAC;AACD,UAAM,MAAM,aAAa,KAAK,EAAE,IAAI,MAAM,OAAO,OAAO,OAAO,KAAK,EAAE,CAAC;AACvE,QAAI,QAAQ,IAAI,cAAc,KAAK;AAAA,MACjC,UAAU;AAAA,MACV,MAAM;AAAA,MACN,UAAU;AAAA,MACV,QAAQ,QAAQ,IAAI,aAAa;AAAA,MACjC,QAAQ,KAAK,KAAK;AAAA,IACpB,CAAC;AACD,WAAO;AAAA,EACT,SAAS,KAAK;AACZ,QAAI,eAAe,eAAe;AAChC,aAAO,aAAa,KAAK,IAAI,MAAM,EAAE,QAAQ,IAAI,OAAO,CAAC;AAAA,IAC3D;AACA,YAAQ,MAAM,8BAA8B,GAAG;AAC/C,WAAO,aAAa,KAAK,EAAE,OAAO,UAAU,iCAAiC,2BAA2B,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC9H;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,sBAAsB;AAAA,QAC7E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE;AAAA,QACpF,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE;AAAA,MACxF;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,4BAA4B;AAAA,QACnF,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE;AAAA,QACvF,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE;AAAA,MACtF;AAAA,IACF;AAAA,EACF;AACF;",
-  "names": []
-}

package/dist/modules/auth/backend/auth/profile/page.js

@@ -1,99 +0,0 @@
-"use client";
-import { jsx } from "react/jsx-runtime";
-import * as React from "react";
-import { useRouter } from "next/navigation";
-import { Page, PageBody } from "@open-mercato/ui/backend/Page";
-import { CrudForm } from "@open-mercato/ui/backend/CrudForm";
-import { apiCall, readApiResultOrThrow } from "@open-mercato/ui/backend/utils/apiCall";
-import { createCrudFormError } from "@open-mercato/ui/backend/utils/serverErrors";
-import { flash } from "@open-mercato/ui/backend/FlashMessages";
-import { LoadingMessage, ErrorMessage } from "@open-mercato/ui/backend/detail";
-import { useT } from "@open-mercato/shared/lib/i18n/context";
-function AuthProfilePage() {
-  const t = useT();
-  const router = useRouter();
-  const [loading, setLoading] = React.useState(true);
-  const [error, setError] = React.useState(null);
-  const [email, setEmail] = React.useState("");
-  const [formKey, setFormKey] = React.useState(0);
-  React.useEffect(() => {
-    let cancelled = false;
-    async function load() {
-      setLoading(true);
-      setError(null);
-      try {
-        const { ok, result } = await apiCall("/api/auth/profile");
-        if (!ok) throw new Error("load_failed");
-        const resolvedEmail = typeof result?.email === "string" ? result.email : "";
-        if (!cancelled) setEmail(resolvedEmail);
-      } catch (err) {
-        console.error("Failed to load auth profile", err);
-        if (!cancelled) setError(t("auth.profile.form.errors.load", "Failed to load profile."));
-      } finally {
-        if (!cancelled) setLoading(false);
-      }
-    }
-    load();
-    return () => {
-      cancelled = true;
-    };
-  }, [t]);
-  const fields = React.useMemo(() => [
-    { id: "email", label: t("auth.profile.form.email", "Email"), type: "text", required: true },
-    { id: "password", label: t("auth.profile.form.password", "New password"), type: "text" },
-    { id: "confirmPassword", label: t("auth.profile.form.confirmPassword", "Confirm new password"), type: "text" }
-  ], [t]);
-  const handleSubmit = React.useCallback(async (values) => {
-    const nextEmail = values.email?.trim() ?? "";
-    const password = values.password?.trim() ?? "";
-    const confirmPassword = values.confirmPassword?.trim() ?? "";
-    if (!nextEmail) {
-      const message = t("auth.profile.form.errors.emailRequired", "Email is required.");
-      throw createCrudFormError(message, { email: message });
-    }
-    if (password || confirmPassword) {
-      if (password !== confirmPassword) {
-        const message = t("auth.profile.form.errors.passwordMismatch", "Passwords do not match.");
-        throw createCrudFormError(message, { confirmPassword: message });
-      }
-    }
-    if (!password && nextEmail === email) {
-      throw createCrudFormError(t("auth.profile.form.errors.noChanges", "No changes to save."));
-    }
-    const payload = { email: nextEmail };
-    if (password) payload.password = password;
-    const result = await readApiResultOrThrow(
-      "/api/auth/profile",
-      {
-        method: "PUT",
-        headers: { "content-type": "application/json" },
-        body: JSON.stringify(payload)
-      },
-      { errorMessage: t("auth.profile.form.errors.save", "Failed to update profile.") }
-    );
-    const resolvedEmail = typeof result?.email === "string" ? result.email : nextEmail;
-    setEmail(resolvedEmail);
-    setFormKey((prev) => prev + 1);
-    flash(t("auth.profile.form.success", "Profile updated."), "success");
-    router.refresh();
-  }, [email, router, t]);
-  return /* @__PURE__ */ jsx(Page, { children: /* @__PURE__ */ jsx(PageBody, { children: loading ? /* @__PURE__ */ jsx(LoadingMessage, { label: t("auth.profile.form.loading", "Loading profile...") }) : error ? /* @__PURE__ */ jsx(ErrorMessage, { label: error }) : /* @__PURE__ */ jsx(
-    CrudForm,
-    {
-      title: t("auth.profile.title", "Profile"),
-      fields,
-      initialValues: {
-        email,
-        password: "",
-        confirmPassword: ""
-      },
-      submitLabel: t("auth.profile.form.save", "Save changes"),
-      onSubmit: handleSubmit
-    },
-    formKey
-  ) }) });
-}
-export {
-  AuthProfilePage as default
-};
-//# sourceMappingURL=page.js.map