npm - @open-mercato/core - Versions diffs - 0.4.2-canary-5d2c419a9b → 0.4.2-canary-9e0237de8e - Mend

@open-mercato/core 0.4.2-canary-5d2c419a9b → 0.4.2-canary-9e0237de8e

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (158) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@open-mercato/core",
-  "version": "0.4.2-canary-5d2c419a9b",
+  "version": "0.4.2-canary-9e0237de8e",
   "type": "module",
   "main": "./dist/index.js",
   "scripts": {
@@ -207,7 +207,7 @@
     }
   },
   "dependencies": {
-    "@open-mercato/shared": "0.4.2-canary-5d2c419a9b",
+    "@open-mercato/shared": "0.4.2-canary-9e0237de8e",
     "@xyflow/react": "^12.6.0",
     "date-fns": "^4.1.0",
     "date-fns-tz": "^3.2.0"

package/src/modules/auth/events.ts ADDED Viewed

@@ -0,0 +1,39 @@
+import { createModuleEvents } from '@open-mercato/shared/modules/events'
+/**
+ * Auth Module Events
+ *
+ * Declares all events that can be emitted by the auth module.
+ */
+const events = [
+  // Users
+  { id: 'auth.users.created', label: 'User Created', entity: 'users', category: 'crud' },
+  { id: 'auth.users.updated', label: 'User Updated', entity: 'users', category: 'crud' },
+  { id: 'auth.users.deleted', label: 'User Deleted', entity: 'users', category: 'crud' },
+  // Roles
+  { id: 'auth.roles.created', label: 'Role Created', entity: 'roles', category: 'crud' },
+  { id: 'auth.roles.updated', label: 'Role Updated', entity: 'roles', category: 'crud' },
+  { id: 'auth.roles.deleted', label: 'Role Deleted', entity: 'roles', category: 'crud' },
+  // Authentication events
+  { id: 'auth.login.success', label: 'Login Successful', category: 'lifecycle' },
+  { id: 'auth.login.failed', label: 'Login Failed', category: 'lifecycle' },
+  { id: 'auth.logout', label: 'User Logged Out', category: 'lifecycle' },
+  { id: 'auth.password.changed', label: 'Password Changed', category: 'lifecycle' },
+  { id: 'auth.password.reset.requested', label: 'Password Reset Requested', category: 'lifecycle' },
+  { id: 'auth.password.reset.completed', label: 'Password Reset Completed', category: 'lifecycle' },
+] as const
+export const eventsConfig = createModuleEvents({
+  moduleId: 'auth',
+  events,
+})
+/** Type-safe event emitter for auth module */
+export const emitAuthEvent = eventsConfig.emit
+/** Event IDs that can be emitted by the auth module */
+export type AuthEventId = typeof events[number]['id']
+export default eventsConfig

package/src/modules/business_rules/api/execute/[ruleId]/route.ts ADDED Viewed

@@ -0,0 +1,163 @@
+import { NextResponse } from 'next/server'
+import { z } from 'zod'
+import type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import type { EntityManager } from '@mikro-orm/postgresql'
+import * as ruleEngine from '../../../lib/rule-engine'
+const executeByIdRequestSchema = z.object({
+  data: z.any(),
+  dryRun: z.boolean().optional().default(false),
+  entityType: z.string().optional(),
+  entityId: z.string().optional(),
+  eventType: z.string().optional(),
+})
+const executeByIdResponseSchema = z.object({
+  success: z.boolean(),
+  ruleId: z.string(),
+  ruleName: z.string(),
+  conditionResult: z.boolean(),
+  actionsExecuted: z.object({
+    success: z.boolean(),
+    results: z.array(z.object({
+      type: z.string(),
+      success: z.boolean(),
+      error: z.string().optional(),
+    })),
+  }).nullable(),
+  executionTime: z.number(),
+  error: z.string().optional(),
+  logId: z.string().optional(),
+})
+const errorResponseSchema = z.object({
+  error: z.string(),
+})
+const routeMetadata = {
+  POST: { requireAuth: true, requireFeatures: ['business_rules.execute'] },
+}
+export const metadata = routeMetadata
+interface RouteContext {
+  params: Promise<{ ruleId: string }>
+}
+export async function POST(req: Request, context: RouteContext) {
+  const auth = await getAuthFromRequest(req)
+  if (!auth) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+  const params = await context.params
+  const ruleId = params.ruleId
+  if (!ruleId || !z.uuid().safeParse(ruleId).success) {
+    return NextResponse.json({ error: 'Invalid rule ID' }, { status: 400 })
+  }
+  const container = await createRequestContainer()
+  const em = container.resolve('em') as EntityManager
+  let body: any
+  try {
+    body = await req.json()
+  } catch {
+    return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 })
+  }
+  const parsed = executeByIdRequestSchema.safeParse(body)
+  if (!parsed.success) {
+    const errors = parsed.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)
+    return NextResponse.json({ error: `Validation failed: ${errors.join(', ')}` }, { status: 400 })
+  }
+  const { data, dryRun, entityType, entityId, eventType } = parsed.data
+  const execContext: ruleEngine.DirectRuleExecutionContext = {
+    ruleId,
+    data,
+    user: {
+      id: auth.sub,
+      email: auth.email,
+      role: (auth.role as string) ?? undefined,
+    },
+    tenantId: auth.tenantId ?? '',
+    organizationId: auth.orgId ?? '',
+    executedBy: auth.sub ?? auth.email ?? undefined,
+    dryRun,
+    entityType,
+    entityId,
+    eventType,
+  }
+  try {
+    const result = await ruleEngine.executeRuleById(em, execContext)
+    const response = {
+      success: result.success,
+      ruleId: result.ruleId,
+      ruleName: result.ruleName,
+      conditionResult: result.conditionResult,
+      actionsExecuted: result.actionsExecuted ? {
+        success: result.actionsExecuted.success,
+        results: result.actionsExecuted.results.map(ar => ({
+          type: ar.action.type,
+          success: ar.success,
+          error: ar.error,
+        })),
+      } : null,
+      executionTime: result.executionTime,
+      error: result.error,
+      logId: result.logId,
+    }
+    // Return appropriate status based on result
+    const status = result.success ? 200 : (result.error === 'Rule not found' ? 404 : 200)
+    return NextResponse.json(response, { status })
+  } catch (error) {
+    const errorMessage = error instanceof Error ? error.message : String(error)
+    return NextResponse.json(
+      { error: `Rule execution failed: ${errorMessage}` },
+      { status: 500 }
+    )
+  }
+}
+export const openApi: OpenApiRouteDoc = {
+  tag: 'Business Rules',
+  summary: 'Execute a specific business rule by ID',
+  methods: {
+    POST: {
+      summary: 'Execute a specific rule by its database UUID',
+      description: 'Directly executes a specific business rule identified by its UUID, bypassing the normal entityType/eventType discovery mechanism. Useful for workflows and targeted rule execution.',
+      pathParams: z.object({
+        ruleId: z.string().uuid().describe('The database UUID of the business rule to execute'),
+      }),
+      requestBody: {
+        contentType: 'application/json',
+        schema: executeByIdRequestSchema,
+      },
+      responses: [
+        {
+          status: 200,
+          description: 'Rule executed successfully',
+          schema: executeByIdResponseSchema,
+        },
+        {
+          status: 404,
+          description: 'Rule not found',
+          schema: errorResponseSchema,
+        },
+      ],
+      errors: [
+        { status: 400, description: 'Invalid request payload or rule ID', schema: errorResponseSchema },
+        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },
+        { status: 500, description: 'Execution error', schema: errorResponseSchema },
+      ],
+    },
+  },
+}

package/src/modules/business_rules/data/validators.ts CHANGED Viewed

@@ -287,3 +287,43 @@ export const ruleDiscoveryOptionsSchema = z.object({
 })
 export type RuleDiscoveryOptionsInput = z.infer<typeof ruleDiscoveryOptionsSchema>
+// Direct Rule Execution Context Schema (for executing a specific rule by ID)
+export const directRuleExecutionContextSchema = z.object({
+  ruleId: z.uuid('ruleId must be a valid UUID'),
+  data: z.any(),
+  user: z.looseObject({
+    id: z.string().optional(),
+    email: z.string().optional(),
+    role: z.string().optional(),
+  }).optional(),
+  tenantId: z.uuid('tenantId must be a valid UUID'),
+  organizationId: z.uuid('organizationId must be a valid UUID'),
+  executedBy: z.string().optional(),
+  dryRun: z.boolean().optional(),
+  entityType: z.string().optional(),
+  entityId: z.string().optional(),
+  eventType: z.string().optional(),
+})
+export type DirectRuleExecutionContextInput = z.infer<typeof directRuleExecutionContextSchema>
+// Rule ID Execution Context Schema (for executing a specific rule by its string rule_id identifier)
+export const ruleIdExecutionContextSchema = z.object({
+  ruleId: z.string().min(1, 'ruleId must be a non-empty string').max(50),
+  data: z.any(),
+  user: z.looseObject({
+    id: z.string().optional(),
+    email: z.string().optional(),
+    role: z.string().optional(),
+  }).optional(),
+  tenantId: z.uuid('tenantId must be a valid UUID'),
+  organizationId: z.uuid('organizationId must be a valid UUID'),
+  executedBy: z.string().optional(),
+  dryRun: z.boolean().optional(),
+  entityType: z.string().optional(),
+  entityId: z.string().optional(),
+  eventType: z.string().optional(),
+})
+export type RuleIdExecutionContextInput = z.infer<typeof ruleIdExecutionContextSchema>

package/src/modules/business_rules/index.ts CHANGED Viewed

@@ -8,3 +8,28 @@ export const metadata: ModuleInfo = {
   author: 'Patryk Lewczuk',
   license: 'Proprietary',
 }
+// Export rule engine types and functions for programmatic usage
+export {
+  executeRules,
+  executeRuleById,
+  executeRuleByRuleId,
+  executeSingleRule,
+  findApplicableRules,
+  logRuleExecution,
+  type RuleEngineContext,
+  type RuleEngineResult,
+  type RuleExecutionResult,
+  type RuleDiscoveryOptions,
+  type DirectRuleExecutionContext,
+  type DirectRuleExecutionResult,
+  type RuleIdExecutionContext,
+} from './lib/rule-engine'
+// Export validator schemas
+export {
+  directRuleExecutionContextSchema,
+  ruleIdExecutionContextSchema,
+  type DirectRuleExecutionContextInput,
+  type RuleIdExecutionContextInput,
+} from './data/validators'

package/src/modules/business_rules/lib/rule-engine.ts CHANGED Viewed

@@ -5,7 +5,7 @@ import * as ruleEvaluator from './rule-evaluator'
 import * as actionExecutor from './action-executor'
 import type { RuleEvaluationContext } from './rule-evaluator'
 import type { ActionContext, ActionExecutionOutcome } from './action-executor'
-import { ruleEngineContextSchema, ruleDiscoveryOptionsSchema } from '../data/validators'
+import { ruleEngineContextSchema, ruleDiscoveryOptionsSchema, directRuleExecutionContextSchema, ruleIdExecutionContextSchema } from '../data/validators'
 /**
  * Constants
@@ -99,6 +99,65 @@ type RuleExecutionFailedPayload = {
   organizationId?: string | null
 }
+/**
+ * Direct rule execution context (for executing a specific rule by ID)
+ */
+export interface DirectRuleExecutionContext {
+  ruleId: string  // Database UUID of the rule
+  data: any
+  user?: {
+    id?: string
+    email?: string
+    role?: string
+    [key: string]: any
+  }
+  tenantId: string
+  organizationId: string
+  executedBy?: string
+  dryRun?: boolean
+  // Optional for logging (falls back to rule's entityType)
+  entityType?: string
+  entityId?: string
+  eventType?: string
+}
+/**
+ * Direct rule execution result
+ */
+export interface DirectRuleExecutionResult {
+  success: boolean
+  ruleId: string
+  ruleName: string
+  conditionResult: boolean
+  actionsExecuted: ActionExecutionOutcome | null
+  executionTime: number
+  error?: string
+  logId?: string
+}
+/**
+ * Context for executing a rule by its string rule_id identifier
+ * Unlike DirectRuleExecutionContext which uses database UUID,
+ * this uses the string identifier (e.g., "workflow_checkout_inventory_available")
+ */
+export interface RuleIdExecutionContext {
+  ruleId: string  // String identifier (e.g., "workflow_checkout_inventory_available")
+  data: any
+  user?: {
+    id?: string
+    email?: string
+    role?: string
+    [key: string]: any
+  }
+  tenantId: string
+  organizationId: string
+  executedBy?: string
+  dryRun?: boolean
+  entityType?: string
+  entityId?: string
+  eventType?: string
+}
 /**
  * Execute a function with a timeout
  */
@@ -449,6 +508,227 @@ export async function findApplicableRules(
   })
 }
+/**
+ * Execute a specific rule by its database UUID
+ * This bypasses the entityType/eventType discovery mechanism and directly executes the rule
+ */
+export async function executeRuleById(
+  em: EntityManager,
+  context: DirectRuleExecutionContext
+): Promise<DirectRuleExecutionResult> {
+  const startTime = Date.now()
+  // Validate input
+  const validation = directRuleExecutionContextSchema.safeParse(context)
+  if (!validation.success) {
+    const validationErrors = validation.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)
+    return {
+      success: false,
+      ruleId: context.ruleId,
+      ruleName: 'Unknown',
+      conditionResult: false,
+      actionsExecuted: null,
+      executionTime: Date.now() - startTime,
+      error: `Validation failed: ${validationErrors.join(', ')}`,
+    }
+  }
+  // Fetch rule by ID with tenant/org validation
+  const rule = await em.findOne(BusinessRule, {
+    id: context.ruleId,
+    tenantId: context.tenantId,
+    organizationId: context.organizationId,
+    deletedAt: null,
+  })
+  if (!rule) {
+    return {
+      success: false,
+      ruleId: context.ruleId,
+      ruleName: 'Unknown',
+      conditionResult: false,
+      actionsExecuted: null,
+      executionTime: Date.now() - startTime,
+      error: 'Rule not found',
+    }
+  }
+  if (!rule.enabled) {
+    return {
+      success: false,
+      ruleId: rule.ruleId,
+      ruleName: rule.ruleName,
+      conditionResult: false,
+      actionsExecuted: null,
+      executionTime: Date.now() - startTime,
+      error: 'Rule is disabled',
+    }
+  }
+  // Check effective date range
+  const now = new Date()
+  if (rule.effectiveFrom && rule.effectiveFrom > now) {
+    return {
+      success: false,
+      ruleId: rule.ruleId,
+      ruleName: rule.ruleName,
+      conditionResult: false,
+      actionsExecuted: null,
+      executionTime: Date.now() - startTime,
+      error: `Rule is not yet effective (starts ${rule.effectiveFrom.toISOString()})`,
+    }
+  }
+  if (rule.effectiveTo && rule.effectiveTo < now) {
+    return {
+      success: false,
+      ruleId: rule.ruleId,
+      ruleName: rule.ruleName,
+      conditionResult: false,
+      actionsExecuted: null,
+      executionTime: Date.now() - startTime,
+      error: `Rule has expired (ended ${rule.effectiveTo.toISOString()})`,
+    }
+  }
+  // Build RuleEngineContext (use provided entityType or fall back to rule's)
+  const engineContext: RuleEngineContext = {
+    entityType: context.entityType || rule.entityType,
+    entityId: context.entityId,
+    eventType: context.eventType || rule.eventType || undefined,
+    data: context.data,
+    user: context.user,
+    tenantId: context.tenantId,
+    organizationId: context.organizationId,
+    executedBy: context.executedBy,
+    dryRun: context.dryRun,
+  }
+  // Execute via existing executeSingleRule
+  const result = await executeSingleRule(em, rule, engineContext)
+  return {
+    success: !result.error,
+    ruleId: rule.ruleId,
+    ruleName: rule.ruleName,
+    conditionResult: result.conditionResult,
+    actionsExecuted: result.actionsExecuted,
+    executionTime: result.executionTime,
+    error: result.error,
+    logId: result.logId,
+  }
+}
+/**
+ * Execute a rule by its string rule_id identifier
+ * Looks up rule by rule_id (string column) + tenant_id (unique constraint)
+ * This is useful for workflow conditions that reference rules by their string identifiers
+ */
+export async function executeRuleByRuleId(
+  em: EntityManager,
+  context: RuleIdExecutionContext
+): Promise<DirectRuleExecutionResult> {
+  const startTime = Date.now()
+  // Validate input
+  const validation = ruleIdExecutionContextSchema.safeParse(context)
+  if (!validation.success) {
+    const validationErrors = validation.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)
+    return {
+      success: false,
+      ruleId: context.ruleId || 'unknown',
+      ruleName: 'Unknown',
+      conditionResult: false,
+      actionsExecuted: null,
+      executionTime: Date.now() - startTime,
+      error: `Validation failed: ${validationErrors.join(', ')}`,
+    }
+  }
+  // Fetch rule by rule_id (string identifier) + tenant/org
+  const rule = await em.findOne(BusinessRule, {
+    ruleId: context.ruleId,  // String identifier column
+    tenantId: context.tenantId,
+    organizationId: context.organizationId,
+    deletedAt: null,
+  })
+  if (!rule) {
+    return {
+      success: false,
+      ruleId: context.ruleId,
+      ruleName: 'Unknown',
+      conditionResult: false,
+      actionsExecuted: null,
+      executionTime: Date.now() - startTime,
+      error: 'Rule not found',
+    }
+  }
+  if (!rule.enabled) {
+    return {
+      success: false,
+      ruleId: rule.ruleId,
+      ruleName: rule.ruleName,
+      conditionResult: false,
+      actionsExecuted: null,
+      executionTime: Date.now() - startTime,
+      error: 'Rule is disabled',
+    }
+  }
+  // Check effective date range
+  const now = new Date()
+  if (rule.effectiveFrom && rule.effectiveFrom > now) {
+    return {
+      success: false,
+      ruleId: rule.ruleId,
+      ruleName: rule.ruleName,
+      conditionResult: false,
+      actionsExecuted: null,
+      executionTime: Date.now() - startTime,
+      error: `Rule is not yet effective (starts ${rule.effectiveFrom.toISOString()})`,
+    }
+  }
+  if (rule.effectiveTo && rule.effectiveTo < now) {
+    return {
+      success: false,
+      ruleId: rule.ruleId,
+      ruleName: rule.ruleName,
+      conditionResult: false,
+      actionsExecuted: null,
+      executionTime: Date.now() - startTime,
+      error: `Rule has expired (ended ${rule.effectiveTo.toISOString()})`,
+    }
+  }
+  // Build RuleEngineContext (use provided entityType or fall back to rule's)
+  const engineContext: RuleEngineContext = {
+    entityType: context.entityType || rule.entityType,
+    entityId: context.entityId,
+    eventType: context.eventType || rule.eventType || undefined,
+    data: context.data,
+    user: context.user,
+    tenantId: context.tenantId,
+    organizationId: context.organizationId,
+    executedBy: context.executedBy,
+    dryRun: context.dryRun,
+  }
+  // Execute via existing executeSingleRule
+  const result = await executeSingleRule(em, rule, engineContext)
+  return {
+    success: !result.error,
+    ruleId: rule.ruleId,
+    ruleName: rule.ruleName,
+    conditionResult: result.conditionResult,
+    actionsExecuted: result.actionsExecuted,
+    executionTime: result.executionTime,
+    error: result.error,
+    logId: result.logId,
+  }
+}
 /**
  * Sensitive field patterns to exclude from logs
  */

package/src/modules/catalog/events.ts ADDED Viewed

@@ -0,0 +1,45 @@
+import { createModuleEvents } from '@open-mercato/shared/modules/events'
+/**
+ * Catalog Module Events
+ *
+ * Declares all events that can be emitted by the catalog module.
+ */
+const events = [
+  // Products
+  { id: 'catalog.product.created', label: 'Product Created', entity: 'product', category: 'crud' },
+  { id: 'catalog.product.updated', label: 'Product Updated', entity: 'product', category: 'crud' },
+  { id: 'catalog.product.deleted', label: 'Product Deleted', entity: 'product', category: 'crud' },
+  // Categories
+  { id: 'catalog.category.created', label: 'Category Created', entity: 'category', category: 'crud' },
+  { id: 'catalog.category.updated', label: 'Category Updated', entity: 'category', category: 'crud' },
+  { id: 'catalog.category.deleted', label: 'Category Deleted', entity: 'category', category: 'crud' },
+  // Variants
+  { id: 'catalog.variant.created', label: 'Variant Created', entity: 'variant', category: 'crud' },
+  { id: 'catalog.variant.updated', label: 'Variant Updated', entity: 'variant', category: 'crud' },
+  { id: 'catalog.variant.deleted', label: 'Variant Deleted', entity: 'variant', category: 'crud' },
+  // Prices
+  { id: 'catalog.price.created', label: 'Price Created', entity: 'price', category: 'crud' },
+  { id: 'catalog.price.updated', label: 'Price Updated', entity: 'price', category: 'crud' },
+  { id: 'catalog.price.deleted', label: 'Price Deleted', entity: 'price', category: 'crud' },
+  // Lifecycle events - Pricing resolution
+  { id: 'catalog.pricing.resolve.before', label: 'Before Pricing Resolve', category: 'lifecycle', excludeFromTriggers: true },
+  { id: 'catalog.pricing.resolve.after', label: 'After Pricing Resolve', category: 'lifecycle', excludeFromTriggers: true },
+] as const
+export const eventsConfig = createModuleEvents({
+  moduleId: 'catalog',
+  events,
+})
+/** Type-safe event emitter for catalog module */
+export const emitCatalogEvent = eventsConfig.emit
+/** Event IDs that can be emitted by the catalog module */
+export type CatalogEventId = typeof events[number]['id']
+export default eventsConfig