npm - @open-mercato/core - Versions diffs - 0.4.8-develop-6b37dabfa2 → 0.4.8-develop-84f3678a58 - Mend

@open-mercato/core 0.4.8-develop-6b37dabfa2 → 0.4.8-develop-84f3678a58

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (330) hide show

package/dist/modules/customer_accounts/api/portal/notifications/[id]/dismiss.js ADDED Viewed

@@ -0,0 +1,49 @@
+import { NextResponse } from "next/server";
+import { z } from "zod";
+import { getCustomerAuthFromRequest } from "@open-mercato/core/modules/customer_accounts/lib/customerAuth";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { Notification } from "@open-mercato/core/modules/notifications/data/entities";
+const metadata = {};
+async function PUT(req, { params }) {
+  const auth = await getCustomerAuthFromRequest(req);
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: "Authentication required" }, { status: 401 });
+  }
+  const container = await createRequestContainer();
+  const em = container.resolve("em");
+  const notification = await em.findOne(Notification, {
+    id: params.id,
+    recipientUserId: auth.sub,
+    tenantId: auth.tenantId
+  });
+  if (!notification) {
+    return NextResponse.json({ ok: false, error: "Notification not found" }, { status: 404 });
+  }
+  notification.status = "dismissed";
+  notification.dismissedAt = /* @__PURE__ */ new Date();
+  await em.flush();
+  return NextResponse.json({ ok: true });
+}
+const successSchema = z.object({ ok: z.literal(true) });
+const errorSchema = z.object({ ok: z.literal(false), error: z.string() });
+const methodDoc = {
+  summary: "Dismiss notification",
+  description: "Dismisses a single notification for the authenticated customer user.",
+  tags: ["Customer Portal"],
+  responses: [{ status: 200, description: "Notification dismissed", schema: successSchema }],
+  errors: [
+    { status: 401, description: "Not authenticated", schema: errorSchema },
+    { status: 404, description: "Notification not found", schema: errorSchema }
+  ]
+};
+const openApi = {
+  summary: "Dismiss customer notification",
+  pathParams: z.object({ id: z.string().uuid() }),
+  methods: { PUT: methodDoc }
+};
+export {
+  PUT,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=dismiss.js.map

package/dist/modules/customer_accounts/api/portal/notifications/[id]/dismiss.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../../../../src/modules/customer_accounts/api/portal/notifications/%5Bid%5D/dismiss.ts"],
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'\nimport { getCustomerAuthFromRequest } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { Notification } from '@open-mercato/core/modules/notifications/data/entities'\n\nexport const metadata: { path?: string } = {}\n\nexport async function PUT(req: Request, { params }: { params: { id: string } }) {\n  const auth = await getCustomerAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager\n\n  const notification = await em.findOne(Notification, {\n    id: params.id,\n    recipientUserId: auth.sub,\n    tenantId: auth.tenantId,\n  })\n\n  if (!notification) {\n    return NextResponse.json({ ok: false, error: 'Notification not found' }, { status: 404 })\n  }\n\n  notification.status = 'dismissed'\n  notification.dismissedAt = new Date()\n  await em.flush()\n\n  return NextResponse.json({ ok: true })\n}\n\nconst successSchema = z.object({ ok: z.literal(true) })\nconst errorSchema = z.object({ ok: z.literal(false), error: z.string() })\n\nconst methodDoc: OpenApiMethodDoc = {\n  summary: 'Dismiss notification',\n  description: 'Dismisses a single notification for the authenticated customer user.',\n  tags: ['Customer Portal'],\n  responses: [{ status: 200, description: 'Notification dismissed', schema: successSchema }],\n  errors: [\n    { status: 401, description: 'Not authenticated', schema: errorSchema },\n    { status: 404, description: 'Notification not found', schema: errorSchema },\n  ],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Dismiss customer notification',\n  pathParams: z.object({ id: z.string().uuid() }),\n  methods: { PUT: methodDoc },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,kCAAkC;AAC3C,SAAS,8BAA8B;AACvC,SAAS,oBAAoB;AAEtB,MAAM,WAA8B,CAAC;AAE5C,eAAsB,IAAI,KAAc,EAAE,OAAO,GAA+B;AAC9E,QAAM,OAAO,MAAM,2BAA2B,GAAG;AACjD,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3F;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,eAAe,MAAM,GAAG,QAAQ,cAAc;AAAA,IAClD,IAAI,OAAO;AAAA,IACX,iBAAiB,KAAK;AAAA,IACtB,UAAU,KAAK;AAAA,EACjB,CAAC;AAED,MAAI,CAAC,cAAc;AACjB,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,yBAAyB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC1F;AAEA,eAAa,SAAS;AACtB,eAAa,cAAc,oBAAI,KAAK;AACpC,QAAM,GAAG,MAAM;AAEf,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEA,MAAM,gBAAgB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC;AACtD,MAAM,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,KAAK,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;AAExE,MAAM,YAA8B;AAAA,EAClC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,iBAAiB;AAAA,EACxB,WAAW,CAAC,EAAE,QAAQ,KAAK,aAAa,0BAA0B,QAAQ,cAAc,CAAC;AAAA,EACzF,QAAQ;AAAA,IACN,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,YAAY;AAAA,IACrE,EAAE,QAAQ,KAAK,aAAa,0BAA0B,QAAQ,YAAY;AAAA,EAC5E;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAAA,EAC9C,SAAS,EAAE,KAAK,UAAU;AAC5B;",
+  "names": []
+}

package/dist/modules/customer_accounts/api/portal/notifications/[id]/read.js ADDED Viewed

@@ -0,0 +1,49 @@
+import { NextResponse } from "next/server";
+import { z } from "zod";
+import { getCustomerAuthFromRequest } from "@open-mercato/core/modules/customer_accounts/lib/customerAuth";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { Notification } from "@open-mercato/core/modules/notifications/data/entities";
+const metadata = {};
+async function PUT(req, { params }) {
+  const auth = await getCustomerAuthFromRequest(req);
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: "Authentication required" }, { status: 401 });
+  }
+  const container = await createRequestContainer();
+  const em = container.resolve("em");
+  const notification = await em.findOne(Notification, {
+    id: params.id,
+    recipientUserId: auth.sub,
+    tenantId: auth.tenantId
+  });
+  if (!notification) {
+    return NextResponse.json({ ok: false, error: "Notification not found" }, { status: 404 });
+  }
+  notification.status = "read";
+  notification.readAt = /* @__PURE__ */ new Date();
+  await em.flush();
+  return NextResponse.json({ ok: true });
+}
+const successSchema = z.object({ ok: z.literal(true) });
+const errorSchema = z.object({ ok: z.literal(false), error: z.string() });
+const methodDoc = {
+  summary: "Mark notification as read",
+  description: "Marks a single notification as read for the authenticated customer user.",
+  tags: ["Customer Portal"],
+  responses: [{ status: 200, description: "Notification marked as read", schema: successSchema }],
+  errors: [
+    { status: 401, description: "Not authenticated", schema: errorSchema },
+    { status: 404, description: "Notification not found", schema: errorSchema }
+  ]
+};
+const openApi = {
+  summary: "Mark notification as read",
+  pathParams: z.object({ id: z.string().uuid() }),
+  methods: { PUT: methodDoc }
+};
+export {
+  PUT,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=read.js.map

package/dist/modules/customer_accounts/api/portal/notifications/[id]/read.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../../../../src/modules/customer_accounts/api/portal/notifications/%5Bid%5D/read.ts"],
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'\nimport { getCustomerAuthFromRequest } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { Notification } from '@open-mercato/core/modules/notifications/data/entities'\n\nexport const metadata: { path?: string } = {}\n\nexport async function PUT(req: Request, { params }: { params: { id: string } }) {\n  const auth = await getCustomerAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager\n\n  const notification = await em.findOne(Notification, {\n    id: params.id,\n    recipientUserId: auth.sub,\n    tenantId: auth.tenantId,\n  })\n\n  if (!notification) {\n    return NextResponse.json({ ok: false, error: 'Notification not found' }, { status: 404 })\n  }\n\n  notification.status = 'read'\n  notification.readAt = new Date()\n  await em.flush()\n\n  return NextResponse.json({ ok: true })\n}\n\nconst successSchema = z.object({ ok: z.literal(true) })\nconst errorSchema = z.object({ ok: z.literal(false), error: z.string() })\n\nconst methodDoc: OpenApiMethodDoc = {\n  summary: 'Mark notification as read',\n  description: 'Marks a single notification as read for the authenticated customer user.',\n  tags: ['Customer Portal'],\n  responses: [{ status: 200, description: 'Notification marked as read', schema: successSchema }],\n  errors: [\n    { status: 401, description: 'Not authenticated', schema: errorSchema },\n    { status: 404, description: 'Notification not found', schema: errorSchema },\n  ],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Mark notification as read',\n  pathParams: z.object({ id: z.string().uuid() }),\n  methods: { PUT: methodDoc },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,kCAAkC;AAC3C,SAAS,8BAA8B;AACvC,SAAS,oBAAoB;AAEtB,MAAM,WAA8B,CAAC;AAE5C,eAAsB,IAAI,KAAc,EAAE,OAAO,GAA+B;AAC9E,QAAM,OAAO,MAAM,2BAA2B,GAAG;AACjD,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3F;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,eAAe,MAAM,GAAG,QAAQ,cAAc;AAAA,IAClD,IAAI,OAAO;AAAA,IACX,iBAAiB,KAAK;AAAA,IACtB,UAAU,KAAK;AAAA,EACjB,CAAC;AAED,MAAI,CAAC,cAAc;AACjB,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,yBAAyB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC1F;AAEA,eAAa,SAAS;AACtB,eAAa,SAAS,oBAAI,KAAK;AAC/B,QAAM,GAAG,MAAM;AAEf,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEA,MAAM,gBAAgB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC;AACtD,MAAM,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,KAAK,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;AAExE,MAAM,YAA8B;AAAA,EAClC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,iBAAiB;AAAA,EACxB,WAAW,CAAC,EAAE,QAAQ,KAAK,aAAa,+BAA+B,QAAQ,cAAc,CAAC;AAAA,EAC9F,QAAQ;AAAA,IACN,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,YAAY;AAAA,IACrE,EAAE,QAAQ,KAAK,aAAa,0BAA0B,QAAQ,YAAY;AAAA,EAC5E;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAAA,EAC9C,SAAS,EAAE,KAAK,UAAU;AAC5B;",
+  "names": []
+}

package/dist/modules/customer_accounts/api/portal/notifications/mark-all-read.js ADDED Viewed

@@ -0,0 +1,46 @@
+import { NextResponse } from "next/server";
+import { z } from "zod";
+import { getCustomerAuthFromRequest } from "@open-mercato/core/modules/customer_accounts/lib/customerAuth";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { Notification } from "@open-mercato/core/modules/notifications/data/entities";
+const metadata = {};
+async function PUT(req) {
+  const auth = await getCustomerAuthFromRequest(req);
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: "Authentication required" }, { status: 401 });
+  }
+  const container = await createRequestContainer();
+  const em = container.resolve("em");
+  const now = /* @__PURE__ */ new Date();
+  const count = await em.nativeUpdate(Notification, {
+    recipientUserId: auth.sub,
+    tenantId: auth.tenantId,
+    status: "unread"
+  }, {
+    status: "read",
+    readAt: now
+  });
+  return NextResponse.json({ ok: true, count });
+}
+const successSchema = z.object({
+  ok: z.literal(true),
+  count: z.number()
+});
+const errorSchema = z.object({ ok: z.literal(false), error: z.string() });
+const methodDoc = {
+  summary: "Mark all notifications as read",
+  description: "Marks all unread notifications as read for the authenticated customer user.",
+  tags: ["Customer Portal"],
+  responses: [{ status: 200, description: "All notifications marked as read", schema: successSchema }],
+  errors: [{ status: 401, description: "Not authenticated", schema: errorSchema }]
+};
+const openApi = {
+  summary: "Mark all customer notifications as read",
+  methods: { PUT: methodDoc }
+};
+export {
+  PUT,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=mark-all-read.js.map

package/dist/modules/customer_accounts/api/portal/notifications/mark-all-read.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../../../src/modules/customer_accounts/api/portal/notifications/mark-all-read.ts"],
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'\nimport { getCustomerAuthFromRequest } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { Notification } from '@open-mercato/core/modules/notifications/data/entities'\n\nexport const metadata: { path?: string } = {}\n\nexport async function PUT(req: Request) {\n  const auth = await getCustomerAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager\n\n  const now = new Date()\n  const count = await em.nativeUpdate(Notification, {\n    recipientUserId: auth.sub,\n    tenantId: auth.tenantId,\n    status: 'unread',\n  }, {\n    status: 'read',\n    readAt: now,\n  })\n\n  return NextResponse.json({ ok: true, count })\n}\n\nconst successSchema = z.object({\n  ok: z.literal(true),\n  count: z.number(),\n})\nconst errorSchema = z.object({ ok: z.literal(false), error: z.string() })\n\nconst methodDoc: OpenApiMethodDoc = {\n  summary: 'Mark all notifications as read',\n  description: 'Marks all unread notifications as read for the authenticated customer user.',\n  tags: ['Customer Portal'],\n  responses: [{ status: 200, description: 'All notifications marked as read', schema: successSchema }],\n  errors: [{ status: 401, description: 'Not authenticated', schema: errorSchema }],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Mark all customer notifications as read',\n  methods: { PUT: methodDoc },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,kCAAkC;AAC3C,SAAS,8BAA8B;AACvC,SAAS,oBAAoB;AAEtB,MAAM,WAA8B,CAAC;AAE5C,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,2BAA2B,GAAG;AACjD,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3F;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,MAAM,oBAAI,KAAK;AACrB,QAAM,QAAQ,MAAM,GAAG,aAAa,cAAc;AAAA,IAChD,iBAAiB,KAAK;AAAA,IACtB,UAAU,KAAK;AAAA,IACf,QAAQ;AAAA,EACV,GAAG;AAAA,IACD,QAAQ;AAAA,IACR,QAAQ;AAAA,EACV,CAAC;AAED,SAAO,aAAa,KAAK,EAAE,IAAI,MAAM,MAAM,CAAC;AAC9C;AAEA,MAAM,gBAAgB,EAAE,OAAO;AAAA,EAC7B,IAAI,EAAE,QAAQ,IAAI;AAAA,EAClB,OAAO,EAAE,OAAO;AAClB,CAAC;AACD,MAAM,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,KAAK,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;AAExE,MAAM,YAA8B;AAAA,EAClC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,iBAAiB;AAAA,EACxB,WAAW,CAAC,EAAE,QAAQ,KAAK,aAAa,oCAAoC,QAAQ,cAAc,CAAC;AAAA,EACnG,QAAQ,CAAC,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,YAAY,CAAC;AACjF;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,SAAS,EAAE,KAAK,UAAU;AAC5B;",
+  "names": []
+}

package/dist/modules/customer_accounts/api/portal/notifications/unread-count.js ADDED Viewed

@@ -0,0 +1,42 @@
+import { NextResponse } from "next/server";
+import { z } from "zod";
+import { getCustomerAuthFromRequest } from "@open-mercato/core/modules/customer_accounts/lib/customerAuth";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { Notification } from "@open-mercato/core/modules/notifications/data/entities";
+const metadata = {};
+async function GET(req) {
+  const auth = await getCustomerAuthFromRequest(req);
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: "Authentication required" }, { status: 401 });
+  }
+  const container = await createRequestContainer();
+  const em = container.resolve("em");
+  const unreadCount = await em.count(Notification, {
+    recipientUserId: auth.sub,
+    tenantId: auth.tenantId,
+    status: "unread"
+  });
+  return NextResponse.json({ ok: true, unreadCount });
+}
+const successSchema = z.object({
+  ok: z.literal(true),
+  unreadCount: z.number()
+});
+const errorSchema = z.object({ ok: z.literal(false), error: z.string() });
+const methodDoc = {
+  summary: "Get unread notification count",
+  description: "Returns the number of unread notifications for the authenticated customer user.",
+  tags: ["Customer Portal"],
+  responses: [{ status: 200, description: "Unread count", schema: successSchema }],
+  errors: [{ status: 401, description: "Not authenticated", schema: errorSchema }]
+};
+const openApi = {
+  summary: "Customer unread notification count",
+  methods: { GET: methodDoc }
+};
+export {
+  GET,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=unread-count.js.map

package/dist/modules/customer_accounts/api/portal/notifications/unread-count.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../../../src/modules/customer_accounts/api/portal/notifications/unread-count.ts"],
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'\nimport { getCustomerAuthFromRequest } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { Notification } from '@open-mercato/core/modules/notifications/data/entities'\n\nexport const metadata: { path?: string } = {}\n\nexport async function GET(req: Request) {\n  const auth = await getCustomerAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager\n\n  const unreadCount = await em.count(Notification, {\n    recipientUserId: auth.sub,\n    tenantId: auth.tenantId,\n    status: 'unread',\n  })\n\n  return NextResponse.json({ ok: true, unreadCount })\n}\n\nconst successSchema = z.object({\n  ok: z.literal(true),\n  unreadCount: z.number(),\n})\nconst errorSchema = z.object({ ok: z.literal(false), error: z.string() })\n\nconst methodDoc: OpenApiMethodDoc = {\n  summary: 'Get unread notification count',\n  description: 'Returns the number of unread notifications for the authenticated customer user.',\n  tags: ['Customer Portal'],\n  responses: [{ status: 200, description: 'Unread count', schema: successSchema }],\n  errors: [{ status: 401, description: 'Not authenticated', schema: errorSchema }],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Customer unread notification count',\n  methods: { GET: methodDoc },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,kCAAkC;AAC3C,SAAS,8BAA8B;AACvC,SAAS,oBAAoB;AAEtB,MAAM,WAA8B,CAAC;AAE5C,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,2BAA2B,GAAG;AACjD,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3F;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,cAAc,MAAM,GAAG,MAAM,cAAc;AAAA,IAC/C,iBAAiB,KAAK;AAAA,IACtB,UAAU,KAAK;AAAA,IACf,QAAQ;AAAA,EACV,CAAC;AAED,SAAO,aAAa,KAAK,EAAE,IAAI,MAAM,YAAY,CAAC;AACpD;AAEA,MAAM,gBAAgB,EAAE,OAAO;AAAA,EAC7B,IAAI,EAAE,QAAQ,IAAI;AAAA,EAClB,aAAa,EAAE,OAAO;AACxB,CAAC;AACD,MAAM,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,KAAK,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;AAExE,MAAM,YAA8B;AAAA,EAClC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,iBAAiB;AAAA,EACxB,WAAW,CAAC,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,cAAc,CAAC;AAAA,EAC/E,QAAQ,CAAC,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,YAAY,CAAC;AACjF;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,SAAS,EAAE,KAAK,UAAU;AAC5B;",
+  "names": []
+}

package/dist/modules/customer_accounts/api/portal/notifications.js ADDED Viewed

@@ -0,0 +1,105 @@
+import { NextResponse } from "next/server";
+import { z } from "zod";
+import { getCustomerAuthFromRequest } from "@open-mercato/core/modules/customer_accounts/lib/customerAuth";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { Notification } from "@open-mercato/core/modules/notifications/data/entities";
+import { toNotificationDto } from "@open-mercato/core/modules/notifications/lib/notificationMapper";
+const metadata = {};
+async function GET(req) {
+  const auth = await getCustomerAuthFromRequest(req);
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: "Authentication required" }, { status: 401 });
+  }
+  const url = new URL(req.url);
+  const page = Math.max(1, parseInt(url.searchParams.get("page") || "1", 10) || 1);
+  const rawPageSize = parseInt(url.searchParams.get("pageSize") || "50", 10) || 50;
+  const pageSize = Math.min(Math.max(1, rawPageSize), 100);
+  const status = url.searchParams.get("status") || void 0;
+  const since = url.searchParams.get("since") || void 0;
+  const container = await createRequestContainer();
+  const em = container.resolve("em");
+  const where = {
+    recipientUserId: auth.sub,
+    tenantId: auth.tenantId
+  };
+  if (status) {
+    where.status = status;
+  } else {
+    where.status = { $ne: "dismissed" };
+  }
+  if (since) {
+    const sinceDate = new Date(since);
+    if (!isNaN(sinceDate.getTime())) {
+      where.createdAt = { $gte: sinceDate };
+    }
+  }
+  const offset = (page - 1) * pageSize;
+  const [items, total] = await Promise.all([
+    em.find(Notification, where, {
+      orderBy: { createdAt: "DESC" },
+      limit: pageSize,
+      offset
+    }),
+    em.count(Notification, where)
+  ]);
+  return NextResponse.json({
+    ok: true,
+    items: items.map(toNotificationDto),
+    total,
+    page,
+    pageSize
+  });
+}
+const notificationDtoSchema = z.object({
+  id: z.string().uuid(),
+  type: z.string(),
+  title: z.string(),
+  body: z.string().nullable().optional(),
+  titleKey: z.string().nullable().optional(),
+  bodyKey: z.string().nullable().optional(),
+  titleVariables: z.record(z.string(), z.string()).nullable().optional(),
+  bodyVariables: z.record(z.string(), z.string()).nullable().optional(),
+  icon: z.string().nullable().optional(),
+  severity: z.enum(["info", "warning", "success", "error"]),
+  status: z.enum(["unread", "read", "actioned", "dismissed"]),
+  actions: z.array(z.object({
+    id: z.string(),
+    label: z.string(),
+    labelKey: z.string().optional(),
+    variant: z.string().optional(),
+    icon: z.string().optional()
+  })),
+  primaryActionId: z.string().optional(),
+  sourceModule: z.string().nullable().optional(),
+  sourceEntityType: z.string().nullable().optional(),
+  sourceEntityId: z.string().nullable().optional(),
+  linkHref: z.string().nullable().optional(),
+  createdAt: z.string().datetime(),
+  readAt: z.string().datetime().nullable(),
+  actionTaken: z.string().nullable().optional()
+});
+const listResponseSchema = z.object({
+  ok: z.literal(true),
+  items: z.array(notificationDtoSchema),
+  total: z.number(),
+  page: z.number(),
+  pageSize: z.number()
+});
+const errorSchema = z.object({ ok: z.literal(false), error: z.string() });
+const methodDoc = {
+  summary: "List customer notifications",
+  description: "Returns paginated notifications for the authenticated customer user. Dismissed notifications are excluded by default unless ?status=dismissed is specified.",
+  tags: ["Customer Portal"],
+  responses: [{ status: 200, description: "Notification list", schema: listResponseSchema }],
+  errors: [{ status: 401, description: "Not authenticated", schema: errorSchema }]
+};
+const openApi = {
+  summary: "Customer notifications",
+  methods: { GET: methodDoc }
+};
+export {
+  GET,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=notifications.js.map

package/dist/modules/customer_accounts/api/portal/notifications.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../../src/modules/customer_accounts/api/portal/notifications.ts"],
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'\nimport { getCustomerAuthFromRequest } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { Notification } from '@open-mercato/core/modules/notifications/data/entities'\nimport { toNotificationDto } from '@open-mercato/core/modules/notifications/lib/notificationMapper'\n\nexport const metadata: { path?: string } = {}\n\nexport async function GET(req: Request) {\n  const auth = await getCustomerAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })\n  }\n\n  const url = new URL(req.url)\n  const page = Math.max(1, parseInt(url.searchParams.get('page') || '1', 10) || 1)\n  const rawPageSize = parseInt(url.searchParams.get('pageSize') || '50', 10) || 50\n  const pageSize = Math.min(Math.max(1, rawPageSize), 100)\n  const status = url.searchParams.get('status') || undefined\n  const since = url.searchParams.get('since') || undefined\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager\n\n  const where: Record<string, unknown> = {\n    recipientUserId: auth.sub,\n    tenantId: auth.tenantId,\n  }\n\n  if (status) {\n    where.status = status\n  } else {\n    where.status = { $ne: 'dismissed' }\n  }\n\n  if (since) {\n    const sinceDate = new Date(since)\n    if (!isNaN(sinceDate.getTime())) {\n      where.createdAt = { $gte: sinceDate }\n    }\n  }\n\n  const offset = (page - 1) * pageSize\n\n  const [items, total] = await Promise.all([\n    em.find(Notification, where, {\n      orderBy: { createdAt: 'DESC' },\n      limit: pageSize,\n      offset,\n    }),\n    em.count(Notification, where),\n  ])\n\n  return NextResponse.json({\n    ok: true,\n    items: items.map(toNotificationDto),\n    total,\n    page,\n    pageSize,\n  })\n}\n\nconst notificationDtoSchema = z.object({\n  id: z.string().uuid(),\n  type: z.string(),\n  title: z.string(),\n  body: z.string().nullable().optional(),\n  titleKey: z.string().nullable().optional(),\n  bodyKey: z.string().nullable().optional(),\n  titleVariables: z.record(z.string(), z.string()).nullable().optional(),\n  bodyVariables: z.record(z.string(), z.string()).nullable().optional(),\n  icon: z.string().nullable().optional(),\n  severity: z.enum(['info', 'warning', 'success', 'error']),\n  status: z.enum(['unread', 'read', 'actioned', 'dismissed']),\n  actions: z.array(z.object({\n    id: z.string(),\n    label: z.string(),\n    labelKey: z.string().optional(),\n    variant: z.string().optional(),\n    icon: z.string().optional(),\n  })),\n  primaryActionId: z.string().optional(),\n  sourceModule: z.string().nullable().optional(),\n  sourceEntityType: z.string().nullable().optional(),\n  sourceEntityId: z.string().nullable().optional(),\n  linkHref: z.string().nullable().optional(),\n  createdAt: z.string().datetime(),\n  readAt: z.string().datetime().nullable(),\n  actionTaken: z.string().nullable().optional(),\n})\n\nconst listResponseSchema = z.object({\n  ok: z.literal(true),\n  items: z.array(notificationDtoSchema),\n  total: z.number(),\n  page: z.number(),\n  pageSize: z.number(),\n})\n\nconst errorSchema = z.object({ ok: z.literal(false), error: z.string() })\n\nconst methodDoc: OpenApiMethodDoc = {\n  summary: 'List customer notifications',\n  description: 'Returns paginated notifications for the authenticated customer user. Dismissed notifications are excluded by default unless ?status=dismissed is specified.',\n  tags: ['Customer Portal'],\n  responses: [{ status: 200, description: 'Notification list', schema: listResponseSchema }],\n  errors: [{ status: 401, description: 'Not authenticated', schema: errorSchema }],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Customer notifications',\n  methods: { GET: methodDoc },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,kCAAkC;AAC3C,SAAS,8BAA8B;AACvC,SAAS,oBAAoB;AAC7B,SAAS,yBAAyB;AAE3B,MAAM,WAA8B,CAAC;AAE5C,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,2BAA2B,GAAG;AACjD,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3F;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,OAAO,KAAK,IAAI,GAAG,SAAS,IAAI,aAAa,IAAI,MAAM,KAAK,KAAK,EAAE,KAAK,CAAC;AAC/E,QAAM,cAAc,SAAS,IAAI,aAAa,IAAI,UAAU,KAAK,MAAM,EAAE,KAAK;AAC9E,QAAM,WAAW,KAAK,IAAI,KAAK,IAAI,GAAG,WAAW,GAAG,GAAG;AACvD,QAAM,SAAS,IAAI,aAAa,IAAI,QAAQ,KAAK;AACjD,QAAM,QAAQ,IAAI,aAAa,IAAI,OAAO,KAAK;AAE/C,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,QAAiC;AAAA,IACrC,iBAAiB,KAAK;AAAA,IACtB,UAAU,KAAK;AAAA,EACjB;AAEA,MAAI,QAAQ;AACV,UAAM,SAAS;AAAA,EACjB,OAAO;AACL,UAAM,SAAS,EAAE,KAAK,YAAY;AAAA,EACpC;AAEA,MAAI,OAAO;AACT,UAAM,YAAY,IAAI,KAAK,KAAK;AAChC,QAAI,CAAC,MAAM,UAAU,QAAQ,CAAC,GAAG;AAC/B,YAAM,YAAY,EAAE,MAAM,UAAU;AAAA,IACtC;AAAA,EACF;AAEA,QAAM,UAAU,OAAO,KAAK;AAE5B,QAAM,CAAC,OAAO,KAAK,IAAI,MAAM,QAAQ,IAAI;AAAA,IACvC,GAAG,KAAK,cAAc,OAAO;AAAA,MAC3B,SAAS,EAAE,WAAW,OAAO;AAAA,MAC7B,OAAO;AAAA,MACP;AAAA,IACF,CAAC;AAAA,IACD,GAAG,MAAM,cAAc,KAAK;AAAA,EAC9B,CAAC;AAED,SAAO,aAAa,KAAK;AAAA,IACvB,IAAI;AAAA,IACJ,OAAO,MAAM,IAAI,iBAAiB;AAAA,IAClC;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACH;AAEA,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,EACpB,MAAM,EAAE,OAAO;AAAA,EACf,OAAO,EAAE,OAAO;AAAA,EAChB,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACrC,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACzC,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACxC,gBAAgB,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,OAAO,CAAC,EAAE,SAAS,EAAE,SAAS;AAAA,EACrE,eAAe,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,OAAO,CAAC,EAAE,SAAS,EAAE,SAAS;AAAA,EACpE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACrC,UAAU,EAAE,KAAK,CAAC,QAAQ,WAAW,WAAW,OAAO,CAAC;AAAA,EACxD,QAAQ,EAAE,KAAK,CAAC,UAAU,QAAQ,YAAY,WAAW,CAAC;AAAA,EAC1D,SAAS,EAAE,MAAM,EAAE,OAAO;AAAA,IACxB,IAAI,EAAE,OAAO;AAAA,IACb,OAAO,EAAE,OAAO;AAAA,IAChB,UAAU,EAAE,OAAO,EAAE,SAAS;AAAA,IAC9B,SAAS,EAAE,OAAO,EAAE,SAAS;AAAA,IAC7B,MAAM,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,CAAC,CAAC;AAAA,EACF,iBAAiB,EAAE,OAAO,EAAE,SAAS;AAAA,EACrC,cAAc,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EAC7C,kBAAkB,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACjD,gBAAgB,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EAC/C,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACzC,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,EACvC,aAAa,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAC9C,CAAC;AAED,MAAM,qBAAqB,EAAE,OAAO;AAAA,EAClC,IAAI,EAAE,QAAQ,IAAI;AAAA,EAClB,OAAO,EAAE,MAAM,qBAAqB;AAAA,EACpC,OAAO,EAAE,OAAO;AAAA,EAChB,MAAM,EAAE,OAAO;AAAA,EACf,UAAU,EAAE,OAAO;AACrB,CAAC;AAED,MAAM,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,KAAK,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;AAExE,MAAM,YAA8B;AAAA,EAClC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,iBAAiB;AAAA,EACxB,WAAW,CAAC,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,mBAAmB,CAAC;AAAA,EACzF,QAAQ,CAAC,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,YAAY,CAAC;AACjF;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,SAAS,EAAE,KAAK,UAAU;AAC5B;",
+  "names": []
+}

package/dist/modules/customer_accounts/api/portal/password-change.js ADDED Viewed

@@ -0,0 +1,57 @@
+import { NextResponse } from "next/server";
+import { z } from "zod";
+import { getCustomerAuthFromRequest } from "@open-mercato/core/modules/customer_accounts/lib/customerAuth";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { passwordChangeSchema } from "@open-mercato/core/modules/customer_accounts/data/validators";
+const metadata = {};
+async function POST(req) {
+  const auth = await getCustomerAuthFromRequest(req);
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: "Authentication required" }, { status: 401 });
+  }
+  let body;
+  try {
+    body = await req.json();
+  } catch {
+    return NextResponse.json({ ok: false, error: "Invalid request body" }, { status: 400 });
+  }
+  const parsed = passwordChangeSchema.safeParse(body);
+  if (!parsed.success) {
+    return NextResponse.json({ ok: false, error: "Validation failed" }, { status: 400 });
+  }
+  const container = await createRequestContainer();
+  const customerUserService = container.resolve("customerUserService");
+  const user = await customerUserService.findById(auth.sub, auth.tenantId);
+  if (!user) {
+    return NextResponse.json({ ok: false, error: "User not found" }, { status: 404 });
+  }
+  const currentValid = await customerUserService.verifyPassword(user, parsed.data.currentPassword);
+  if (!currentValid) {
+    return NextResponse.json({ ok: false, error: "Current password is incorrect" }, { status: 400 });
+  }
+  await customerUserService.updatePassword(user, parsed.data.newPassword);
+  return NextResponse.json({ ok: true });
+}
+const successSchema = z.object({ ok: z.literal(true) });
+const errorSchema = z.object({ ok: z.literal(false), error: z.string() });
+const methodDoc = {
+  summary: "Change customer password",
+  description: "Changes the authenticated customer user password after verifying the current password.",
+  tags: ["Customer Portal"],
+  requestBody: { schema: passwordChangeSchema },
+  responses: [{ status: 200, description: "Password changed", schema: successSchema }],
+  errors: [
+    { status: 400, description: "Current password incorrect or validation failed", schema: errorSchema },
+    { status: 401, description: "Not authenticated", schema: errorSchema }
+  ]
+};
+const openApi = {
+  summary: "Change customer password",
+  methods: { POST: methodDoc }
+};
+export {
+  POST,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=password-change.js.map

package/dist/modules/customer_accounts/api/portal/password-change.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../../src/modules/customer_accounts/api/portal/password-change.ts"],
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'\nimport { getCustomerAuthFromRequest } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { CustomerUserService } from '@open-mercato/core/modules/customer_accounts/services/customerUserService'\nimport { passwordChangeSchema } from '@open-mercato/core/modules/customer_accounts/data/validators'\n\nexport const metadata: { path?: string } = {}\n\nexport async function POST(req: Request) {\n  const auth = await getCustomerAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })\n  }\n\n  let body: unknown\n  try {\n    body = await req.json()\n  } catch {\n    return NextResponse.json({ ok: false, error: 'Invalid request body' }, { status: 400 })\n  }\n\n  const parsed = passwordChangeSchema.safeParse(body)\n  if (!parsed.success) {\n    return NextResponse.json({ ok: false, error: 'Validation failed' }, { status: 400 })\n  }\n\n  const container = await createRequestContainer()\n  const customerUserService = container.resolve('customerUserService') as CustomerUserService\n\n  const user = await customerUserService.findById(auth.sub, auth.tenantId)\n  if (!user) {\n    return NextResponse.json({ ok: false, error: 'User not found' }, { status: 404 })\n  }\n\n  const currentValid = await customerUserService.verifyPassword(user, parsed.data.currentPassword)\n  if (!currentValid) {\n    return NextResponse.json({ ok: false, error: 'Current password is incorrect' }, { status: 400 })\n  }\n\n  await customerUserService.updatePassword(user, parsed.data.newPassword)\n\n  return NextResponse.json({ ok: true })\n}\n\nconst successSchema = z.object({ ok: z.literal(true) })\nconst errorSchema = z.object({ ok: z.literal(false), error: z.string() })\n\nconst methodDoc: OpenApiMethodDoc = {\n  summary: 'Change customer password',\n  description: 'Changes the authenticated customer user password after verifying the current password.',\n  tags: ['Customer Portal'],\n  requestBody: { schema: passwordChangeSchema },\n  responses: [{ status: 200, description: 'Password changed', schema: successSchema }],\n  errors: [\n    { status: 400, description: 'Current password incorrect or validation failed', schema: errorSchema },\n    { status: 401, description: 'Not authenticated', schema: errorSchema },\n  ],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Change customer password',\n  methods: { POST: methodDoc },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,kCAAkC;AAC3C,SAAS,8BAA8B;AAEvC,SAAS,4BAA4B;AAE9B,MAAM,WAA8B,CAAC;AAE5C,eAAsB,KAAK,KAAc;AACvC,QAAM,OAAO,MAAM,2BAA2B,GAAG;AACjD,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3F;AAEA,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,uBAAuB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxF;AAEA,QAAM,SAAS,qBAAqB,UAAU,IAAI;AAClD,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrF;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,sBAAsB,UAAU,QAAQ,qBAAqB;AAEnE,QAAM,OAAO,MAAM,oBAAoB,SAAS,KAAK,KAAK,KAAK,QAAQ;AACvE,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAClF;AAEA,QAAM,eAAe,MAAM,oBAAoB,eAAe,MAAM,OAAO,KAAK,eAAe;AAC/F,MAAI,CAAC,cAAc;AACjB,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,gCAAgC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjG;AAEA,QAAM,oBAAoB,eAAe,MAAM,OAAO,KAAK,WAAW;AAEtE,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEA,MAAM,gBAAgB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC;AACtD,MAAM,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,KAAK,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;AAExE,MAAM,YAA8B;AAAA,EAClC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,iBAAiB;AAAA,EACxB,aAAa,EAAE,QAAQ,qBAAqB;AAAA,EAC5C,WAAW,CAAC,EAAE,QAAQ,KAAK,aAAa,oBAAoB,QAAQ,cAAc,CAAC;AAAA,EACnF,QAAQ;AAAA,IACN,EAAE,QAAQ,KAAK,aAAa,mDAAmD,QAAQ,YAAY;AAAA,IACnG,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,YAAY;AAAA,EACvE;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,SAAS,EAAE,MAAM,UAAU;AAC7B;",
+  "names": []
+}

package/dist/modules/customer_accounts/api/portal/profile.js ADDED Viewed

@@ -0,0 +1,135 @@
+import { NextResponse } from "next/server";
+import { z } from "zod";
+import { getCustomerAuthFromRequest, requireCustomerFeature } from "@open-mercato/core/modules/customer_accounts/lib/customerAuth";
+import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { CustomerUserRole } from "@open-mercato/core/modules/customer_accounts/data/entities";
+import { profileUpdateSchema } from "@open-mercato/core/modules/customer_accounts/data/validators";
+const metadata = {};
+async function GET(req) {
+  const auth = await getCustomerAuthFromRequest(req);
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: "Authentication required" }, { status: 401 });
+  }
+  const container = await createRequestContainer();
+  const customerUserService = container.resolve("customerUserService");
+  const customerRbacService = container.resolve("customerRbacService");
+  const em = container.resolve("em");
+  const user = await customerUserService.findById(auth.sub, auth.tenantId);
+  if (!user) {
+    return NextResponse.json({ ok: false, error: "User not found" }, { status: 404 });
+  }
+  const acl = await customerRbacService.loadAcl(user.id, { tenantId: user.tenantId, organizationId: user.organizationId });
+  const userRoles = await em.find(CustomerUserRole, {
+    user: user.id,
+    deletedAt: null
+  }, { populate: ["role"] });
+  const roles = userRoles.map((ur) => ({
+    id: ur.role.id,
+    name: ur.role.name,
+    slug: ur.role.slug
+  }));
+  return NextResponse.json({
+    ok: true,
+    user: {
+      id: user.id,
+      email: user.email,
+      displayName: user.displayName,
+      emailVerified: !!user.emailVerifiedAt,
+      customerEntityId: user.customerEntityId,
+      personEntityId: user.personEntityId,
+      isActive: user.isActive,
+      lastLoginAt: user.lastLoginAt,
+      createdAt: user.createdAt
+    },
+    roles,
+    resolvedFeatures: acl.features,
+    isPortalAdmin: acl.isPortalAdmin
+  });
+}
+async function PUT(req) {
+  const auth = await getCustomerAuthFromRequest(req);
+  if (!auth) {
+    return NextResponse.json({ ok: false, error: "Authentication required" }, { status: 401 });
+  }
+  try {
+    requireCustomerFeature(auth, ["portal.account.manage"]);
+  } catch (response) {
+    return response;
+  }
+  let body;
+  try {
+    body = await req.json();
+  } catch {
+    return NextResponse.json({ ok: false, error: "Invalid request body" }, { status: 400 });
+  }
+  const parsed = profileUpdateSchema.safeParse(body);
+  if (!parsed.success) {
+    return NextResponse.json({ ok: false, error: "Validation failed" }, { status: 400 });
+  }
+  const container = await createRequestContainer();
+  const customerUserService = container.resolve("customerUserService");
+  const user = await customerUserService.findById(auth.sub, auth.tenantId);
+  if (!user) {
+    return NextResponse.json({ ok: false, error: "User not found" }, { status: 404 });
+  }
+  await customerUserService.updateProfile(user, parsed.data);
+  return NextResponse.json({
+    ok: true,
+    user: {
+      id: user.id,
+      email: user.email,
+      displayName: user.displayName
+    }
+  });
+}
+const profileSchema = z.object({
+  ok: z.literal(true),
+  user: z.object({
+    id: z.string().uuid(),
+    email: z.string(),
+    displayName: z.string(),
+    emailVerified: z.boolean(),
+    customerEntityId: z.string().uuid().nullable(),
+    personEntityId: z.string().uuid().nullable(),
+    isActive: z.boolean(),
+    lastLoginAt: z.string().datetime().nullable(),
+    createdAt: z.string().datetime()
+  }),
+  roles: z.array(z.object({ id: z.string().uuid(), name: z.string(), slug: z.string() })),
+  resolvedFeatures: z.array(z.string()),
+  isPortalAdmin: z.boolean()
+});
+const putSuccessSchema = z.object({
+  ok: z.literal(true),
+  user: z.object({ id: z.string().uuid(), email: z.string(), displayName: z.string() })
+});
+const errorSchema = z.object({ ok: z.literal(false), error: z.string() });
+const getMethodDoc = {
+  summary: "Get customer profile",
+  description: "Returns the authenticated customer user profile with roles and permissions.",
+  tags: ["Customer Portal"],
+  responses: [{ status: 200, description: "Profile data", schema: profileSchema }],
+  errors: [{ status: 401, description: "Not authenticated", schema: errorSchema }]
+};
+const putMethodDoc = {
+  summary: "Update customer profile",
+  description: "Updates the authenticated customer user profile.",
+  tags: ["Customer Portal"],
+  requestBody: { schema: profileUpdateSchema },
+  responses: [{ status: 200, description: "Profile updated", schema: putSuccessSchema }],
+  errors: [
+    { status: 401, description: "Not authenticated", schema: errorSchema },
+    { status: 403, description: "Insufficient permissions", schema: errorSchema }
+  ]
+};
+const openApi = {
+  summary: "Customer profile",
+  methods: { GET: getMethodDoc, PUT: putMethodDoc }
+};
+export {
+  GET,
+  PUT,
+  metadata,
+  openApi
+};
+//# sourceMappingURL=profile.js.map

package/dist/modules/customer_accounts/api/portal/profile.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../../../src/modules/customer_accounts/api/portal/profile.ts"],
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'\nimport { getCustomerAuthFromRequest, requireCustomerFeature } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { CustomerUserService } from '@open-mercato/core/modules/customer_accounts/services/customerUserService'\nimport { CustomerRbacService } from '@open-mercato/core/modules/customer_accounts/services/customerRbacService'\nimport { CustomerUserRole } from '@open-mercato/core/modules/customer_accounts/data/entities'\nimport { profileUpdateSchema } from '@open-mercato/core/modules/customer_accounts/data/validators'\n\nexport const metadata: { path?: string } = {}\n\nexport async function GET(req: Request) {\n  const auth = await getCustomerAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const customerUserService = container.resolve('customerUserService') as CustomerUserService\n  const customerRbacService = container.resolve('customerRbacService') as CustomerRbacService\n  const em = container.resolve('em') as import('@mikro-orm/postgresql').EntityManager\n\n  const user = await customerUserService.findById(auth.sub, auth.tenantId)\n  if (!user) {\n    return NextResponse.json({ ok: false, error: 'User not found' }, { status: 404 })\n  }\n\n  const acl = await customerRbacService.loadAcl(user.id, { tenantId: user.tenantId, organizationId: user.organizationId })\n\n  const userRoles = await em.find(CustomerUserRole, {\n    user: user.id as any,\n    deletedAt: null,\n  }, { populate: ['role'] })\n  const roles = userRoles.map((ur) => ({\n    id: (ur.role as any).id,\n    name: (ur.role as any).name,\n    slug: (ur.role as any).slug,\n  }))\n\n  return NextResponse.json({\n    ok: true,\n    user: {\n      id: user.id,\n      email: user.email,\n      displayName: user.displayName,\n      emailVerified: !!user.emailVerifiedAt,\n      customerEntityId: user.customerEntityId,\n      personEntityId: user.personEntityId,\n      isActive: user.isActive,\n      lastLoginAt: user.lastLoginAt,\n      createdAt: user.createdAt,\n    },\n    roles,\n    resolvedFeatures: acl.features,\n    isPortalAdmin: acl.isPortalAdmin,\n  })\n}\n\nexport async function PUT(req: Request) {\n  const auth = await getCustomerAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })\n  }\n\n  try {\n    requireCustomerFeature(auth, ['portal.account.manage'])\n  } catch (response) {\n    return response as NextResponse\n  }\n\n  let body: unknown\n  try {\n    body = await req.json()\n  } catch {\n    return NextResponse.json({ ok: false, error: 'Invalid request body' }, { status: 400 })\n  }\n\n  const parsed = profileUpdateSchema.safeParse(body)\n  if (!parsed.success) {\n    return NextResponse.json({ ok: false, error: 'Validation failed' }, { status: 400 })\n  }\n\n  const container = await createRequestContainer()\n  const customerUserService = container.resolve('customerUserService') as CustomerUserService\n\n  const user = await customerUserService.findById(auth.sub, auth.tenantId)\n  if (!user) {\n    return NextResponse.json({ ok: false, error: 'User not found' }, { status: 404 })\n  }\n\n  await customerUserService.updateProfile(user, parsed.data)\n\n  return NextResponse.json({\n    ok: true,\n    user: {\n      id: user.id,\n      email: user.email,\n      displayName: user.displayName,\n    },\n  })\n}\n\nconst profileSchema = z.object({\n  ok: z.literal(true),\n  user: z.object({\n    id: z.string().uuid(),\n    email: z.string(),\n    displayName: z.string(),\n    emailVerified: z.boolean(),\n    customerEntityId: z.string().uuid().nullable(),\n    personEntityId: z.string().uuid().nullable(),\n    isActive: z.boolean(),\n    lastLoginAt: z.string().datetime().nullable(),\n    createdAt: z.string().datetime(),\n  }),\n  roles: z.array(z.object({ id: z.string().uuid(), name: z.string(), slug: z.string() })),\n  resolvedFeatures: z.array(z.string()),\n  isPortalAdmin: z.boolean(),\n})\n\nconst putSuccessSchema = z.object({\n  ok: z.literal(true),\n  user: z.object({ id: z.string().uuid(), email: z.string(), displayName: z.string() }),\n})\nconst errorSchema = z.object({ ok: z.literal(false), error: z.string() })\n\nconst getMethodDoc: OpenApiMethodDoc = {\n  summary: 'Get customer profile',\n  description: 'Returns the authenticated customer user profile with roles and permissions.',\n  tags: ['Customer Portal'],\n  responses: [{ status: 200, description: 'Profile data', schema: profileSchema }],\n  errors: [{ status: 401, description: 'Not authenticated', schema: errorSchema }],\n}\n\nconst putMethodDoc: OpenApiMethodDoc = {\n  summary: 'Update customer profile',\n  description: 'Updates the authenticated customer user profile.',\n  tags: ['Customer Portal'],\n  requestBody: { schema: profileUpdateSchema },\n  responses: [{ status: 200, description: 'Profile updated', schema: putSuccessSchema }],\n  errors: [\n    { status: 401, description: 'Not authenticated', schema: errorSchema },\n    { status: 403, description: 'Insufficient permissions', schema: errorSchema },\n  ],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Customer profile',\n  methods: { GET: getMethodDoc, PUT: putMethodDoc },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,4BAA4B,8BAA8B;AACnE,SAAS,8BAA8B;AAGvC,SAAS,wBAAwB;AACjC,SAAS,2BAA2B;AAE7B,MAAM,WAA8B,CAAC;AAE5C,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,2BAA2B,GAAG;AACjD,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3F;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,sBAAsB,UAAU,QAAQ,qBAAqB;AACnE,QAAM,sBAAsB,UAAU,QAAQ,qBAAqB;AACnE,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,OAAO,MAAM,oBAAoB,SAAS,KAAK,KAAK,KAAK,QAAQ;AACvE,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAClF;AAEA,QAAM,MAAM,MAAM,oBAAoB,QAAQ,KAAK,IAAI,EAAE,UAAU,KAAK,UAAU,gBAAgB,KAAK,eAAe,CAAC;AAEvH,QAAM,YAAY,MAAM,GAAG,KAAK,kBAAkB;AAAA,IAChD,MAAM,KAAK;AAAA,IACX,WAAW;AAAA,EACb,GAAG,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC;AACzB,QAAM,QAAQ,UAAU,IAAI,CAAC,QAAQ;AAAA,IACnC,IAAK,GAAG,KAAa;AAAA,IACrB,MAAO,GAAG,KAAa;AAAA,IACvB,MAAO,GAAG,KAAa;AAAA,EACzB,EAAE;AAEF,SAAO,aAAa,KAAK;AAAA,IACvB,IAAI;AAAA,IACJ,MAAM;AAAA,MACJ,IAAI,KAAK;AAAA,MACT,OAAO,KAAK;AAAA,MACZ,aAAa,KAAK;AAAA,MAClB,eAAe,CAAC,CAAC,KAAK;AAAA,MACtB,kBAAkB,KAAK;AAAA,MACvB,gBAAgB,KAAK;AAAA,MACrB,UAAU,KAAK;AAAA,MACf,aAAa,KAAK;AAAA,MAClB,WAAW,KAAK;AAAA,IAClB;AAAA,IACA;AAAA,IACA,kBAAkB,IAAI;AAAA,IACtB,eAAe,IAAI;AAAA,EACrB,CAAC;AACH;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,2BAA2B,GAAG;AACjD,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3F;AAEA,MAAI;AACF,2BAAuB,MAAM,CAAC,uBAAuB,CAAC;AAAA,EACxD,SAAS,UAAU;AACjB,WAAO;AAAA,EACT;AAEA,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,uBAAuB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxF;AAEA,QAAM,SAAS,oBAAoB,UAAU,IAAI;AACjD,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrF;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,sBAAsB,UAAU,QAAQ,qBAAqB;AAEnE,QAAM,OAAO,MAAM,oBAAoB,SAAS,KAAK,KAAK,KAAK,QAAQ;AACvE,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAClF;AAEA,QAAM,oBAAoB,cAAc,MAAM,OAAO,IAAI;AAEzD,SAAO,aAAa,KAAK;AAAA,IACvB,IAAI;AAAA,IACJ,MAAM;AAAA,MACJ,IAAI,KAAK;AAAA,MACT,OAAO,KAAK;AAAA,MACZ,aAAa,KAAK;AAAA,IACpB;AAAA,EACF,CAAC;AACH;AAEA,MAAM,gBAAgB,EAAE,OAAO;AAAA,EAC7B,IAAI,EAAE,QAAQ,IAAI;AAAA,EAClB,MAAM,EAAE,OAAO;AAAA,IACb,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,IACpB,OAAO,EAAE,OAAO;AAAA,IAChB,aAAa,EAAE,OAAO;AAAA,IACtB,eAAe,EAAE,QAAQ;AAAA,IACzB,kBAAkB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,IAC7C,gBAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,IAC3C,UAAU,EAAE,QAAQ;AAAA,IACpB,aAAa,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC5C,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EACjC,CAAC;AAAA,EACD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,GAAG,MAAM,EAAE,OAAO,GAAG,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;AAAA,EACtF,kBAAkB,EAAE,MAAM,EAAE,OAAO,CAAC;AAAA,EACpC,eAAe,EAAE,QAAQ;AAC3B,CAAC;AAED,MAAM,mBAAmB,EAAE,OAAO;AAAA,EAChC,IAAI,EAAE,QAAQ,IAAI;AAAA,EAClB,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,GAAG,OAAO,EAAE,OAAO,GAAG,aAAa,EAAE,OAAO,EAAE,CAAC;AACtF,CAAC;AACD,MAAM,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,KAAK,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;AAExE,MAAM,eAAiC;AAAA,EACrC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,iBAAiB;AAAA,EACxB,WAAW,CAAC,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,cAAc,CAAC;AAAA,EAC/E,QAAQ,CAAC,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,YAAY,CAAC;AACjF;AAEA,MAAM,eAAiC;AAAA,EACrC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,iBAAiB;AAAA,EACxB,aAAa,EAAE,QAAQ,oBAAoB;AAAA,EAC3C,WAAW,CAAC,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,iBAAiB,CAAC;AAAA,EACrF,QAAQ;AAAA,IACN,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,YAAY;AAAA,IACrE,EAAE,QAAQ,KAAK,aAAa,4BAA4B,QAAQ,YAAY;AAAA,EAC9E;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,SAAS,EAAE,KAAK,cAAc,KAAK,aAAa;AAClD;",
+  "names": []
+}