@open-mercato/core 0.4.6-develop-6d72ec5960 → 0.4.6-develop-cd1e2a9a0e

package/src/modules/integrations/api/[id]/state/route.ts

@@ -0,0 +1,121 @@
+import { NextResponse } from 'next/server'
+import { z } from 'zod'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import { getIntegration } from '@open-mercato/shared/modules/integrations/types'
+import { emitIntegrationsEvent } from '../../../events'
+import { updateStateSchema } from '../../../data/validators'
+import type { IntegrationStateService } from '../../../lib/state-service'
+import {
+  resolveUserFeatures,
+  runIntegrationMutationGuardAfterSuccess,
+  runIntegrationMutationGuards,
+} from '../../guards'
+
+const idParamsSchema = z.object({ id: z.string().min(1) })
+
+export const metadata = {
+  PUT: { requireAuth: true, requireFeatures: ['integrations.manage'] },
+}
+
+export const openApi = {
+  tags: ['Integrations'],
+  summary: 'Update integration state',
+}
+
+export async function PUT(req: Request, ctx: { params?: Promise<{ id?: string }> | { id?: string } }) {
+  const auth = await getAuthFromRequest(req)
+  if (!auth?.tenantId || !auth.orgId) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+
+  const rawParams = (ctx.params && typeof (ctx.params as Promise<unknown>).then === 'function')
+    ? await (ctx.params as Promise<{ id?: string }>)
+    : (ctx.params as { id?: string } | undefined)
+
+  const parsedParams = idParamsSchema.safeParse(rawParams)
+  if (!parsedParams.success) {
+    return NextResponse.json({ error: 'Invalid integration id' }, { status: 400 })
+  }
+
+  const integration = getIntegration(parsedParams.data.id)
+  if (!integration) {
+    return NextResponse.json({ error: 'Integration not found' }, { status: 404 })
+  }
+
+  const payload = await req.json().catch(() => null)
+  const parsedBody = updateStateSchema.safeParse(payload)
+  if (!parsedBody.success) {
+    return NextResponse.json({ error: 'Invalid state payload', details: parsedBody.error.flatten() }, { status: 422 })
+  }
+
+  const container = await createRequestContainer()
+  const guardResult = await runIntegrationMutationGuards(
+    container,
+    {
+    tenantId: auth.tenantId,
+    organizationId: auth.orgId,
+    userId: auth.sub ?? '',
+    resourceKind: 'integrations.integration',
+    resourceId: integration.id,
+    operation: 'update',
+    requestMethod: req.method,
+    requestHeaders: req.headers,
+    mutationPayload: parsedBody.data as Record<string, unknown>,
+    },
+    resolveUserFeatures(auth),
+  )
+  if (!guardResult.ok) {
+    return NextResponse.json(guardResult.errorBody ?? { error: 'Operation blocked by guard' }, { status: guardResult.errorStatus ?? 422 })
+  }
+
+  let payloadData = parsedBody.data
+  if (guardResult.modifiedPayload) {
+    const mergedPayload = { ...parsedBody.data, ...guardResult.modifiedPayload }
+    const reparsed = updateStateSchema.safeParse(mergedPayload)
+    if (!reparsed.success) {
+      return NextResponse.json({ error: 'Invalid state payload after guard transform', details: reparsed.error.flatten() }, { status: 422 })
+    }
+    payloadData = reparsed.data
+  }
+
+  const stateService = container.resolve('integrationStateService') as IntegrationStateService
+
+  const state = await stateService.upsert(
+    integration.id,
+    {
+      isEnabled: payloadData.isEnabled,
+      reauthRequired: payloadData.reauthRequired,
+    },
+    {
+      organizationId: auth.orgId as string,
+      tenantId: auth.tenantId,
+    },
+  )
+
+  await emitIntegrationsEvent('integrations.state.updated', {
+    integrationId: integration.id,
+    isEnabled: state.isEnabled,
+    reauthRequired: state.reauthRequired,
+    tenantId: auth.tenantId,
+    organizationId: auth.orgId,
+    userId: auth.sub,
+  })
+
+  await runIntegrationMutationGuardAfterSuccess(guardResult.afterSuccessCallbacks, {
+      tenantId: auth.tenantId,
+      organizationId: auth.orgId,
+      userId: auth.sub ?? '',
+      resourceKind: 'integrations.integration',
+      resourceId: integration.id,
+      operation: 'update',
+      requestMethod: req.method,
+      requestHeaders: req.headers,
+    })
+
+  return NextResponse.json({
+    isEnabled: state.isEnabled,
+    reauthRequired: state.reauthRequired,
+    apiVersion: state.apiVersion ?? null,
+  })
+}

package/src/modules/integrations/api/[id]/version/route.ts

@@ -0,0 +1,132 @@
+import { NextResponse } from 'next/server'
+import { z } from 'zod'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import { getIntegration } from '@open-mercato/shared/modules/integrations/types'
+import { emitIntegrationsEvent } from '../../../events'
+import { updateVersionSchema } from '../../../data/validators'
+import type { IntegrationStateService } from '../../../lib/state-service'
+import { resolveDefaultApiVersion } from '../../../lib/registry-service'
+import {
+  resolveUserFeatures,
+  runIntegrationMutationGuardAfterSuccess,
+  runIntegrationMutationGuards,
+} from '../../guards'
+
+const idParamsSchema = z.object({ id: z.string().min(1) })
+
+export const metadata = {
+  PUT: { requireAuth: true, requireFeatures: ['integrations.manage'] },
+}
+
+export const openApi = {
+  tags: ['Integrations'],
+  summary: 'Change integration API version',
+}
+
+export async function PUT(req: Request, ctx: { params?: Promise<{ id?: string }> | { id?: string } }) {
+  const auth = await getAuthFromRequest(req)
+  if (!auth?.tenantId || !auth.orgId) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+
+  const rawParams = (ctx.params && typeof (ctx.params as Promise<unknown>).then === 'function')
+    ? await (ctx.params as Promise<{ id?: string }>)
+    : (ctx.params as { id?: string } | undefined)
+
+  const parsedParams = idParamsSchema.safeParse(rawParams)
+  if (!parsedParams.success) {
+    return NextResponse.json({ error: 'Invalid integration id' }, { status: 400 })
+  }
+
+  const integration = getIntegration(parsedParams.data.id)
+  if (!integration) {
+    return NextResponse.json({ error: 'Integration not found' }, { status: 404 })
+  }
+
+  const payload = await req.json().catch(() => null)
+  const parsedBody = updateVersionSchema.safeParse(payload)
+  if (!parsedBody.success) {
+    return NextResponse.json({ error: 'Invalid payload', details: parsedBody.error.flatten() }, { status: 422 })
+  }
+
+  const requestedVersion = parsedBody.data.apiVersion
+  const availableVersions = integration.apiVersions ?? []
+  if (availableVersions.length === 0) {
+    return NextResponse.json({ error: 'This integration is not versioned' }, { status: 422 })
+  }
+
+  const exists = availableVersions.some((version) => version.id === requestedVersion)
+  if (!exists) {
+    return NextResponse.json({ error: 'Unknown integration version' }, { status: 422 })
+  }
+
+  const defaultVersion = resolveDefaultApiVersion(availableVersions)
+  if (!defaultVersion) {
+    return NextResponse.json({ error: 'Integration version configuration is invalid' }, { status: 422 })
+  }
+
+  const container = await createRequestContainer()
+  const guardResult = await runIntegrationMutationGuards(
+    container,
+    {
+      tenantId: auth.tenantId,
+      organizationId: auth.orgId,
+      userId: auth.sub ?? '',
+      resourceKind: 'integrations.integration',
+      resourceId: integration.id,
+      operation: 'update',
+      requestMethod: req.method,
+      requestHeaders: req.headers,
+      mutationPayload: parsedBody.data as Record<string, unknown>,
+    },
+    resolveUserFeatures(auth),
+  )
+  if (!guardResult.ok) {
+    return NextResponse.json(guardResult.errorBody ?? { error: 'Operation blocked by guard' }, { status: guardResult.errorStatus ?? 422 })
+  }
+
+  let payloadData = parsedBody.data
+  if (guardResult.modifiedPayload) {
+    const mergedPayload = { ...parsedBody.data, ...guardResult.modifiedPayload }
+    const reparsed = updateVersionSchema.safeParse(mergedPayload)
+    if (!reparsed.success) {
+      return NextResponse.json({ error: 'Invalid payload after guard transform', details: reparsed.error.flatten() }, { status: 422 })
+    }
+    payloadData = reparsed.data
+  }
+  if (!availableVersions.some((version) => version.id === payloadData.apiVersion)) {
+    return NextResponse.json({ error: 'Unknown integration version' }, { status: 422 })
+  }
+
+  const stateService = container.resolve('integrationStateService') as IntegrationStateService
+  const scope = { organizationId: auth.orgId as string, tenantId: auth.tenantId }
+
+  const before = await stateService.resolveApiVersion(integration.id, scope)
+  await stateService.upsert(integration.id, { apiVersion: payloadData.apiVersion }, scope)
+
+  await emitIntegrationsEvent('integrations.version.changed', {
+    integrationId: integration.id,
+    previousVersion: before ?? defaultVersion,
+    apiVersion: payloadData.apiVersion,
+    tenantId: auth.tenantId,
+    organizationId: auth.orgId,
+    userId: auth.sub,
+  })
+
+  await runIntegrationMutationGuardAfterSuccess(guardResult.afterSuccessCallbacks, {
+    tenantId: auth.tenantId,
+    organizationId: auth.orgId,
+    userId: auth.sub ?? '',
+    resourceKind: 'integrations.integration',
+    resourceId: integration.id,
+    operation: 'update',
+    requestMethod: req.method,
+    requestHeaders: req.headers,
+  })
+
+  return NextResponse.json({
+    apiVersion: payloadData.apiVersion,
+    previousVersion: before ?? defaultVersion,
+  })
+}

package/src/modules/integrations/api/guards.ts

@@ -0,0 +1,59 @@
+import type { AwilixContainer } from 'awilix'
+import {
+  bridgeLegacyGuard,
+  runMutationGuards,
+  type MutationGuard,
+  type MutationGuardInput,
+} from '@open-mercato/shared/lib/crud/mutation-guard-registry'
+
+type GuardAfterCallback = {
+  guard: MutationGuard
+  metadata: Record<string, unknown> | null
+}
+
+export function resolveUserFeatures(auth: unknown): string[] {
+  const features = (auth as { features?: unknown })?.features
+  if (!Array.isArray(features)) return []
+  return features.filter((value): value is string => typeof value === 'string')
+}
+
+export async function runIntegrationMutationGuards(
+  container: AwilixContainer,
+  input: MutationGuardInput,
+  userFeatures: string[],
+): Promise<{
+  ok: boolean
+  errorBody?: Record<string, unknown>
+  errorStatus?: number
+  modifiedPayload?: Record<string, unknown>
+  afterSuccessCallbacks: GuardAfterCallback[]
+}> {
+  const legacyGuard = bridgeLegacyGuard(container)
+  if (!legacyGuard) {
+    return { ok: true, afterSuccessCallbacks: [] }
+  }
+
+  return runMutationGuards([legacyGuard], input, { userFeatures })
+}
+
+export async function runIntegrationMutationGuardAfterSuccess(
+  callbacks: GuardAfterCallback[],
+  input: {
+    tenantId: string
+    organizationId: string | null
+    userId: string
+    resourceKind: string
+    resourceId: string
+    operation: 'create' | 'update' | 'delete'
+    requestMethod: string
+    requestHeaders: Headers
+  },
+): Promise<void> {
+  for (const callback of callbacks) {
+    if (!callback.guard.afterSuccess) continue
+    await callback.guard.afterSuccess({
+      ...input,
+      metadata: callback.metadata ?? null,
+    })
+  }
+}

package/src/modules/integrations/api/logs/route.ts

@@ -0,0 +1,63 @@
+import { NextResponse } from 'next/server'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import { listIntegrationLogsQuerySchema } from '../../data/validators'
+import type { IntegrationLogService } from '../../lib/log-service'
+
+export const metadata = {
+  GET: { requireAuth: true, requireFeatures: ['integrations.view'] },
+}
+
+export const openApi = {
+  tags: ['Integrations'],
+  summary: 'List integration logs',
+}
+
+export async function GET(req: Request) {
+  const auth = await getAuthFromRequest(req)
+  if (!auth?.tenantId || !auth.orgId) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+
+  const url = new URL(req.url)
+  const parsed = listIntegrationLogsQuerySchema.safeParse({
+    integrationId: url.searchParams.get('integrationId') ?? undefined,
+    level: url.searchParams.get('level') ?? undefined,
+    runId: url.searchParams.get('runId') ?? undefined,
+    entityType: url.searchParams.get('entityType') ?? undefined,
+    entityId: url.searchParams.get('entityId') ?? undefined,
+    page: url.searchParams.get('page') ?? undefined,
+    pageSize: url.searchParams.get('pageSize') ?? undefined,
+  })
+
+  if (!parsed.success) {
+    return NextResponse.json({ error: 'Invalid query', details: parsed.error.flatten() }, { status: 400 })
+  }
+
+  const container = await createRequestContainer()
+  const logService = container.resolve('integrationLogService') as IntegrationLogService
+
+  const { items, total } = await logService.query(parsed.data, {
+    organizationId: auth.orgId as string,
+    tenantId: auth.tenantId,
+  })
+
+  return NextResponse.json({
+    items: items.map((item) => ({
+      id: item.id,
+      integrationId: item.integrationId,
+      runId: item.runId ?? null,
+      scopeEntityType: item.scopeEntityType ?? null,
+      scopeEntityId: item.scopeEntityId ?? null,
+      level: item.level,
+      message: item.message,
+      code: item.code ?? null,
+      payload: item.payload ?? null,
+      createdAt: item.createdAt.toISOString(),
+    })),
+    total,
+    page: parsed.data.page,
+    pageSize: parsed.data.pageSize,
+    totalPages: Math.max(1, Math.ceil(total / parsed.data.pageSize)),
+  })
+}

package/src/modules/integrations/api/openapi.ts

@@ -0,0 +1,22 @@
+import { z, type ZodTypeAny } from 'zod'
+import { createCrudOpenApiFactory, createPagedListResponseSchema as createSharedPagedListResponseSchema } from '@open-mercato/shared/lib/openapi/crud'
+
+export function createPagedListResponseSchema(itemSchema: ZodTypeAny) {
+  return createSharedPagedListResponseSchema(itemSchema, { paginationMetaOptional: true })
+}
+
+export const integrationInfoSchema = z.object({
+  id: z.string(),
+  title: z.string(),
+  category: z.string().nullable(),
+  hub: z.string().nullable(),
+  providerKey: z.string().nullable(),
+  bundleId: z.string().nullable(),
+  hasCredentials: z.boolean(),
+  isEnabled: z.boolean(),
+  apiVersion: z.string().nullable(),
+})
+
+export const buildIntegrationsCrudOpenApi = createCrudOpenApiFactory({
+  defaultTag: 'Integrations',
+})

package/src/modules/integrations/api/route.ts

@@ -0,0 +1,73 @@
+import { NextResponse } from 'next/server'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import type { CredentialsService } from '../lib/credentials-service'
+import type { IntegrationStateService } from '../lib/state-service'
+import { getAllBundles, getAllIntegrations } from '@open-mercato/shared/modules/integrations/types'
+import { buildIntegrationsCrudOpenApi, createPagedListResponseSchema, integrationInfoSchema } from './openapi'
+
+export const metadata = {
+  GET: { requireAuth: true, requireFeatures: ['integrations.view'] },
+}
+
+export const openApi = buildIntegrationsCrudOpenApi({
+  resourceName: 'Integration',
+  pluralName: 'Integrations',
+  listResponseSchema: createPagedListResponseSchema(integrationInfoSchema),
+  querySchema: undefined,
+})
+
+export async function GET(req: Request) {
+  const auth = await getAuthFromRequest(req)
+  if (!auth?.tenantId || !auth.orgId) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+
+  const container = await createRequestContainer()
+  const credentialsService = container.resolve('integrationCredentialsService') as CredentialsService
+  const stateService = container.resolve('integrationStateService') as IntegrationStateService
+
+  const rows = await Promise.all(
+    getAllIntegrations().map(async (integration) => {
+      const [resolvedCredentials, state] = await Promise.all([
+        credentialsService.resolve(integration.id, { organizationId: auth.orgId as string, tenantId: auth.tenantId as string }),
+        stateService.get(integration.id, { organizationId: auth.orgId as string, tenantId: auth.tenantId as string }),
+      ])
+
+      return {
+        id: integration.id,
+        title: integration.title,
+        category: integration.category ?? null,
+        hub: integration.hub ?? null,
+        providerKey: integration.providerKey ?? null,
+        bundleId: integration.bundleId ?? null,
+        hasCredentials: Boolean(resolvedCredentials),
+        isEnabled: state?.isEnabled ?? true,
+        apiVersion: state?.apiVersion ?? null,
+      }
+    }),
+  )
+
+  const bundles = getAllBundles().map((bundle) => {
+    const bundleIntegrations = rows.filter((row) => row.bundleId === bundle.id)
+    const enabledCount = bundleIntegrations.reduce((count, integration) => count + (integration.isEnabled ? 1 : 0), 0)
+
+    return {
+      id: bundle.id,
+      title: bundle.title,
+      description: bundle.description,
+      icon: bundle.icon ?? null,
+      integrationCount: bundleIntegrations.length,
+      enabledCount,
+    }
+  })
+
+  return NextResponse.json({
+    items: rows,
+    bundles,
+    total: rows.length,
+    page: 1,
+    pageSize: 100,
+    totalPages: 1,
+  })
+}

package/src/modules/integrations/backend/integrations/[id]/page.meta.ts

@@ -0,0 +1,11 @@
+export const metadata = {
+  requireAuth: true,
+  requireFeatures: ['integrations.view'],
+  pageContext: 'settings' as const,
+  pageTitle: 'Integration Detail',
+  pageTitleKey: 'integrations.detail.title',
+  navHidden: true,
+  breadcrumb: [
+    { label: 'Integrations', labelKey: 'integrations.nav.title', href: '/backend/integrations' },
+  ],
+}