@open-mercato/core 0.5.1-develop.2744.9c8be0dd93 → 0.5.1-develop.2756.cce1739df3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. package/.turbo/turbo-build.log +1 -1
  2. package/dist/modules/auth/api/users/route.js +38 -2
  3. package/dist/modules/auth/api/users/route.js.map +2 -2
  4. package/dist/modules/catalog/lib/bulkDelete.js +17 -14
  5. package/dist/modules/catalog/lib/bulkDelete.js.map +2 -2
  6. package/dist/modules/configs/lib/system-status.js +2 -1
  7. package/dist/modules/configs/lib/system-status.js.map +2 -2
  8. package/dist/modules/customer_accounts/api/portal/password-change.js +3 -1
  9. package/dist/modules/customer_accounts/api/portal/password-change.js.map +2 -2
  10. package/dist/modules/inbox_ops/encryption.js +47 -0
  11. package/dist/modules/inbox_ops/encryption.js.map +7 -0
  12. package/dist/modules/workflows/api/definitions/[id]/route.js +3 -0
  13. package/dist/modules/workflows/api/definitions/[id]/route.js.map +2 -2
  14. package/dist/modules/workflows/api/definitions/route.js +2 -0
  15. package/dist/modules/workflows/api/definitions/route.js.map +2 -2
  16. package/package.json +3 -3
  17. package/src/modules/auth/api/users/route.ts +55 -2
  18. package/src/modules/catalog/lib/bulkDelete.ts +17 -14
  19. package/src/modules/configs/lib/system-status.ts +2 -1
  20. package/src/modules/customer_accounts/api/portal/password-change.ts +6 -1
  21. package/src/modules/inbox_ops/encryption.ts +51 -0
  22. package/src/modules/workflows/api/definitions/[id]/route.ts +7 -0
  23. package/src/modules/workflows/api/definitions/route.ts +6 -0
package/.turbo/turbo-build.log CHANGED
@@ -1,4 +1,4 @@
1
- [build:core] found 2340 entry points
1
+ [build:core] found 2344 entry points
2
2
  [build:core] built successfully
3
3
  [build:core:generated] found 169 entry points
4
4
  [build:core:generated] built successfully
package/dist/modules/auth/api/users/route.js CHANGED
@@ -10,8 +10,10 @@ import { E } from "../../../../generated/entities.ids.generated.js";
10
10
  import { loadCustomFieldValues } from "@open-mercato/shared/lib/crud/custom-fields";
11
11
  import { userCrudEvents, userCrudIndexer } from "@open-mercato/core/modules/auth/commands/users";
12
12
  import { findWithDecryption } from "@open-mercato/shared/lib/encryption/find";
13
- import { escapeLikePattern } from "@open-mercato/shared/lib/db/escapeLikePattern";
14
13
  import { buildPasswordSchema } from "@open-mercato/shared/lib/auth/passwordPolicy";
14
+ import { resolveSearchConfig } from "@open-mercato/shared/lib/search/config";
15
+ import { tokenizeText } from "@open-mercato/shared/lib/search/tokenize";
16
+ import { sql } from "kysely";
15
17
  const querySchema = z.object({
16
18
  id: z.string().uuid().optional(),
17
19
  page: z.coerce.number().min(1).default(1),
@@ -143,7 +145,6 @@ async function GET(req) {
143
145
  where.tenantId = auth.tenantId;
144
146
  }
145
147
  if (organizationId) where.organizationId = organizationId;
146
- if (search) where.email = { $ilike: `%${escapeLikePattern(search)}%` };
147
148
  let idFilter = id ? /* @__PURE__ */ new Set([id]) : null;
148
149
  if (Array.isArray(roleIds) && roleIds.length > 0) {
149
150
  const uniqueRoleIds = Array.from(new Set(roleIds));
@@ -163,6 +164,26 @@ async function GET(req) {
163
164
  }
164
165
  if (!idFilter || idFilter.size === 0) return NextResponse.json({ items: [], total: 0, totalPages: 1 });
165
166
  }
167
+ if (search) {
168
+ const tenantScope = isSuperAdmin ? void 0 : auth.tenantId ?? null;
169
+ const matchedIds = await findUserIdsBySearchTokens(em, E.auth.user, search, tenantScope);
170
+ if (matchedIds !== null) {
171
+ if (matchedIds.length === 0) {
172
+ return NextResponse.json({ items: [], total: 0, totalPages: 1, isSuperAdmin });
173
+ }
174
+ const matchedSet = new Set(matchedIds);
175
+ if (idFilter) {
176
+ for (const uid of Array.from(idFilter)) {
177
+ if (!matchedSet.has(uid)) idFilter.delete(uid);
178
+ }
179
+ if (idFilter.size === 0) {
180
+ return NextResponse.json({ items: [], total: 0, totalPages: 1, isSuperAdmin });
181
+ }
182
+ } else {
183
+ idFilter = matchedSet;
184
+ }
185
+ }
186
+ }
166
187
  if (idFilter && idFilter.size) {
167
188
  where.id = { $in: Array.from(idFilter) };
168
189
  } else if (id) {
@@ -279,6 +300,21 @@ const PUT = async (req) => {
279
300
  return crud.PUT(req);
280
301
  };
281
302
  const DELETE = crud.DELETE;
303
+ async function findUserIdsBySearchTokens(em, entityType, search, tenantScope) {
304
+ const trimmed = search.trim();
305
+ if (!trimmed) return null;
306
+ const searchConfig = resolveSearchConfig();
307
+ if (!searchConfig.enabled) return [];
308
+ const { hashes } = tokenizeText(trimmed, searchConfig);
309
+ if (!hashes.length) return [];
310
+ const db = em.getKysely();
311
+ let query = db.selectFrom("search_tokens").select("entity_id").where("entity_type", "=", entityType).where("token_hash", "in", hashes).groupBy("entity_id").having(sql`count(distinct token_hash) >= ${hashes.length}`);
312
+ if (tenantScope !== void 0) {
313
+ query = query.where(sql`tenant_id is not distinct from ${tenantScope}`);
314
+ }
315
+ const rows = await query.execute();
316
+ return rows.map((row) => typeof row.entity_id === "string" ? row.entity_id : null).filter((id) => typeof id === "string" && id.length > 0);
317
+ }
282
318
  const UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
283
319
  async function assertCanAssignRoles(req, roles) {
284
320
  if (!Array.isArray(roles)) return;
package/dist/modules/auth/api/users/route.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/modules/auth/api/users/route.ts"],
4
- "sourcesContent": ["/* eslint-disable @typescript-eslint/no-explicit-any */\nimport { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { logCrudAccess, makeCrudRoute } from '@open-mercato/shared/lib/crud/factory'\nimport { forbidden } from '@open-mercato/shared/lib/crud/errors'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { User, Role, UserRole } from '@open-mercato/core/modules/auth/data/entities'\nimport { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'\nimport { Organization, Tenant } from '@open-mercato/core/modules/directory/data/entities'\nimport { E } from '#generated/entities.ids.generated'\nimport { loadCustomFieldValues } from '@open-mercato/shared/lib/crud/custom-fields'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { userCrudEvents, userCrudIndexer } from '@open-mercato/core/modules/auth/commands/users'\nimport { findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\nimport { escapeLikePattern } from '@open-mercato/shared/lib/db/escapeLikePattern'\nimport { buildPasswordSchema } from '@open-mercato/shared/lib/auth/passwordPolicy'\n\nconst querySchema = z.object({\n id: z.string().uuid().optional(),\n page: z.coerce.number().min(1).default(1),\n pageSize: z.coerce.number().min(1).max(100).default(50),\n search: z.string().optional(),\n organizationId: z.string().uuid().optional(),\n roleIds: z.array(z.string().uuid()).optional(),\n}).passthrough()\n\nconst rawBodySchema = z.object({}).passthrough()\n\nconst passwordSchema = buildPasswordSchema()\n\nconst userCreateSchema = z.object({\n email: z.string().email(),\n password: passwordSchema.optional(),\n sendInviteEmail: z.boolean().optional(),\n organizationId: z.string().uuid(),\n roles: z.array(z.string()).optional(),\n}).refine(\n (data) => data.password || data.sendInviteEmail,\n { message: 'Either password or sendInviteEmail is required', path: ['password'] },\n)\n\nconst userUpdateSchema = z.object({\n id: z.string().uuid(),\n email: z.string().email().optional(),\n password: passwordSchema.optional(),\n organizationId: z.string().uuid().optional(),\n roles: z.array(z.string()).optional(),\n})\n\nconst userListItemSchema = z.object({\n id: z.string().uuid(),\n email: z.string().email(),\n organizationId: z.string().uuid().nullable(),\n organizationName: z.string().nullable(),\n tenantId: z.string().uuid().nullable(),\n tenantName: z.string().nullable(),\n roles: z.array(z.string()),\n roleIds: z.array(z.string().uuid()).optional(),\n})\n\nconst userListResponseSchema = z.object({\n items: z.array(userListItemSchema),\n total: z.number().int().nonnegative(),\n totalPages: z.number().int().positive(),\n isSuperAdmin: z.boolean().optional(),\n})\n\nconst okResponseSchema = z.object({ ok: z.literal(true) })\n\nconst errorResponseSchema = z.object({ error: z.string() })\n\ntype CrudInput = Record<string, unknown>\n\nconst routeMetadata = {\n GET: { requireAuth: true, requireFeatures: ['auth.users.list'] },\n POST: { requireAuth: true, requireFeatures: ['auth.users.create'] },\n PUT: { requireAuth: true, requireFeatures: ['auth.users.edit'] },\n DELETE: { requireAuth: true, requireFeatures: ['auth.users.delete'] },\n}\n\nexport const metadata = routeMetadata\n\nconst crud = makeCrudRoute<CrudInput, CrudInput, Record<string, unknown>>({\n metadata: routeMetadata,\n orm: {\n entity: User,\n idField: 'id',\n orgField: null,\n tenantField: null,\n softDeleteField: 'deletedAt',\n },\n events: userCrudEvents,\n indexer: userCrudIndexer,\n actions: {\n create: {\n commandId: 'auth.users.create',\n schema: rawBodySchema,\n mapInput: async ({ parsed, ctx }) => {\n if (ctx.request) {\n await assertCanAssignRoles(ctx.request, parsed.roles)\n }\n return parsed\n },\n response: ({ result }) => ({\n id: String(result.user.id),\n ...(result.warning ? { _warning: result.warning } : {}),\n }),\n status: 201,\n },\n update: {\n commandId: 'auth.users.update',\n schema: rawBodySchema,\n mapInput: async ({ parsed, ctx }) => {\n if (ctx.request) {\n await assertCanAssignRoles(ctx.request, parsed.roles)\n }\n return parsed\n },\n response: () => ({ ok: true }),\n },\n delete: {\n commandId: 'auth.users.delete',\n response: () => ({ ok: true }),\n },\n },\n})\n\nexport async function GET(req: Request) {\n const auth = await getAuthFromRequest(req)\n if (!auth) return NextResponse.json({ items: [], total: 0, totalPages: 1 })\n const url = new URL(req.url)\n const rawRoleIds = url.searchParams.getAll('roleId').filter((id): id is string => typeof id === 'string' && id.trim().length > 0)\n const parsed = querySchema.safeParse({\n id: url.searchParams.get('id') || undefined,\n page: url.searchParams.get('page') || undefined,\n pageSize: url.searchParams.get('pageSize') || undefined,\n search: url.searchParams.get('search') || undefined,\n organizationId: url.searchParams.get('organizationId') || undefined,\n roleIds: rawRoleIds.length ? rawRoleIds : undefined,\n })\n if (!parsed.success) return NextResponse.json({ items: [], total: 0, totalPages: 1 })\n const container = await createRequestContainer()\n const em = (container.resolve('em') as EntityManager)\n let isSuperAdmin = false\n try {\n if (auth.sub) {\n const rbacService = container.resolve('rbacService') as any\n const acl = await rbacService.loadAcl(auth.sub, { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null })\n isSuperAdmin = !!acl?.isSuperAdmin\n }\n } catch (err) {\n console.error('users: failed to resolve rbac', err)\n }\n const { id, page, pageSize, search, organizationId, roleIds } = parsed.data\n const where: any = { deletedAt: null }\n if (!isSuperAdmin) {\n if (!auth.tenantId) {\n return NextResponse.json({ items: [], total: 0, totalPages: 1, isSuperAdmin })\n }\n where.tenantId = auth.tenantId\n }\n if (organizationId) where.organizationId = organizationId\n if (search) where.email = { $ilike: `%${escapeLikePattern(search)}%` } as any\n let idFilter: Set<string> | null = id ? new Set([id]) : null\n if (Array.isArray(roleIds) && roleIds.length > 0) {\n const uniqueRoleIds = Array.from(new Set(roleIds))\n const linksForRoles = await em.find(UserRole, { role: { $in: uniqueRoleIds as any } } as any)\n const roleUserIds = new Set<string>()\n for (const link of linksForRoles) {\n const uid = String((link as any).user?.id || (link as any).user || '')\n if (uid) roleUserIds.add(uid)\n }\n if (roleUserIds.size === 0) return NextResponse.json({ items: [], total: 0, totalPages: 1 })\n if (idFilter) {\n for (const uid of Array.from(idFilter)) {\n if (!roleUserIds.has(uid)) idFilter.delete(uid)\n }\n } else {\n idFilter = roleUserIds\n }\n if (!idFilter || idFilter.size === 0) return NextResponse.json({ items: [], total: 0, totalPages: 1 })\n }\n if (idFilter && idFilter.size) {\n where.id = { $in: Array.from(idFilter) as any }\n } else if (id) {\n where.id = id\n }\n const [rows, count] = await em.findAndCount(User, where, { limit: pageSize, offset: (page - 1) * pageSize })\n const userIds = rows.map((u: any) => u.id)\n const links = userIds.length\n ? await findWithDecryption(\n em,\n UserRole,\n { user: { $in: userIds as any } } as any,\n { populate: ['role'] },\n { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null },\n )\n : []\n const roleMap: Record<string, string[]> = {}\n const roleIdMap: Record<string, string[]> = {}\n for (const l of links) {\n const uid = String((l as any).user?.id || (l as any).user)\n const rname = String((l as any).role?.name || '')\n const rid = String((l as any).role?.id ?? '')\n if (!roleMap[uid]) roleMap[uid] = []\n if (!roleIdMap[uid]) roleIdMap[uid] = []\n if (rname) roleMap[uid].push(rname)\n if (rid) roleIdMap[uid].push(rid)\n }\n const orgIds = rows\n .map((u: any) => (u.organizationId ? String(u.organizationId) : null))\n .filter((id): id is string => !!id)\n const uniqueOrgIds = Array.from(new Set(orgIds))\n let orgMap: Record<string, string> = {}\n if (uniqueOrgIds.length) {\n const organizations = await em.find(\n Organization,\n { id: { $in: uniqueOrgIds as any }, deletedAt: null },\n )\n orgMap = organizations.reduce<Record<string, string>>((acc, org) => {\n const orgId = org?.id ? String(org.id) : null\n if (!orgId) return acc\n const rawName = (org as any)?.name\n const orgName = typeof rawName === 'string' && rawName.length > 0 ? rawName : orgId\n acc[orgId] = orgName\n return acc\n }, {})\n }\n const tenantIds = rows\n .map((u: any) => (u.tenantId ? String(u.tenantId) : null))\n .filter((id): id is string => !!id)\n const uniqueTenantIds = Array.from(new Set(tenantIds))\n let tenantMap: Record<string, string> = {}\n if (uniqueTenantIds.length) {\n const tenants = await em.find(\n Tenant,\n { id: { $in: uniqueTenantIds as any }, deletedAt: null },\n )\n tenantMap = tenants.reduce<Record<string, string>>((acc, tenant) => {\n const tenantId = tenant?.id ? String(tenant.id) : null\n if (!tenantId) return acc\n const rawName = (tenant as any)?.name\n const tenantName = typeof rawName === 'string' && rawName.length > 0 ? rawName : tenantId\n acc[tenantId] = tenantName\n return acc\n }, {})\n }\n const tenantByUser: Record<string, string | null> = {}\n const organizationByUser: Record<string, string | null> = {}\n for (const u of rows) {\n const uid = String(u.id)\n tenantByUser[uid] = u.tenantId ? String(u.tenantId) : null\n organizationByUser[uid] = u.organizationId ? String(u.organizationId) : null\n }\n const cfByUser = userIds.length\n ? await loadCustomFieldValues({\n em,\n entityId: E.auth.user,\n recordIds: userIds.map(String),\n tenantIdByRecord: tenantByUser,\n organizationIdByRecord: organizationByUser,\n tenantFallbacks: auth.tenantId ? [auth.tenantId] : [],\n })\n : {}\n\n const items = rows.map((u: any) => {\n const uid = String(u.id)\n const orgId = u.organizationId ? String(u.organizationId) : null\n return {\n id: uid,\n email: String(u.email),\n organizationId: orgId,\n organizationName: orgId ? orgMap[orgId] ?? orgId : null,\n tenantId: u.tenantId ? String(u.tenantId) : null,\n tenantName: u.tenantId ? tenantMap[String(u.tenantId)] ?? String(u.tenantId) : null,\n roles: roleMap[uid] || [],\n roleIds: roleIdMap[uid] || [],\n hasPassword: !!u.passwordHash,\n ...(cfByUser[uid] || {}),\n }\n })\n const totalPages = Math.max(1, Math.ceil(count / pageSize))\n await logCrudAccess({\n container,\n auth,\n request: req,\n items,\n idField: 'id',\n resourceKind: 'auth.user',\n organizationId: null,\n tenantId: auth.tenantId ?? null,\n query: parsed.data,\n accessType: id ? 'read:item' : undefined,\n })\n return NextResponse.json({ items, total: count, totalPages, isSuperAdmin })\n}\n\nexport const POST = async (req: Request) => {\n const body = await req.clone().json().catch(() => ({}))\n await assertCanAssignRoles(req, body?.roles)\n return crud.POST(req)\n}\n\nexport const PUT = async (req: Request) => {\n const body = await req.clone().json().catch(() => ({}))\n await assertCanAssignRoles(req, body?.roles)\n return crud.PUT(req)\n}\n\nexport const DELETE = crud.DELETE\n\nconst UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i\n\nasync function assertCanAssignRoles(req: Request, roles: unknown) {\n if (!Array.isArray(roles)) return\n const values = roles\n .map((role) => (typeof role === 'string' ? role.trim() : null))\n .filter((role): role is string => !!role)\n if (!values.length) return\n\n let hasSuperAdmin = values.some((v) => v.toLowerCase() === 'superadmin')\n if (!hasSuperAdmin) {\n const uuids = values.filter((v) => UUID_RE.test(v))\n if (uuids.length) {\n const container = await createRequestContainer()\n const em = container.resolve('em') as EntityManager\n const matched = await em.find(Role, { id: { $in: uuids as any } })\n hasSuperAdmin = matched.some((r) => String(r.name).toLowerCase() === 'superadmin')\n }\n }\n if (!hasSuperAdmin) return\n\n const auth = await getAuthFromRequest(req)\n if (!auth) throw new Error('Unauthorized')\n const container = await createRequestContainer()\n const rbac = container.resolve('rbacService') as RbacService\n const acl = await rbac.loadAcl(auth.sub, { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null })\n if (!acl?.isSuperAdmin) {\n throw forbidden('Only super administrators can assign the superadmin role.')\n }\n}\n\nexport const openApi: OpenApiRouteDoc = {\n tag: 'Authentication & Accounts',\n summary: 'User management',\n methods: {\n GET: {\n summary: 'List users',\n description:\n 'Returns users for the current tenant. Super administrators may scope the response via organization or role filters.',\n query: querySchema,\n responses: [\n { status: 200, description: 'User collection', schema: userListResponseSchema },\n ],\n },\n POST: {\n summary: 'Create user',\n description: 'Creates a new confirmed user within the specified organization and optional roles.',\n requestBody: {\n contentType: 'application/json',\n schema: userCreateSchema,\n },\n responses: [\n {\n status: 201,\n description: 'User created',\n schema: z.object({ id: z.string().uuid() }),\n },\n ],\n errors: [\n { status: 400, description: 'Invalid payload or duplicate email', schema: errorResponseSchema },\n { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n { status: 403, description: 'Attempted to assign privileged roles', schema: errorResponseSchema },\n ],\n },\n PUT: {\n summary: 'Update user',\n description: 'Updates profile fields, organization assignment, credentials, or role memberships.',\n requestBody: {\n contentType: 'application/json',\n schema: userUpdateSchema,\n },\n responses: [\n { status: 200, description: 'User updated', schema: okResponseSchema },\n ],\n errors: [\n { status: 400, description: 'Invalid payload', schema: errorResponseSchema },\n { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n { status: 403, description: 'Attempted to assign privileged roles', schema: errorResponseSchema },\n { status: 404, description: 'User not found', schema: errorResponseSchema },\n ],\n },\n DELETE: {\n summary: 'Delete user',\n description: 'Deletes a user by identifier. Undo support is provided via the command bus.',\n query: z.object({ id: z.string().uuid().describe('User identifier') }),\n responses: [\n { status: 200, description: 'User deleted', schema: okResponseSchema },\n ],\n errors: [\n { status: 400, description: 'User cannot be deleted', schema: errorResponseSchema },\n { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n { status: 404, description: 'User not found', schema: errorResponseSchema },\n ],\n },\n },\n}\n"],
5
- "mappings": "AACA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,eAAe,qBAAqB;AAC7C,SAAS,iBAAiB;AAC1B,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,MAAM,MAAM,gBAAgB;AAErC,SAAS,cAAc,cAAc;AACrC,SAAS,SAAS;AAClB,SAAS,6BAA6B;AAEtC,SAAS,gBAAgB,uBAAuB;AAChD,SAAS,0BAA0B;AACnC,SAAS,yBAAyB;AAClC,SAAS,2BAA2B;AAEpC,MAAM,cAAc,EAAE,OAAO;AAAA,EAC3B,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,EAC/B,MAAM,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,CAAC;AAAA,EACxC,UAAU,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,QAAQ,EAAE;AAAA,EACtD,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,gBAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,EAC3C,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,SAAS;AAC/C,CAAC,EAAE,YAAY;AAEf,MAAM,gBAAgB,EAAE,OAAO,CAAC,CAAC,EAAE,YAAY;AAE/C,MAAM,iBAAiB,oBAAoB;AAE3C,MAAM,mBAAmB,EAAE,OAAO;AAAA,EAChC,OAAO,EAAE,OAAO,EAAE,MAAM;AAAA,EACxB,UAAU,eAAe,SAAS;AAAA,EAClC,iBAAiB,EAAE,QAAQ,EAAE,SAAS;AAAA,EACtC,gBAAgB,EAAE,OAAO,EAAE,KAAK;AAAA,EAChC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AACtC,CAAC,EAAE;AAAA,EACD,CAAC,SAAS,KAAK,YAAY,KAAK;AAAA,EAChC,EAAE,SAAS,kDAAkD,MAAM,CAAC,UAAU,EAAE;AAClF;AAEA,MAAM,mBAAmB,EAAE,OAAO;AAAA,EAChC,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,EACpB,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS;AAAA,EACnC,UAAU,eAAe,SAAS;AAAA,EAClC,gBAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,EAC3C,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AACtC,CAAC;AAED,MAAM,qBAAqB,EAAE,OAAO;AAAA,EAClC,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,EACpB,OAAO,EAAE,OAAO,EAAE,MAAM;AAAA,EACxB,gBAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,EAC3C,kBAAkB,EAAE,OAAO,EAAE,SAAS;AAAA,EACtC,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,EACrC,YAAY,EAAE,OAAO,EAAE,SAAS;AAAA,EAChC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC;AAAA,EACzB,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,SAAS;AAC/C,CAAC;AAED,MAAM,yBAAyB,EAAE,OAAO;AAAA,EACtC,OAAO,EAAE,MAAM,kBAAkB;AAAA,EACjC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY;AAAA,EACpC,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS;AAAA,EACtC,cAAc,EAAE,QAAQ,EAAE,SAAS;AACrC,CAAC;AAED,MAAM,mBAAmB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC;AAEzD,MAAM,sBAAsB,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAI1D,MAAM,gBAAgB;AAAA,EACpB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,iBAAiB,EAAE;AAAA,EAC/D,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,mBAAmB,EAAE;AAAA,EAClE,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,iBAAiB,EAAE;AAAA,EAC/D,QAAQ,EAAE,aAAa,MAAM,iBAAiB,CAAC,mBAAmB,EAAE;AACtE;AAEO,MAAM,WAAW;AAExB,MAAM,OAAO,cAA6D;AAAA,EACxE,UAAU;AAAA,EACV,KAAK;AAAA,IACH,QAAQ;AAAA,IACR,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,IACb,iBAAiB;AAAA,EACnB;AAAA,EACA,QAAQ;AAAA,EACR,SAAS;AAAA,EACT,SAAS;AAAA,IACP,QAAQ;AAAA,MACN,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,UAAU,OAAO,EAAE,QAAQ,IAAI,MAAM;AACnC,YAAI,IAAI,SAAS;AACf,gBAAM,qBAAqB,IAAI,SAAS,OAAO,KAAK;AAAA,QACtD;AACA,eAAO;AAAA,MACT;AAAA,MACA,UAAU,CAAC,EAAE,OAAO,OAAO;AAAA,QACzB,IAAI,OAAO,OAAO,KAAK,EAAE;AAAA,QACzB,GAAI,OAAO,UAAU,EAAE,UAAU,OAAO,QAAQ,IAAI,CAAC;AAAA,MACvD;AAAA,MACA,QAAQ;AAAA,IACV;AAAA,IACA,QAAQ;AAAA,MACN,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,UAAU,OAAO,EAAE,QAAQ,IAAI,MAAM;AACnC,YAAI,IAAI,SAAS;AACf,gBAAM,qBAAqB,IAAI,SAAS,OAAO,KAAK;AAAA,QACtD;AACA,eAAO;AAAA,MACT;AAAA,MACA,UAAU,OAAO,EAAE,IAAI,KAAK;AAAA,IAC9B;AAAA,IACA,QAAQ;AAAA,MACN,WAAW;AAAA,MACX,UAAU,OAAO,EAAE,IAAI,KAAK;AAAA,IAC9B;AAAA,EACF;AACF,CAAC;AAED,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,CAAC,GAAG,OAAO,GAAG,YAAY,EAAE,CAAC;AAC1E,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,aAAa,IAAI,aAAa,OAAO,QAAQ,EAAE,OAAO,CAACA,QAAqB,OAAOA,QAAO,YAAYA,IAAG,KAAK,EAAE,SAAS,CAAC;AAChI,QAAM,SAAS,YAAY,UAAU;AAAA,IACnC,IAAI,IAAI,aAAa,IAAI,IAAI,KAAK;AAAA,IAClC,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,IACtC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,IAC9C,QAAQ,IAAI,aAAa,IAAI,QAAQ,KAAK;AAAA,IAC1C,gBAAgB,IAAI,aAAa,IAAI,gBAAgB,KAAK;AAAA,IAC1D,SAAS,WAAW,SAAS,aAAa;AAAA,EAC5C,CAAC;AACD,MAAI,CAAC,OAAO,QAAS,QAAO,aAAa,KAAK,EAAE,OAAO,CAAC,GAAG,OAAO,GAAG,YAAY,EAAE,CAAC;AACpF,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAM,UAAU,QAAQ,IAAI;AAClC,MAAI,eAAe;AACnB,MAAI;AACF,QAAI,KAAK,KAAK;AACZ,YAAM,cAAc,UAAU,QAAQ,aAAa;AACnD,YAAM,MAAM,MAAM,YAAY,QAAQ,KAAK,KAAK,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,KAAK,SAAS,KAAK,CAAC;AACvH,qBAAe,CAAC,CAAC,KAAK;AAAA,IACxB;AAAA,EACF,SAAS,KAAK;AACZ,YAAQ,MAAM,iCAAiC,GAAG;AAAA,EACpD;AACA,QAAM,EAAE,IAAI,MAAM,UAAU,QAAQ,gBAAgB,QAAQ,IAAI,OAAO;AACvE,QAAM,QAAa,EAAE,WAAW,KAAK;AACrC,MAAI,CAAC,cAAc;AACjB,QAAI,CAAC,KAAK,UAAU;AAClB,aAAO,aAAa,KAAK,EAAE,OAAO,CAAC,GAAG,OAAO,GAAG,YAAY,GAAG,aAAa,CAAC;AAAA,IAC/E;AACA,UAAM,WAAW,KAAK;AAAA,EACxB;AACA,MAAI,eAAgB,OAAM,iBAAiB;AAC3C,MAAI,OAAQ,OAAM,QAAQ,EAAE,QAAQ,IAAI,kBAAkB,MAAM,CAAC,IAAI;AACrE,MAAI,WAA+B,KAAK,oBAAI,IAAI,CAAC,EAAE,CAAC,IAAI;AACxD,MAAI,MAAM,QAAQ,OAAO,KAAK,QAAQ,SAAS,GAAG;AAChD,UAAM,gBAAgB,MAAM,KAAK,IAAI,IAAI,OAAO,CAAC;AACjD,UAAM,gBAAgB,MAAM,GAAG,KAAK,UAAU,EAAE,MAAM,EAAE,KAAK,cAAqB,EAAE,CAAQ;AAC5F,UAAM,cAAc,oBAAI,IAAY;AACpC,eAAW,QAAQ,eAAe;AAChC,YAAM,MAAM,OAAQ,KAAa,MAAM,MAAO,KAAa,QAAQ,EAAE;AACrE,UAAI,IAAK,aAAY,IAAI,GAAG;AAAA,IAC9B;AACA,QAAI,YAAY,SAAS,EAAG,QAAO,aAAa,KAAK,EAAE,OAAO,CAAC,GAAG,OAAO,GAAG,YAAY,EAAE,CAAC;AAC3F,QAAI,UAAU;AACZ,iBAAW,OAAO,MAAM,KAAK,QAAQ,GAAG;AACtC,YAAI,CAAC,YAAY,IAAI,GAAG,EAAG,UAAS,OAAO,GAAG;AAAA,MAChD;AAAA,IACF,OAAO;AACL,iBAAW;AAAA,IACb;AACA,QAAI,CAAC,YAAY,SAAS,SAAS,EAAG,QAAO,aAAa,KAAK,EAAE,OAAO,CAAC,GAAG,OAAO,GAAG,YAAY,EAAE,CAAC;AAAA,EACvG;AACA,MAAI,YAAY,SAAS,MAAM;AAC7B,UAAM,KAAK,EAAE,KAAK,MAAM,KAAK,QAAQ,EAAS;AAAA,EAChD,WAAW,IAAI;AACb,UAAM,KAAK;AAAA,EACb;AACA,QAAM,CAAC,MAAM,KAAK,IAAI,MAAM,GAAG,aAAa,MAAM,OAAO,EAAE,OAAO,UAAU,SAAS,OAAO,KAAK,SAAS,CAAC;AAC3G,QAAM,UAAU,KAAK,IAAI,CAAC,MAAW,EAAE,EAAE;AACzC,QAAM,QAAQ,QAAQ,SAClB,MAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA,EAAE,MAAM,EAAE,KAAK,QAAe,EAAE;AAAA,IAChC,EAAE,UAAU,CAAC,MAAM,EAAE;AAAA,IACrB,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,KAAK,SAAS,KAAK;AAAA,EACxE,IACA,CAAC;AACL,QAAM,UAAoC,CAAC;AAC3C,QAAM,YAAsC,CAAC;AAC7C,aAAW,KAAK,OAAO;AACrB,UAAM,MAAM,OAAQ,EAAU,MAAM,MAAO,EAAU,IAAI;AACzD,UAAM,QAAQ,OAAQ,EAAU,MAAM,QAAQ,EAAE;AAChD,UAAM,MAAM,OAAQ,EAAU,MAAM,MAAM,EAAE;AAC5C,QAAI,CAAC,QAAQ,GAAG,EAAG,SAAQ,GAAG,IAAI,CAAC;AACnC,QAAI,CAAC,UAAU,GAAG,EAAG,WAAU,GAAG,IAAI,CAAC;AACvC,QAAI,MAAO,SAAQ,GAAG,EAAE,KAAK,KAAK;AAClC,QAAI,IAAK,WAAU,GAAG,EAAE,KAAK,GAAG;AAAA,EAClC;AACA,QAAM,SAAS,KACZ,IAAI,CAAC,MAAY,EAAE,iBAAiB,OAAO,EAAE,cAAc,IAAI,IAAK,EACpE,OAAO,CAACA,QAAqB,CAAC,CAACA,GAAE;AACpC,QAAM,eAAe,MAAM,KAAK,IAAI,IAAI,MAAM,CAAC;AAC/C,MAAI,SAAiC,CAAC;AACtC,MAAI,aAAa,QAAQ;AACvB,UAAM,gBAAgB,MAAM,GAAG;AAAA,MAC7B;AAAA,MACA,EAAE,IAAI,EAAE,KAAK,aAAoB,GAAG,WAAW,KAAK;AAAA,IACtD;AACA,aAAS,cAAc,OAA+B,CAAC,KAAK,QAAQ;AAClE,YAAM,QAAQ,KAAK,KAAK,OAAO,IAAI,EAAE,IAAI;AACzC,UAAI,CAAC,MAAO,QAAO;AACnB,YAAM,UAAW,KAAa;AAC9B,YAAM,UAAU,OAAO,YAAY,YAAY,QAAQ,SAAS,IAAI,UAAU;AAC9E,UAAI,KAAK,IAAI;AACb,aAAO;AAAA,IACT,GAAG,CAAC,CAAC;AAAA,EACP;AACA,QAAM,YAAY,KACf,IAAI,CAAC,MAAY,EAAE,WAAW,OAAO,EAAE,QAAQ,IAAI,IAAK,EACxD,OAAO,CAACA,QAAqB,CAAC,CAACA,GAAE;AACpC,QAAM,kBAAkB,MAAM,KAAK,IAAI,IAAI,SAAS,CAAC;AACrD,MAAI,YAAoC,CAAC;AACzC,MAAI,gBAAgB,QAAQ;AAC1B,UAAM,UAAU,MAAM,GAAG;AAAA,MACvB;AAAA,MACA,EAAE,IAAI,EAAE,KAAK,gBAAuB,GAAG,WAAW,KAAK;AAAA,IACzD;AACA,gBAAY,QAAQ,OAA+B,CAAC,KAAK,WAAW;AAClE,YAAM,WAAW,QAAQ,KAAK,OAAO,OAAO,EAAE,IAAI;AAClD,UAAI,CAAC,SAAU,QAAO;AACtB,YAAM,UAAW,QAAgB;AACjC,YAAM,aAAa,OAAO,YAAY,YAAY,QAAQ,SAAS,IAAI,UAAU;AACjF,UAAI,QAAQ,IAAI;AAChB,aAAO;AAAA,IACT,GAAG,CAAC,CAAC;AAAA,EACP;AACA,QAAM,eAA8C,CAAC;AACrD,QAAM,qBAAoD,CAAC;AAC3D,aAAW,KAAK,MAAM;AACpB,UAAM,MAAM,OAAO,EAAE,EAAE;AACvB,iBAAa,GAAG,IAAI,EAAE,WAAW,OAAO,EAAE,QAAQ,IAAI;AACtD,uBAAmB,GAAG,IAAI,EAAE,iBAAiB,OAAO,EAAE,cAAc,IAAI;AAAA,EAC1E;AACA,QAAM,WAAW,QAAQ,SACrB,MAAM,sBAAsB;AAAA,IAC1B;AAAA,IACA,UAAU,EAAE,KAAK;AAAA,IACjB,WAAW,QAAQ,IAAI,MAAM;AAAA,IAC7B,kBAAkB;AAAA,IAClB,wBAAwB;AAAA,IACxB,iBAAiB,KAAK,WAAW,CAAC,KAAK,QAAQ,IAAI,CAAC;AAAA,EACtD,CAAC,IACD,CAAC;AAEL,QAAM,QAAQ,KAAK,IAAI,CAAC,MAAW;AACjC,UAAM,MAAM,OAAO,EAAE,EAAE;AACvB,UAAM,QAAQ,EAAE,iBAAiB,OAAO,EAAE,cAAc,IAAI;AAC5D,WAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO,OAAO,EAAE,KAAK;AAAA,MACrB,gBAAgB;AAAA,MAChB,kBAAkB,QAAQ,OAAO,KAAK,KAAK,QAAQ;AAAA,MACnD,UAAU,EAAE,WAAW,OAAO,EAAE,QAAQ,IAAI;AAAA,MAC5C,YAAY,EAAE,WAAW,UAAU,OAAO,EAAE,QAAQ,CAAC,KAAK,OAAO,EAAE,QAAQ,IAAI;AAAA,MAC/E,OAAO,QAAQ,GAAG,KAAK,CAAC;AAAA,MACxB,SAAS,UAAU,GAAG,KAAK,CAAC;AAAA,MAC5B,aAAa,CAAC,CAAC,EAAE;AAAA,MACjB,GAAI,SAAS,GAAG,KAAK,CAAC;AAAA,IACxB;AAAA,EACF,CAAC;AACD,QAAM,aAAa,KAAK,IAAI,GAAG,KAAK,KAAK,QAAQ,QAAQ,CAAC;AAC1D,QAAM,cAAc;AAAA,IAClB;AAAA,IACA;AAAA,IACA,SAAS;AAAA,IACT;AAAA,IACA,SAAS;AAAA,IACT,cAAc;AAAA,IACd,gBAAgB;AAAA,IAChB,UAAU,KAAK,YAAY;AAAA,IAC3B,OAAO,OAAO;AAAA,IACd,YAAY,KAAK,cAAc;AAAA,EACjC,CAAC;AACD,SAAO,aAAa,KAAK,EAAE,OAAO,OAAO,OAAO,YAAY,aAAa,CAAC;AAC5E;AAEO,MAAM,OAAO,OAAO,QAAiB;AAC1C,QAAM,OAAO,MAAM,IAAI,MAAM,EAAE,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,QAAM,qBAAqB,KAAK,MAAM,KAAK;AAC3C,SAAO,KAAK,KAAK,GAAG;AACtB;AAEO,MAAM,MAAM,OAAO,QAAiB;AACzC,QAAM,OAAO,MAAM,IAAI,MAAM,EAAE,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,QAAM,qBAAqB,KAAK,MAAM,KAAK;AAC3C,SAAO,KAAK,IAAI,GAAG;AACrB;AAEO,MAAM,SAAS,KAAK;AAE3B,MAAM,UAAU;AAEhB,eAAe,qBAAqB,KAAc,OAAgB;AAChE,MAAI,CAAC,MAAM,QAAQ,KAAK,EAAG;AAC3B,QAAM,SAAS,MACZ,IAAI,CAAC,SAAU,OAAO,SAAS,WAAW,KAAK,KAAK,IAAI,IAAK,EAC7D,OAAO,CAAC,SAAyB,CAAC,CAAC,IAAI;AAC1C,MAAI,CAAC,OAAO,OAAQ;AAEpB,MAAI,gBAAgB,OAAO,KAAK,CAAC,MAAM,EAAE,YAAY,MAAM,YAAY;AACvE,MAAI,CAAC,eAAe;AAClB,UAAM,QAAQ,OAAO,OAAO,CAAC,MAAM,QAAQ,KAAK,CAAC,CAAC;AAClD,QAAI,MAAM,QAAQ;AAChB,YAAMC,aAAY,MAAM,uBAAuB;AAC/C,YAAM,KAAKA,WAAU,QAAQ,IAAI;AACjC,YAAM,UAAU,MAAM,GAAG,KAAK,MAAM,EAAE,IAAI,EAAE,KAAK,MAAa,EAAE,CAAC;AACjE,sBAAgB,QAAQ,KAAK,CAAC,MAAM,OAAO,EAAE,IAAI,EAAE,YAAY,MAAM,YAAY;AAAA,IACnF;AAAA,EACF;AACA,MAAI,CAAC,cAAe;AAEpB,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,KAAM,OAAM,IAAI,MAAM,cAAc;AACzC,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,OAAO,UAAU,QAAQ,aAAa;AAC5C,QAAM,MAAM,MAAM,KAAK,QAAQ,KAAK,KAAK,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,KAAK,SAAS,KAAK,CAAC;AAChH,MAAI,CAAC,KAAK,cAAc;AACtB,UAAM,UAAU,2DAA2D;AAAA,EAC7E;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aACE;AAAA,MACF,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,uBAAuB;AAAA,MAChF;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAAA,QAC5C;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,sCAAsC,QAAQ,oBAAoB;AAAA,QAC9F,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,wCAAwC,QAAQ,oBAAoB;AAAA,MAClG;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,iBAAiB;AAAA,MACvE;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,oBAAoB;AAAA,QAC3E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,wCAAwC,QAAQ,oBAAoB;AAAA,QAChG,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,oBAAoB;AAAA,MAC5E;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,iBAAiB,EAAE,CAAC;AAAA,MACrE,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,iBAAiB;AAAA,MACvE;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,0BAA0B,QAAQ,oBAAoB;AAAA,QAClF,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,oBAAoB;AAAA,MAC5E;AAAA,IACF;AAAA,EACF;AACF;",
4
+ "sourcesContent": ["/* eslint-disable @typescript-eslint/no-explicit-any */\nimport { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { logCrudAccess, makeCrudRoute } from '@open-mercato/shared/lib/crud/factory'\nimport { forbidden } from '@open-mercato/shared/lib/crud/errors'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { User, Role, UserRole } from '@open-mercato/core/modules/auth/data/entities'\nimport { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'\nimport { Organization, Tenant } from '@open-mercato/core/modules/directory/data/entities'\nimport { E } from '#generated/entities.ids.generated'\nimport { loadCustomFieldValues } from '@open-mercato/shared/lib/crud/custom-fields'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { userCrudEvents, userCrudIndexer } from '@open-mercato/core/modules/auth/commands/users'\nimport { findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\nimport { buildPasswordSchema } from '@open-mercato/shared/lib/auth/passwordPolicy'\nimport { resolveSearchConfig } from '@open-mercato/shared/lib/search/config'\nimport { tokenizeText } from '@open-mercato/shared/lib/search/tokenize'\nimport { sql } from 'kysely'\n\nconst querySchema = z.object({\n id: z.string().uuid().optional(),\n page: z.coerce.number().min(1).default(1),\n pageSize: z.coerce.number().min(1).max(100).default(50),\n search: z.string().optional(),\n organizationId: z.string().uuid().optional(),\n roleIds: z.array(z.string().uuid()).optional(),\n}).passthrough()\n\nconst rawBodySchema = z.object({}).passthrough()\n\nconst passwordSchema = buildPasswordSchema()\n\nconst userCreateSchema = z.object({\n email: z.string().email(),\n password: passwordSchema.optional(),\n sendInviteEmail: z.boolean().optional(),\n organizationId: z.string().uuid(),\n roles: z.array(z.string()).optional(),\n}).refine(\n (data) => data.password || data.sendInviteEmail,\n { message: 'Either password or sendInviteEmail is required', path: ['password'] },\n)\n\nconst userUpdateSchema = z.object({\n id: z.string().uuid(),\n email: z.string().email().optional(),\n password: passwordSchema.optional(),\n organizationId: z.string().uuid().optional(),\n roles: z.array(z.string()).optional(),\n})\n\nconst userListItemSchema = z.object({\n id: z.string().uuid(),\n email: z.string().email(),\n organizationId: z.string().uuid().nullable(),\n organizationName: z.string().nullable(),\n tenantId: z.string().uuid().nullable(),\n tenantName: z.string().nullable(),\n roles: z.array(z.string()),\n roleIds: z.array(z.string().uuid()).optional(),\n})\n\nconst userListResponseSchema = z.object({\n items: z.array(userListItemSchema),\n total: z.number().int().nonnegative(),\n totalPages: z.number().int().positive(),\n isSuperAdmin: z.boolean().optional(),\n})\n\nconst okResponseSchema = z.object({ ok: z.literal(true) })\n\nconst errorResponseSchema = z.object({ error: z.string() })\n\ntype CrudInput = Record<string, unknown>\n\nconst routeMetadata = {\n GET: { requireAuth: true, requireFeatures: ['auth.users.list'] },\n POST: { requireAuth: true, requireFeatures: ['auth.users.create'] },\n PUT: { requireAuth: true, requireFeatures: ['auth.users.edit'] },\n DELETE: { requireAuth: true, requireFeatures: ['auth.users.delete'] },\n}\n\nexport const metadata = routeMetadata\n\nconst crud = makeCrudRoute<CrudInput, CrudInput, Record<string, unknown>>({\n metadata: routeMetadata,\n orm: {\n entity: User,\n idField: 'id',\n orgField: null,\n tenantField: null,\n softDeleteField: 'deletedAt',\n },\n events: userCrudEvents,\n indexer: userCrudIndexer,\n actions: {\n create: {\n commandId: 'auth.users.create',\n schema: rawBodySchema,\n mapInput: async ({ parsed, ctx }) => {\n if (ctx.request) {\n await assertCanAssignRoles(ctx.request, parsed.roles)\n }\n return parsed\n },\n response: ({ result }) => ({\n id: String(result.user.id),\n ...(result.warning ? { _warning: result.warning } : {}),\n }),\n status: 201,\n },\n update: {\n commandId: 'auth.users.update',\n schema: rawBodySchema,\n mapInput: async ({ parsed, ctx }) => {\n if (ctx.request) {\n await assertCanAssignRoles(ctx.request, parsed.roles)\n }\n return parsed\n },\n response: () => ({ ok: true }),\n },\n delete: {\n commandId: 'auth.users.delete',\n response: () => ({ ok: true }),\n },\n },\n})\n\nexport async function GET(req: Request) {\n const auth = await getAuthFromRequest(req)\n if (!auth) return NextResponse.json({ items: [], total: 0, totalPages: 1 })\n const url = new URL(req.url)\n const rawRoleIds = url.searchParams.getAll('roleId').filter((id): id is string => typeof id === 'string' && id.trim().length > 0)\n const parsed = querySchema.safeParse({\n id: url.searchParams.get('id') || undefined,\n page: url.searchParams.get('page') || undefined,\n pageSize: url.searchParams.get('pageSize') || undefined,\n search: url.searchParams.get('search') || undefined,\n organizationId: url.searchParams.get('organizationId') || undefined,\n roleIds: rawRoleIds.length ? rawRoleIds : undefined,\n })\n if (!parsed.success) return NextResponse.json({ items: [], total: 0, totalPages: 1 })\n const container = await createRequestContainer()\n const em = (container.resolve('em') as EntityManager)\n let isSuperAdmin = false\n try {\n if (auth.sub) {\n const rbacService = container.resolve('rbacService') as any\n const acl = await rbacService.loadAcl(auth.sub, { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null })\n isSuperAdmin = !!acl?.isSuperAdmin\n }\n } catch (err) {\n console.error('users: failed to resolve rbac', err)\n }\n const { id, page, pageSize, search, organizationId, roleIds } = parsed.data\n const where: any = { deletedAt: null }\n if (!isSuperAdmin) {\n if (!auth.tenantId) {\n return NextResponse.json({ items: [], total: 0, totalPages: 1, isSuperAdmin })\n }\n where.tenantId = auth.tenantId\n }\n if (organizationId) where.organizationId = organizationId\n let idFilter: Set<string> | null = id ? new Set([id]) : null\n if (Array.isArray(roleIds) && roleIds.length > 0) {\n const uniqueRoleIds = Array.from(new Set(roleIds))\n const linksForRoles = await em.find(UserRole, { role: { $in: uniqueRoleIds as any } } as any)\n const roleUserIds = new Set<string>()\n for (const link of linksForRoles) {\n const uid = String((link as any).user?.id || (link as any).user || '')\n if (uid) roleUserIds.add(uid)\n }\n if (roleUserIds.size === 0) return NextResponse.json({ items: [], total: 0, totalPages: 1 })\n if (idFilter) {\n for (const uid of Array.from(idFilter)) {\n if (!roleUserIds.has(uid)) idFilter.delete(uid)\n }\n } else {\n idFilter = roleUserIds\n }\n if (!idFilter || idFilter.size === 0) return NextResponse.json({ items: [], total: 0, totalPages: 1 })\n }\n if (search) {\n // Email is encrypted at rest, so $ilike on the column cannot match plaintext input.\n // Resolve candidate users via search_tokens (tokens are built from the decrypted index doc).\n const tenantScope: string | null | undefined = isSuperAdmin ? undefined : auth.tenantId ?? null\n const matchedIds = await findUserIdsBySearchTokens(em, E.auth.user, search, tenantScope)\n if (matchedIds !== null) {\n if (matchedIds.length === 0) {\n return NextResponse.json({ items: [], total: 0, totalPages: 1, isSuperAdmin })\n }\n const matchedSet = new Set(matchedIds)\n if (idFilter) {\n for (const uid of Array.from(idFilter)) {\n if (!matchedSet.has(uid)) idFilter.delete(uid)\n }\n if (idFilter.size === 0) {\n return NextResponse.json({ items: [], total: 0, totalPages: 1, isSuperAdmin })\n }\n } else {\n idFilter = matchedSet\n }\n }\n }\n if (idFilter && idFilter.size) {\n where.id = { $in: Array.from(idFilter) as any }\n } else if (id) {\n where.id = id\n }\n const [rows, count] = await em.findAndCount(User, where, { limit: pageSize, offset: (page - 1) * pageSize })\n const userIds = rows.map((u: any) => u.id)\n const links = userIds.length\n ? await findWithDecryption(\n em,\n UserRole,\n { user: { $in: userIds as any } } as any,\n { populate: ['role'] },\n { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null },\n )\n : []\n const roleMap: Record<string, string[]> = {}\n const roleIdMap: Record<string, string[]> = {}\n for (const l of links) {\n const uid = String((l as any).user?.id || (l as any).user)\n const rname = String((l as any).role?.name || '')\n const rid = String((l as any).role?.id ?? '')\n if (!roleMap[uid]) roleMap[uid] = []\n if (!roleIdMap[uid]) roleIdMap[uid] = []\n if (rname) roleMap[uid].push(rname)\n if (rid) roleIdMap[uid].push(rid)\n }\n const orgIds = rows\n .map((u: any) => (u.organizationId ? String(u.organizationId) : null))\n .filter((id): id is string => !!id)\n const uniqueOrgIds = Array.from(new Set(orgIds))\n let orgMap: Record<string, string> = {}\n if (uniqueOrgIds.length) {\n const organizations = await em.find(\n Organization,\n { id: { $in: uniqueOrgIds as any }, deletedAt: null },\n )\n orgMap = organizations.reduce<Record<string, string>>((acc, org) => {\n const orgId = org?.id ? String(org.id) : null\n if (!orgId) return acc\n const rawName = (org as any)?.name\n const orgName = typeof rawName === 'string' && rawName.length > 0 ? rawName : orgId\n acc[orgId] = orgName\n return acc\n }, {})\n }\n const tenantIds = rows\n .map((u: any) => (u.tenantId ? String(u.tenantId) : null))\n .filter((id): id is string => !!id)\n const uniqueTenantIds = Array.from(new Set(tenantIds))\n let tenantMap: Record<string, string> = {}\n if (uniqueTenantIds.length) {\n const tenants = await em.find(\n Tenant,\n { id: { $in: uniqueTenantIds as any }, deletedAt: null },\n )\n tenantMap = tenants.reduce<Record<string, string>>((acc, tenant) => {\n const tenantId = tenant?.id ? String(tenant.id) : null\n if (!tenantId) return acc\n const rawName = (tenant as any)?.name\n const tenantName = typeof rawName === 'string' && rawName.length > 0 ? rawName : tenantId\n acc[tenantId] = tenantName\n return acc\n }, {})\n }\n const tenantByUser: Record<string, string | null> = {}\n const organizationByUser: Record<string, string | null> = {}\n for (const u of rows) {\n const uid = String(u.id)\n tenantByUser[uid] = u.tenantId ? String(u.tenantId) : null\n organizationByUser[uid] = u.organizationId ? String(u.organizationId) : null\n }\n const cfByUser = userIds.length\n ? await loadCustomFieldValues({\n em,\n entityId: E.auth.user,\n recordIds: userIds.map(String),\n tenantIdByRecord: tenantByUser,\n organizationIdByRecord: organizationByUser,\n tenantFallbacks: auth.tenantId ? [auth.tenantId] : [],\n })\n : {}\n\n const items = rows.map((u: any) => {\n const uid = String(u.id)\n const orgId = u.organizationId ? String(u.organizationId) : null\n return {\n id: uid,\n email: String(u.email),\n organizationId: orgId,\n organizationName: orgId ? orgMap[orgId] ?? orgId : null,\n tenantId: u.tenantId ? String(u.tenantId) : null,\n tenantName: u.tenantId ? tenantMap[String(u.tenantId)] ?? String(u.tenantId) : null,\n roles: roleMap[uid] || [],\n roleIds: roleIdMap[uid] || [],\n hasPassword: !!u.passwordHash,\n ...(cfByUser[uid] || {}),\n }\n })\n const totalPages = Math.max(1, Math.ceil(count / pageSize))\n await logCrudAccess({\n container,\n auth,\n request: req,\n items,\n idField: 'id',\n resourceKind: 'auth.user',\n organizationId: null,\n tenantId: auth.tenantId ?? null,\n query: parsed.data,\n accessType: id ? 'read:item' : undefined,\n })\n return NextResponse.json({ items, total: count, totalPages, isSuperAdmin })\n}\n\nexport const POST = async (req: Request) => {\n const body = await req.clone().json().catch(() => ({}))\n await assertCanAssignRoles(req, body?.roles)\n return crud.POST(req)\n}\n\nexport const PUT = async (req: Request) => {\n const body = await req.clone().json().catch(() => ({}))\n await assertCanAssignRoles(req, body?.roles)\n return crud.PUT(req)\n}\n\nexport const DELETE = crud.DELETE\n\nasync function findUserIdsBySearchTokens(\n em: EntityManager,\n entityType: string,\n search: string,\n tenantScope: string | null | undefined,\n): Promise<string[] | null> {\n const trimmed = search.trim()\n if (!trimmed) return null\n const searchConfig = resolveSearchConfig()\n if (!searchConfig.enabled) return []\n const { hashes } = tokenizeText(trimmed, searchConfig)\n if (!hashes.length) return []\n\n const db = (em as any).getKysely() as any\n let query = db\n .selectFrom('search_tokens')\n .select('entity_id')\n .where('entity_type', '=', entityType)\n .where('token_hash', 'in', hashes)\n .groupBy('entity_id')\n .having(sql<boolean>`count(distinct token_hash) >= ${hashes.length}`)\n if (tenantScope !== undefined) {\n query = query.where(sql<boolean>`tenant_id is not distinct from ${tenantScope}`)\n }\n const rows = (await query.execute()) as Array<{ entity_id?: unknown }>\n return rows\n .map((row) => (typeof row.entity_id === 'string' ? row.entity_id : null))\n .filter((id): id is string => typeof id === 'string' && id.length > 0)\n}\n\nconst UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i\n\nasync function assertCanAssignRoles(req: Request, roles: unknown) {\n if (!Array.isArray(roles)) return\n const values = roles\n .map((role) => (typeof role === 'string' ? role.trim() : null))\n .filter((role): role is string => !!role)\n if (!values.length) return\n\n let hasSuperAdmin = values.some((v) => v.toLowerCase() === 'superadmin')\n if (!hasSuperAdmin) {\n const uuids = values.filter((v) => UUID_RE.test(v))\n if (uuids.length) {\n const container = await createRequestContainer()\n const em = container.resolve('em') as EntityManager\n const matched = await em.find(Role, { id: { $in: uuids as any } })\n hasSuperAdmin = matched.some((r) => String(r.name).toLowerCase() === 'superadmin')\n }\n }\n if (!hasSuperAdmin) return\n\n const auth = await getAuthFromRequest(req)\n if (!auth) throw new Error('Unauthorized')\n const container = await createRequestContainer()\n const rbac = container.resolve('rbacService') as RbacService\n const acl = await rbac.loadAcl(auth.sub, { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null })\n if (!acl?.isSuperAdmin) {\n throw forbidden('Only super administrators can assign the superadmin role.')\n }\n}\n\nexport const openApi: OpenApiRouteDoc = {\n tag: 'Authentication & Accounts',\n summary: 'User management',\n methods: {\n GET: {\n summary: 'List users',\n description:\n 'Returns users for the current tenant. Super administrators may scope the response via organization or role filters.',\n query: querySchema,\n responses: [\n { status: 200, description: 'User collection', schema: userListResponseSchema },\n ],\n },\n POST: {\n summary: 'Create user',\n description: 'Creates a new confirmed user within the specified organization and optional roles.',\n requestBody: {\n contentType: 'application/json',\n schema: userCreateSchema,\n },\n responses: [\n {\n status: 201,\n description: 'User created',\n schema: z.object({ id: z.string().uuid() }),\n },\n ],\n errors: [\n { status: 400, description: 'Invalid payload or duplicate email', schema: errorResponseSchema },\n { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n { status: 403, description: 'Attempted to assign privileged roles', schema: errorResponseSchema },\n ],\n },\n PUT: {\n summary: 'Update user',\n description: 'Updates profile fields, organization assignment, credentials, or role memberships.',\n requestBody: {\n contentType: 'application/json',\n schema: userUpdateSchema,\n },\n responses: [\n { status: 200, description: 'User updated', schema: okResponseSchema },\n ],\n errors: [\n { status: 400, description: 'Invalid payload', schema: errorResponseSchema },\n { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n { status: 403, description: 'Attempted to assign privileged roles', schema: errorResponseSchema },\n { status: 404, description: 'User not found', schema: errorResponseSchema },\n ],\n },\n DELETE: {\n summary: 'Delete user',\n description: 'Deletes a user by identifier. Undo support is provided via the command bus.',\n query: z.object({ id: z.string().uuid().describe('User identifier') }),\n responses: [\n { status: 200, description: 'User deleted', schema: okResponseSchema },\n ],\n errors: [\n { status: 400, description: 'User cannot be deleted', schema: errorResponseSchema },\n { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n { status: 404, description: 'User not found', schema: errorResponseSchema },\n ],\n },\n },\n}\n"],
5
+ "mappings": "AACA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,eAAe,qBAAqB;AAC7C,SAAS,iBAAiB;AAC1B,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,MAAM,MAAM,gBAAgB;AAErC,SAAS,cAAc,cAAc;AACrC,SAAS,SAAS;AAClB,SAAS,6BAA6B;AAEtC,SAAS,gBAAgB,uBAAuB;AAChD,SAAS,0BAA0B;AACnC,SAAS,2BAA2B;AACpC,SAAS,2BAA2B;AACpC,SAAS,oBAAoB;AAC7B,SAAS,WAAW;AAEpB,MAAM,cAAc,EAAE,OAAO;AAAA,EAC3B,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,EAC/B,MAAM,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,CAAC;AAAA,EACxC,UAAU,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,QAAQ,EAAE;AAAA,EACtD,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,gBAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,EAC3C,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,SAAS;AAC/C,CAAC,EAAE,YAAY;AAEf,MAAM,gBAAgB,EAAE,OAAO,CAAC,CAAC,EAAE,YAAY;AAE/C,MAAM,iBAAiB,oBAAoB;AAE3C,MAAM,mBAAmB,EAAE,OAAO;AAAA,EAChC,OAAO,EAAE,OAAO,EAAE,MAAM;AAAA,EACxB,UAAU,eAAe,SAAS;AAAA,EAClC,iBAAiB,EAAE,QAAQ,EAAE,SAAS;AAAA,EACtC,gBAAgB,EAAE,OAAO,EAAE,KAAK;AAAA,EAChC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AACtC,CAAC,EAAE;AAAA,EACD,CAAC,SAAS,KAAK,YAAY,KAAK;AAAA,EAChC,EAAE,SAAS,kDAAkD,MAAM,CAAC,UAAU,EAAE;AAClF;AAEA,MAAM,mBAAmB,EAAE,OAAO;AAAA,EAChC,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,EACpB,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS;AAAA,EACnC,UAAU,eAAe,SAAS;AAAA,EAClC,gBAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,EAC3C,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AACtC,CAAC;AAED,MAAM,qBAAqB,EAAE,OAAO;AAAA,EAClC,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,EACpB,OAAO,EAAE,OAAO,EAAE,MAAM;AAAA,EACxB,gBAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,EAC3C,kBAAkB,EAAE,OAAO,EAAE,SAAS;AAAA,EACtC,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,EACrC,YAAY,EAAE,OAAO,EAAE,SAAS;AAAA,EAChC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC;AAAA,EACzB,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,SAAS;AAC/C,CAAC;AAED,MAAM,yBAAyB,EAAE,OAAO;AAAA,EACtC,OAAO,EAAE,MAAM,kBAAkB;AAAA,EACjC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY;AAAA,EACpC,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS;AAAA,EACtC,cAAc,EAAE,QAAQ,EAAE,SAAS;AACrC,CAAC;AAED,MAAM,mBAAmB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC;AAEzD,MAAM,sBAAsB,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAI1D,MAAM,gBAAgB;AAAA,EACpB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,iBAAiB,EAAE;AAAA,EAC/D,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,mBAAmB,EAAE;AAAA,EAClE,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,iBAAiB,EAAE;AAAA,EAC/D,QAAQ,EAAE,aAAa,MAAM,iBAAiB,CAAC,mBAAmB,EAAE;AACtE;AAEO,MAAM,WAAW;AAExB,MAAM,OAAO,cAA6D;AAAA,EACxE,UAAU;AAAA,EACV,KAAK;AAAA,IACH,QAAQ;AAAA,IACR,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,IACb,iBAAiB;AAAA,EACnB;AAAA,EACA,QAAQ;AAAA,EACR,SAAS;AAAA,EACT,SAAS;AAAA,IACP,QAAQ;AAAA,MACN,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,UAAU,OAAO,EAAE,QAAQ,IAAI,MAAM;AACnC,YAAI,IAAI,SAAS;AACf,gBAAM,qBAAqB,IAAI,SAAS,OAAO,KAAK;AAAA,QACtD;AACA,eAAO;AAAA,MACT;AAAA,MACA,UAAU,CAAC,EAAE,OAAO,OAAO;AAAA,QACzB,IAAI,OAAO,OAAO,KAAK,EAAE;AAAA,QACzB,GAAI,OAAO,UAAU,EAAE,UAAU,OAAO,QAAQ,IAAI,CAAC;AAAA,MACvD;AAAA,MACA,QAAQ;AAAA,IACV;AAAA,IACA,QAAQ;AAAA,MACN,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,UAAU,OAAO,EAAE,QAAQ,IAAI,MAAM;AACnC,YAAI,IAAI,SAAS;AACf,gBAAM,qBAAqB,IAAI,SAAS,OAAO,KAAK;AAAA,QACtD;AACA,eAAO;AAAA,MACT;AAAA,MACA,UAAU,OAAO,EAAE,IAAI,KAAK;AAAA,IAC9B;AAAA,IACA,QAAQ;AAAA,MACN,WAAW;AAAA,MACX,UAAU,OAAO,EAAE,IAAI,KAAK;AAAA,IAC9B;AAAA,EACF;AACF,CAAC;AAED,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,CAAC,GAAG,OAAO,GAAG,YAAY,EAAE,CAAC;AAC1E,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,aAAa,IAAI,aAAa,OAAO,QAAQ,EAAE,OAAO,CAACA,QAAqB,OAAOA,QAAO,YAAYA,IAAG,KAAK,EAAE,SAAS,CAAC;AAChI,QAAM,SAAS,YAAY,UAAU;AAAA,IACnC,IAAI,IAAI,aAAa,IAAI,IAAI,KAAK;AAAA,IAClC,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,IACtC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,IAC9C,QAAQ,IAAI,aAAa,IAAI,QAAQ,KAAK;AAAA,IAC1C,gBAAgB,IAAI,aAAa,IAAI,gBAAgB,KAAK;AAAA,IAC1D,SAAS,WAAW,SAAS,aAAa;AAAA,EAC5C,CAAC;AACD,MAAI,CAAC,OAAO,QAAS,QAAO,aAAa,KAAK,EAAE,OAAO,CAAC,GAAG,OAAO,GAAG,YAAY,EAAE,CAAC;AACpF,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAM,UAAU,QAAQ,IAAI;AAClC,MAAI,eAAe;AACnB,MAAI;AACF,QAAI,KAAK,KAAK;AACZ,YAAM,cAAc,UAAU,QAAQ,aAAa;AACnD,YAAM,MAAM,MAAM,YAAY,QAAQ,KAAK,KAAK,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,KAAK,SAAS,KAAK,CAAC;AACvH,qBAAe,CAAC,CAAC,KAAK;AAAA,IACxB;AAAA,EACF,SAAS,KAAK;AACZ,YAAQ,MAAM,iCAAiC,GAAG;AAAA,EACpD;AACA,QAAM,EAAE,IAAI,MAAM,UAAU,QAAQ,gBAAgB,QAAQ,IAAI,OAAO;AACvE,QAAM,QAAa,EAAE,WAAW,KAAK;AACrC,MAAI,CAAC,cAAc;AACjB,QAAI,CAAC,KAAK,UAAU;AAClB,aAAO,aAAa,KAAK,EAAE,OAAO,CAAC,GAAG,OAAO,GAAG,YAAY,GAAG,aAAa,CAAC;AAAA,IAC/E;AACA,UAAM,WAAW,KAAK;AAAA,EACxB;AACA,MAAI,eAAgB,OAAM,iBAAiB;AAC3C,MAAI,WAA+B,KAAK,oBAAI,IAAI,CAAC,EAAE,CAAC,IAAI;AACxD,MAAI,MAAM,QAAQ,OAAO,KAAK,QAAQ,SAAS,GAAG;AAChD,UAAM,gBAAgB,MAAM,KAAK,IAAI,IAAI,OAAO,CAAC;AACjD,UAAM,gBAAgB,MAAM,GAAG,KAAK,UAAU,EAAE,MAAM,EAAE,KAAK,cAAqB,EAAE,CAAQ;AAC5F,UAAM,cAAc,oBAAI,IAAY;AACpC,eAAW,QAAQ,eAAe;AAChC,YAAM,MAAM,OAAQ,KAAa,MAAM,MAAO,KAAa,QAAQ,EAAE;AACrE,UAAI,IAAK,aAAY,IAAI,GAAG;AAAA,IAC9B;AACA,QAAI,YAAY,SAAS,EAAG,QAAO,aAAa,KAAK,EAAE,OAAO,CAAC,GAAG,OAAO,GAAG,YAAY,EAAE,CAAC;AAC3F,QAAI,UAAU;AACZ,iBAAW,OAAO,MAAM,KAAK,QAAQ,GAAG;AACtC,YAAI,CAAC,YAAY,IAAI,GAAG,EAAG,UAAS,OAAO,GAAG;AAAA,MAChD;AAAA,IACF,OAAO;AACL,iBAAW;AAAA,IACb;AACA,QAAI,CAAC,YAAY,SAAS,SAAS,EAAG,QAAO,aAAa,KAAK,EAAE,OAAO,CAAC,GAAG,OAAO,GAAG,YAAY,EAAE,CAAC;AAAA,EACvG;AACA,MAAI,QAAQ;AAGV,UAAM,cAAyC,eAAe,SAAY,KAAK,YAAY;AAC3F,UAAM,aAAa,MAAM,0BAA0B,IAAI,EAAE,KAAK,MAAM,QAAQ,WAAW;AACvF,QAAI,eAAe,MAAM;AACvB,UAAI,WAAW,WAAW,GAAG;AAC3B,eAAO,aAAa,KAAK,EAAE,OAAO,CAAC,GAAG,OAAO,GAAG,YAAY,GAAG,aAAa,CAAC;AAAA,MAC/E;AACA,YAAM,aAAa,IAAI,IAAI,UAAU;AACrC,UAAI,UAAU;AACZ,mBAAW,OAAO,MAAM,KAAK,QAAQ,GAAG;AACtC,cAAI,CAAC,WAAW,IAAI,GAAG,EAAG,UAAS,OAAO,GAAG;AAAA,QAC/C;AACA,YAAI,SAAS,SAAS,GAAG;AACvB,iBAAO,aAAa,KAAK,EAAE,OAAO,CAAC,GAAG,OAAO,GAAG,YAAY,GAAG,aAAa,CAAC;AAAA,QAC/E;AAAA,MACF,OAAO;AACL,mBAAW;AAAA,MACb;AAAA,IACF;AAAA,EACF;AACA,MAAI,YAAY,SAAS,MAAM;AAC7B,UAAM,KAAK,EAAE,KAAK,MAAM,KAAK,QAAQ,EAAS;AAAA,EAChD,WAAW,IAAI;AACb,UAAM,KAAK;AAAA,EACb;AACA,QAAM,CAAC,MAAM,KAAK,IAAI,MAAM,GAAG,aAAa,MAAM,OAAO,EAAE,OAAO,UAAU,SAAS,OAAO,KAAK,SAAS,CAAC;AAC3G,QAAM,UAAU,KAAK,IAAI,CAAC,MAAW,EAAE,EAAE;AACzC,QAAM,QAAQ,QAAQ,SAClB,MAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA,EAAE,MAAM,EAAE,KAAK,QAAe,EAAE;AAAA,IAChC,EAAE,UAAU,CAAC,MAAM,EAAE;AAAA,IACrB,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,KAAK,SAAS,KAAK;AAAA,EACxE,IACA,CAAC;AACL,QAAM,UAAoC,CAAC;AAC3C,QAAM,YAAsC,CAAC;AAC7C,aAAW,KAAK,OAAO;AACrB,UAAM,MAAM,OAAQ,EAAU,MAAM,MAAO,EAAU,IAAI;AACzD,UAAM,QAAQ,OAAQ,EAAU,MAAM,QAAQ,EAAE;AAChD,UAAM,MAAM,OAAQ,EAAU,MAAM,MAAM,EAAE;AAC5C,QAAI,CAAC,QAAQ,GAAG,EAAG,SAAQ,GAAG,IAAI,CAAC;AACnC,QAAI,CAAC,UAAU,GAAG,EAAG,WAAU,GAAG,IAAI,CAAC;AACvC,QAAI,MAAO,SAAQ,GAAG,EAAE,KAAK,KAAK;AAClC,QAAI,IAAK,WAAU,GAAG,EAAE,KAAK,GAAG;AAAA,EAClC;AACA,QAAM,SAAS,KACZ,IAAI,CAAC,MAAY,EAAE,iBAAiB,OAAO,EAAE,cAAc,IAAI,IAAK,EACpE,OAAO,CAACA,QAAqB,CAAC,CAACA,GAAE;AACpC,QAAM,eAAe,MAAM,KAAK,IAAI,IAAI,MAAM,CAAC;AAC/C,MAAI,SAAiC,CAAC;AACtC,MAAI,aAAa,QAAQ;AACvB,UAAM,gBAAgB,MAAM,GAAG;AAAA,MAC7B;AAAA,MACA,EAAE,IAAI,EAAE,KAAK,aAAoB,GAAG,WAAW,KAAK;AAAA,IACtD;AACA,aAAS,cAAc,OAA+B,CAAC,KAAK,QAAQ;AAClE,YAAM,QAAQ,KAAK,KAAK,OAAO,IAAI,EAAE,IAAI;AACzC,UAAI,CAAC,MAAO,QAAO;AACnB,YAAM,UAAW,KAAa;AAC9B,YAAM,UAAU,OAAO,YAAY,YAAY,QAAQ,SAAS,IAAI,UAAU;AAC9E,UAAI,KAAK,IAAI;AACb,aAAO;AAAA,IACT,GAAG,CAAC,CAAC;AAAA,EACP;AACA,QAAM,YAAY,KACf,IAAI,CAAC,MAAY,EAAE,WAAW,OAAO,EAAE,QAAQ,IAAI,IAAK,EACxD,OAAO,CAACA,QAAqB,CAAC,CAACA,GAAE;AACpC,QAAM,kBAAkB,MAAM,KAAK,IAAI,IAAI,SAAS,CAAC;AACrD,MAAI,YAAoC,CAAC;AACzC,MAAI,gBAAgB,QAAQ;AAC1B,UAAM,UAAU,MAAM,GAAG;AAAA,MACvB;AAAA,MACA,EAAE,IAAI,EAAE,KAAK,gBAAuB,GAAG,WAAW,KAAK;AAAA,IACzD;AACA,gBAAY,QAAQ,OAA+B,CAAC,KAAK,WAAW;AAClE,YAAM,WAAW,QAAQ,KAAK,OAAO,OAAO,EAAE,IAAI;AAClD,UAAI,CAAC,SAAU,QAAO;AACtB,YAAM,UAAW,QAAgB;AACjC,YAAM,aAAa,OAAO,YAAY,YAAY,QAAQ,SAAS,IAAI,UAAU;AACjF,UAAI,QAAQ,IAAI;AAChB,aAAO;AAAA,IACT,GAAG,CAAC,CAAC;AAAA,EACP;AACA,QAAM,eAA8C,CAAC;AACrD,QAAM,qBAAoD,CAAC;AAC3D,aAAW,KAAK,MAAM;AACpB,UAAM,MAAM,OAAO,EAAE,EAAE;AACvB,iBAAa,GAAG,IAAI,EAAE,WAAW,OAAO,EAAE,QAAQ,IAAI;AACtD,uBAAmB,GAAG,IAAI,EAAE,iBAAiB,OAAO,EAAE,cAAc,IAAI;AAAA,EAC1E;AACA,QAAM,WAAW,QAAQ,SACrB,MAAM,sBAAsB;AAAA,IAC1B;AAAA,IACA,UAAU,EAAE,KAAK;AAAA,IACjB,WAAW,QAAQ,IAAI,MAAM;AAAA,IAC7B,kBAAkB;AAAA,IAClB,wBAAwB;AAAA,IACxB,iBAAiB,KAAK,WAAW,CAAC,KAAK,QAAQ,IAAI,CAAC;AAAA,EACtD,CAAC,IACD,CAAC;AAEL,QAAM,QAAQ,KAAK,IAAI,CAAC,MAAW;AACjC,UAAM,MAAM,OAAO,EAAE,EAAE;AACvB,UAAM,QAAQ,EAAE,iBAAiB,OAAO,EAAE,cAAc,IAAI;AAC5D,WAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO,OAAO,EAAE,KAAK;AAAA,MACrB,gBAAgB;AAAA,MAChB,kBAAkB,QAAQ,OAAO,KAAK,KAAK,QAAQ;AAAA,MACnD,UAAU,EAAE,WAAW,OAAO,EAAE,QAAQ,IAAI;AAAA,MAC5C,YAAY,EAAE,WAAW,UAAU,OAAO,EAAE,QAAQ,CAAC,KAAK,OAAO,EAAE,QAAQ,IAAI;AAAA,MAC/E,OAAO,QAAQ,GAAG,KAAK,CAAC;AAAA,MACxB,SAAS,UAAU,GAAG,KAAK,CAAC;AAAA,MAC5B,aAAa,CAAC,CAAC,EAAE;AAAA,MACjB,GAAI,SAAS,GAAG,KAAK,CAAC;AAAA,IACxB;AAAA,EACF,CAAC;AACD,QAAM,aAAa,KAAK,IAAI,GAAG,KAAK,KAAK,QAAQ,QAAQ,CAAC;AAC1D,QAAM,cAAc;AAAA,IAClB;AAAA,IACA;AAAA,IACA,SAAS;AAAA,IACT;AAAA,IACA,SAAS;AAAA,IACT,cAAc;AAAA,IACd,gBAAgB;AAAA,IAChB,UAAU,KAAK,YAAY;AAAA,IAC3B,OAAO,OAAO;AAAA,IACd,YAAY,KAAK,cAAc;AAAA,EACjC,CAAC;AACD,SAAO,aAAa,KAAK,EAAE,OAAO,OAAO,OAAO,YAAY,aAAa,CAAC;AAC5E;AAEO,MAAM,OAAO,OAAO,QAAiB;AAC1C,QAAM,OAAO,MAAM,IAAI,MAAM,EAAE,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,QAAM,qBAAqB,KAAK,MAAM,KAAK;AAC3C,SAAO,KAAK,KAAK,GAAG;AACtB;AAEO,MAAM,MAAM,OAAO,QAAiB;AACzC,QAAM,OAAO,MAAM,IAAI,MAAM,EAAE,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,QAAM,qBAAqB,KAAK,MAAM,KAAK;AAC3C,SAAO,KAAK,IAAI,GAAG;AACrB;AAEO,MAAM,SAAS,KAAK;AAE3B,eAAe,0BACb,IACA,YACA,QACA,aAC0B;AAC1B,QAAM,UAAU,OAAO,KAAK;AAC5B,MAAI,CAAC,QAAS,QAAO;AACrB,QAAM,eAAe,oBAAoB;AACzC,MAAI,CAAC,aAAa,QAAS,QAAO,CAAC;AACnC,QAAM,EAAE,OAAO,IAAI,aAAa,SAAS,YAAY;AACrD,MAAI,CAAC,OAAO,OAAQ,QAAO,CAAC;AAE5B,QAAM,KAAM,GAAW,UAAU;AACjC,MAAI,QAAQ,GACT,WAAW,eAAe,EAC1B,OAAO,WAAW,EAClB,MAAM,eAAe,KAAK,UAAU,EACpC,MAAM,cAAc,MAAM,MAAM,EAChC,QAAQ,WAAW,EACnB,OAAO,oCAA6C,OAAO,MAAM,EAAE;AACtE,MAAI,gBAAgB,QAAW;AAC7B,YAAQ,MAAM,MAAM,qCAA8C,WAAW,EAAE;AAAA,EACjF;AACA,QAAM,OAAQ,MAAM,MAAM,QAAQ;AAClC,SAAO,KACJ,IAAI,CAAC,QAAS,OAAO,IAAI,cAAc,WAAW,IAAI,YAAY,IAAK,EACvE,OAAO,CAAC,OAAqB,OAAO,OAAO,YAAY,GAAG,SAAS,CAAC;AACzE;AAEA,MAAM,UAAU;AAEhB,eAAe,qBAAqB,KAAc,OAAgB;AAChE,MAAI,CAAC,MAAM,QAAQ,KAAK,EAAG;AAC3B,QAAM,SAAS,MACZ,IAAI,CAAC,SAAU,OAAO,SAAS,WAAW,KAAK,KAAK,IAAI,IAAK,EAC7D,OAAO,CAAC,SAAyB,CAAC,CAAC,IAAI;AAC1C,MAAI,CAAC,OAAO,OAAQ;AAEpB,MAAI,gBAAgB,OAAO,KAAK,CAAC,MAAM,EAAE,YAAY,MAAM,YAAY;AACvE,MAAI,CAAC,eAAe;AAClB,UAAM,QAAQ,OAAO,OAAO,CAAC,MAAM,QAAQ,KAAK,CAAC,CAAC;AAClD,QAAI,MAAM,QAAQ;AAChB,YAAMC,aAAY,MAAM,uBAAuB;AAC/C,YAAM,KAAKA,WAAU,QAAQ,IAAI;AACjC,YAAM,UAAU,MAAM,GAAG,KAAK,MAAM,EAAE,IAAI,EAAE,KAAK,MAAa,EAAE,CAAC;AACjE,sBAAgB,QAAQ,KAAK,CAAC,MAAM,OAAO,EAAE,IAAI,EAAE,YAAY,MAAM,YAAY;AAAA,IACnF;AAAA,EACF;AACA,MAAI,CAAC,cAAe;AAEpB,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,KAAM,OAAM,IAAI,MAAM,cAAc;AACzC,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,OAAO,UAAU,QAAQ,aAAa;AAC5C,QAAM,MAAM,MAAM,KAAK,QAAQ,KAAK,KAAK,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,KAAK,SAAS,KAAK,CAAC;AAChH,MAAI,CAAC,KAAK,cAAc;AACtB,UAAM,UAAU,2DAA2D;AAAA,EAC7E;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aACE;AAAA,MACF,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,uBAAuB;AAAA,MAChF;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAAA,QAC5C;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,sCAAsC,QAAQ,oBAAoB;AAAA,QAC9F,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,wCAAwC,QAAQ,oBAAoB;AAAA,MAClG;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,iBAAiB;AAAA,MACvE;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,oBAAoB;AAAA,QAC3E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,wCAAwC,QAAQ,oBAAoB;AAAA,QAChG,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,oBAAoB;AAAA,MAC5E;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,iBAAiB,EAAE,CAAC;AAAA,MACrE,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,iBAAiB;AAAA,MACvE;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,0BAA0B,QAAQ,oBAAoB;AAAA,QAClF,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,oBAAoB;AAAA,MAC5E;AAAA,IACF;AAAA,EACF;AACF;",
6
6
  "names": ["id", "container"]
7
7
  }
package/dist/modules/catalog/lib/bulkDelete.js CHANGED
@@ -1,4 +1,5 @@
1
1
  import { invalidateCrudCache } from "@open-mercato/shared/lib/crud/cache";
2
+ import { runWithCacheTenant } from "@open-mercato/cache";
2
3
  import { createModuleQueue } from "@open-mercato/queue";
3
4
  const CATALOG_PRODUCT_BULK_DELETE_QUEUE = "catalog-product-bulk-delete";
4
5
  const queues = /* @__PURE__ */ new Map();
@@ -61,20 +62,22 @@ async function deleteCatalogProductsWithProgress(params) {
61
62
  );
62
63
  }
63
64
  const summary = { affectedCount };
64
- for (const id of deletedIds) {
65
- await invalidateCrudCache(
66
- container,
67
- "catalog.product",
68
- {
69
- id,
70
- organizationId: scope.organizationId,
71
- tenantId: scope.tenantId
72
- },
73
- scope.tenantId,
74
- "bulk-delete:catalog.products",
75
- BULK_DELETE_CACHE_ALIASES
76
- );
77
- }
65
+ await runWithCacheTenant(scope.tenantId, async () => {
66
+ for (const id of deletedIds) {
67
+ await invalidateCrudCache(
68
+ container,
69
+ "catalog.product",
70
+ {
71
+ id,
72
+ organizationId: scope.organizationId,
73
+ tenantId: scope.tenantId
74
+ },
75
+ scope.tenantId,
76
+ "bulk-delete:catalog.products",
77
+ BULK_DELETE_CACHE_ALIASES
78
+ );
79
+ }
80
+ });
78
81
  await progressService.completeJob(progressJobId, { resultSummary: summary }, progressContext);
79
82
  return summary;
80
83
  }
package/dist/modules/catalog/lib/bulkDelete.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../src/modules/catalog/lib/bulkDelete.ts"],
4
- "sourcesContent": ["import type { AwilixContainer } from 'awilix'\nimport type { CommandBus, CommandRuntimeContext } from '@open-mercato/shared/lib/commands'\nimport { invalidateCrudCache } from '@open-mercato/shared/lib/crud/cache'\nimport { createModuleQueue, type Queue } from '@open-mercato/queue'\nimport type { ProgressService, ProgressServiceContext } from '../../progress/lib/progressService'\n\nexport const CATALOG_PRODUCT_BULK_DELETE_QUEUE = 'catalog-product-bulk-delete'\n\nconst queues = new Map<string, Queue<Record<string, unknown>>>()\n\nexport type CatalogProductBulkDeleteScope = {\n organizationId: string\n tenantId: string\n userId?: string | null\n}\n\nexport type CatalogProductBulkDeleteJobPayload = {\n progressJobId: string\n ids: string[]\n scope: CatalogProductBulkDeleteScope\n}\n\nexport type CatalogProductBulkDeleteSummary = {\n affectedCount: number\n}\n\nconst BULK_DELETE_CACHE_ALIASES = ['catalog.products']\n\nexport function getCatalogQueue(queueName: string): Queue<Record<string, unknown>> {\n const existing = queues.get(queueName)\n if (existing) return existing\n\n const concurrency = Math.max(1, Number.parseInt(process.env.CATALOG_QUEUE_CONCURRENCY ?? '3', 10) || 3)\n const created = createModuleQueue<Record<string, unknown>>(queueName, { concurrency })\n\n queues.set(queueName, created)\n return created\n}\n\nfunction buildCommandContext(\n scope: CatalogProductBulkDeleteScope,\n container: AwilixContainer,\n): CommandRuntimeContext {\n return {\n container,\n auth: null,\n organizationScope: {\n selectedId: scope.organizationId,\n filterIds: [scope.organizationId],\n allowedIds: [scope.organizationId],\n tenantId: scope.tenantId,\n },\n selectedOrganizationId: scope.organizationId,\n organizationIds: [scope.organizationId],\n }\n}\n\nexport async function deleteCatalogProductsWithProgress(params: {\n container: AwilixContainer\n progressJobId: string\n ids: string[]\n scope: CatalogProductBulkDeleteScope\n}): Promise<CatalogProductBulkDeleteSummary> {\n const { container, progressJobId, ids, scope } = params\n const commandBus = container.resolve('commandBus') as CommandBus\n const progressService = container.resolve('progressService') as ProgressService\n const progressContext: ProgressServiceContext = {\n tenantId: scope.tenantId,\n organizationId: scope.organizationId,\n userId: scope.userId,\n }\n\n await progressService.startJob(progressJobId, progressContext)\n await progressService.updateProgress(\n progressJobId,\n { totalCount: ids.length, processedCount: 0 },\n progressContext,\n )\n\n const commandContext = buildCommandContext(scope, container)\n let affectedCount = 0\n const deletedIds = new Set<string>()\n\n for (const [index, id] of ids.entries()) {\n await commandBus.execute<{ body?: Record<string, unknown> }, { productId: string }>('catalog.products.delete', {\n input: { body: { id } },\n ctx: commandContext,\n skipCacheInvalidation: true,\n })\n affectedCount += 1\n deletedIds.add(id)\n\n await progressService.updateProgress(\n progressJobId,\n {\n totalCount: ids.length,\n processedCount: index + 1,\n },\n progressContext,\n )\n }\n\n const summary: CatalogProductBulkDeleteSummary = { affectedCount }\n for (const id of deletedIds) {\n await invalidateCrudCache(\n container,\n 'catalog.product',\n {\n id,\n organizationId: scope.organizationId,\n tenantId: scope.tenantId,\n },\n scope.tenantId,\n 'bulk-delete:catalog.products',\n BULK_DELETE_CACHE_ALIASES,\n )\n }\n await progressService.completeJob(progressJobId, { resultSummary: summary }, progressContext)\n\n return summary\n}\n"],
5
- "mappings": "AAEA,SAAS,2BAA2B;AACpC,SAAS,yBAAqC;AAGvC,MAAM,oCAAoC;AAEjD,MAAM,SAAS,oBAAI,IAA4C;AAkB/D,MAAM,4BAA4B,CAAC,kBAAkB;AAE9C,SAAS,gBAAgB,WAAmD;AACjF,QAAM,WAAW,OAAO,IAAI,SAAS;AACrC,MAAI,SAAU,QAAO;AAErB,QAAM,cAAc,KAAK,IAAI,GAAG,OAAO,SAAS,QAAQ,IAAI,6BAA6B,KAAK,EAAE,KAAK,CAAC;AACtG,QAAM,UAAU,kBAA2C,WAAW,EAAE,YAAY,CAAC;AAErF,SAAO,IAAI,WAAW,OAAO;AAC7B,SAAO;AACT;AAEA,SAAS,oBACP,OACA,WACuB;AACvB,SAAO;AAAA,IACL;AAAA,IACA,MAAM;AAAA,IACN,mBAAmB;AAAA,MACjB,YAAY,MAAM;AAAA,MAClB,WAAW,CAAC,MAAM,cAAc;AAAA,MAChC,YAAY,CAAC,MAAM,cAAc;AAAA,MACjC,UAAU,MAAM;AAAA,IAClB;AAAA,IACA,wBAAwB,MAAM;AAAA,IAC9B,iBAAiB,CAAC,MAAM,cAAc;AAAA,EACxC;AACF;AAEA,eAAsB,kCAAkC,QAKX;AAC3C,QAAM,EAAE,WAAW,eAAe,KAAK,MAAM,IAAI;AACjD,QAAM,aAAa,UAAU,QAAQ,YAAY;AACjD,QAAM,kBAAkB,UAAU,QAAQ,iBAAiB;AAC3D,QAAM,kBAA0C;AAAA,IAC9C,UAAU,MAAM;AAAA,IAChB,gBAAgB,MAAM;AAAA,IACtB,QAAQ,MAAM;AAAA,EAChB;AAEA,QAAM,gBAAgB,SAAS,eAAe,eAAe;AAC7D,QAAM,gBAAgB;AAAA,IACpB;AAAA,IACA,EAAE,YAAY,IAAI,QAAQ,gBAAgB,EAAE;AAAA,IAC5C;AAAA,EACF;AAEA,QAAM,iBAAiB,oBAAoB,OAAO,SAAS;AAC3D,MAAI,gBAAgB;AACpB,QAAM,aAAa,oBAAI,IAAY;AAEnC,aAAW,CAAC,OAAO,EAAE,KAAK,IAAI,QAAQ,GAAG;AACvC,UAAM,WAAW,QAAmE,2BAA2B;AAAA,MAC7G,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE;AAAA,MACtB,KAAK;AAAA,MACL,uBAAuB;AAAA,IACzB,CAAC;AACD,qBAAiB;AACjB,eAAW,IAAI,EAAE;AAEjB,UAAM,gBAAgB;AAAA,MACpB;AAAA,MACA;AAAA,QACE,YAAY,IAAI;AAAA,QAChB,gBAAgB,QAAQ;AAAA,MAC1B;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,QAAM,UAA2C,EAAE,cAAc;AACjE,aAAW,MAAM,YAAY;AAC3B,UAAM;AAAA,MACJ;AAAA,MACA;AAAA,MACA;AAAA,QACE;AAAA,QACA,gBAAgB,MAAM;AAAA,QACtB,UAAU,MAAM;AAAA,MAClB;AAAA,MACA,MAAM;AAAA,MACN;AAAA,MACA;AAAA,IACF;AAAA,EACF;AACA,QAAM,gBAAgB,YAAY,eAAe,EAAE,eAAe,QAAQ,GAAG,eAAe;AAE5F,SAAO;AACT;",
4
+ "sourcesContent": ["import type { AwilixContainer } from 'awilix'\nimport type { CommandBus, CommandRuntimeContext } from '@open-mercato/shared/lib/commands'\nimport { invalidateCrudCache } from '@open-mercato/shared/lib/crud/cache'\nimport { runWithCacheTenant } from '@open-mercato/cache'\nimport { createModuleQueue, type Queue } from '@open-mercato/queue'\nimport type { ProgressService, ProgressServiceContext } from '../../progress/lib/progressService'\n\nexport const CATALOG_PRODUCT_BULK_DELETE_QUEUE = 'catalog-product-bulk-delete'\n\nconst queues = new Map<string, Queue<Record<string, unknown>>>()\n\nexport type CatalogProductBulkDeleteScope = {\n organizationId: string\n tenantId: string\n userId?: string | null\n}\n\nexport type CatalogProductBulkDeleteJobPayload = {\n progressJobId: string\n ids: string[]\n scope: CatalogProductBulkDeleteScope\n}\n\nexport type CatalogProductBulkDeleteSummary = {\n affectedCount: number\n}\n\nconst BULK_DELETE_CACHE_ALIASES = ['catalog.products']\n\nexport function getCatalogQueue(queueName: string): Queue<Record<string, unknown>> {\n const existing = queues.get(queueName)\n if (existing) return existing\n\n const concurrency = Math.max(1, Number.parseInt(process.env.CATALOG_QUEUE_CONCURRENCY ?? '3', 10) || 3)\n const created = createModuleQueue<Record<string, unknown>>(queueName, { concurrency })\n\n queues.set(queueName, created)\n return created\n}\n\nfunction buildCommandContext(\n scope: CatalogProductBulkDeleteScope,\n container: AwilixContainer,\n): CommandRuntimeContext {\n return {\n container,\n auth: null,\n organizationScope: {\n selectedId: scope.organizationId,\n filterIds: [scope.organizationId],\n allowedIds: [scope.organizationId],\n tenantId: scope.tenantId,\n },\n selectedOrganizationId: scope.organizationId,\n organizationIds: [scope.organizationId],\n }\n}\n\nexport async function deleteCatalogProductsWithProgress(params: {\n container: AwilixContainer\n progressJobId: string\n ids: string[]\n scope: CatalogProductBulkDeleteScope\n}): Promise<CatalogProductBulkDeleteSummary> {\n const { container, progressJobId, ids, scope } = params\n const commandBus = container.resolve('commandBus') as CommandBus\n const progressService = container.resolve('progressService') as ProgressService\n const progressContext: ProgressServiceContext = {\n tenantId: scope.tenantId,\n organizationId: scope.organizationId,\n userId: scope.userId,\n }\n\n await progressService.startJob(progressJobId, progressContext)\n await progressService.updateProgress(\n progressJobId,\n { totalCount: ids.length, processedCount: 0 },\n progressContext,\n )\n\n const commandContext = buildCommandContext(scope, container)\n let affectedCount = 0\n const deletedIds = new Set<string>()\n\n for (const [index, id] of ids.entries()) {\n await commandBus.execute<{ body?: Record<string, unknown> }, { productId: string }>('catalog.products.delete', {\n input: { body: { id } },\n ctx: commandContext,\n skipCacheInvalidation: true,\n })\n affectedCount += 1\n deletedIds.add(id)\n\n await progressService.updateProgress(\n progressJobId,\n {\n totalCount: ids.length,\n processedCount: index + 1,\n },\n progressContext,\n )\n }\n\n const summary: CatalogProductBulkDeleteSummary = { affectedCount }\n await runWithCacheTenant(scope.tenantId, async () => {\n for (const id of deletedIds) {\n await invalidateCrudCache(\n container,\n 'catalog.product',\n {\n id,\n organizationId: scope.organizationId,\n tenantId: scope.tenantId,\n },\n scope.tenantId,\n 'bulk-delete:catalog.products',\n BULK_DELETE_CACHE_ALIASES,\n )\n }\n })\n await progressService.completeJob(progressJobId, { resultSummary: summary }, progressContext)\n\n return summary\n}\n"],
5
+ "mappings": "AAEA,SAAS,2BAA2B;AACpC,SAAS,0BAA0B;AACnC,SAAS,yBAAqC;AAGvC,MAAM,oCAAoC;AAEjD,MAAM,SAAS,oBAAI,IAA4C;AAkB/D,MAAM,4BAA4B,CAAC,kBAAkB;AAE9C,SAAS,gBAAgB,WAAmD;AACjF,QAAM,WAAW,OAAO,IAAI,SAAS;AACrC,MAAI,SAAU,QAAO;AAErB,QAAM,cAAc,KAAK,IAAI,GAAG,OAAO,SAAS,QAAQ,IAAI,6BAA6B,KAAK,EAAE,KAAK,CAAC;AACtG,QAAM,UAAU,kBAA2C,WAAW,EAAE,YAAY,CAAC;AAErF,SAAO,IAAI,WAAW,OAAO;AAC7B,SAAO;AACT;AAEA,SAAS,oBACP,OACA,WACuB;AACvB,SAAO;AAAA,IACL;AAAA,IACA,MAAM;AAAA,IACN,mBAAmB;AAAA,MACjB,YAAY,MAAM;AAAA,MAClB,WAAW,CAAC,MAAM,cAAc;AAAA,MAChC,YAAY,CAAC,MAAM,cAAc;AAAA,MACjC,UAAU,MAAM;AAAA,IAClB;AAAA,IACA,wBAAwB,MAAM;AAAA,IAC9B,iBAAiB,CAAC,MAAM,cAAc;AAAA,EACxC;AACF;AAEA,eAAsB,kCAAkC,QAKX;AAC3C,QAAM,EAAE,WAAW,eAAe,KAAK,MAAM,IAAI;AACjD,QAAM,aAAa,UAAU,QAAQ,YAAY;AACjD,QAAM,kBAAkB,UAAU,QAAQ,iBAAiB;AAC3D,QAAM,kBAA0C;AAAA,IAC9C,UAAU,MAAM;AAAA,IAChB,gBAAgB,MAAM;AAAA,IACtB,QAAQ,MAAM;AAAA,EAChB;AAEA,QAAM,gBAAgB,SAAS,eAAe,eAAe;AAC7D,QAAM,gBAAgB;AAAA,IACpB;AAAA,IACA,EAAE,YAAY,IAAI,QAAQ,gBAAgB,EAAE;AAAA,IAC5C;AAAA,EACF;AAEA,QAAM,iBAAiB,oBAAoB,OAAO,SAAS;AAC3D,MAAI,gBAAgB;AACpB,QAAM,aAAa,oBAAI,IAAY;AAEnC,aAAW,CAAC,OAAO,EAAE,KAAK,IAAI,QAAQ,GAAG;AACvC,UAAM,WAAW,QAAmE,2BAA2B;AAAA,MAC7G,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE;AAAA,MACtB,KAAK;AAAA,MACL,uBAAuB;AAAA,IACzB,CAAC;AACD,qBAAiB;AACjB,eAAW,IAAI,EAAE;AAEjB,UAAM,gBAAgB;AAAA,MACpB;AAAA,MACA;AAAA,QACE,YAAY,IAAI;AAAA,QAChB,gBAAgB,QAAQ;AAAA,MAC1B;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,QAAM,UAA2C,EAAE,cAAc;AACjE,QAAM,mBAAmB,MAAM,UAAU,YAAY;AACnD,eAAW,MAAM,YAAY;AAC3B,YAAM;AAAA,QACJ;AAAA,QACA;AAAA,QACA;AAAA,UACE;AAAA,UACA,gBAAgB,MAAM;AAAA,UACtB,UAAU,MAAM;AAAA,QAClB;AAAA,QACA,MAAM;AAAA,QACN;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAAA,EACF,CAAC;AACD,QAAM,gBAAgB,YAAY,eAAe,EAAE,eAAe,QAAQ,GAAG,eAAe;AAE5F,SAAO;AACT;",
6
6
  "names": []
7
7
  }
package/dist/modules/configs/lib/system-status.js CHANGED
@@ -34,6 +34,7 @@ const CATEGORY_METADATA = {
34
34
  }
35
35
  };
36
36
  const SYSTEM_STATUS_DOC_BASE = "https://docs.openmercato.com/docs/framework/operations/system-status";
37
+ const DEFAULT_SQLITE_CACHE_PATH = "./.mercato/cache/cache.db";
37
38
  function maskConnectionCredentials(raw) {
38
39
  if (typeof raw !== "string") return raw;
39
40
  const trimmed = raw.trim();
@@ -206,7 +207,7 @@ const SYSTEM_STATUS_VARIABLES = [
206
207
  labelKey: "configs.systemStatus.variables.cacheSqlitePath.label",
207
208
  descriptionKey: "configs.systemStatus.variables.cacheSqlitePath.description",
208
209
  docUrl: `${SYSTEM_STATUS_DOC_BASE}#cache_sqlite_path`,
209
- defaultValue: "./data/cache.db"
210
+ defaultValue: DEFAULT_SQLITE_CACHE_PATH
210
211
  },
211
212
  {
212
213
  key: "SCHEDULE_AUTO_REINDEX",
package/dist/modules/configs/lib/system-status.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../src/modules/configs/lib/system-status.ts"],
4
- "sourcesContent": ["import type {\n SystemStatusCategory,\n SystemStatusCategoryKey,\n SystemStatusItem,\n SystemStatusSnapshot,\n SystemStatusVariableKind,\n SystemStatusState,\n SystemStatusRuntimeMode,\n} from './system-status.types'\nimport { parseBooleanToken } from '@open-mercato/shared/lib/boolean'\n\ntype SystemStatusVariableDefinition = {\n key: string\n category: SystemStatusCategoryKey\n kind: SystemStatusVariableKind\n labelKey: string\n descriptionKey: string\n docUrl: string | null\n defaultValue: string | null\n valueTransform?: (raw: string | undefined) => string | undefined\n}\n\nconst CATEGORY_ORDER: SystemStatusCategoryKey[] = [\n 'profiling',\n 'logging',\n 'security',\n 'caching',\n 'query_index',\n 'entities',\n]\n\nconst CATEGORY_METADATA: Record<\n SystemStatusCategoryKey,\n { labelKey: string; descriptionKey: string | null }\n> = {\n profiling: {\n labelKey: 'configs.systemStatus.categories.profiling',\n descriptionKey: 'configs.systemStatus.categories.profilingDescription',\n },\n logging: {\n labelKey: 'configs.systemStatus.categories.logging',\n descriptionKey: 'configs.systemStatus.categories.loggingDescription',\n },\n security: {\n labelKey: 'configs.systemStatus.categories.security',\n descriptionKey: 'configs.systemStatus.categories.securityDescription',\n },\n caching: {\n labelKey: 'configs.systemStatus.categories.caching',\n descriptionKey: 'configs.systemStatus.categories.cachingDescription',\n },\n query_index: {\n labelKey: 'configs.systemStatus.categories.queryIndex',\n descriptionKey: 'configs.systemStatus.categories.queryIndexDescription',\n },\n entities: {\n labelKey: 'configs.systemStatus.categories.entities',\n descriptionKey: 'configs.systemStatus.categories.entitiesDescription',\n },\n}\n\nconst SYSTEM_STATUS_DOC_BASE = 'https://docs.openmercato.com/docs/framework/operations/system-status'\n\nfunction maskConnectionCredentials(raw: string | undefined): string | undefined {\n if (typeof raw !== 'string') return raw\n const trimmed = raw.trim()\n if (!trimmed) return trimmed\n\n const maskAuthorityLikeCredentials = (value: string): string => {\n const schemeIndex = value.indexOf('://')\n if (schemeIndex < 0) return value\n\n const userInfoStart = schemeIndex + 3\n const queryIndex = value.indexOf('?', userInfoStart)\n const fragmentIndex = value.indexOf('#', userInfoStart)\n const searchEnd =\n queryIndex >= 0 && fragmentIndex >= 0\n ? Math.min(queryIndex, fragmentIndex)\n : queryIndex >= 0\n ? queryIndex\n : fragmentIndex >= 0\n ? fragmentIndex\n : value.length\n\n const authorityLikeSegment = value.slice(userInfoStart, searchEnd)\n const lastAtIndex = authorityLikeSegment.lastIndexOf('@')\n if (lastAtIndex < 0) return value\n\n return `${value.slice(0, userInfoStart)}${authorityLikeSegment.slice(lastAtIndex + 1)}${value.slice(searchEnd)}`\n }\n\n try {\n const parsed = new URL(trimmed)\n if (!parsed.username && !parsed.password) {\n return trimmed\n }\n parsed.username = ''\n parsed.password = ''\n return parsed.toString()\n } catch {\n return maskAuthorityLikeCredentials(trimmed)\n }\n}\n\nexport const SYSTEM_STATUS_VARIABLES: SystemStatusVariableDefinition[] = [\n {\n key: 'OM_PROFILE',\n category: 'profiling',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.omProfile.label',\n descriptionKey: 'configs.systemStatus.variables.omProfile.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_profile`,\n defaultValue: '',\n },\n {\n key: 'NEXT_PUBLIC_OM_PROFILE',\n category: 'profiling',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.nextPublicOmProfile.label',\n descriptionKey: 'configs.systemStatus.variables.nextPublicOmProfile.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#next_public_om_profile`,\n defaultValue: '',\n },\n {\n key: 'OM_CRUD_PROFILE',\n category: 'profiling',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.omCrudProfile.label',\n descriptionKey: 'configs.systemStatus.variables.omCrudProfile.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_crud_profile`,\n defaultValue: '',\n },\n {\n key: 'OM_QE_PROFILE',\n category: 'profiling',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.omQeProfile.label',\n descriptionKey: 'configs.systemStatus.variables.omQeProfile.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_qe_profile`,\n defaultValue: '',\n },\n {\n key: 'QUERY_ENGINE_DEBUG_SQL',\n category: 'logging',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.queryEngineDebugSql.label',\n descriptionKey: 'configs.systemStatus.variables.queryEngineDebugSql.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#query_engine_debug_sql`,\n defaultValue: 'false',\n },\n {\n key: 'LOG_VERBOSITY',\n category: 'logging',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.logVerbosity.label',\n descriptionKey: 'configs.systemStatus.variables.logVerbosity.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#log_verbosity`,\n defaultValue: '',\n },\n {\n key: 'LOG_LEVEL',\n category: 'logging',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.logLevel.label',\n descriptionKey: 'configs.systemStatus.variables.logLevel.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#log_level`,\n defaultValue: '',\n },\n {\n key: 'OM_PASSWORD_MIN_LENGTH',\n category: 'security',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.passwordMinLength.label',\n descriptionKey: 'configs.systemStatus.variables.passwordMinLength.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_password_min_length`,\n defaultValue: '6',\n },\n {\n key: 'DATABASE_URL',\n category: 'security',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.databaseUrl.label',\n descriptionKey: 'configs.systemStatus.variables.databaseUrl.description',\n docUrl: null,\n defaultValue: null,\n valueTransform: maskConnectionCredentials,\n },\n {\n key: 'OM_PASSWORD_REQUIRE_DIGIT',\n category: 'security',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.passwordRequireDigit.label',\n descriptionKey: 'configs.systemStatus.variables.passwordRequireDigit.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_password_require_digit`,\n defaultValue: 'true',\n },\n {\n key: 'OM_PASSWORD_REQUIRE_UPPERCASE',\n category: 'security',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.passwordRequireUppercase.label',\n descriptionKey: 'configs.systemStatus.variables.passwordRequireUppercase.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_password_require_uppercase`,\n defaultValue: 'true',\n },\n {\n key: 'OM_PASSWORD_REQUIRE_SPECIAL',\n category: 'security',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.passwordRequireSpecial.label',\n descriptionKey: 'configs.systemStatus.variables.passwordRequireSpecial.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_password_require_special`,\n defaultValue: 'true',\n },\n {\n key: 'ENABLE_CRUD_API_CACHE',\n category: 'caching',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.enableCrudApiCache.label',\n descriptionKey: 'configs.systemStatus.variables.enableCrudApiCache.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#enable_crud_api_cache`,\n defaultValue: 'false',\n },\n {\n key: 'CACHE_STRATEGY',\n category: 'caching',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.cacheStrategy.label',\n descriptionKey: 'configs.systemStatus.variables.cacheStrategy.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#cache_strategy`,\n defaultValue: 'memory',\n },\n {\n key: 'CACHE_TTL',\n category: 'caching',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.cacheTtl.label',\n descriptionKey: 'configs.systemStatus.variables.cacheTtl.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#cache_ttl`,\n defaultValue: '',\n },\n {\n key: 'CACHE_SQLITE_PATH',\n category: 'caching',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.cacheSqlitePath.label',\n descriptionKey: 'configs.systemStatus.variables.cacheSqlitePath.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#cache_sqlite_path`,\n defaultValue: './data/cache.db',\n },\n {\n key: 'SCHEDULE_AUTO_REINDEX',\n category: 'query_index',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.scheduleAutoReindex.label',\n descriptionKey: 'configs.systemStatus.variables.scheduleAutoReindex.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#schedule_auto_reindex`,\n defaultValue: 'true',\n },\n {\n key: 'OPTIMIZE_INDEX_COVERAGE_STATS',\n category: 'query_index',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.optimizeIndexCoverageStats.label',\n descriptionKey: 'configs.systemStatus.variables.optimizeIndexCoverageStats.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#optimize_index_coverage_stats`,\n defaultValue: 'false',\n },\n {\n key: 'FORCE_QUERY_INDEX_ON_PARTIAL_INDEXES',\n category: 'query_index',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.forceQueryIndexOnPartialIndexes.label',\n descriptionKey: 'configs.systemStatus.variables.forceQueryIndexOnPartialIndexes.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#force_query_index_on_partial_indexes`,\n defaultValue: 'false',\n },\n {\n key: 'ENTITIES_BACKCOMPAT_EAV_FOR_CUSTOM',\n category: 'entities',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.entitiesBackcompatEav.label',\n descriptionKey: 'configs.systemStatus.variables.entitiesBackcompatEav.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#entities_backcompat_eav_for_custom`,\n defaultValue: 'false',\n },\n]\n\ntype AnalyzedValue = { state: SystemStatusState; value: string | null; normalizedValue: string | null }\n\nfunction analyzeBooleanValue(raw: string | undefined): AnalyzedValue {\n if (typeof raw !== 'string') {\n return { state: 'unset', value: null, normalizedValue: null }\n }\n const trimmed = raw.trim()\n if (!trimmed) return { state: 'unset', value: null, normalizedValue: null }\n const parsed = parseBooleanToken(trimmed)\n if (parsed === true) {\n return { state: 'enabled', value: trimmed, normalizedValue: 'true' }\n }\n if (parsed === false) {\n return { state: 'disabled', value: trimmed, normalizedValue: 'false' }\n }\n return { state: 'unknown', value: trimmed, normalizedValue: trimmed }\n}\n\nfunction analyzeStringValue(raw: string | undefined): AnalyzedValue {\n if (typeof raw !== 'string') {\n return { state: 'unset', value: null, normalizedValue: null }\n }\n const trimmed = raw.trim()\n if (!trimmed) return { state: 'unset', value: null, normalizedValue: null }\n return { state: 'set', value: trimmed, normalizedValue: trimmed }\n}\n\nfunction toItem(definition: SystemStatusVariableDefinition, env: Record<string, string | undefined>): SystemStatusItem {\n const raw = definition.valueTransform ? definition.valueTransform(env[definition.key]) : env[definition.key]\n const analyzed = definition.kind === 'boolean' ? analyzeBooleanValue(raw) : analyzeStringValue(raw)\n return {\n key: definition.key,\n category: definition.category,\n kind: definition.kind,\n labelKey: definition.labelKey,\n descriptionKey: definition.descriptionKey,\n docUrl: definition.docUrl,\n defaultValue: definition.defaultValue,\n state: analyzed.state,\n value: analyzed.value,\n normalizedValue: analyzed.normalizedValue,\n }\n}\n\nfunction buildCategorySnapshot(\n key: SystemStatusCategoryKey,\n items: SystemStatusItem[],\n): SystemStatusCategory {\n const metadata = CATEGORY_METADATA[key]\n return {\n key,\n labelKey: metadata.labelKey,\n descriptionKey: metadata.descriptionKey,\n items,\n }\n}\n\nfunction resolveRuntimeMode(env: Record<string, string | undefined>): SystemStatusRuntimeMode {\n const raw = env.NODE_ENV\n if (typeof raw !== 'string') return 'unknown'\n const value = raw.trim().toLowerCase()\n if (value === 'development') return 'development'\n if (value === 'production') return 'production'\n if (value === 'test') return 'test'\n return 'unknown'\n}\n\nexport function buildSystemStatusSnapshot(\n env: Record<string, string | undefined> = process.env as Record<string, string | undefined>,\n): SystemStatusSnapshot {\n const byCategory = new Map<SystemStatusCategoryKey, SystemStatusItem[]>()\n for (const definition of SYSTEM_STATUS_VARIABLES) {\n const bucket = byCategory.get(definition.category)\n const item = toItem(definition, env)\n if (bucket) {\n bucket.push(item)\n } else {\n byCategory.set(definition.category, [item])\n }\n }\n\n const categories: SystemStatusCategory[] = []\n for (const categoryKey of CATEGORY_ORDER) {\n const items = byCategory.get(categoryKey) ?? []\n categories.push(buildCategorySnapshot(categoryKey, items))\n }\n\n return {\n generatedAt: new Date().toISOString(),\n runtimeMode: resolveRuntimeMode(env),\n categories,\n }\n}\n"],
5
- "mappings": "AASA,SAAS,yBAAyB;AAalC,MAAM,iBAA4C;AAAA,EAChD;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEA,MAAM,oBAGF;AAAA,EACF,WAAW;AAAA,IACT,UAAU;AAAA,IACV,gBAAgB;AAAA,EAClB;AAAA,EACA,SAAS;AAAA,IACP,UAAU;AAAA,IACV,gBAAgB;AAAA,EAClB;AAAA,EACA,UAAU;AAAA,IACR,UAAU;AAAA,IACV,gBAAgB;AAAA,EAClB;AAAA,EACA,SAAS;AAAA,IACP,UAAU;AAAA,IACV,gBAAgB;AAAA,EAClB;AAAA,EACA,aAAa;AAAA,IACX,UAAU;AAAA,IACV,gBAAgB;AAAA,EAClB;AAAA,EACA,UAAU;AAAA,IACR,UAAU;AAAA,IACV,gBAAgB;AAAA,EAClB;AACF;AAEA,MAAM,yBAAyB;AAE/B,SAAS,0BAA0B,KAA6C;AAC9E,MAAI,OAAO,QAAQ,SAAU,QAAO;AACpC,QAAM,UAAU,IAAI,KAAK;AACzB,MAAI,CAAC,QAAS,QAAO;AAErB,QAAM,+BAA+B,CAAC,UAA0B;AAC9D,UAAM,cAAc,MAAM,QAAQ,KAAK;AACvC,QAAI,cAAc,EAAG,QAAO;AAE5B,UAAM,gBAAgB,cAAc;AACpC,UAAM,aAAa,MAAM,QAAQ,KAAK,aAAa;AACnD,UAAM,gBAAgB,MAAM,QAAQ,KAAK,aAAa;AACtD,UAAM,YACJ,cAAc,KAAK,iBAAiB,IAChC,KAAK,IAAI,YAAY,aAAa,IAClC,cAAc,IACZ,aACA,iBAAiB,IACf,gBACA,MAAM;AAEhB,UAAM,uBAAuB,MAAM,MAAM,eAAe,SAAS;AACjE,UAAM,cAAc,qBAAqB,YAAY,GAAG;AACxD,QAAI,cAAc,EAAG,QAAO;AAE5B,WAAO,GAAG,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,qBAAqB,MAAM,cAAc,CAAC,CAAC,GAAG,MAAM,MAAM,SAAS,CAAC;AAAA,EAChH;AAEA,MAAI;AACF,UAAM,SAAS,IAAI,IAAI,OAAO;AAC9B,QAAI,CAAC,OAAO,YAAY,CAAC,OAAO,UAAU;AACxC,aAAO;AAAA,IACT;AACA,WAAO,WAAW;AAClB,WAAO,WAAW;AAClB,WAAO,OAAO,SAAS;AAAA,EACzB,QAAQ;AACN,WAAO,6BAA6B,OAAO;AAAA,EAC7C;AACF;AAEO,MAAM,0BAA4D;AAAA,EACvE;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ;AAAA,IACR,cAAc;AAAA,IACd,gBAAgB;AAAA,EAClB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AACF;AAIA,SAAS,oBAAoB,KAAwC;AACnE,MAAI,OAAO,QAAQ,UAAU;AAC3B,WAAO,EAAE,OAAO,SAAS,OAAO,MAAM,iBAAiB,KAAK;AAAA,EAC9D;AACA,QAAM,UAAU,IAAI,KAAK;AACzB,MAAI,CAAC,QAAS,QAAO,EAAE,OAAO,SAAS,OAAO,MAAM,iBAAiB,KAAK;AAC1E,QAAM,SAAS,kBAAkB,OAAO;AACxC,MAAI,WAAW,MAAM;AACnB,WAAO,EAAE,OAAO,WAAW,OAAO,SAAS,iBAAiB,OAAO;AAAA,EACrE;AACA,MAAI,WAAW,OAAO;AACpB,WAAO,EAAE,OAAO,YAAY,OAAO,SAAS,iBAAiB,QAAQ;AAAA,EACvE;AACA,SAAO,EAAE,OAAO,WAAW,OAAO,SAAS,iBAAiB,QAAQ;AACtE;AAEA,SAAS,mBAAmB,KAAwC;AAClE,MAAI,OAAO,QAAQ,UAAU;AAC3B,WAAO,EAAE,OAAO,SAAS,OAAO,MAAM,iBAAiB,KAAK;AAAA,EAC9D;AACA,QAAM,UAAU,IAAI,KAAK;AACzB,MAAI,CAAC,QAAS,QAAO,EAAE,OAAO,SAAS,OAAO,MAAM,iBAAiB,KAAK;AAC1E,SAAO,EAAE,OAAO,OAAO,OAAO,SAAS,iBAAiB,QAAQ;AAClE;AAEA,SAAS,OAAO,YAA4C,KAA2D;AACrH,QAAM,MAAM,WAAW,iBAAiB,WAAW,eAAe,IAAI,WAAW,GAAG,CAAC,IAAI,IAAI,WAAW,GAAG;AAC3G,QAAM,WAAW,WAAW,SAAS,YAAY,oBAAoB,GAAG,IAAI,mBAAmB,GAAG;AAClG,SAAO;AAAA,IACL,KAAK,WAAW;AAAA,IAChB,UAAU,WAAW;AAAA,IACrB,MAAM,WAAW;AAAA,IACjB,UAAU,WAAW;AAAA,IACrB,gBAAgB,WAAW;AAAA,IAC3B,QAAQ,WAAW;AAAA,IACnB,cAAc,WAAW;AAAA,IACzB,OAAO,SAAS;AAAA,IAChB,OAAO,SAAS;AAAA,IAChB,iBAAiB,SAAS;AAAA,EAC5B;AACF;AAEA,SAAS,sBACP,KACA,OACsB;AACtB,QAAM,WAAW,kBAAkB,GAAG;AACtC,SAAO;AAAA,IACL;AAAA,IACA,UAAU,SAAS;AAAA,IACnB,gBAAgB,SAAS;AAAA,IACzB;AAAA,EACF;AACF;AAEA,SAAS,mBAAmB,KAAkE;AAC5F,QAAM,MAAM,IAAI;AAChB,MAAI,OAAO,QAAQ,SAAU,QAAO;AACpC,QAAM,QAAQ,IAAI,KAAK,EAAE,YAAY;AACrC,MAAI,UAAU,cAAe,QAAO;AACpC,MAAI,UAAU,aAAc,QAAO;AACnC,MAAI,UAAU,OAAQ,QAAO;AAC7B,SAAO;AACT;AAEO,SAAS,0BACd,MAA0C,QAAQ,KAC5B;AACtB,QAAM,aAAa,oBAAI,IAAiD;AACxE,aAAW,cAAc,yBAAyB;AAChD,UAAM,SAAS,WAAW,IAAI,WAAW,QAAQ;AACjD,UAAM,OAAO,OAAO,YAAY,GAAG;AACnC,QAAI,QAAQ;AACV,aAAO,KAAK,IAAI;AAAA,IAClB,OAAO;AACL,iBAAW,IAAI,WAAW,UAAU,CAAC,IAAI,CAAC;AAAA,IAC5C;AAAA,EACF;AAEA,QAAM,aAAqC,CAAC;AAC5C,aAAW,eAAe,gBAAgB;AACxC,UAAM,QAAQ,WAAW,IAAI,WAAW,KAAK,CAAC;AAC9C,eAAW,KAAK,sBAAsB,aAAa,KAAK,CAAC;AAAA,EAC3D;AAEA,SAAO;AAAA,IACL,cAAa,oBAAI,KAAK,GAAE,YAAY;AAAA,IACpC,aAAa,mBAAmB,GAAG;AAAA,IACnC;AAAA,EACF;AACF;",
4
+ "sourcesContent": ["import type {\n SystemStatusCategory,\n SystemStatusCategoryKey,\n SystemStatusItem,\n SystemStatusSnapshot,\n SystemStatusVariableKind,\n SystemStatusState,\n SystemStatusRuntimeMode,\n} from './system-status.types'\nimport { parseBooleanToken } from '@open-mercato/shared/lib/boolean'\n\ntype SystemStatusVariableDefinition = {\n key: string\n category: SystemStatusCategoryKey\n kind: SystemStatusVariableKind\n labelKey: string\n descriptionKey: string\n docUrl: string | null\n defaultValue: string | null\n valueTransform?: (raw: string | undefined) => string | undefined\n}\n\nconst CATEGORY_ORDER: SystemStatusCategoryKey[] = [\n 'profiling',\n 'logging',\n 'security',\n 'caching',\n 'query_index',\n 'entities',\n]\n\nconst CATEGORY_METADATA: Record<\n SystemStatusCategoryKey,\n { labelKey: string; descriptionKey: string | null }\n> = {\n profiling: {\n labelKey: 'configs.systemStatus.categories.profiling',\n descriptionKey: 'configs.systemStatus.categories.profilingDescription',\n },\n logging: {\n labelKey: 'configs.systemStatus.categories.logging',\n descriptionKey: 'configs.systemStatus.categories.loggingDescription',\n },\n security: {\n labelKey: 'configs.systemStatus.categories.security',\n descriptionKey: 'configs.systemStatus.categories.securityDescription',\n },\n caching: {\n labelKey: 'configs.systemStatus.categories.caching',\n descriptionKey: 'configs.systemStatus.categories.cachingDescription',\n },\n query_index: {\n labelKey: 'configs.systemStatus.categories.queryIndex',\n descriptionKey: 'configs.systemStatus.categories.queryIndexDescription',\n },\n entities: {\n labelKey: 'configs.systemStatus.categories.entities',\n descriptionKey: 'configs.systemStatus.categories.entitiesDescription',\n },\n}\n\nconst SYSTEM_STATUS_DOC_BASE = 'https://docs.openmercato.com/docs/framework/operations/system-status'\nconst DEFAULT_SQLITE_CACHE_PATH = './.mercato/cache/cache.db'\n\nfunction maskConnectionCredentials(raw: string | undefined): string | undefined {\n if (typeof raw !== 'string') return raw\n const trimmed = raw.trim()\n if (!trimmed) return trimmed\n\n const maskAuthorityLikeCredentials = (value: string): string => {\n const schemeIndex = value.indexOf('://')\n if (schemeIndex < 0) return value\n\n const userInfoStart = schemeIndex + 3\n const queryIndex = value.indexOf('?', userInfoStart)\n const fragmentIndex = value.indexOf('#', userInfoStart)\n const searchEnd =\n queryIndex >= 0 && fragmentIndex >= 0\n ? Math.min(queryIndex, fragmentIndex)\n : queryIndex >= 0\n ? queryIndex\n : fragmentIndex >= 0\n ? fragmentIndex\n : value.length\n\n const authorityLikeSegment = value.slice(userInfoStart, searchEnd)\n const lastAtIndex = authorityLikeSegment.lastIndexOf('@')\n if (lastAtIndex < 0) return value\n\n return `${value.slice(0, userInfoStart)}${authorityLikeSegment.slice(lastAtIndex + 1)}${value.slice(searchEnd)}`\n }\n\n try {\n const parsed = new URL(trimmed)\n if (!parsed.username && !parsed.password) {\n return trimmed\n }\n parsed.username = ''\n parsed.password = ''\n return parsed.toString()\n } catch {\n return maskAuthorityLikeCredentials(trimmed)\n }\n}\n\nexport const SYSTEM_STATUS_VARIABLES: SystemStatusVariableDefinition[] = [\n {\n key: 'OM_PROFILE',\n category: 'profiling',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.omProfile.label',\n descriptionKey: 'configs.systemStatus.variables.omProfile.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_profile`,\n defaultValue: '',\n },\n {\n key: 'NEXT_PUBLIC_OM_PROFILE',\n category: 'profiling',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.nextPublicOmProfile.label',\n descriptionKey: 'configs.systemStatus.variables.nextPublicOmProfile.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#next_public_om_profile`,\n defaultValue: '',\n },\n {\n key: 'OM_CRUD_PROFILE',\n category: 'profiling',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.omCrudProfile.label',\n descriptionKey: 'configs.systemStatus.variables.omCrudProfile.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_crud_profile`,\n defaultValue: '',\n },\n {\n key: 'OM_QE_PROFILE',\n category: 'profiling',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.omQeProfile.label',\n descriptionKey: 'configs.systemStatus.variables.omQeProfile.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_qe_profile`,\n defaultValue: '',\n },\n {\n key: 'QUERY_ENGINE_DEBUG_SQL',\n category: 'logging',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.queryEngineDebugSql.label',\n descriptionKey: 'configs.systemStatus.variables.queryEngineDebugSql.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#query_engine_debug_sql`,\n defaultValue: 'false',\n },\n {\n key: 'LOG_VERBOSITY',\n category: 'logging',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.logVerbosity.label',\n descriptionKey: 'configs.systemStatus.variables.logVerbosity.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#log_verbosity`,\n defaultValue: '',\n },\n {\n key: 'LOG_LEVEL',\n category: 'logging',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.logLevel.label',\n descriptionKey: 'configs.systemStatus.variables.logLevel.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#log_level`,\n defaultValue: '',\n },\n {\n key: 'OM_PASSWORD_MIN_LENGTH',\n category: 'security',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.passwordMinLength.label',\n descriptionKey: 'configs.systemStatus.variables.passwordMinLength.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_password_min_length`,\n defaultValue: '6',\n },\n {\n key: 'DATABASE_URL',\n category: 'security',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.databaseUrl.label',\n descriptionKey: 'configs.systemStatus.variables.databaseUrl.description',\n docUrl: null,\n defaultValue: null,\n valueTransform: maskConnectionCredentials,\n },\n {\n key: 'OM_PASSWORD_REQUIRE_DIGIT',\n category: 'security',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.passwordRequireDigit.label',\n descriptionKey: 'configs.systemStatus.variables.passwordRequireDigit.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_password_require_digit`,\n defaultValue: 'true',\n },\n {\n key: 'OM_PASSWORD_REQUIRE_UPPERCASE',\n category: 'security',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.passwordRequireUppercase.label',\n descriptionKey: 'configs.systemStatus.variables.passwordRequireUppercase.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_password_require_uppercase`,\n defaultValue: 'true',\n },\n {\n key: 'OM_PASSWORD_REQUIRE_SPECIAL',\n category: 'security',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.passwordRequireSpecial.label',\n descriptionKey: 'configs.systemStatus.variables.passwordRequireSpecial.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#om_password_require_special`,\n defaultValue: 'true',\n },\n {\n key: 'ENABLE_CRUD_API_CACHE',\n category: 'caching',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.enableCrudApiCache.label',\n descriptionKey: 'configs.systemStatus.variables.enableCrudApiCache.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#enable_crud_api_cache`,\n defaultValue: 'false',\n },\n {\n key: 'CACHE_STRATEGY',\n category: 'caching',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.cacheStrategy.label',\n descriptionKey: 'configs.systemStatus.variables.cacheStrategy.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#cache_strategy`,\n defaultValue: 'memory',\n },\n {\n key: 'CACHE_TTL',\n category: 'caching',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.cacheTtl.label',\n descriptionKey: 'configs.systemStatus.variables.cacheTtl.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#cache_ttl`,\n defaultValue: '',\n },\n {\n key: 'CACHE_SQLITE_PATH',\n category: 'caching',\n kind: 'string',\n labelKey: 'configs.systemStatus.variables.cacheSqlitePath.label',\n descriptionKey: 'configs.systemStatus.variables.cacheSqlitePath.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#cache_sqlite_path`,\n defaultValue: DEFAULT_SQLITE_CACHE_PATH,\n },\n {\n key: 'SCHEDULE_AUTO_REINDEX',\n category: 'query_index',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.scheduleAutoReindex.label',\n descriptionKey: 'configs.systemStatus.variables.scheduleAutoReindex.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#schedule_auto_reindex`,\n defaultValue: 'true',\n },\n {\n key: 'OPTIMIZE_INDEX_COVERAGE_STATS',\n category: 'query_index',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.optimizeIndexCoverageStats.label',\n descriptionKey: 'configs.systemStatus.variables.optimizeIndexCoverageStats.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#optimize_index_coverage_stats`,\n defaultValue: 'false',\n },\n {\n key: 'FORCE_QUERY_INDEX_ON_PARTIAL_INDEXES',\n category: 'query_index',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.forceQueryIndexOnPartialIndexes.label',\n descriptionKey: 'configs.systemStatus.variables.forceQueryIndexOnPartialIndexes.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#force_query_index_on_partial_indexes`,\n defaultValue: 'false',\n },\n {\n key: 'ENTITIES_BACKCOMPAT_EAV_FOR_CUSTOM',\n category: 'entities',\n kind: 'boolean',\n labelKey: 'configs.systemStatus.variables.entitiesBackcompatEav.label',\n descriptionKey: 'configs.systemStatus.variables.entitiesBackcompatEav.description',\n docUrl: `${SYSTEM_STATUS_DOC_BASE}#entities_backcompat_eav_for_custom`,\n defaultValue: 'false',\n },\n]\n\ntype AnalyzedValue = { state: SystemStatusState; value: string | null; normalizedValue: string | null }\n\nfunction analyzeBooleanValue(raw: string | undefined): AnalyzedValue {\n if (typeof raw !== 'string') {\n return { state: 'unset', value: null, normalizedValue: null }\n }\n const trimmed = raw.trim()\n if (!trimmed) return { state: 'unset', value: null, normalizedValue: null }\n const parsed = parseBooleanToken(trimmed)\n if (parsed === true) {\n return { state: 'enabled', value: trimmed, normalizedValue: 'true' }\n }\n if (parsed === false) {\n return { state: 'disabled', value: trimmed, normalizedValue: 'false' }\n }\n return { state: 'unknown', value: trimmed, normalizedValue: trimmed }\n}\n\nfunction analyzeStringValue(raw: string | undefined): AnalyzedValue {\n if (typeof raw !== 'string') {\n return { state: 'unset', value: null, normalizedValue: null }\n }\n const trimmed = raw.trim()\n if (!trimmed) return { state: 'unset', value: null, normalizedValue: null }\n return { state: 'set', value: trimmed, normalizedValue: trimmed }\n}\n\nfunction toItem(definition: SystemStatusVariableDefinition, env: Record<string, string | undefined>): SystemStatusItem {\n const raw = definition.valueTransform ? definition.valueTransform(env[definition.key]) : env[definition.key]\n const analyzed = definition.kind === 'boolean' ? analyzeBooleanValue(raw) : analyzeStringValue(raw)\n return {\n key: definition.key,\n category: definition.category,\n kind: definition.kind,\n labelKey: definition.labelKey,\n descriptionKey: definition.descriptionKey,\n docUrl: definition.docUrl,\n defaultValue: definition.defaultValue,\n state: analyzed.state,\n value: analyzed.value,\n normalizedValue: analyzed.normalizedValue,\n }\n}\n\nfunction buildCategorySnapshot(\n key: SystemStatusCategoryKey,\n items: SystemStatusItem[],\n): SystemStatusCategory {\n const metadata = CATEGORY_METADATA[key]\n return {\n key,\n labelKey: metadata.labelKey,\n descriptionKey: metadata.descriptionKey,\n items,\n }\n}\n\nfunction resolveRuntimeMode(env: Record<string, string | undefined>): SystemStatusRuntimeMode {\n const raw = env.NODE_ENV\n if (typeof raw !== 'string') return 'unknown'\n const value = raw.trim().toLowerCase()\n if (value === 'development') return 'development'\n if (value === 'production') return 'production'\n if (value === 'test') return 'test'\n return 'unknown'\n}\n\nexport function buildSystemStatusSnapshot(\n env: Record<string, string | undefined> = process.env as Record<string, string | undefined>,\n): SystemStatusSnapshot {\n const byCategory = new Map<SystemStatusCategoryKey, SystemStatusItem[]>()\n for (const definition of SYSTEM_STATUS_VARIABLES) {\n const bucket = byCategory.get(definition.category)\n const item = toItem(definition, env)\n if (bucket) {\n bucket.push(item)\n } else {\n byCategory.set(definition.category, [item])\n }\n }\n\n const categories: SystemStatusCategory[] = []\n for (const categoryKey of CATEGORY_ORDER) {\n const items = byCategory.get(categoryKey) ?? []\n categories.push(buildCategorySnapshot(categoryKey, items))\n }\n\n return {\n generatedAt: new Date().toISOString(),\n runtimeMode: resolveRuntimeMode(env),\n categories,\n }\n}\n"],
5
+ "mappings": "AASA,SAAS,yBAAyB;AAalC,MAAM,iBAA4C;AAAA,EAChD;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEA,MAAM,oBAGF;AAAA,EACF,WAAW;AAAA,IACT,UAAU;AAAA,IACV,gBAAgB;AAAA,EAClB;AAAA,EACA,SAAS;AAAA,IACP,UAAU;AAAA,IACV,gBAAgB;AAAA,EAClB;AAAA,EACA,UAAU;AAAA,IACR,UAAU;AAAA,IACV,gBAAgB;AAAA,EAClB;AAAA,EACA,SAAS;AAAA,IACP,UAAU;AAAA,IACV,gBAAgB;AAAA,EAClB;AAAA,EACA,aAAa;AAAA,IACX,UAAU;AAAA,IACV,gBAAgB;AAAA,EAClB;AAAA,EACA,UAAU;AAAA,IACR,UAAU;AAAA,IACV,gBAAgB;AAAA,EAClB;AACF;AAEA,MAAM,yBAAyB;AAC/B,MAAM,4BAA4B;AAElC,SAAS,0BAA0B,KAA6C;AAC9E,MAAI,OAAO,QAAQ,SAAU,QAAO;AACpC,QAAM,UAAU,IAAI,KAAK;AACzB,MAAI,CAAC,QAAS,QAAO;AAErB,QAAM,+BAA+B,CAAC,UAA0B;AAC9D,UAAM,cAAc,MAAM,QAAQ,KAAK;AACvC,QAAI,cAAc,EAAG,QAAO;AAE5B,UAAM,gBAAgB,cAAc;AACpC,UAAM,aAAa,MAAM,QAAQ,KAAK,aAAa;AACnD,UAAM,gBAAgB,MAAM,QAAQ,KAAK,aAAa;AACtD,UAAM,YACJ,cAAc,KAAK,iBAAiB,IAChC,KAAK,IAAI,YAAY,aAAa,IAClC,cAAc,IACZ,aACA,iBAAiB,IACf,gBACA,MAAM;AAEhB,UAAM,uBAAuB,MAAM,MAAM,eAAe,SAAS;AACjE,UAAM,cAAc,qBAAqB,YAAY,GAAG;AACxD,QAAI,cAAc,EAAG,QAAO;AAE5B,WAAO,GAAG,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,qBAAqB,MAAM,cAAc,CAAC,CAAC,GAAG,MAAM,MAAM,SAAS,CAAC;AAAA,EAChH;AAEA,MAAI;AACF,UAAM,SAAS,IAAI,IAAI,OAAO;AAC9B,QAAI,CAAC,OAAO,YAAY,CAAC,OAAO,UAAU;AACxC,aAAO;AAAA,IACT;AACA,WAAO,WAAW;AAClB,WAAO,WAAW;AAClB,WAAO,OAAO,SAAS;AAAA,EACzB,QAAQ;AACN,WAAO,6BAA6B,OAAO;AAAA,EAC7C;AACF;AAEO,MAAM,0BAA4D;AAAA,EACvE;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ;AAAA,IACR,cAAc;AAAA,IACd,gBAAgB;AAAA,EAClB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,UAAU;AAAA,IACV,MAAM;AAAA,IACN,UAAU;AAAA,IACV,gBAAgB;AAAA,IAChB,QAAQ,GAAG,sBAAsB;AAAA,IACjC,cAAc;AAAA,EAChB;AACF;AAIA,SAAS,oBAAoB,KAAwC;AACnE,MAAI,OAAO,QAAQ,UAAU;AAC3B,WAAO,EAAE,OAAO,SAAS,OAAO,MAAM,iBAAiB,KAAK;AAAA,EAC9D;AACA,QAAM,UAAU,IAAI,KAAK;AACzB,MAAI,CAAC,QAAS,QAAO,EAAE,OAAO,SAAS,OAAO,MAAM,iBAAiB,KAAK;AAC1E,QAAM,SAAS,kBAAkB,OAAO;AACxC,MAAI,WAAW,MAAM;AACnB,WAAO,EAAE,OAAO,WAAW,OAAO,SAAS,iBAAiB,OAAO;AAAA,EACrE;AACA,MAAI,WAAW,OAAO;AACpB,WAAO,EAAE,OAAO,YAAY,OAAO,SAAS,iBAAiB,QAAQ;AAAA,EACvE;AACA,SAAO,EAAE,OAAO,WAAW,OAAO,SAAS,iBAAiB,QAAQ;AACtE;AAEA,SAAS,mBAAmB,KAAwC;AAClE,MAAI,OAAO,QAAQ,UAAU;AAC3B,WAAO,EAAE,OAAO,SAAS,OAAO,MAAM,iBAAiB,KAAK;AAAA,EAC9D;AACA,QAAM,UAAU,IAAI,KAAK;AACzB,MAAI,CAAC,QAAS,QAAO,EAAE,OAAO,SAAS,OAAO,MAAM,iBAAiB,KAAK;AAC1E,SAAO,EAAE,OAAO,OAAO,OAAO,SAAS,iBAAiB,QAAQ;AAClE;AAEA,SAAS,OAAO,YAA4C,KAA2D;AACrH,QAAM,MAAM,WAAW,iBAAiB,WAAW,eAAe,IAAI,WAAW,GAAG,CAAC,IAAI,IAAI,WAAW,GAAG;AAC3G,QAAM,WAAW,WAAW,SAAS,YAAY,oBAAoB,GAAG,IAAI,mBAAmB,GAAG;AAClG,SAAO;AAAA,IACL,KAAK,WAAW;AAAA,IAChB,UAAU,WAAW;AAAA,IACrB,MAAM,WAAW;AAAA,IACjB,UAAU,WAAW;AAAA,IACrB,gBAAgB,WAAW;AAAA,IAC3B,QAAQ,WAAW;AAAA,IACnB,cAAc,WAAW;AAAA,IACzB,OAAO,SAAS;AAAA,IAChB,OAAO,SAAS;AAAA,IAChB,iBAAiB,SAAS;AAAA,EAC5B;AACF;AAEA,SAAS,sBACP,KACA,OACsB;AACtB,QAAM,WAAW,kBAAkB,GAAG;AACtC,SAAO;AAAA,IACL;AAAA,IACA,UAAU,SAAS;AAAA,IACnB,gBAAgB,SAAS;AAAA,IACzB;AAAA,EACF;AACF;AAEA,SAAS,mBAAmB,KAAkE;AAC5F,QAAM,MAAM,IAAI;AAChB,MAAI,OAAO,QAAQ,SAAU,QAAO;AACpC,QAAM,QAAQ,IAAI,KAAK,EAAE,YAAY;AACrC,MAAI,UAAU,cAAe,QAAO;AACpC,MAAI,UAAU,aAAc,QAAO;AACnC,MAAI,UAAU,OAAQ,QAAO;AAC7B,SAAO;AACT;AAEO,SAAS,0BACd,MAA0C,QAAQ,KAC5B;AACtB,QAAM,aAAa,oBAAI,IAAiD;AACxE,aAAW,cAAc,yBAAyB;AAChD,UAAM,SAAS,WAAW,IAAI,WAAW,QAAQ;AACjD,UAAM,OAAO,OAAO,YAAY,GAAG;AACnC,QAAI,QAAQ;AACV,aAAO,KAAK,IAAI;AAAA,IAClB,OAAO;AACL,iBAAW,IAAI,WAAW,UAAU,CAAC,IAAI,CAAC;AAAA,IAC5C;AAAA,EACF;AAEA,QAAM,aAAqC,CAAC;AAC5C,aAAW,eAAe,gBAAgB;AACxC,UAAM,QAAQ,WAAW,IAAI,WAAW,KAAK,CAAC;AAC9C,eAAW,KAAK,sBAAsB,aAAa,KAAK,CAAC;AAAA,EAC3D;AAEA,SAAO;AAAA,IACL,cAAa,oBAAI,KAAK,GAAE,YAAY;AAAA,IACpC,aAAa,mBAAmB,GAAG;AAAA,IACnC;AAAA,EACF;AACF;",
6
6
  "names": []
7
7
  }
package/dist/modules/customer_accounts/api/portal/password-change.js CHANGED
@@ -21,6 +21,7 @@ async function POST(req) {
21
21
  }
22
22
  const container = await createRequestContainer();
23
23
  const customerUserService = container.resolve("customerUserService");
24
+ const customerSessionService = container.resolve("customerSessionService");
24
25
  const user = await customerUserService.findById(auth.sub, auth.tenantId);
25
26
  if (!user) {
26
27
  return NextResponse.json({ ok: false, error: "User not found" }, { status: 404 });
@@ -30,13 +31,14 @@ async function POST(req) {
30
31
  return NextResponse.json({ ok: false, error: "Current password is incorrect" }, { status: 400 });
31
32
  }
32
33
  await customerUserService.updatePassword(user, parsed.data.newPassword);
34
+ await customerSessionService.revokeAllUserSessions(user.id);
33
35
  return NextResponse.json({ ok: true });
34
36
  }
35
37
  const successSchema = z.object({ ok: z.literal(true) });
36
38
  const errorSchema = z.object({ ok: z.literal(false), error: z.string() });
37
39
  const methodDoc = {
38
40
  summary: "Change customer password",
39
- description: "Changes the authenticated customer user password after verifying the current password.",
41
+ description: "Changes the authenticated customer user password after verifying the current password. Revokes all existing sessions.",
40
42
  tags: ["Customer Portal"],
41
43
  requestBody: { schema: passwordChangeSchema },
42
44
  responses: [{ status: 200, description: "Password changed", schema: successSchema }],
package/dist/modules/customer_accounts/api/portal/password-change.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/modules/customer_accounts/api/portal/password-change.ts"],
4
- "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'\nimport { getCustomerAuthFromRequest } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { CustomerUserService } from '@open-mercato/core/modules/customer_accounts/services/customerUserService'\nimport { passwordChangeSchema } from '@open-mercato/core/modules/customer_accounts/data/validators'\n\nexport const metadata: { path?: string; requireAuth?: boolean } = { requireAuth: false }\n\nexport async function POST(req: Request) {\n const auth = await getCustomerAuthFromRequest(req)\n if (!auth) {\n return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })\n }\n\n let body: unknown\n try {\n body = await req.json()\n } catch {\n return NextResponse.json({ ok: false, error: 'Invalid request body' }, { status: 400 })\n }\n\n const parsed = passwordChangeSchema.safeParse(body)\n if (!parsed.success) {\n return NextResponse.json({ ok: false, error: 'Validation failed' }, { status: 400 })\n }\n\n const container = await createRequestContainer()\n const customerUserService = container.resolve('customerUserService') as CustomerUserService\n\n const user = await customerUserService.findById(auth.sub, auth.tenantId)\n if (!user) {\n return NextResponse.json({ ok: false, error: 'User not found' }, { status: 404 })\n }\n\n const currentValid = await customerUserService.verifyPassword(user, parsed.data.currentPassword)\n if (!currentValid) {\n return NextResponse.json({ ok: false, error: 'Current password is incorrect' }, { status: 400 })\n }\n\n await customerUserService.updatePassword(user, parsed.data.newPassword)\n\n return NextResponse.json({ ok: true })\n}\n\nconst successSchema = z.object({ ok: z.literal(true) })\nconst errorSchema = z.object({ ok: z.literal(false), error: z.string() })\n\nconst methodDoc: OpenApiMethodDoc = {\n summary: 'Change customer password',\n description: 'Changes the authenticated customer user password after verifying the current password.',\n tags: ['Customer Portal'],\n requestBody: { schema: passwordChangeSchema },\n responses: [{ status: 200, description: 'Password changed', schema: successSchema }],\n errors: [\n { status: 400, description: 'Current password incorrect or validation failed', schema: errorSchema },\n { status: 401, description: 'Not authenticated', schema: errorSchema },\n ],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n summary: 'Change customer password',\n methods: { POST: methodDoc },\n}\n"],
5
- "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,kCAAkC;AAC3C,SAAS,8BAA8B;AAEvC,SAAS,4BAA4B;AAE9B,MAAM,WAAqD,EAAE,aAAa,MAAM;AAEvF,eAAsB,KAAK,KAAc;AACvC,QAAM,OAAO,MAAM,2BAA2B,GAAG;AACjD,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3F;AAEA,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,uBAAuB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxF;AAEA,QAAM,SAAS,qBAAqB,UAAU,IAAI;AAClD,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrF;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,sBAAsB,UAAU,QAAQ,qBAAqB;AAEnE,QAAM,OAAO,MAAM,oBAAoB,SAAS,KAAK,KAAK,KAAK,QAAQ;AACvE,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAClF;AAEA,QAAM,eAAe,MAAM,oBAAoB,eAAe,MAAM,OAAO,KAAK,eAAe;AAC/F,MAAI,CAAC,cAAc;AACjB,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,gCAAgC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjG;AAEA,QAAM,oBAAoB,eAAe,MAAM,OAAO,KAAK,WAAW;AAEtE,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEA,MAAM,gBAAgB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC;AACtD,MAAM,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,KAAK,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;AAExE,MAAM,YAA8B;AAAA,EAClC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,iBAAiB;AAAA,EACxB,aAAa,EAAE,QAAQ,qBAAqB;AAAA,EAC5C,WAAW,CAAC,EAAE,QAAQ,KAAK,aAAa,oBAAoB,QAAQ,cAAc,CAAC;AAAA,EACnF,QAAQ;AAAA,IACN,EAAE,QAAQ,KAAK,aAAa,mDAAmD,QAAQ,YAAY;AAAA,IACnG,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,YAAY;AAAA,EACvE;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,SAAS,EAAE,MAAM,UAAU;AAC7B;",
4
+ "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib/openapi'\nimport { getCustomerAuthFromRequest } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { CustomerUserService } from '@open-mercato/core/modules/customer_accounts/services/customerUserService'\nimport { CustomerSessionService } from '@open-mercato/core/modules/customer_accounts/services/customerSessionService'\nimport { passwordChangeSchema } from '@open-mercato/core/modules/customer_accounts/data/validators'\n\nexport const metadata: { path?: string; requireAuth?: boolean } = { requireAuth: false }\n\nexport async function POST(req: Request) {\n const auth = await getCustomerAuthFromRequest(req)\n if (!auth) {\n return NextResponse.json({ ok: false, error: 'Authentication required' }, { status: 401 })\n }\n\n let body: unknown\n try {\n body = await req.json()\n } catch {\n return NextResponse.json({ ok: false, error: 'Invalid request body' }, { status: 400 })\n }\n\n const parsed = passwordChangeSchema.safeParse(body)\n if (!parsed.success) {\n return NextResponse.json({ ok: false, error: 'Validation failed' }, { status: 400 })\n }\n\n const container = await createRequestContainer()\n const customerUserService = container.resolve('customerUserService') as CustomerUserService\n const customerSessionService = container.resolve('customerSessionService') as CustomerSessionService\n\n const user = await customerUserService.findById(auth.sub, auth.tenantId)\n if (!user) {\n return NextResponse.json({ ok: false, error: 'User not found' }, { status: 404 })\n }\n\n const currentValid = await customerUserService.verifyPassword(user, parsed.data.currentPassword)\n if (!currentValid) {\n return NextResponse.json({ ok: false, error: 'Current password is incorrect' }, { status: 400 })\n }\n\n await customerUserService.updatePassword(user, parsed.data.newPassword)\n\n // Revoke all existing sessions for security\n await customerSessionService.revokeAllUserSessions(user.id)\n\n return NextResponse.json({ ok: true })\n}\n\nconst successSchema = z.object({ ok: z.literal(true) })\nconst errorSchema = z.object({ ok: z.literal(false), error: z.string() })\n\nconst methodDoc: OpenApiMethodDoc = {\n summary: 'Change customer password',\n description: 'Changes the authenticated customer user password after verifying the current password. Revokes all existing sessions.',\n tags: ['Customer Portal'],\n requestBody: { schema: passwordChangeSchema },\n responses: [{ status: 200, description: 'Password changed', schema: successSchema }],\n errors: [\n { status: 400, description: 'Current password incorrect or validation failed', schema: errorSchema },\n { status: 401, description: 'Not authenticated', schema: errorSchema },\n ],\n}\n\nexport const openApi: OpenApiRouteDoc = {\n summary: 'Change customer password',\n methods: { POST: methodDoc },\n}\n"],
5
+ "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,kCAAkC;AAC3C,SAAS,8BAA8B;AAGvC,SAAS,4BAA4B;AAE9B,MAAM,WAAqD,EAAE,aAAa,MAAM;AAEvF,eAAsB,KAAK,KAAc;AACvC,QAAM,OAAO,MAAM,2BAA2B,GAAG;AACjD,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3F;AAEA,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,uBAAuB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxF;AAEA,QAAM,SAAS,qBAAqB,UAAU,IAAI;AAClD,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrF;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,sBAAsB,UAAU,QAAQ,qBAAqB;AACnE,QAAM,yBAAyB,UAAU,QAAQ,wBAAwB;AAEzE,QAAM,OAAO,MAAM,oBAAoB,SAAS,KAAK,KAAK,KAAK,QAAQ;AACvE,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAClF;AAEA,QAAM,eAAe,MAAM,oBAAoB,eAAe,MAAM,OAAO,KAAK,eAAe;AAC/F,MAAI,CAAC,cAAc;AACjB,WAAO,aAAa,KAAK,EAAE,IAAI,OAAO,OAAO,gCAAgC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjG;AAEA,QAAM,oBAAoB,eAAe,MAAM,OAAO,KAAK,WAAW;AAGtE,QAAM,uBAAuB,sBAAsB,KAAK,EAAE;AAE1D,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEA,MAAM,gBAAgB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC;AACtD,MAAM,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,KAAK,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;AAExE,MAAM,YAA8B;AAAA,EAClC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,MAAM,CAAC,iBAAiB;AAAA,EACxB,aAAa,EAAE,QAAQ,qBAAqB;AAAA,EAC5C,WAAW,CAAC,EAAE,QAAQ,KAAK,aAAa,oBAAoB,QAAQ,cAAc,CAAC;AAAA,EACnF,QAAQ;AAAA,IACN,EAAE,QAAQ,KAAK,aAAa,mDAAmD,QAAQ,YAAY;AAAA,IACnG,EAAE,QAAQ,KAAK,aAAa,qBAAqB,QAAQ,YAAY;AAAA,EACvE;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,SAAS,EAAE,MAAM,UAAU;AAC7B;",
6
6
  "names": []
7
7
  }
package/dist/modules/inbox_ops/encryption.js ADDED
@@ -0,0 +1,47 @@
1
+ const defaultEncryptionMaps = [
2
+ {
3
+ entityId: "inbox_ops:inbox_email",
4
+ fields: [
5
+ { field: "subject" },
6
+ { field: "raw_text" },
7
+ { field: "raw_html" },
8
+ { field: "cleaned_text" },
9
+ { field: "thread_messages" },
10
+ { field: "forwarded_by_address" },
11
+ { field: "forwarded_by_name" },
12
+ { field: "to_address" },
13
+ { field: "reply_to" },
14
+ { field: "processing_error" }
15
+ ]
16
+ },
17
+ {
18
+ entityId: "inbox_ops:inbox_proposal",
19
+ fields: [
20
+ { field: "summary" },
21
+ { field: "participants" },
22
+ { field: "translations" }
23
+ ]
24
+ },
25
+ {
26
+ entityId: "inbox_ops:inbox_proposal_action",
27
+ fields: [
28
+ { field: "description" },
29
+ { field: "payload" },
30
+ { field: "execution_error" }
31
+ ]
32
+ },
33
+ {
34
+ entityId: "inbox_ops:inbox_discrepancy",
35
+ fields: [
36
+ { field: "description" },
37
+ { field: "expected_value" },
38
+ { field: "found_value" }
39
+ ]
40
+ }
41
+ ];
42
+ var encryption_default = defaultEncryptionMaps;
43
+ export {
44
+ encryption_default as default,
45
+ defaultEncryptionMaps
46
+ };
47
+ //# sourceMappingURL=encryption.js.map
package/dist/modules/inbox_ops/encryption.js.map ADDED
@@ -0,0 +1,7 @@
1
+ {
2
+ "version": 3,
3
+ "sources": ["../../../src/modules/inbox_ops/encryption.ts"],
4
+ "sourcesContent": ["import type { ModuleEncryptionMap } from '@open-mercato/shared/modules/encryption'\n\n// Message body, extracted business data, and correspondent identities all\n// count as tenant PII. Columns routed through WHERE/ILIKE lookups or UNIQUE\n// indexes (`inbox_settings.inbox_address`, `inbox_emails.message_id`,\n// `in_reply_to`, `references`, `*.metadata`) are intentionally left plaintext\n// for now \u2014 encrypting them requires paired `*_hash` columns plus rewriting\n// the inbound-webhook lookups, which is out of scope for this fix.\nexport const defaultEncryptionMaps: ModuleEncryptionMap[] = [\n {\n entityId: 'inbox_ops:inbox_email',\n fields: [\n { field: 'subject' },\n { field: 'raw_text' },\n { field: 'raw_html' },\n { field: 'cleaned_text' },\n { field: 'thread_messages' },\n { field: 'forwarded_by_address' },\n { field: 'forwarded_by_name' },\n { field: 'to_address' },\n { field: 'reply_to' },\n { field: 'processing_error' },\n ],\n },\n {\n entityId: 'inbox_ops:inbox_proposal',\n fields: [\n { field: 'summary' },\n { field: 'participants' },\n { field: 'translations' },\n ],\n },\n {\n entityId: 'inbox_ops:inbox_proposal_action',\n fields: [\n { field: 'description' },\n { field: 'payload' },\n { field: 'execution_error' },\n ],\n },\n {\n entityId: 'inbox_ops:inbox_discrepancy',\n fields: [\n { field: 'description' },\n { field: 'expected_value' },\n { field: 'found_value' },\n ],\n },\n]\n\nexport default defaultEncryptionMaps\n"],
5
+ "mappings": "AAQO,MAAM,wBAA+C;AAAA,EAC1D;AAAA,IACE,UAAU;AAAA,IACV,QAAQ;AAAA,MACN,EAAE,OAAO,UAAU;AAAA,MACnB,EAAE,OAAO,WAAW;AAAA,MACpB,EAAE,OAAO,WAAW;AAAA,MACpB,EAAE,OAAO,eAAe;AAAA,MACxB,EAAE,OAAO,kBAAkB;AAAA,MAC3B,EAAE,OAAO,uBAAuB;AAAA,MAChC,EAAE,OAAO,oBAAoB;AAAA,MAC7B,EAAE,OAAO,aAAa;AAAA,MACtB,EAAE,OAAO,WAAW;AAAA,MACpB,EAAE,OAAO,mBAAmB;AAAA,IAC9B;AAAA,EACF;AAAA,EACA;AAAA,IACE,UAAU;AAAA,IACV,QAAQ;AAAA,MACN,EAAE,OAAO,UAAU;AAAA,MACnB,EAAE,OAAO,eAAe;AAAA,MACxB,EAAE,OAAO,eAAe;AAAA,IAC1B;AAAA,EACF;AAAA,EACA;AAAA,IACE,UAAU;AAAA,IACV,QAAQ;AAAA,MACN,EAAE,OAAO,cAAc;AAAA,MACvB,EAAE,OAAO,UAAU;AAAA,MACnB,EAAE,OAAO,kBAAkB;AAAA,IAC7B;AAAA,EACF;AAAA,EACA;AAAA,IACE,UAAU;AAAA,IACV,QAAQ;AAAA,MACN,EAAE,OAAO,cAAc;AAAA,MACvB,EAAE,OAAO,iBAAiB;AAAA,MAC1B,EAAE,OAAO,cAAc;AAAA,IACzB;AAAA,EACF;AACF;AAEA,IAAO,qBAAQ;",
6
+ "names": []
7
+ }
package/dist/modules/workflows/api/definitions/[id]/route.js CHANGED
@@ -9,6 +9,7 @@ import {
9
9
  updateWorkflowDefinitionInputSchema
10
10
  } from "../../../data/validators.js";
11
11
  import { serializeWorkflowDefinition } from "../serialize.js";
12
+ import { invalidateTriggerCache } from "../../../lib/event-trigger-service.js";
12
13
  const metadata = {
13
14
  requireAuth: true,
14
15
  requireFeatures: ["workflows.definitions.view"]
@@ -120,6 +121,7 @@ async function PUT(request, context) {
120
121
  }
121
122
  definition.updatedAt = /* @__PURE__ */ new Date();
122
123
  await em.flush();
124
+ if (tenantId) invalidateTriggerCache(tenantId, organizationId ?? void 0);
123
125
  return NextResponse.json({
124
126
  data: serializeWorkflowDefinition(definition),
125
127
  message: "Workflow definition updated successfully"
@@ -187,6 +189,7 @@ async function DELETE(request, context) {
187
189
  definition.deletedAt = /* @__PURE__ */ new Date();
188
190
  definition.updatedAt = /* @__PURE__ */ new Date();
189
191
  await em.flush();
192
+ if (tenantId) invalidateTriggerCache(tenantId, organizationId ?? void 0);
190
193
  return NextResponse.json({
191
194
  message: "Workflow definition deleted successfully"
192
195
  });
package/dist/modules/workflows/api/definitions/[id]/route.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../../src/modules/workflows/api/definitions/%5Bid%5D/route.ts"],
4
- "sourcesContent": ["/**\n * Workflow Definition Detail API\n *\n * Endpoints:\n * - GET /api/workflows/definitions/[id] - Get workflow definition\n * - PUT /api/workflows/definitions/[id] - Update workflow definition\n * - DELETE /api/workflows/definitions/[id] - Delete workflow definition (soft delete)\n */\n\nimport { NextRequest, NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { resolveOrganizationScopeForRequest } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport { resolveOrganizationScopeFilter } from '@open-mercato/core/modules/directory/utils/organizationScopeFilter'\nimport { WorkflowDefinition } from '../../../data/entities'\nimport {\n updateWorkflowDefinitionInputSchema,\n type UpdateWorkflowDefinitionApiInput,\n} from '../../../data/validators'\nimport { serializeWorkflowDefinition } from '../serialize'\n\nexport const metadata = {\n requireAuth: true,\n requireFeatures: ['workflows.definitions.view'],\n}\n\ninterface RouteContext {\n params: Promise<{\n id: string\n }>\n}\n\n/**\n * GET /api/workflows/definitions/[id]\n *\n * Get a single workflow definition by ID\n */\nexport async function GET(\n request: NextRequest,\n context: RouteContext\n) {\n try {\n const params = await context.params\n const container = await createRequestContainer()\n const em = container.resolve('em')\n const auth = await getAuthFromRequest(request)\n\n if (!auth) {\n return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const tenantId = auth.tenantId\n const orgFilter = resolveOrganizationScopeFilter(scope, auth)\n\n const definition = await em.findOne(WorkflowDefinition, {\n id: params.id,\n tenantId,\n ...orgFilter.where,\n deletedAt: null,\n })\n\n if (!definition) {\n return NextResponse.json(\n { error: 'Workflow definition not found' },\n { status: 404 }\n )\n }\n\n return NextResponse.json({ data: serializeWorkflowDefinition(definition) })\n } catch (error) {\n console.error('Error getting workflow definition:', error)\n return NextResponse.json(\n { error: 'Failed to get workflow definition' },\n { status: 500 }\n )\n }\n}\n\n/**\n * PUT /api/workflows/definitions/[id]\n *\n * Update a workflow definition\n */\nexport async function PUT(\n request: NextRequest,\n context: RouteContext\n) {\n try {\n const params = await context.params\n const container = await createRequestContainer()\n const em = container.resolve('em')\n const auth = await getAuthFromRequest(request)\n\n if (!auth) {\n return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const tenantId = auth.tenantId\n const organizationId = scope?.selectedId ?? auth.orgId\n\n // Check edit permission\n const rbacService = container.resolve('rbacService')\n const hasPermission = await rbacService.userHasAllFeatures(\n auth.sub,\n ['workflows.definitions.edit'],\n {\n tenantId,\n organizationId,\n }\n )\n\n if (!hasPermission) {\n return NextResponse.json(\n { error: 'Insufficient permissions' },\n { status: 403 }\n )\n }\n\n const body = await request.json()\n\n // Validate input\n const validation = updateWorkflowDefinitionInputSchema.safeParse(body)\n if (!validation.success) {\n return NextResponse.json(\n {\n error: 'Validation failed',\n details: validation.error.issues,\n },\n { status: 400 }\n )\n }\n\n const input: UpdateWorkflowDefinitionApiInput = validation.data\n\n // Find existing definition\n const definition = await em.findOne(WorkflowDefinition, {\n id: params.id,\n tenantId,\n organizationId,\n deletedAt: null,\n })\n\n if (!definition) {\n return NextResponse.json(\n { error: 'Workflow definition not found' },\n { status: 404 }\n )\n }\n\n // Update fields. workflowId and version are intentionally ignored \u2014\n // they identify the row and bumping versions is handled elsewhere.\n if (input.workflowName !== undefined) {\n definition.workflowName = input.workflowName\n }\n if (input.description !== undefined) {\n definition.description = input.description\n }\n if (input.definition !== undefined) {\n definition.definition = input.definition\n }\n if (input.metadata !== undefined) {\n definition.metadata = input.metadata\n }\n if (input.enabled !== undefined) {\n definition.enabled = input.enabled\n }\n if (input.effectiveFrom !== undefined) {\n definition.effectiveFrom = input.effectiveFrom\n }\n if (input.effectiveTo !== undefined) {\n definition.effectiveTo = input.effectiveTo\n }\n\n definition.updatedAt = new Date()\n\n await em.flush()\n\n return NextResponse.json({\n data: serializeWorkflowDefinition(definition),\n message: 'Workflow definition updated successfully',\n })\n } catch (error) {\n console.error('Error updating workflow definition:', error)\n return NextResponse.json(\n { error: 'Failed to update workflow definition' },\n { status: 500 }\n )\n }\n}\n\n/**\n * DELETE /api/workflows/definitions/[id]\n *\n * Soft delete a workflow definition\n */\nexport async function DELETE(\n request: NextRequest,\n context: RouteContext\n) {\n try {\n const params = await context.params\n const container = await createRequestContainer()\n const em = container.resolve('em')\n const auth = await getAuthFromRequest(request)\n\n if (!auth) {\n return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const tenantId = auth.tenantId\n const organizationId = scope?.selectedId ?? auth.orgId\n\n // Check delete permission\n const rbacService = container.resolve('rbacService')\n const hasPermission = await rbacService.userHasAllFeatures(\n auth.sub,\n ['workflows.definitions.delete'],\n {\n tenantId,\n organizationId,\n }\n )\n\n if (!hasPermission) {\n return NextResponse.json(\n { error: 'Insufficient permissions' },\n { status: 403 }\n )\n }\n\n // Find existing definition\n const definition = await em.findOne(WorkflowDefinition, {\n id: params.id,\n tenantId,\n organizationId,\n deletedAt: null,\n })\n\n if (!definition) {\n return NextResponse.json(\n { error: 'Workflow definition not found' },\n { status: 404 }\n )\n }\n\n // Check if there are active workflow instances using this definition\n const { WorkflowInstance } = await import('../../../data/entities')\n const activeInstances = await em.count(WorkflowInstance, {\n definitionId: definition.id,\n status: { $in: ['RUNNING', 'WAITING'] },\n })\n\n if (activeInstances > 0) {\n return NextResponse.json(\n {\n error: `Cannot delete workflow definition with ${activeInstances} active instance(s)`,\n },\n { status: 409 }\n )\n }\n\n // Soft delete\n definition.deletedAt = new Date()\n definition.updatedAt = new Date()\n\n await em.flush()\n\n return NextResponse.json({\n message: 'Workflow definition deleted successfully',\n })\n } catch (error) {\n console.error('Error deleting workflow definition:', error)\n return NextResponse.json(\n { error: 'Failed to delete workflow definition' },\n { status: 500 }\n )\n }\n}\n\nexport const openApi = {\n methods: {\n GET: {\n summary: 'Get workflow definition',\n description: 'Get a single workflow definition by ID. Returns the complete workflow structure including steps and transitions (with embedded activities).',\n tags: ['Workflows'],\n pathParams: z.object({\n id: z.string().uuid(),\n }),\n responses: [\n {\n status: 200,\n description: 'Workflow definition found',\n example: {\n data: {\n id: '123e4567-e89b-12d3-a456-426614174000',\n workflowId: 'checkout-flow',\n workflowName: 'Checkout Flow',\n description: 'Complete checkout workflow for processing orders',\n version: 1,\n definition: {\n steps: [\n {\n stepId: 'start',\n stepName: 'Start',\n stepType: 'START',\n },\n {\n stepId: 'validate-cart',\n stepName: 'Validate Cart',\n stepType: 'AUTOMATED',\n description: 'Validate cart items and check inventory',\n },\n {\n stepId: 'payment',\n stepName: 'Process Payment',\n stepType: 'AUTOMATED',\n description: 'Charge payment method',\n retryPolicy: {\n maxAttempts: 3,\n backoffMs: 1000,\n },\n },\n {\n stepId: 'end',\n stepName: 'End',\n stepType: 'END',\n },\n ],\n transitions: [\n {\n transitionId: 'start-to-validate',\n fromStepId: 'start',\n toStepId: 'validate-cart',\n trigger: 'auto',\n },\n {\n transitionId: 'validate-to-payment',\n fromStepId: 'validate-cart',\n toStepId: 'payment',\n trigger: 'auto',\n },\n {\n transitionId: 'payment-to-end',\n fromStepId: 'payment',\n toStepId: 'end',\n trigger: 'auto',\n activities: [\n {\n activityName: 'Send Order Confirmation',\n activityType: 'SEND_EMAIL',\n config: {\n to: '{{context.customerEmail}}',\n subject: 'Order Confirmation #{{context.orderId}}',\n template: 'order_confirmation',\n },\n },\n ],\n },\n ],\n },\n enabled: true,\n tenantId: '123e4567-e89b-12d3-a456-426614174001',\n organizationId: '123e4567-e89b-12d3-a456-426614174002',\n createdAt: '2025-12-08T10:00:00.000Z',\n updatedAt: '2025-12-08T10:00:00.000Z',\n },\n },\n },\n {\n status: 404,\n description: 'Workflow definition not found',\n example: {\n error: 'Workflow definition not found',\n },\n },\n ],\n },\n PUT: {\n summary: 'Update workflow definition',\n description: 'Update an existing workflow definition. Supports partial updates - only provided fields will be updated.',\n tags: ['Workflows'],\n pathParams: z.object({\n id: z.string().uuid(),\n }),\n requestBody: {\n schema: updateWorkflowDefinitionInputSchema,\n example: {\n definition: {\n steps: [\n {\n stepId: 'start',\n stepName: 'Start',\n stepType: 'START',\n },\n {\n stepId: 'validate-cart',\n stepName: 'Validate Cart',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'payment',\n stepName: 'Process Payment',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'confirmation',\n stepName: 'Order Confirmation',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'end',\n stepName: 'End',\n stepType: 'END',\n },\n ],\n transitions: [\n {\n transitionId: 'start-to-validate',\n fromStepId: 'start',\n toStepId: 'validate-cart',\n trigger: 'auto',\n },\n {\n transitionId: 'validate-to-payment',\n fromStepId: 'validate-cart',\n toStepId: 'payment',\n trigger: 'auto',\n },\n {\n transitionId: 'payment-to-confirmation',\n fromStepId: 'payment',\n toStepId: 'confirmation',\n trigger: 'auto',\n },\n {\n transitionId: 'confirmation-to-end',\n fromStepId: 'confirmation',\n toStepId: 'end',\n trigger: 'auto',\n },\n ],\n },\n enabled: true,\n },\n },\n responses: [\n {\n status: 200,\n description: 'Workflow definition updated successfully',\n example: {\n data: {\n id: '123e4567-e89b-12d3-a456-426614174000',\n workflowId: 'checkout-flow',\n workflowName: 'Checkout Flow',\n description: 'Complete checkout workflow for processing orders',\n version: 1,\n definition: {\n steps: [\n { stepId: 'start', stepName: 'Start', stepType: 'START' },\n {\n stepId: 'validate-cart',\n stepName: 'Validate Cart',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'payment',\n stepName: 'Process Payment',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'confirmation',\n stepName: 'Order Confirmation',\n stepType: 'AUTOMATED',\n },\n { stepId: 'end', stepName: 'End', stepType: 'END' },\n ],\n transitions: [\n {\n transitionId: 'start-to-validate',\n fromStepId: 'start',\n toStepId: 'validate-cart',\n trigger: 'auto',\n },\n {\n transitionId: 'validate-to-payment',\n fromStepId: 'validate-cart',\n toStepId: 'payment',\n trigger: 'auto',\n },\n {\n transitionId: 'payment-to-confirmation',\n fromStepId: 'payment',\n toStepId: 'confirmation',\n trigger: 'auto',\n },\n {\n transitionId: 'confirmation-to-end',\n fromStepId: 'confirmation',\n toStepId: 'end',\n trigger: 'auto',\n },\n ],\n },\n enabled: true,\n tenantId: '123e4567-e89b-12d3-a456-426614174001',\n organizationId: '123e4567-e89b-12d3-a456-426614174002',\n createdAt: '2025-12-08T10:00:00.000Z',\n updatedAt: '2025-12-08T11:30:00.000Z',\n },\n message: 'Workflow definition updated successfully',\n },\n },\n {\n status: 400,\n description: 'Validation error',\n example: {\n error: 'Validation failed',\n details: [\n {\n code: 'invalid_type',\n message: 'Expected object, received string',\n path: ['definition'],\n },\n ],\n },\n },\n {\n status: 404,\n description: 'Workflow definition not found',\n example: {\n error: 'Workflow definition not found',\n },\n },\n ],\n },\n DELETE: {\n summary: 'Delete workflow definition',\n description: 'Soft delete a workflow definition. Cannot be deleted if there are active workflow instances (RUNNING or WAITING status) using this definition.',\n tags: ['Workflows'],\n pathParams: z.object({\n id: z.string().uuid(),\n }),\n responses: [\n {\n status: 200,\n description: 'Workflow definition deleted successfully',\n example: {\n message: 'Workflow definition deleted successfully',\n },\n },\n {\n status: 404,\n description: 'Workflow definition not found',\n example: {\n error: 'Workflow definition not found',\n },\n },\n {\n status: 409,\n description: 'Cannot delete - active workflow instances exist',\n example: {\n error: 'Cannot delete workflow definition with 3 active instance(s)',\n },\n },\n ],\n },\n },\n}\n"],
5
- "mappings": "AASA,SAAsB,oBAAoB;AAC1C,SAAS,SAAS;AAClB,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,0CAA0C;AACnD,SAAS,sCAAsC;AAC/C,SAAS,0BAA0B;AACnC;AAAA,EACE;AAAA,OAEK;AACP,SAAS,mCAAmC;AAErC,MAAM,WAAW;AAAA,EACtB,aAAa;AAAA,EACb,iBAAiB,CAAC,4BAA4B;AAChD;AAaA,eAAsB,IACpB,SACA,SACA;AACA,MAAI;AACF,UAAM,SAAS,MAAM,QAAQ;AAC7B,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,UAAM,OAAO,MAAM,mBAAmB,OAAO;AAE7C,QAAI,CAAC,MAAM;AACT,aAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACrE;AAEA,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,UAAM,WAAW,KAAK;AACtB,UAAM,YAAY,+BAA+B,OAAO,IAAI;AAE5D,UAAM,aAAa,MAAM,GAAG,QAAQ,oBAAoB;AAAA,MACtD,IAAI,OAAO;AAAA,MACX;AAAA,MACA,GAAG,UAAU;AAAA,MACb,WAAW;AAAA,IACb,CAAC;AAED,QAAI,CAAC,YAAY;AACf,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,gCAAgC;AAAA,QACzC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,WAAO,aAAa,KAAK,EAAE,MAAM,4BAA4B,UAAU,EAAE,CAAC;AAAA,EAC5E,SAAS,OAAO;AACd,YAAQ,MAAM,sCAAsC,KAAK;AACzD,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,oCAAoC;AAAA,MAC7C,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACF;AAOA,eAAsB,IACpB,SACA,SACA;AACA,MAAI;AACF,UAAM,SAAS,MAAM,QAAQ;AAC7B,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,UAAM,OAAO,MAAM,mBAAmB,OAAO;AAE7C,QAAI,CAAC,MAAM;AACT,aAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACrE;AAEA,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,UAAM,WAAW,KAAK;AACtB,UAAM,iBAAiB,OAAO,cAAc,KAAK;AAGjD,UAAM,cAAc,UAAU,QAAQ,aAAa;AACnD,UAAM,gBAAgB,MAAM,YAAY;AAAA,MACtC,KAAK;AAAA,MACL,CAAC,4BAA4B;AAAA,MAC7B;AAAA,QACE;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAEA,QAAI,CAAC,eAAe;AAClB,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,2BAA2B;AAAA,QACpC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,UAAM,OAAO,MAAM,QAAQ,KAAK;AAGhC,UAAM,aAAa,oCAAoC,UAAU,IAAI;AACrE,QAAI,CAAC,WAAW,SAAS;AACvB,aAAO,aAAa;AAAA,QAClB;AAAA,UACE,OAAO;AAAA,UACP,SAAS,WAAW,MAAM;AAAA,QAC5B;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,UAAM,QAA0C,WAAW;AAG3D,UAAM,aAAa,MAAM,GAAG,QAAQ,oBAAoB;AAAA,MACtD,IAAI,OAAO;AAAA,MACX;AAAA,MACA;AAAA,MACA,WAAW;AAAA,IACb,CAAC;AAED,QAAI,CAAC,YAAY;AACf,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,gCAAgC;AAAA,QACzC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAIA,QAAI,MAAM,iBAAiB,QAAW;AACpC,iBAAW,eAAe,MAAM;AAAA,IAClC;AACA,QAAI,MAAM,gBAAgB,QAAW;AACnC,iBAAW,cAAc,MAAM;AAAA,IACjC;AACA,QAAI,MAAM,eAAe,QAAW;AAClC,iBAAW,aAAa,MAAM;AAAA,IAChC;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,iBAAW,WAAW,MAAM;AAAA,IAC9B;AACA,QAAI,MAAM,YAAY,QAAW;AAC/B,iBAAW,UAAU,MAAM;AAAA,IAC7B;AACA,QAAI,MAAM,kBAAkB,QAAW;AACrC,iBAAW,gBAAgB,MAAM;AAAA,IACnC;AACA,QAAI,MAAM,gBAAgB,QAAW;AACnC,iBAAW,cAAc,MAAM;AAAA,IACjC;AAEA,eAAW,YAAY,oBAAI,KAAK;AAEhC,UAAM,GAAG,MAAM;AAEf,WAAO,aAAa,KAAK;AAAA,MACvB,MAAM,4BAA4B,UAAU;AAAA,MAC5C,SAAS;AAAA,IACX,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,uCAAuC,KAAK;AAC1D,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,uCAAuC;AAAA,MAChD,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACF;AAOA,eAAsB,OACpB,SACA,SACA;AACA,MAAI;AACF,UAAM,SAAS,MAAM,QAAQ;AAC7B,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,UAAM,OAAO,MAAM,mBAAmB,OAAO;AAE7C,QAAI,CAAC,MAAM;AACT,aAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACrE;AAEA,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,UAAM,WAAW,KAAK;AACtB,UAAM,iBAAiB,OAAO,cAAc,KAAK;AAGjD,UAAM,cAAc,UAAU,QAAQ,aAAa;AACnD,UAAM,gBAAgB,MAAM,YAAY;AAAA,MACtC,KAAK;AAAA,MACL,CAAC,8BAA8B;AAAA,MAC/B;AAAA,QACE;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAEA,QAAI,CAAC,eAAe;AAClB,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,2BAA2B;AAAA,QACpC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAGA,UAAM,aAAa,MAAM,GAAG,QAAQ,oBAAoB;AAAA,MACtD,IAAI,OAAO;AAAA,MACX;AAAA,MACA;AAAA,MACA,WAAW;AAAA,IACb,CAAC;AAED,QAAI,CAAC,YAAY;AACf,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,gCAAgC;AAAA,QACzC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAGA,UAAM,EAAE,iBAAiB,IAAI,MAAM,OAAO,wBAAwB;AAClE,UAAM,kBAAkB,MAAM,GAAG,MAAM,kBAAkB;AAAA,MACvD,cAAc,WAAW;AAAA,MACzB,QAAQ,EAAE,KAAK,CAAC,WAAW,SAAS,EAAE;AAAA,IACxC,CAAC;AAED,QAAI,kBAAkB,GAAG;AACvB,aAAO,aAAa;AAAA,QAClB;AAAA,UACE,OAAO,0CAA0C,eAAe;AAAA,QAClE;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAGA,eAAW,YAAY,oBAAI,KAAK;AAChC,eAAW,YAAY,oBAAI,KAAK;AAEhC,UAAM,GAAG,MAAM;AAEf,WAAO,aAAa,KAAK;AAAA,MACvB,SAAS;AAAA,IACX,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,uCAAuC,KAAK;AAC1D,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,uCAAuC;AAAA,MAChD,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACF;AAEO,MAAM,UAAU;AAAA,EACrB,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,MAAM,CAAC,WAAW;AAAA,MAClB,YAAY,EAAE,OAAO;AAAA,QACnB,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,MACtB,CAAC;AAAA,MACD,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,MAAM;AAAA,cACJ,IAAI;AAAA,cACJ,YAAY;AAAA,cACZ,cAAc;AAAA,cACd,aAAa;AAAA,cACb,SAAS;AAAA,cACT,YAAY;AAAA,gBACV,OAAO;AAAA,kBACL;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,kBACA;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,oBACV,aAAa;AAAA,kBACf;AAAA,kBACA;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,oBACV,aAAa;AAAA,oBACb,aAAa;AAAA,sBACX,aAAa;AAAA,sBACb,WAAW;AAAA,oBACb;AAAA,kBACF;AAAA,kBACA;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,gBACF;AAAA,gBACA,aAAa;AAAA,kBACX;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,oBACT,YAAY;AAAA,sBACV;AAAA,wBACE,cAAc;AAAA,wBACd,cAAc;AAAA,wBACd,QAAQ;AAAA,0BACN,IAAI;AAAA,0BACJ,SAAS;AAAA,0BACT,UAAU;AAAA,wBACZ;AAAA,sBACF;AAAA,oBACF;AAAA,kBACF;AAAA,gBACF;AAAA,cACF;AAAA,cACA,SAAS;AAAA,cACT,UAAU;AAAA,cACV,gBAAgB;AAAA,cAChB,WAAW;AAAA,cACX,WAAW;AAAA,YACb;AAAA,UACF;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,MAAM,CAAC,WAAW;AAAA,MAClB,YAAY,EAAE,OAAO;AAAA,QACnB,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,MACtB,CAAC;AAAA,MACD,aAAa;AAAA,QACX,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,YAAY;AAAA,YACV,OAAO;AAAA,cACL;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,YACF;AAAA,YACA,aAAa;AAAA,cACX;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,cACX;AAAA,cACA;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,cACX;AAAA,cACA;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,cACX;AAAA,cACA;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,cACX;AAAA,YACF;AAAA,UACF;AAAA,UACA,SAAS;AAAA,QACX;AAAA,MACF;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,MAAM;AAAA,cACJ,IAAI;AAAA,cACJ,YAAY;AAAA,cACZ,cAAc;AAAA,cACd,aAAa;AAAA,cACb,SAAS;AAAA,cACT,YAAY;AAAA,gBACV,OAAO;AAAA,kBACL,EAAE,QAAQ,SAAS,UAAU,SAAS,UAAU,QAAQ;AAAA,kBACxD;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,kBACA;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,kBACA;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,kBACA,EAAE,QAAQ,OAAO,UAAU,OAAO,UAAU,MAAM;AAAA,gBACpD;AAAA,gBACA,aAAa;AAAA,kBACX;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,gBACF;AAAA,cACF;AAAA,cACA,SAAS;AAAA,cACT,UAAU;AAAA,cACV,gBAAgB;AAAA,cAChB,WAAW;AAAA,cACX,WAAW;AAAA,YACb;AAAA,YACA,SAAS;AAAA,UACX;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,YACP,SAAS;AAAA,cACP;AAAA,gBACE,MAAM;AAAA,gBACN,SAAS;AAAA,gBACT,MAAM,CAAC,YAAY;AAAA,cACrB;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,aAAa;AAAA,MACb,MAAM,CAAC,WAAW;AAAA,MAClB,YAAY,EAAE,OAAO;AAAA,QACnB,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,MACtB,CAAC;AAAA,MACD,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,SAAS;AAAA,UACX;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,UACT;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;",
4
+ "sourcesContent": ["/**\n * Workflow Definition Detail API\n *\n * Endpoints:\n * - GET /api/workflows/definitions/[id] - Get workflow definition\n * - PUT /api/workflows/definitions/[id] - Update workflow definition\n * - DELETE /api/workflows/definitions/[id] - Delete workflow definition (soft delete)\n */\n\nimport { NextRequest, NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { resolveOrganizationScopeForRequest } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport { resolveOrganizationScopeFilter } from '@open-mercato/core/modules/directory/utils/organizationScopeFilter'\nimport { WorkflowDefinition } from '../../../data/entities'\nimport {\n updateWorkflowDefinitionInputSchema,\n type UpdateWorkflowDefinitionApiInput,\n} from '../../../data/validators'\nimport { serializeWorkflowDefinition } from '../serialize'\nimport { invalidateTriggerCache } from '../../../lib/event-trigger-service'\n\nexport const metadata = {\n requireAuth: true,\n requireFeatures: ['workflows.definitions.view'],\n}\n\ninterface RouteContext {\n params: Promise<{\n id: string\n }>\n}\n\n/**\n * GET /api/workflows/definitions/[id]\n *\n * Get a single workflow definition by ID\n */\nexport async function GET(\n request: NextRequest,\n context: RouteContext\n) {\n try {\n const params = await context.params\n const container = await createRequestContainer()\n const em = container.resolve('em')\n const auth = await getAuthFromRequest(request)\n\n if (!auth) {\n return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const tenantId = auth.tenantId\n const orgFilter = resolveOrganizationScopeFilter(scope, auth)\n\n const definition = await em.findOne(WorkflowDefinition, {\n id: params.id,\n tenantId,\n ...orgFilter.where,\n deletedAt: null,\n })\n\n if (!definition) {\n return NextResponse.json(\n { error: 'Workflow definition not found' },\n { status: 404 }\n )\n }\n\n return NextResponse.json({ data: serializeWorkflowDefinition(definition) })\n } catch (error) {\n console.error('Error getting workflow definition:', error)\n return NextResponse.json(\n { error: 'Failed to get workflow definition' },\n { status: 500 }\n )\n }\n}\n\n/**\n * PUT /api/workflows/definitions/[id]\n *\n * Update a workflow definition\n */\nexport async function PUT(\n request: NextRequest,\n context: RouteContext\n) {\n try {\n const params = await context.params\n const container = await createRequestContainer()\n const em = container.resolve('em')\n const auth = await getAuthFromRequest(request)\n\n if (!auth) {\n return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const tenantId = auth.tenantId\n const organizationId = scope?.selectedId ?? auth.orgId\n\n // Check edit permission\n const rbacService = container.resolve('rbacService')\n const hasPermission = await rbacService.userHasAllFeatures(\n auth.sub,\n ['workflows.definitions.edit'],\n {\n tenantId,\n organizationId,\n }\n )\n\n if (!hasPermission) {\n return NextResponse.json(\n { error: 'Insufficient permissions' },\n { status: 403 }\n )\n }\n\n const body = await request.json()\n\n // Validate input\n const validation = updateWorkflowDefinitionInputSchema.safeParse(body)\n if (!validation.success) {\n return NextResponse.json(\n {\n error: 'Validation failed',\n details: validation.error.issues,\n },\n { status: 400 }\n )\n }\n\n const input: UpdateWorkflowDefinitionApiInput = validation.data\n\n // Find existing definition\n const definition = await em.findOne(WorkflowDefinition, {\n id: params.id,\n tenantId,\n organizationId,\n deletedAt: null,\n })\n\n if (!definition) {\n return NextResponse.json(\n { error: 'Workflow definition not found' },\n { status: 404 }\n )\n }\n\n // Update fields. workflowId and version are intentionally ignored \u2014\n // they identify the row and bumping versions is handled elsewhere.\n if (input.workflowName !== undefined) {\n definition.workflowName = input.workflowName\n }\n if (input.description !== undefined) {\n definition.description = input.description\n }\n if (input.definition !== undefined) {\n definition.definition = input.definition\n }\n if (input.metadata !== undefined) {\n definition.metadata = input.metadata\n }\n if (input.enabled !== undefined) {\n definition.enabled = input.enabled\n }\n if (input.effectiveFrom !== undefined) {\n definition.effectiveFrom = input.effectiveFrom\n }\n if (input.effectiveTo !== undefined) {\n definition.effectiveTo = input.effectiveTo\n }\n\n definition.updatedAt = new Date()\n\n await em.flush()\n\n // Embedded triggers may have changed; invalidate the in-memory cache so\n // the wildcard event subscriber reloads them on the next event.\n if (tenantId) invalidateTriggerCache(tenantId, organizationId ?? undefined)\n\n return NextResponse.json({\n data: serializeWorkflowDefinition(definition),\n message: 'Workflow definition updated successfully',\n })\n } catch (error) {\n console.error('Error updating workflow definition:', error)\n return NextResponse.json(\n { error: 'Failed to update workflow definition' },\n { status: 500 }\n )\n }\n}\n\n/**\n * DELETE /api/workflows/definitions/[id]\n *\n * Soft delete a workflow definition\n */\nexport async function DELETE(\n request: NextRequest,\n context: RouteContext\n) {\n try {\n const params = await context.params\n const container = await createRequestContainer()\n const em = container.resolve('em')\n const auth = await getAuthFromRequest(request)\n\n if (!auth) {\n return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const tenantId = auth.tenantId\n const organizationId = scope?.selectedId ?? auth.orgId\n\n // Check delete permission\n const rbacService = container.resolve('rbacService')\n const hasPermission = await rbacService.userHasAllFeatures(\n auth.sub,\n ['workflows.definitions.delete'],\n {\n tenantId,\n organizationId,\n }\n )\n\n if (!hasPermission) {\n return NextResponse.json(\n { error: 'Insufficient permissions' },\n { status: 403 }\n )\n }\n\n // Find existing definition\n const definition = await em.findOne(WorkflowDefinition, {\n id: params.id,\n tenantId,\n organizationId,\n deletedAt: null,\n })\n\n if (!definition) {\n return NextResponse.json(\n { error: 'Workflow definition not found' },\n { status: 404 }\n )\n }\n\n // Check if there are active workflow instances using this definition\n const { WorkflowInstance } = await import('../../../data/entities')\n const activeInstances = await em.count(WorkflowInstance, {\n definitionId: definition.id,\n status: { $in: ['RUNNING', 'WAITING'] },\n })\n\n if (activeInstances > 0) {\n return NextResponse.json(\n {\n error: `Cannot delete workflow definition with ${activeInstances} active instance(s)`,\n },\n { status: 409 }\n )\n }\n\n // Soft delete\n definition.deletedAt = new Date()\n definition.updatedAt = new Date()\n\n await em.flush()\n\n if (tenantId) invalidateTriggerCache(tenantId, organizationId ?? undefined)\n\n return NextResponse.json({\n message: 'Workflow definition deleted successfully',\n })\n } catch (error) {\n console.error('Error deleting workflow definition:', error)\n return NextResponse.json(\n { error: 'Failed to delete workflow definition' },\n { status: 500 }\n )\n }\n}\n\nexport const openApi = {\n methods: {\n GET: {\n summary: 'Get workflow definition',\n description: 'Get a single workflow definition by ID. Returns the complete workflow structure including steps and transitions (with embedded activities).',\n tags: ['Workflows'],\n pathParams: z.object({\n id: z.string().uuid(),\n }),\n responses: [\n {\n status: 200,\n description: 'Workflow definition found',\n example: {\n data: {\n id: '123e4567-e89b-12d3-a456-426614174000',\n workflowId: 'checkout-flow',\n workflowName: 'Checkout Flow',\n description: 'Complete checkout workflow for processing orders',\n version: 1,\n definition: {\n steps: [\n {\n stepId: 'start',\n stepName: 'Start',\n stepType: 'START',\n },\n {\n stepId: 'validate-cart',\n stepName: 'Validate Cart',\n stepType: 'AUTOMATED',\n description: 'Validate cart items and check inventory',\n },\n {\n stepId: 'payment',\n stepName: 'Process Payment',\n stepType: 'AUTOMATED',\n description: 'Charge payment method',\n retryPolicy: {\n maxAttempts: 3,\n backoffMs: 1000,\n },\n },\n {\n stepId: 'end',\n stepName: 'End',\n stepType: 'END',\n },\n ],\n transitions: [\n {\n transitionId: 'start-to-validate',\n fromStepId: 'start',\n toStepId: 'validate-cart',\n trigger: 'auto',\n },\n {\n transitionId: 'validate-to-payment',\n fromStepId: 'validate-cart',\n toStepId: 'payment',\n trigger: 'auto',\n },\n {\n transitionId: 'payment-to-end',\n fromStepId: 'payment',\n toStepId: 'end',\n trigger: 'auto',\n activities: [\n {\n activityName: 'Send Order Confirmation',\n activityType: 'SEND_EMAIL',\n config: {\n to: '{{context.customerEmail}}',\n subject: 'Order Confirmation #{{context.orderId}}',\n template: 'order_confirmation',\n },\n },\n ],\n },\n ],\n },\n enabled: true,\n tenantId: '123e4567-e89b-12d3-a456-426614174001',\n organizationId: '123e4567-e89b-12d3-a456-426614174002',\n createdAt: '2025-12-08T10:00:00.000Z',\n updatedAt: '2025-12-08T10:00:00.000Z',\n },\n },\n },\n {\n status: 404,\n description: 'Workflow definition not found',\n example: {\n error: 'Workflow definition not found',\n },\n },\n ],\n },\n PUT: {\n summary: 'Update workflow definition',\n description: 'Update an existing workflow definition. Supports partial updates - only provided fields will be updated.',\n tags: ['Workflows'],\n pathParams: z.object({\n id: z.string().uuid(),\n }),\n requestBody: {\n schema: updateWorkflowDefinitionInputSchema,\n example: {\n definition: {\n steps: [\n {\n stepId: 'start',\n stepName: 'Start',\n stepType: 'START',\n },\n {\n stepId: 'validate-cart',\n stepName: 'Validate Cart',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'payment',\n stepName: 'Process Payment',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'confirmation',\n stepName: 'Order Confirmation',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'end',\n stepName: 'End',\n stepType: 'END',\n },\n ],\n transitions: [\n {\n transitionId: 'start-to-validate',\n fromStepId: 'start',\n toStepId: 'validate-cart',\n trigger: 'auto',\n },\n {\n transitionId: 'validate-to-payment',\n fromStepId: 'validate-cart',\n toStepId: 'payment',\n trigger: 'auto',\n },\n {\n transitionId: 'payment-to-confirmation',\n fromStepId: 'payment',\n toStepId: 'confirmation',\n trigger: 'auto',\n },\n {\n transitionId: 'confirmation-to-end',\n fromStepId: 'confirmation',\n toStepId: 'end',\n trigger: 'auto',\n },\n ],\n },\n enabled: true,\n },\n },\n responses: [\n {\n status: 200,\n description: 'Workflow definition updated successfully',\n example: {\n data: {\n id: '123e4567-e89b-12d3-a456-426614174000',\n workflowId: 'checkout-flow',\n workflowName: 'Checkout Flow',\n description: 'Complete checkout workflow for processing orders',\n version: 1,\n definition: {\n steps: [\n { stepId: 'start', stepName: 'Start', stepType: 'START' },\n {\n stepId: 'validate-cart',\n stepName: 'Validate Cart',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'payment',\n stepName: 'Process Payment',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'confirmation',\n stepName: 'Order Confirmation',\n stepType: 'AUTOMATED',\n },\n { stepId: 'end', stepName: 'End', stepType: 'END' },\n ],\n transitions: [\n {\n transitionId: 'start-to-validate',\n fromStepId: 'start',\n toStepId: 'validate-cart',\n trigger: 'auto',\n },\n {\n transitionId: 'validate-to-payment',\n fromStepId: 'validate-cart',\n toStepId: 'payment',\n trigger: 'auto',\n },\n {\n transitionId: 'payment-to-confirmation',\n fromStepId: 'payment',\n toStepId: 'confirmation',\n trigger: 'auto',\n },\n {\n transitionId: 'confirmation-to-end',\n fromStepId: 'confirmation',\n toStepId: 'end',\n trigger: 'auto',\n },\n ],\n },\n enabled: true,\n tenantId: '123e4567-e89b-12d3-a456-426614174001',\n organizationId: '123e4567-e89b-12d3-a456-426614174002',\n createdAt: '2025-12-08T10:00:00.000Z',\n updatedAt: '2025-12-08T11:30:00.000Z',\n },\n message: 'Workflow definition updated successfully',\n },\n },\n {\n status: 400,\n description: 'Validation error',\n example: {\n error: 'Validation failed',\n details: [\n {\n code: 'invalid_type',\n message: 'Expected object, received string',\n path: ['definition'],\n },\n ],\n },\n },\n {\n status: 404,\n description: 'Workflow definition not found',\n example: {\n error: 'Workflow definition not found',\n },\n },\n ],\n },\n DELETE: {\n summary: 'Delete workflow definition',\n description: 'Soft delete a workflow definition. Cannot be deleted if there are active workflow instances (RUNNING or WAITING status) using this definition.',\n tags: ['Workflows'],\n pathParams: z.object({\n id: z.string().uuid(),\n }),\n responses: [\n {\n status: 200,\n description: 'Workflow definition deleted successfully',\n example: {\n message: 'Workflow definition deleted successfully',\n },\n },\n {\n status: 404,\n description: 'Workflow definition not found',\n example: {\n error: 'Workflow definition not found',\n },\n },\n {\n status: 409,\n description: 'Cannot delete - active workflow instances exist',\n example: {\n error: 'Cannot delete workflow definition with 3 active instance(s)',\n },\n },\n ],\n },\n },\n}\n"],
5
+ "mappings": "AASA,SAAsB,oBAAoB;AAC1C,SAAS,SAAS;AAClB,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,0CAA0C;AACnD,SAAS,sCAAsC;AAC/C,SAAS,0BAA0B;AACnC;AAAA,EACE;AAAA,OAEK;AACP,SAAS,mCAAmC;AAC5C,SAAS,8BAA8B;AAEhC,MAAM,WAAW;AAAA,EACtB,aAAa;AAAA,EACb,iBAAiB,CAAC,4BAA4B;AAChD;AAaA,eAAsB,IACpB,SACA,SACA;AACA,MAAI;AACF,UAAM,SAAS,MAAM,QAAQ;AAC7B,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,UAAM,OAAO,MAAM,mBAAmB,OAAO;AAE7C,QAAI,CAAC,MAAM;AACT,aAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACrE;AAEA,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,UAAM,WAAW,KAAK;AACtB,UAAM,YAAY,+BAA+B,OAAO,IAAI;AAE5D,UAAM,aAAa,MAAM,GAAG,QAAQ,oBAAoB;AAAA,MACtD,IAAI,OAAO;AAAA,MACX;AAAA,MACA,GAAG,UAAU;AAAA,MACb,WAAW;AAAA,IACb,CAAC;AAED,QAAI,CAAC,YAAY;AACf,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,gCAAgC;AAAA,QACzC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,WAAO,aAAa,KAAK,EAAE,MAAM,4BAA4B,UAAU,EAAE,CAAC;AAAA,EAC5E,SAAS,OAAO;AACd,YAAQ,MAAM,sCAAsC,KAAK;AACzD,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,oCAAoC;AAAA,MAC7C,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACF;AAOA,eAAsB,IACpB,SACA,SACA;AACA,MAAI;AACF,UAAM,SAAS,MAAM,QAAQ;AAC7B,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,UAAM,OAAO,MAAM,mBAAmB,OAAO;AAE7C,QAAI,CAAC,MAAM;AACT,aAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACrE;AAEA,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,UAAM,WAAW,KAAK;AACtB,UAAM,iBAAiB,OAAO,cAAc,KAAK;AAGjD,UAAM,cAAc,UAAU,QAAQ,aAAa;AACnD,UAAM,gBAAgB,MAAM,YAAY;AAAA,MACtC,KAAK;AAAA,MACL,CAAC,4BAA4B;AAAA,MAC7B;AAAA,QACE;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAEA,QAAI,CAAC,eAAe;AAClB,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,2BAA2B;AAAA,QACpC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,UAAM,OAAO,MAAM,QAAQ,KAAK;AAGhC,UAAM,aAAa,oCAAoC,UAAU,IAAI;AACrE,QAAI,CAAC,WAAW,SAAS;AACvB,aAAO,aAAa;AAAA,QAClB;AAAA,UACE,OAAO;AAAA,UACP,SAAS,WAAW,MAAM;AAAA,QAC5B;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,UAAM,QAA0C,WAAW;AAG3D,UAAM,aAAa,MAAM,GAAG,QAAQ,oBAAoB;AAAA,MACtD,IAAI,OAAO;AAAA,MACX;AAAA,MACA;AAAA,MACA,WAAW;AAAA,IACb,CAAC;AAED,QAAI,CAAC,YAAY;AACf,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,gCAAgC;AAAA,QACzC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAIA,QAAI,MAAM,iBAAiB,QAAW;AACpC,iBAAW,eAAe,MAAM;AAAA,IAClC;AACA,QAAI,MAAM,gBAAgB,QAAW;AACnC,iBAAW,cAAc,MAAM;AAAA,IACjC;AACA,QAAI,MAAM,eAAe,QAAW;AAClC,iBAAW,aAAa,MAAM;AAAA,IAChC;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,iBAAW,WAAW,MAAM;AAAA,IAC9B;AACA,QAAI,MAAM,YAAY,QAAW;AAC/B,iBAAW,UAAU,MAAM;AAAA,IAC7B;AACA,QAAI,MAAM,kBAAkB,QAAW;AACrC,iBAAW,gBAAgB,MAAM;AAAA,IACnC;AACA,QAAI,MAAM,gBAAgB,QAAW;AACnC,iBAAW,cAAc,MAAM;AAAA,IACjC;AAEA,eAAW,YAAY,oBAAI,KAAK;AAEhC,UAAM,GAAG,MAAM;AAIf,QAAI,SAAU,wBAAuB,UAAU,kBAAkB,MAAS;AAE1E,WAAO,aAAa,KAAK;AAAA,MACvB,MAAM,4BAA4B,UAAU;AAAA,MAC5C,SAAS;AAAA,IACX,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,uCAAuC,KAAK;AAC1D,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,uCAAuC;AAAA,MAChD,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACF;AAOA,eAAsB,OACpB,SACA,SACA;AACA,MAAI;AACF,UAAM,SAAS,MAAM,QAAQ;AAC7B,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,UAAM,OAAO,MAAM,mBAAmB,OAAO;AAE7C,QAAI,CAAC,MAAM;AACT,aAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACrE;AAEA,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,UAAM,WAAW,KAAK;AACtB,UAAM,iBAAiB,OAAO,cAAc,KAAK;AAGjD,UAAM,cAAc,UAAU,QAAQ,aAAa;AACnD,UAAM,gBAAgB,MAAM,YAAY;AAAA,MACtC,KAAK;AAAA,MACL,CAAC,8BAA8B;AAAA,MAC/B;AAAA,QACE;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAEA,QAAI,CAAC,eAAe;AAClB,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,2BAA2B;AAAA,QACpC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAGA,UAAM,aAAa,MAAM,GAAG,QAAQ,oBAAoB;AAAA,MACtD,IAAI,OAAO;AAAA,MACX;AAAA,MACA;AAAA,MACA,WAAW;AAAA,IACb,CAAC;AAED,QAAI,CAAC,YAAY;AACf,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,gCAAgC;AAAA,QACzC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAGA,UAAM,EAAE,iBAAiB,IAAI,MAAM,OAAO,wBAAwB;AAClE,UAAM,kBAAkB,MAAM,GAAG,MAAM,kBAAkB;AAAA,MACvD,cAAc,WAAW;AAAA,MACzB,QAAQ,EAAE,KAAK,CAAC,WAAW,SAAS,EAAE;AAAA,IACxC,CAAC;AAED,QAAI,kBAAkB,GAAG;AACvB,aAAO,aAAa;AAAA,QAClB;AAAA,UACE,OAAO,0CAA0C,eAAe;AAAA,QAClE;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAGA,eAAW,YAAY,oBAAI,KAAK;AAChC,eAAW,YAAY,oBAAI,KAAK;AAEhC,UAAM,GAAG,MAAM;AAEf,QAAI,SAAU,wBAAuB,UAAU,kBAAkB,MAAS;AAE1E,WAAO,aAAa,KAAK;AAAA,MACvB,SAAS;AAAA,IACX,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,uCAAuC,KAAK;AAC1D,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,uCAAuC;AAAA,MAChD,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACF;AAEO,MAAM,UAAU;AAAA,EACrB,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,MAAM,CAAC,WAAW;AAAA,MAClB,YAAY,EAAE,OAAO;AAAA,QACnB,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,MACtB,CAAC;AAAA,MACD,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,MAAM;AAAA,cACJ,IAAI;AAAA,cACJ,YAAY;AAAA,cACZ,cAAc;AAAA,cACd,aAAa;AAAA,cACb,SAAS;AAAA,cACT,YAAY;AAAA,gBACV,OAAO;AAAA,kBACL;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,kBACA;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,oBACV,aAAa;AAAA,kBACf;AAAA,kBACA;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,oBACV,aAAa;AAAA,oBACb,aAAa;AAAA,sBACX,aAAa;AAAA,sBACb,WAAW;AAAA,oBACb;AAAA,kBACF;AAAA,kBACA;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,gBACF;AAAA,gBACA,aAAa;AAAA,kBACX;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,oBACT,YAAY;AAAA,sBACV;AAAA,wBACE,cAAc;AAAA,wBACd,cAAc;AAAA,wBACd,QAAQ;AAAA,0BACN,IAAI;AAAA,0BACJ,SAAS;AAAA,0BACT,UAAU;AAAA,wBACZ;AAAA,sBACF;AAAA,oBACF;AAAA,kBACF;AAAA,gBACF;AAAA,cACF;AAAA,cACA,SAAS;AAAA,cACT,UAAU;AAAA,cACV,gBAAgB;AAAA,cAChB,WAAW;AAAA,cACX,WAAW;AAAA,YACb;AAAA,UACF;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,MAAM,CAAC,WAAW;AAAA,MAClB,YAAY,EAAE,OAAO;AAAA,QACnB,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,MACtB,CAAC;AAAA,MACD,aAAa;AAAA,QACX,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,YAAY;AAAA,YACV,OAAO;AAAA,cACL;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,YACF;AAAA,YACA,aAAa;AAAA,cACX;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,cACX;AAAA,cACA;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,cACX;AAAA,cACA;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,cACX;AAAA,cACA;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,cACX;AAAA,YACF;AAAA,UACF;AAAA,UACA,SAAS;AAAA,QACX;AAAA,MACF;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,MAAM;AAAA,cACJ,IAAI;AAAA,cACJ,YAAY;AAAA,cACZ,cAAc;AAAA,cACd,aAAa;AAAA,cACb,SAAS;AAAA,cACT,YAAY;AAAA,gBACV,OAAO;AAAA,kBACL,EAAE,QAAQ,SAAS,UAAU,SAAS,UAAU,QAAQ;AAAA,kBACxD;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,kBACA;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,kBACA;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,kBACA,EAAE,QAAQ,OAAO,UAAU,OAAO,UAAU,MAAM;AAAA,gBACpD;AAAA,gBACA,aAAa;AAAA,kBACX;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,gBACF;AAAA,cACF;AAAA,cACA,SAAS;AAAA,cACT,UAAU;AAAA,cACV,gBAAgB;AAAA,cAChB,WAAW;AAAA,cACX,WAAW;AAAA,YACb;AAAA,YACA,SAAS;AAAA,UACX;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,YACP,SAAS;AAAA,cACP;AAAA,gBACE,MAAM;AAAA,gBACN,SAAS;AAAA,gBACT,MAAM,CAAC,YAAY;AAAA,cACrB;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,aAAa;AAAA,MACb,MAAM,CAAC,WAAW;AAAA,MAClB,YAAY,EAAE,OAAO;AAAA,QACnB,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,MACtB,CAAC;AAAA,MACD,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,SAAS;AAAA,UACX;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,UACT;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;",
6
6
  "names": []
7
7
  }
package/dist/modules/workflows/api/definitions/route.js CHANGED
@@ -9,6 +9,7 @@ import {
9
9
  createWorkflowDefinitionInputSchema
10
10
  } from "../../data/validators.js";
11
11
  import { serializeWorkflowDefinition } from "./serialize.js";
12
+ import { invalidateTriggerCache } from "../../lib/event-trigger-service.js";
12
13
  const metadata = {
13
14
  requireAuth: true,
14
15
  requireFeatures: ["workflows.definitions.view"]
@@ -155,6 +156,7 @@ async function POST(request) {
155
156
  updatedAt: /* @__PURE__ */ new Date()
156
157
  });
157
158
  await em.persist(definition).flush();
159
+ if (tenantId) invalidateTriggerCache(tenantId, organizationId ?? void 0);
158
160
  return NextResponse.json(
159
161
  {
160
162
  data: serializeWorkflowDefinition(definition),
package/dist/modules/workflows/api/definitions/route.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/modules/workflows/api/definitions/route.ts"],
4
- "sourcesContent": ["/**\n * Workflow Definitions API\n *\n * Endpoints:\n * - GET /api/workflows/definitions - List workflow definitions\n * - POST /api/workflows/definitions - Create workflow definition\n */\n\nimport { NextRequest, NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { resolveOrganizationScopeForRequest } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport { resolveOrganizationScopeFilter } from '@open-mercato/core/modules/directory/utils/organizationScopeFilter'\nimport { WorkflowDefinition } from '../../data/entities'\nimport {\n createWorkflowDefinitionInputSchema,\n type CreateWorkflowDefinitionApiInput,\n} from '../../data/validators'\nimport { serializeWorkflowDefinition } from './serialize'\n\nexport const metadata = {\n requireAuth: true,\n requireFeatures: ['workflows.definitions.view'],\n}\n\nconst WORKFLOW_ID_TENANT_UNIQUE_CONSTRAINT = 'workflow_definitions_workflow_id_tenant_id_unique'\n\nfunction isWorkflowIdUniqueConstraintError(error: unknown): boolean {\n if (!error || typeof error !== 'object') {\n return false\n }\n\n const value = error as Record<string, unknown>\n const constraint = value.constraint\n const code = value.code\n const message = typeof value.message === 'string' ? value.message : ''\n const detail = typeof value.detail === 'string' ? value.detail : ''\n\n if (constraint === WORKFLOW_ID_TENANT_UNIQUE_CONSTRAINT) {\n return true\n }\n\n if (code === '23505' && detail.includes('(workflow_id, tenant_id)')) {\n return true\n }\n\n return message.includes(WORKFLOW_ID_TENANT_UNIQUE_CONSTRAINT)\n}\n\n/**\n * GET /api/workflows/definitions\n *\n * List workflow definitions with optional filters\n */\nexport async function GET(request: NextRequest) {\n try {\n const container = await createRequestContainer()\n const em = container.resolve('em')\n const auth = await getAuthFromRequest(request)\n\n if (!auth) {\n return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const tenantId = auth.tenantId\n const orgFilter = resolveOrganizationScopeFilter(scope, auth)\n\n const { searchParams } = new URL(request.url)\n const enabled = searchParams.get('enabled')\n const workflowId = searchParams.get('workflowId')\n const search = searchParams.get('search')\n const limit = parseInt(searchParams.get('limit') || '50')\n const offset = parseInt(searchParams.get('offset') || '0')\n\n // Build where clause with tenant scoping\n const where: any = {\n tenantId,\n ...orgFilter.where,\n deletedAt: null,\n }\n\n if (enabled !== null) {\n where.enabled = enabled === 'true'\n }\n\n if (workflowId) {\n where.workflowId = workflowId\n }\n\n if (search) {\n where.$or = [\n { workflowId: { $ilike: `%${search}%` } },\n { workflowName: { $ilike: `%${search}%` } },\n ]\n }\n\n const [definitions, total] = await em.findAndCount(\n WorkflowDefinition,\n where,\n {\n orderBy: { createdAt: 'DESC' },\n limit,\n offset,\n }\n )\n\n return NextResponse.json({\n data: definitions.map(serializeWorkflowDefinition),\n pagination: {\n total,\n limit,\n offset,\n hasMore: offset + limit < total,\n },\n })\n } catch (error) {\n console.error('Error listing workflow definitions:', error)\n return NextResponse.json(\n { error: 'Failed to list workflow definitions' },\n { status: 500 }\n )\n }\n}\n\n/**\n * POST /api/workflows/definitions\n *\n * Create a new workflow definition\n */\nexport async function POST(request: NextRequest) {\n try {\n const container = await createRequestContainer()\n const em = container.resolve('em')\n const auth = await getAuthFromRequest(request)\n\n if (!auth) {\n return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const tenantId = auth.tenantId\n const organizationId = scope?.selectedId ?? auth.orgId\n\n // Check create permission\n const rbacService = container.resolve('rbacService')\n const hasPermission = await rbacService.userHasAllFeatures(\n auth.sub,\n ['workflows.definitions.create'],\n {\n tenantId,\n organizationId,\n }\n )\n\n if (!hasPermission) {\n return NextResponse.json(\n { error: 'Insufficient permissions' },\n { status: 403 }\n )\n }\n\n const body = await request.json()\n\n // Validate input\n const validation = createWorkflowDefinitionInputSchema.safeParse(body)\n if (!validation.success) {\n return NextResponse.json(\n {\n error: 'Validation failed',\n details: validation.error.issues,\n },\n { status: 400 }\n )\n }\n\n const input: CreateWorkflowDefinitionApiInput = validation.data\n\n // workflow_id is unique per tenant; check upfront to return 409 instead of DB error.\n const existing = await em.findOne(WorkflowDefinition, {\n workflowId: input.workflowId,\n tenantId,\n })\n\n if (existing) {\n return NextResponse.json(\n {\n error: `Workflow definition with ID \"${input.workflowId}\" already exists`,\n },\n { status: 409 }\n )\n }\n\n // Create workflow definition\n const definition = em.create(WorkflowDefinition, {\n workflowId: input.workflowId,\n workflowName: input.workflowName,\n description: input.description,\n version: input.version,\n definition: input.definition,\n metadata: input.metadata,\n enabled: input.enabled ?? true,\n tenantId,\n organizationId,\n createdAt: new Date(),\n updatedAt: new Date(),\n })\n\n await em.persist(definition).flush()\n\n return NextResponse.json(\n {\n data: serializeWorkflowDefinition(definition),\n message: 'Workflow definition created successfully',\n },\n { status: 201 }\n )\n } catch (error) {\n if (isWorkflowIdUniqueConstraintError(error)) {\n return NextResponse.json(\n { error: 'Workflow definition with this ID already exists' },\n { status: 409 }\n )\n }\n\n console.error('Error creating workflow definition:', error)\n return NextResponse.json(\n { error: 'Failed to create workflow definition' },\n { status: 500 }\n )\n }\n}\n\nexport const openApi = {\n methods: {\n GET: {\n summary: 'List workflow definitions',\n description: 'Get a list of workflow definitions with optional filters. Supports pagination and search.',\n tags: ['Workflows'],\n query: createWorkflowDefinitionInputSchema.pick({ workflowId: true }).extend({\n enabled: z.boolean().optional(),\n search: z.string().optional(),\n limit: z.number().int().positive().default(50).optional(),\n offset: z.number().int().min(0).default(0).optional(),\n }),\n responses: [\n {\n status: 200,\n description: 'List of workflow definitions with pagination',\n example: {\n data: [\n {\n id: '123e4567-e89b-12d3-a456-426614174000',\n workflowId: 'checkout-flow',\n workflowName: 'Checkout Flow',\n description: 'Complete checkout workflow for processing orders',\n version: 1,\n definition: {\n steps: [\n {\n stepId: 'start',\n stepName: 'Start',\n stepType: 'START',\n },\n {\n stepId: 'validate-cart',\n stepName: 'Validate Cart',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'end',\n stepName: 'End',\n stepType: 'END',\n },\n ],\n transitions: [\n {\n transitionId: 'start-to-validate',\n fromStepId: 'start',\n toStepId: 'validate-cart',\n trigger: 'auto',\n },\n {\n transitionId: 'validate-to-end',\n fromStepId: 'validate-cart',\n toStepId: 'end',\n trigger: 'auto',\n },\n ],\n },\n enabled: true,\n tenantId: '123e4567-e89b-12d3-a456-426614174001',\n organizationId: '123e4567-e89b-12d3-a456-426614174002',\n createdAt: '2025-12-08T10:00:00.000Z',\n updatedAt: '2025-12-08T10:00:00.000Z',\n },\n ],\n pagination: {\n total: 1,\n limit: 50,\n offset: 0,\n hasMore: false,\n },\n },\n },\n ],\n },\n POST: {\n summary: 'Create workflow definition',\n description: 'Create a new workflow definition. The definition must include at least START and END steps with at least one transition connecting them.',\n tags: ['Workflows'],\n requestBody: {\n schema: createWorkflowDefinitionInputSchema,\n example: {\n workflowId: 'checkout-flow',\n workflowName: 'Checkout Flow',\n description: 'Complete checkout workflow for processing orders',\n version: 1,\n definition: {\n steps: [\n {\n stepId: 'start',\n stepName: 'Start',\n stepType: 'START',\n },\n {\n stepId: 'validate-cart',\n stepName: 'Validate Cart',\n stepType: 'AUTOMATED',\n description: 'Validate cart items and check inventory',\n },\n {\n stepId: 'payment',\n stepName: 'Process Payment',\n stepType: 'AUTOMATED',\n description: 'Charge payment method',\n retryPolicy: {\n maxAttempts: 3,\n backoffMs: 1000,\n },\n },\n {\n stepId: 'end',\n stepName: 'End',\n stepType: 'END',\n },\n ],\n transitions: [\n {\n transitionId: 'start-to-validate',\n fromStepId: 'start',\n toStepId: 'validate-cart',\n trigger: 'auto',\n },\n {\n transitionId: 'validate-to-payment',\n fromStepId: 'validate-cart',\n toStepId: 'payment',\n trigger: 'auto',\n },\n {\n transitionId: 'payment-to-end',\n fromStepId: 'payment',\n toStepId: 'end',\n trigger: 'auto',\n activities: [\n {\n activityName: 'Send Order Confirmation',\n activityType: 'SEND_EMAIL',\n config: {\n to: '{{context.customerEmail}}',\n subject: 'Order Confirmation #{{context.orderId}}',\n template: 'order_confirmation',\n },\n },\n ],\n },\n ],\n },\n enabled: true,\n },\n },\n responses: [\n {\n status: 201,\n description: 'Workflow definition created successfully',\n example: {\n data: {\n id: '123e4567-e89b-12d3-a456-426614174000',\n workflowId: 'checkout-flow',\n workflowName: 'Checkout Flow',\n description: 'Complete checkout workflow for processing orders',\n version: 1,\n definition: {\n steps: [\n { stepId: 'start', stepName: 'Start', stepType: 'START' },\n {\n stepId: 'validate-cart',\n stepName: 'Validate Cart',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'payment',\n stepName: 'Process Payment',\n stepType: 'AUTOMATED',\n },\n { stepId: 'end', stepName: 'End', stepType: 'END' },\n ],\n transitions: [\n {\n transitionId: 'start-to-validate',\n fromStepId: 'start',\n toStepId: 'validate-cart',\n trigger: 'auto',\n },\n {\n transitionId: 'validate-to-payment',\n fromStepId: 'validate-cart',\n toStepId: 'payment',\n trigger: 'auto',\n },\n {\n transitionId: 'payment-to-end',\n fromStepId: 'payment',\n toStepId: 'end',\n trigger: 'auto',\n },\n ],\n },\n enabled: true,\n tenantId: '123e4567-e89b-12d3-a456-426614174001',\n organizationId: '123e4567-e89b-12d3-a456-426614174002',\n createdAt: '2025-12-08T10:00:00.000Z',\n updatedAt: '2025-12-08T10:00:00.000Z',\n },\n message: 'Workflow definition created successfully',\n },\n },\n {\n status: 400,\n description: 'Validation error - invalid workflow structure',\n example: {\n error: 'Validation failed',\n details: [\n {\n code: 'invalid_type',\n message: 'Workflow must have at least START and END steps',\n path: ['definition', 'steps'],\n },\n ],\n },\n },\n {\n status: 409,\n description: 'Conflict - workflow with same ID and version already exists',\n example: {\n error: 'Workflow definition with ID \"checkout-flow\" and version 1 already exists',\n },\n },\n ],\n },\n },\n}\n\n// Full OpenAPI documentation (kept for reference but not used by type system)\nexport const _openApiDetailedDocs = {\n get: {\n summary: 'List workflow definitions',\n description: 'Get a list of workflow definitions with optional filters',\n tags: ['Workflows'],\n parameters: [\n {\n name: 'enabled',\n in: 'query',\n description: 'Filter by enabled status',\n schema: { type: 'boolean' },\n },\n {\n name: 'workflowId',\n in: 'query',\n description: 'Filter by workflow ID',\n schema: { type: 'string' },\n },\n {\n name: 'search',\n in: 'query',\n description: 'Search in workflow ID and name',\n schema: { type: 'string' },\n },\n {\n name: 'limit',\n in: 'query',\n description: 'Number of results to return',\n schema: { type: 'integer', default: 50 },\n },\n {\n name: 'offset',\n in: 'query',\n description: 'Offset for pagination',\n schema: { type: 'integer', default: 0 },\n },\n ],\n responses: {\n 200: {\n description: 'List of workflow definitions',\n content: {\n 'application/json': {\n schema: {\n type: 'object',\n properties: {\n data: {\n type: 'array',\n items: { $ref: '#/components/schemas/WorkflowDefinition' },\n },\n pagination: {\n type: 'object',\n properties: {\n total: { type: 'integer' },\n limit: { type: 'integer' },\n offset: { type: 'integer' },\n hasMore: { type: 'boolean' },\n },\n },\n },\n },\n },\n },\n },\n },\n },\n post: {\n summary: 'Create workflow definition',\n description: 'Create a new workflow definition',\n tags: ['Workflows'],\n requestBody: {\n required: true,\n content: {\n 'application/json': {\n schema: { $ref: '#/components/schemas/CreateWorkflowDefinition' },\n },\n },\n },\n responses: {\n 201: {\n description: 'Workflow definition created',\n content: {\n 'application/json': {\n schema: {\n type: 'object',\n properties: {\n data: { $ref: '#/components/schemas/WorkflowDefinition' },\n message: { type: 'string' },\n },\n },\n },\n },\n },\n 400: {\n description: 'Validation error',\n },\n 409: {\n description: 'Workflow definition already exists',\n },\n },\n },\n}\n"],
5
- "mappings": "AAQA,SAAsB,oBAAoB;AAC1C,SAAS,SAAS;AAClB,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,0CAA0C;AACnD,SAAS,sCAAsC;AAC/C,SAAS,0BAA0B;AACnC;AAAA,EACE;AAAA,OAEK;AACP,SAAS,mCAAmC;AAErC,MAAM,WAAW;AAAA,EACtB,aAAa;AAAA,EACb,iBAAiB,CAAC,4BAA4B;AAChD;AAEA,MAAM,uCAAuC;AAE7C,SAAS,kCAAkC,OAAyB;AAClE,MAAI,CAAC,SAAS,OAAO,UAAU,UAAU;AACvC,WAAO;AAAA,EACT;AAEA,QAAM,QAAQ;AACd,QAAM,aAAa,MAAM;AACzB,QAAM,OAAO,MAAM;AACnB,QAAM,UAAU,OAAO,MAAM,YAAY,WAAW,MAAM,UAAU;AACpE,QAAM,SAAS,OAAO,MAAM,WAAW,WAAW,MAAM,SAAS;AAEjE,MAAI,eAAe,sCAAsC;AACvD,WAAO;AAAA,EACT;AAEA,MAAI,SAAS,WAAW,OAAO,SAAS,0BAA0B,GAAG;AACnE,WAAO;AAAA,EACT;AAEA,SAAO,QAAQ,SAAS,oCAAoC;AAC9D;AAOA,eAAsB,IAAI,SAAsB;AAC9C,MAAI;AACF,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,UAAM,OAAO,MAAM,mBAAmB,OAAO;AAE7C,QAAI,CAAC,MAAM;AACT,aAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACrE;AAEA,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,UAAM,WAAW,KAAK;AACtB,UAAM,YAAY,+BAA+B,OAAO,IAAI;AAE5D,UAAM,EAAE,aAAa,IAAI,IAAI,IAAI,QAAQ,GAAG;AAC5C,UAAM,UAAU,aAAa,IAAI,SAAS;AAC1C,UAAM,aAAa,aAAa,IAAI,YAAY;AAChD,UAAM,SAAS,aAAa,IAAI,QAAQ;AACxC,UAAM,QAAQ,SAAS,aAAa,IAAI,OAAO,KAAK,IAAI;AACxD,UAAM,SAAS,SAAS,aAAa,IAAI,QAAQ,KAAK,GAAG;AAGzD,UAAM,QAAa;AAAA,MACjB;AAAA,MACA,GAAG,UAAU;AAAA,MACb,WAAW;AAAA,IACb;AAEA,QAAI,YAAY,MAAM;AACpB,YAAM,UAAU,YAAY;AAAA,IAC9B;AAEA,QAAI,YAAY;AACd,YAAM,aAAa;AAAA,IACrB;AAEA,QAAI,QAAQ;AACV,YAAM,MAAM;AAAA,QACV,EAAE,YAAY,EAAE,QAAQ,IAAI,MAAM,IAAI,EAAE;AAAA,QACxC,EAAE,cAAc,EAAE,QAAQ,IAAI,MAAM,IAAI,EAAE;AAAA,MAC5C;AAAA,IACF;AAEA,UAAM,CAAC,aAAa,KAAK,IAAI,MAAM,GAAG;AAAA,MACpC;AAAA,MACA;AAAA,MACA;AAAA,QACE,SAAS,EAAE,WAAW,OAAO;AAAA,QAC7B;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAEA,WAAO,aAAa,KAAK;AAAA,MACvB,MAAM,YAAY,IAAI,2BAA2B;AAAA,MACjD,YAAY;AAAA,QACV;AAAA,QACA;AAAA,QACA;AAAA,QACA,SAAS,SAAS,QAAQ;AAAA,MAC5B;AAAA,IACF,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,uCAAuC,KAAK;AAC1D,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,sCAAsC;AAAA,MAC/C,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACF;AAOA,eAAsB,KAAK,SAAsB;AAC/C,MAAI;AACF,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,UAAM,OAAO,MAAM,mBAAmB,OAAO;AAE7C,QAAI,CAAC,MAAM;AACT,aAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACrE;AAEA,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,UAAM,WAAW,KAAK;AACtB,UAAM,iBAAiB,OAAO,cAAc,KAAK;AAGjD,UAAM,cAAc,UAAU,QAAQ,aAAa;AACnD,UAAM,gBAAgB,MAAM,YAAY;AAAA,MACtC,KAAK;AAAA,MACL,CAAC,8BAA8B;AAAA,MAC/B;AAAA,QACE;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAEA,QAAI,CAAC,eAAe;AAClB,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,2BAA2B;AAAA,QACpC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,UAAM,OAAO,MAAM,QAAQ,KAAK;AAGhC,UAAM,aAAa,oCAAoC,UAAU,IAAI;AACrE,QAAI,CAAC,WAAW,SAAS;AACvB,aAAO,aAAa;AAAA,QAClB;AAAA,UACE,OAAO;AAAA,UACP,SAAS,WAAW,MAAM;AAAA,QAC5B;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,UAAM,QAA0C,WAAW;AAG3D,UAAM,WAAW,MAAM,GAAG,QAAQ,oBAAoB;AAAA,MACpD,YAAY,MAAM;AAAA,MAClB;AAAA,IACF,CAAC;AAED,QAAI,UAAU;AACZ,aAAO,aAAa;AAAA,QAClB;AAAA,UACE,OAAO,gCAAgC,MAAM,UAAU;AAAA,QACzD;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAGA,UAAM,aAAa,GAAG,OAAO,oBAAoB;AAAA,MAC/C,YAAY,MAAM;AAAA,MAClB,cAAc,MAAM;AAAA,MACpB,aAAa,MAAM;AAAA,MACnB,SAAS,MAAM;AAAA,MACf,YAAY,MAAM;AAAA,MAClB,UAAU,MAAM;AAAA,MAChB,SAAS,MAAM,WAAW;AAAA,MAC1B;AAAA,MACA;AAAA,MACA,WAAW,oBAAI,KAAK;AAAA,MACpB,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAC;AAED,UAAM,GAAG,QAAQ,UAAU,EAAE,MAAM;AAEnC,WAAO,aAAa;AAAA,MAClB;AAAA,QACE,MAAM,4BAA4B,UAAU;AAAA,QAC5C,SAAS;AAAA,MACX;AAAA,MACA,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF,SAAS,OAAO;AACd,QAAI,kCAAkC,KAAK,GAAG;AAC5C,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,kDAAkD;AAAA,QAC3D,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,YAAQ,MAAM,uCAAuC,KAAK;AAC1D,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,uCAAuC;AAAA,MAChD,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACF;AAEO,MAAM,UAAU;AAAA,EACrB,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,MAAM,CAAC,WAAW;AAAA,MAClB,OAAO,oCAAoC,KAAK,EAAE,YAAY,KAAK,CAAC,EAAE,OAAO;AAAA,QAC3E,SAAS,EAAE,QAAQ,EAAE,SAAS;AAAA,QAC9B,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,QAC5B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,EAAE,SAAS;AAAA,QACxD,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,QAAQ,CAAC,EAAE,SAAS;AAAA,MACtD,CAAC;AAAA,MACD,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,MAAM;AAAA,cACJ;AAAA,gBACE,IAAI;AAAA,gBACJ,YAAY;AAAA,gBACZ,cAAc;AAAA,gBACd,aAAa;AAAA,gBACb,SAAS;AAAA,gBACT,YAAY;AAAA,kBACV,OAAO;AAAA,oBACL;AAAA,sBACE,QAAQ;AAAA,sBACR,UAAU;AAAA,sBACV,UAAU;AAAA,oBACZ;AAAA,oBACA;AAAA,sBACE,QAAQ;AAAA,sBACR,UAAU;AAAA,sBACV,UAAU;AAAA,oBACZ;AAAA,oBACA;AAAA,sBACE,QAAQ;AAAA,sBACR,UAAU;AAAA,sBACV,UAAU;AAAA,oBACZ;AAAA,kBACF;AAAA,kBACA,aAAa;AAAA,oBACX;AAAA,sBACE,cAAc;AAAA,sBACd,YAAY;AAAA,sBACZ,UAAU;AAAA,sBACV,SAAS;AAAA,oBACX;AAAA,oBACA;AAAA,sBACE,cAAc;AAAA,sBACd,YAAY;AAAA,sBACZ,UAAU;AAAA,sBACV,SAAS;AAAA,oBACX;AAAA,kBACF;AAAA,gBACF;AAAA,gBACA,SAAS;AAAA,gBACT,UAAU;AAAA,gBACV,gBAAgB;AAAA,gBAChB,WAAW;AAAA,gBACX,WAAW;AAAA,cACb;AAAA,YACF;AAAA,YACA,YAAY;AAAA,cACV,OAAO;AAAA,cACP,OAAO;AAAA,cACP,QAAQ;AAAA,cACR,SAAS;AAAA,YACX;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,MAAM,CAAC,WAAW;AAAA,MAClB,aAAa;AAAA,QACX,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,YAAY;AAAA,UACZ,cAAc;AAAA,UACd,aAAa;AAAA,UACb,SAAS;AAAA,UACT,YAAY;AAAA,YACV,OAAO;AAAA,cACL;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,gBACV,aAAa;AAAA,cACf;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,gBACV,aAAa;AAAA,gBACb,aAAa;AAAA,kBACX,aAAa;AAAA,kBACb,WAAW;AAAA,gBACb;AAAA,cACF;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,YACF;AAAA,YACA,aAAa;AAAA,cACX;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,cACX;AAAA,cACA;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,cACX;AAAA,cACA;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,gBACT,YAAY;AAAA,kBACV;AAAA,oBACE,cAAc;AAAA,oBACd,cAAc;AAAA,oBACd,QAAQ;AAAA,sBACN,IAAI;AAAA,sBACJ,SAAS;AAAA,sBACT,UAAU;AAAA,oBACZ;AAAA,kBACF;AAAA,gBACF;AAAA,cACF;AAAA,YACF;AAAA,UACF;AAAA,UACA,SAAS;AAAA,QACX;AAAA,MACF;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,MAAM;AAAA,cACJ,IAAI;AAAA,cACJ,YAAY;AAAA,cACZ,cAAc;AAAA,cACd,aAAa;AAAA,cACb,SAAS;AAAA,cACT,YAAY;AAAA,gBACV,OAAO;AAAA,kBACL,EAAE,QAAQ,SAAS,UAAU,SAAS,UAAU,QAAQ;AAAA,kBACxD;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,kBACA;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,kBACA,EAAE,QAAQ,OAAO,UAAU,OAAO,UAAU,MAAM;AAAA,gBACpD;AAAA,gBACA,aAAa;AAAA,kBACX;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,gBACF;AAAA,cACF;AAAA,cACA,SAAS;AAAA,cACT,UAAU;AAAA,cACV,gBAAgB;AAAA,cAChB,WAAW;AAAA,cACX,WAAW;AAAA,YACb;AAAA,YACA,SAAS;AAAA,UACX;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,YACP,SAAS;AAAA,cACP;AAAA,gBACE,MAAM;AAAA,gBACN,SAAS;AAAA,gBACT,MAAM,CAAC,cAAc,OAAO;AAAA,cAC9B;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;AAGO,MAAM,uBAAuB;AAAA,EAClC,KAAK;AAAA,IACH,SAAS;AAAA,IACT,aAAa;AAAA,IACb,MAAM,CAAC,WAAW;AAAA,IAClB,YAAY;AAAA,MACV;AAAA,QACE,MAAM;AAAA,QACN,IAAI;AAAA,QACJ,aAAa;AAAA,QACb,QAAQ,EAAE,MAAM,UAAU;AAAA,MAC5B;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,IAAI;AAAA,QACJ,aAAa;AAAA,QACb,QAAQ,EAAE,MAAM,SAAS;AAAA,MAC3B;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,IAAI;AAAA,QACJ,aAAa;AAAA,QACb,QAAQ,EAAE,MAAM,SAAS;AAAA,MAC3B;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,IAAI;AAAA,QACJ,aAAa;AAAA,QACb,QAAQ,EAAE,MAAM,WAAW,SAAS,GAAG;AAAA,MACzC;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,IAAI;AAAA,QACJ,aAAa;AAAA,QACb,QAAQ,EAAE,MAAM,WAAW,SAAS,EAAE;AAAA,MACxC;AAAA,IACF;AAAA,IACA,WAAW;AAAA,MACT,KAAK;AAAA,QACH,aAAa;AAAA,QACb,SAAS;AAAA,UACP,oBAAoB;AAAA,YAClB,QAAQ;AAAA,cACN,MAAM;AAAA,cACN,YAAY;AAAA,gBACV,MAAM;AAAA,kBACJ,MAAM;AAAA,kBACN,OAAO,EAAE,MAAM,0CAA0C;AAAA,gBAC3D;AAAA,gBACA,YAAY;AAAA,kBACV,MAAM;AAAA,kBACN,YAAY;AAAA,oBACV,OAAO,EAAE,MAAM,UAAU;AAAA,oBACzB,OAAO,EAAE,MAAM,UAAU;AAAA,oBACzB,QAAQ,EAAE,MAAM,UAAU;AAAA,oBAC1B,SAAS,EAAE,MAAM,UAAU;AAAA,kBAC7B;AAAA,gBACF;AAAA,cACF;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EACA,MAAM;AAAA,IACJ,SAAS;AAAA,IACT,aAAa;AAAA,IACb,MAAM,CAAC,WAAW;AAAA,IAClB,aAAa;AAAA,MACX,UAAU;AAAA,MACV,SAAS;AAAA,QACP,oBAAoB;AAAA,UAClB,QAAQ,EAAE,MAAM,gDAAgD;AAAA,QAClE;AAAA,MACF;AAAA,IACF;AAAA,IACA,WAAW;AAAA,MACT,KAAK;AAAA,QACH,aAAa;AAAA,QACb,SAAS;AAAA,UACP,oBAAoB;AAAA,YAClB,QAAQ;AAAA,cACN,MAAM;AAAA,cACN,YAAY;AAAA,gBACV,MAAM,EAAE,MAAM,0CAA0C;AAAA,gBACxD,SAAS,EAAE,MAAM,SAAS;AAAA,cAC5B;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,MACA,KAAK;AAAA,QACH,aAAa;AAAA,MACf;AAAA,MACA,KAAK;AAAA,QACH,aAAa;AAAA,MACf;AAAA,IACF;AAAA,EACF;AACF;",
4
+ "sourcesContent": ["/**\n * Workflow Definitions API\n *\n * Endpoints:\n * - GET /api/workflows/definitions - List workflow definitions\n * - POST /api/workflows/definitions - Create workflow definition\n */\n\nimport { NextRequest, NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { resolveOrganizationScopeForRequest } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport { resolveOrganizationScopeFilter } from '@open-mercato/core/modules/directory/utils/organizationScopeFilter'\nimport { WorkflowDefinition } from '../../data/entities'\nimport {\n createWorkflowDefinitionInputSchema,\n type CreateWorkflowDefinitionApiInput,\n} from '../../data/validators'\nimport { serializeWorkflowDefinition } from './serialize'\nimport { invalidateTriggerCache } from '../../lib/event-trigger-service'\n\nexport const metadata = {\n requireAuth: true,\n requireFeatures: ['workflows.definitions.view'],\n}\n\nconst WORKFLOW_ID_TENANT_UNIQUE_CONSTRAINT = 'workflow_definitions_workflow_id_tenant_id_unique'\n\nfunction isWorkflowIdUniqueConstraintError(error: unknown): boolean {\n if (!error || typeof error !== 'object') {\n return false\n }\n\n const value = error as Record<string, unknown>\n const constraint = value.constraint\n const code = value.code\n const message = typeof value.message === 'string' ? value.message : ''\n const detail = typeof value.detail === 'string' ? value.detail : ''\n\n if (constraint === WORKFLOW_ID_TENANT_UNIQUE_CONSTRAINT) {\n return true\n }\n\n if (code === '23505' && detail.includes('(workflow_id, tenant_id)')) {\n return true\n }\n\n return message.includes(WORKFLOW_ID_TENANT_UNIQUE_CONSTRAINT)\n}\n\n/**\n * GET /api/workflows/definitions\n *\n * List workflow definitions with optional filters\n */\nexport async function GET(request: NextRequest) {\n try {\n const container = await createRequestContainer()\n const em = container.resolve('em')\n const auth = await getAuthFromRequest(request)\n\n if (!auth) {\n return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const tenantId = auth.tenantId\n const orgFilter = resolveOrganizationScopeFilter(scope, auth)\n\n const { searchParams } = new URL(request.url)\n const enabled = searchParams.get('enabled')\n const workflowId = searchParams.get('workflowId')\n const search = searchParams.get('search')\n const limit = parseInt(searchParams.get('limit') || '50')\n const offset = parseInt(searchParams.get('offset') || '0')\n\n // Build where clause with tenant scoping\n const where: any = {\n tenantId,\n ...orgFilter.where,\n deletedAt: null,\n }\n\n if (enabled !== null) {\n where.enabled = enabled === 'true'\n }\n\n if (workflowId) {\n where.workflowId = workflowId\n }\n\n if (search) {\n where.$or = [\n { workflowId: { $ilike: `%${search}%` } },\n { workflowName: { $ilike: `%${search}%` } },\n ]\n }\n\n const [definitions, total] = await em.findAndCount(\n WorkflowDefinition,\n where,\n {\n orderBy: { createdAt: 'DESC' },\n limit,\n offset,\n }\n )\n\n return NextResponse.json({\n data: definitions.map(serializeWorkflowDefinition),\n pagination: {\n total,\n limit,\n offset,\n hasMore: offset + limit < total,\n },\n })\n } catch (error) {\n console.error('Error listing workflow definitions:', error)\n return NextResponse.json(\n { error: 'Failed to list workflow definitions' },\n { status: 500 }\n )\n }\n}\n\n/**\n * POST /api/workflows/definitions\n *\n * Create a new workflow definition\n */\nexport async function POST(request: NextRequest) {\n try {\n const container = await createRequestContainer()\n const em = container.resolve('em')\n const auth = await getAuthFromRequest(request)\n\n if (!auth) {\n return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const tenantId = auth.tenantId\n const organizationId = scope?.selectedId ?? auth.orgId\n\n // Check create permission\n const rbacService = container.resolve('rbacService')\n const hasPermission = await rbacService.userHasAllFeatures(\n auth.sub,\n ['workflows.definitions.create'],\n {\n tenantId,\n organizationId,\n }\n )\n\n if (!hasPermission) {\n return NextResponse.json(\n { error: 'Insufficient permissions' },\n { status: 403 }\n )\n }\n\n const body = await request.json()\n\n // Validate input\n const validation = createWorkflowDefinitionInputSchema.safeParse(body)\n if (!validation.success) {\n return NextResponse.json(\n {\n error: 'Validation failed',\n details: validation.error.issues,\n },\n { status: 400 }\n )\n }\n\n const input: CreateWorkflowDefinitionApiInput = validation.data\n\n // workflow_id is unique per tenant; check upfront to return 409 instead of DB error.\n const existing = await em.findOne(WorkflowDefinition, {\n workflowId: input.workflowId,\n tenantId,\n })\n\n if (existing) {\n return NextResponse.json(\n {\n error: `Workflow definition with ID \"${input.workflowId}\" already exists`,\n },\n { status: 409 }\n )\n }\n\n // Create workflow definition\n const definition = em.create(WorkflowDefinition, {\n workflowId: input.workflowId,\n workflowName: input.workflowName,\n description: input.description,\n version: input.version,\n definition: input.definition,\n metadata: input.metadata,\n enabled: input.enabled ?? true,\n tenantId,\n organizationId,\n createdAt: new Date(),\n updatedAt: new Date(),\n })\n\n await em.persist(definition).flush()\n\n // Newly-created embedded triggers must be visible to the wildcard event\n // subscriber immediately; invalidate the in-memory trigger cache so the\n // next event reload picks up this definition.\n if (tenantId) invalidateTriggerCache(tenantId, organizationId ?? undefined)\n\n return NextResponse.json(\n {\n data: serializeWorkflowDefinition(definition),\n message: 'Workflow definition created successfully',\n },\n { status: 201 }\n )\n } catch (error) {\n if (isWorkflowIdUniqueConstraintError(error)) {\n return NextResponse.json(\n { error: 'Workflow definition with this ID already exists' },\n { status: 409 }\n )\n }\n\n console.error('Error creating workflow definition:', error)\n return NextResponse.json(\n { error: 'Failed to create workflow definition' },\n { status: 500 }\n )\n }\n}\n\nexport const openApi = {\n methods: {\n GET: {\n summary: 'List workflow definitions',\n description: 'Get a list of workflow definitions with optional filters. Supports pagination and search.',\n tags: ['Workflows'],\n query: createWorkflowDefinitionInputSchema.pick({ workflowId: true }).extend({\n enabled: z.boolean().optional(),\n search: z.string().optional(),\n limit: z.number().int().positive().default(50).optional(),\n offset: z.number().int().min(0).default(0).optional(),\n }),\n responses: [\n {\n status: 200,\n description: 'List of workflow definitions with pagination',\n example: {\n data: [\n {\n id: '123e4567-e89b-12d3-a456-426614174000',\n workflowId: 'checkout-flow',\n workflowName: 'Checkout Flow',\n description: 'Complete checkout workflow for processing orders',\n version: 1,\n definition: {\n steps: [\n {\n stepId: 'start',\n stepName: 'Start',\n stepType: 'START',\n },\n {\n stepId: 'validate-cart',\n stepName: 'Validate Cart',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'end',\n stepName: 'End',\n stepType: 'END',\n },\n ],\n transitions: [\n {\n transitionId: 'start-to-validate',\n fromStepId: 'start',\n toStepId: 'validate-cart',\n trigger: 'auto',\n },\n {\n transitionId: 'validate-to-end',\n fromStepId: 'validate-cart',\n toStepId: 'end',\n trigger: 'auto',\n },\n ],\n },\n enabled: true,\n tenantId: '123e4567-e89b-12d3-a456-426614174001',\n organizationId: '123e4567-e89b-12d3-a456-426614174002',\n createdAt: '2025-12-08T10:00:00.000Z',\n updatedAt: '2025-12-08T10:00:00.000Z',\n },\n ],\n pagination: {\n total: 1,\n limit: 50,\n offset: 0,\n hasMore: false,\n },\n },\n },\n ],\n },\n POST: {\n summary: 'Create workflow definition',\n description: 'Create a new workflow definition. The definition must include at least START and END steps with at least one transition connecting them.',\n tags: ['Workflows'],\n requestBody: {\n schema: createWorkflowDefinitionInputSchema,\n example: {\n workflowId: 'checkout-flow',\n workflowName: 'Checkout Flow',\n description: 'Complete checkout workflow for processing orders',\n version: 1,\n definition: {\n steps: [\n {\n stepId: 'start',\n stepName: 'Start',\n stepType: 'START',\n },\n {\n stepId: 'validate-cart',\n stepName: 'Validate Cart',\n stepType: 'AUTOMATED',\n description: 'Validate cart items and check inventory',\n },\n {\n stepId: 'payment',\n stepName: 'Process Payment',\n stepType: 'AUTOMATED',\n description: 'Charge payment method',\n retryPolicy: {\n maxAttempts: 3,\n backoffMs: 1000,\n },\n },\n {\n stepId: 'end',\n stepName: 'End',\n stepType: 'END',\n },\n ],\n transitions: [\n {\n transitionId: 'start-to-validate',\n fromStepId: 'start',\n toStepId: 'validate-cart',\n trigger: 'auto',\n },\n {\n transitionId: 'validate-to-payment',\n fromStepId: 'validate-cart',\n toStepId: 'payment',\n trigger: 'auto',\n },\n {\n transitionId: 'payment-to-end',\n fromStepId: 'payment',\n toStepId: 'end',\n trigger: 'auto',\n activities: [\n {\n activityName: 'Send Order Confirmation',\n activityType: 'SEND_EMAIL',\n config: {\n to: '{{context.customerEmail}}',\n subject: 'Order Confirmation #{{context.orderId}}',\n template: 'order_confirmation',\n },\n },\n ],\n },\n ],\n },\n enabled: true,\n },\n },\n responses: [\n {\n status: 201,\n description: 'Workflow definition created successfully',\n example: {\n data: {\n id: '123e4567-e89b-12d3-a456-426614174000',\n workflowId: 'checkout-flow',\n workflowName: 'Checkout Flow',\n description: 'Complete checkout workflow for processing orders',\n version: 1,\n definition: {\n steps: [\n { stepId: 'start', stepName: 'Start', stepType: 'START' },\n {\n stepId: 'validate-cart',\n stepName: 'Validate Cart',\n stepType: 'AUTOMATED',\n },\n {\n stepId: 'payment',\n stepName: 'Process Payment',\n stepType: 'AUTOMATED',\n },\n { stepId: 'end', stepName: 'End', stepType: 'END' },\n ],\n transitions: [\n {\n transitionId: 'start-to-validate',\n fromStepId: 'start',\n toStepId: 'validate-cart',\n trigger: 'auto',\n },\n {\n transitionId: 'validate-to-payment',\n fromStepId: 'validate-cart',\n toStepId: 'payment',\n trigger: 'auto',\n },\n {\n transitionId: 'payment-to-end',\n fromStepId: 'payment',\n toStepId: 'end',\n trigger: 'auto',\n },\n ],\n },\n enabled: true,\n tenantId: '123e4567-e89b-12d3-a456-426614174001',\n organizationId: '123e4567-e89b-12d3-a456-426614174002',\n createdAt: '2025-12-08T10:00:00.000Z',\n updatedAt: '2025-12-08T10:00:00.000Z',\n },\n message: 'Workflow definition created successfully',\n },\n },\n {\n status: 400,\n description: 'Validation error - invalid workflow structure',\n example: {\n error: 'Validation failed',\n details: [\n {\n code: 'invalid_type',\n message: 'Workflow must have at least START and END steps',\n path: ['definition', 'steps'],\n },\n ],\n },\n },\n {\n status: 409,\n description: 'Conflict - workflow with same ID and version already exists',\n example: {\n error: 'Workflow definition with ID \"checkout-flow\" and version 1 already exists',\n },\n },\n ],\n },\n },\n}\n\n// Full OpenAPI documentation (kept for reference but not used by type system)\nexport const _openApiDetailedDocs = {\n get: {\n summary: 'List workflow definitions',\n description: 'Get a list of workflow definitions with optional filters',\n tags: ['Workflows'],\n parameters: [\n {\n name: 'enabled',\n in: 'query',\n description: 'Filter by enabled status',\n schema: { type: 'boolean' },\n },\n {\n name: 'workflowId',\n in: 'query',\n description: 'Filter by workflow ID',\n schema: { type: 'string' },\n },\n {\n name: 'search',\n in: 'query',\n description: 'Search in workflow ID and name',\n schema: { type: 'string' },\n },\n {\n name: 'limit',\n in: 'query',\n description: 'Number of results to return',\n schema: { type: 'integer', default: 50 },\n },\n {\n name: 'offset',\n in: 'query',\n description: 'Offset for pagination',\n schema: { type: 'integer', default: 0 },\n },\n ],\n responses: {\n 200: {\n description: 'List of workflow definitions',\n content: {\n 'application/json': {\n schema: {\n type: 'object',\n properties: {\n data: {\n type: 'array',\n items: { $ref: '#/components/schemas/WorkflowDefinition' },\n },\n pagination: {\n type: 'object',\n properties: {\n total: { type: 'integer' },\n limit: { type: 'integer' },\n offset: { type: 'integer' },\n hasMore: { type: 'boolean' },\n },\n },\n },\n },\n },\n },\n },\n },\n },\n post: {\n summary: 'Create workflow definition',\n description: 'Create a new workflow definition',\n tags: ['Workflows'],\n requestBody: {\n required: true,\n content: {\n 'application/json': {\n schema: { $ref: '#/components/schemas/CreateWorkflowDefinition' },\n },\n },\n },\n responses: {\n 201: {\n description: 'Workflow definition created',\n content: {\n 'application/json': {\n schema: {\n type: 'object',\n properties: {\n data: { $ref: '#/components/schemas/WorkflowDefinition' },\n message: { type: 'string' },\n },\n },\n },\n },\n },\n 400: {\n description: 'Validation error',\n },\n 409: {\n description: 'Workflow definition already exists',\n },\n },\n },\n}\n"],
5
+ "mappings": "AAQA,SAAsB,oBAAoB;AAC1C,SAAS,SAAS;AAClB,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,0CAA0C;AACnD,SAAS,sCAAsC;AAC/C,SAAS,0BAA0B;AACnC;AAAA,EACE;AAAA,OAEK;AACP,SAAS,mCAAmC;AAC5C,SAAS,8BAA8B;AAEhC,MAAM,WAAW;AAAA,EACtB,aAAa;AAAA,EACb,iBAAiB,CAAC,4BAA4B;AAChD;AAEA,MAAM,uCAAuC;AAE7C,SAAS,kCAAkC,OAAyB;AAClE,MAAI,CAAC,SAAS,OAAO,UAAU,UAAU;AACvC,WAAO;AAAA,EACT;AAEA,QAAM,QAAQ;AACd,QAAM,aAAa,MAAM;AACzB,QAAM,OAAO,MAAM;AACnB,QAAM,UAAU,OAAO,MAAM,YAAY,WAAW,MAAM,UAAU;AACpE,QAAM,SAAS,OAAO,MAAM,WAAW,WAAW,MAAM,SAAS;AAEjE,MAAI,eAAe,sCAAsC;AACvD,WAAO;AAAA,EACT;AAEA,MAAI,SAAS,WAAW,OAAO,SAAS,0BAA0B,GAAG;AACnE,WAAO;AAAA,EACT;AAEA,SAAO,QAAQ,SAAS,oCAAoC;AAC9D;AAOA,eAAsB,IAAI,SAAsB;AAC9C,MAAI;AACF,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,UAAM,OAAO,MAAM,mBAAmB,OAAO;AAE7C,QAAI,CAAC,MAAM;AACT,aAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACrE;AAEA,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,UAAM,WAAW,KAAK;AACtB,UAAM,YAAY,+BAA+B,OAAO,IAAI;AAE5D,UAAM,EAAE,aAAa,IAAI,IAAI,IAAI,QAAQ,GAAG;AAC5C,UAAM,UAAU,aAAa,IAAI,SAAS;AAC1C,UAAM,aAAa,aAAa,IAAI,YAAY;AAChD,UAAM,SAAS,aAAa,IAAI,QAAQ;AACxC,UAAM,QAAQ,SAAS,aAAa,IAAI,OAAO,KAAK,IAAI;AACxD,UAAM,SAAS,SAAS,aAAa,IAAI,QAAQ,KAAK,GAAG;AAGzD,UAAM,QAAa;AAAA,MACjB;AAAA,MACA,GAAG,UAAU;AAAA,MACb,WAAW;AAAA,IACb;AAEA,QAAI,YAAY,MAAM;AACpB,YAAM,UAAU,YAAY;AAAA,IAC9B;AAEA,QAAI,YAAY;AACd,YAAM,aAAa;AAAA,IACrB;AAEA,QAAI,QAAQ;AACV,YAAM,MAAM;AAAA,QACV,EAAE,YAAY,EAAE,QAAQ,IAAI,MAAM,IAAI,EAAE;AAAA,QACxC,EAAE,cAAc,EAAE,QAAQ,IAAI,MAAM,IAAI,EAAE;AAAA,MAC5C;AAAA,IACF;AAEA,UAAM,CAAC,aAAa,KAAK,IAAI,MAAM,GAAG;AAAA,MACpC;AAAA,MACA;AAAA,MACA;AAAA,QACE,SAAS,EAAE,WAAW,OAAO;AAAA,QAC7B;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAEA,WAAO,aAAa,KAAK;AAAA,MACvB,MAAM,YAAY,IAAI,2BAA2B;AAAA,MACjD,YAAY;AAAA,QACV;AAAA,QACA;AAAA,QACA;AAAA,QACA,SAAS,SAAS,QAAQ;AAAA,MAC5B;AAAA,IACF,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,uCAAuC,KAAK;AAC1D,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,sCAAsC;AAAA,MAC/C,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACF;AAOA,eAAsB,KAAK,SAAsB;AAC/C,MAAI;AACF,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,UAAM,OAAO,MAAM,mBAAmB,OAAO;AAE7C,QAAI,CAAC,MAAM;AACT,aAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IACrE;AAEA,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,UAAM,WAAW,KAAK;AACtB,UAAM,iBAAiB,OAAO,cAAc,KAAK;AAGjD,UAAM,cAAc,UAAU,QAAQ,aAAa;AACnD,UAAM,gBAAgB,MAAM,YAAY;AAAA,MACtC,KAAK;AAAA,MACL,CAAC,8BAA8B;AAAA,MAC/B;AAAA,QACE;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAEA,QAAI,CAAC,eAAe;AAClB,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,2BAA2B;AAAA,QACpC,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,UAAM,OAAO,MAAM,QAAQ,KAAK;AAGhC,UAAM,aAAa,oCAAoC,UAAU,IAAI;AACrE,QAAI,CAAC,WAAW,SAAS;AACvB,aAAO,aAAa;AAAA,QAClB;AAAA,UACE,OAAO;AAAA,UACP,SAAS,WAAW,MAAM;AAAA,QAC5B;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,UAAM,QAA0C,WAAW;AAG3D,UAAM,WAAW,MAAM,GAAG,QAAQ,oBAAoB;AAAA,MACpD,YAAY,MAAM;AAAA,MAClB;AAAA,IACF,CAAC;AAED,QAAI,UAAU;AACZ,aAAO,aAAa;AAAA,QAClB;AAAA,UACE,OAAO,gCAAgC,MAAM,UAAU;AAAA,QACzD;AAAA,QACA,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAGA,UAAM,aAAa,GAAG,OAAO,oBAAoB;AAAA,MAC/C,YAAY,MAAM;AAAA,MAClB,cAAc,MAAM;AAAA,MACpB,aAAa,MAAM;AAAA,MACnB,SAAS,MAAM;AAAA,MACf,YAAY,MAAM;AAAA,MAClB,UAAU,MAAM;AAAA,MAChB,SAAS,MAAM,WAAW;AAAA,MAC1B;AAAA,MACA;AAAA,MACA,WAAW,oBAAI,KAAK;AAAA,MACpB,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAC;AAED,UAAM,GAAG,QAAQ,UAAU,EAAE,MAAM;AAKnC,QAAI,SAAU,wBAAuB,UAAU,kBAAkB,MAAS;AAE1E,WAAO,aAAa;AAAA,MAClB;AAAA,QACE,MAAM,4BAA4B,UAAU;AAAA,QAC5C,SAAS;AAAA,MACX;AAAA,MACA,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF,SAAS,OAAO;AACd,QAAI,kCAAkC,KAAK,GAAG;AAC5C,aAAO,aAAa;AAAA,QAClB,EAAE,OAAO,kDAAkD;AAAA,QAC3D,EAAE,QAAQ,IAAI;AAAA,MAChB;AAAA,IACF;AAEA,YAAQ,MAAM,uCAAuC,KAAK;AAC1D,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,uCAAuC;AAAA,MAChD,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACF;AAEO,MAAM,UAAU;AAAA,EACrB,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,MAAM,CAAC,WAAW;AAAA,MAClB,OAAO,oCAAoC,KAAK,EAAE,YAAY,KAAK,CAAC,EAAE,OAAO;AAAA,QAC3E,SAAS,EAAE,QAAQ,EAAE,SAAS;AAAA,QAC9B,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,QAC5B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,EAAE,SAAS;AAAA,QACxD,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,QAAQ,CAAC,EAAE,SAAS;AAAA,MACtD,CAAC;AAAA,MACD,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,MAAM;AAAA,cACJ;AAAA,gBACE,IAAI;AAAA,gBACJ,YAAY;AAAA,gBACZ,cAAc;AAAA,gBACd,aAAa;AAAA,gBACb,SAAS;AAAA,gBACT,YAAY;AAAA,kBACV,OAAO;AAAA,oBACL;AAAA,sBACE,QAAQ;AAAA,sBACR,UAAU;AAAA,sBACV,UAAU;AAAA,oBACZ;AAAA,oBACA;AAAA,sBACE,QAAQ;AAAA,sBACR,UAAU;AAAA,sBACV,UAAU;AAAA,oBACZ;AAAA,oBACA;AAAA,sBACE,QAAQ;AAAA,sBACR,UAAU;AAAA,sBACV,UAAU;AAAA,oBACZ;AAAA,kBACF;AAAA,kBACA,aAAa;AAAA,oBACX;AAAA,sBACE,cAAc;AAAA,sBACd,YAAY;AAAA,sBACZ,UAAU;AAAA,sBACV,SAAS;AAAA,oBACX;AAAA,oBACA;AAAA,sBACE,cAAc;AAAA,sBACd,YAAY;AAAA,sBACZ,UAAU;AAAA,sBACV,SAAS;AAAA,oBACX;AAAA,kBACF;AAAA,gBACF;AAAA,gBACA,SAAS;AAAA,gBACT,UAAU;AAAA,gBACV,gBAAgB;AAAA,gBAChB,WAAW;AAAA,gBACX,WAAW;AAAA,cACb;AAAA,YACF;AAAA,YACA,YAAY;AAAA,cACV,OAAO;AAAA,cACP,OAAO;AAAA,cACP,QAAQ;AAAA,cACR,SAAS;AAAA,YACX;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,MAAM,CAAC,WAAW;AAAA,MAClB,aAAa;AAAA,QACX,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,YAAY;AAAA,UACZ,cAAc;AAAA,UACd,aAAa;AAAA,UACb,SAAS;AAAA,UACT,YAAY;AAAA,YACV,OAAO;AAAA,cACL;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,gBACV,aAAa;AAAA,cACf;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,gBACV,aAAa;AAAA,gBACb,aAAa;AAAA,kBACX,aAAa;AAAA,kBACb,WAAW;AAAA,gBACb;AAAA,cACF;AAAA,cACA;AAAA,gBACE,QAAQ;AAAA,gBACR,UAAU;AAAA,gBACV,UAAU;AAAA,cACZ;AAAA,YACF;AAAA,YACA,aAAa;AAAA,cACX;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,cACX;AAAA,cACA;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,cACX;AAAA,cACA;AAAA,gBACE,cAAc;AAAA,gBACd,YAAY;AAAA,gBACZ,UAAU;AAAA,gBACV,SAAS;AAAA,gBACT,YAAY;AAAA,kBACV;AAAA,oBACE,cAAc;AAAA,oBACd,cAAc;AAAA,oBACd,QAAQ;AAAA,sBACN,IAAI;AAAA,sBACJ,SAAS;AAAA,sBACT,UAAU;AAAA,oBACZ;AAAA,kBACF;AAAA,gBACF;AAAA,cACF;AAAA,YACF;AAAA,UACF;AAAA,UACA,SAAS;AAAA,QACX;AAAA,MACF;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,MAAM;AAAA,cACJ,IAAI;AAAA,cACJ,YAAY;AAAA,cACZ,cAAc;AAAA,cACd,aAAa;AAAA,cACb,SAAS;AAAA,cACT,YAAY;AAAA,gBACV,OAAO;AAAA,kBACL,EAAE,QAAQ,SAAS,UAAU,SAAS,UAAU,QAAQ;AAAA,kBACxD;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,kBACA;AAAA,oBACE,QAAQ;AAAA,oBACR,UAAU;AAAA,oBACV,UAAU;AAAA,kBACZ;AAAA,kBACA,EAAE,QAAQ,OAAO,UAAU,OAAO,UAAU,MAAM;AAAA,gBACpD;AAAA,gBACA,aAAa;AAAA,kBACX;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,kBACA;AAAA,oBACE,cAAc;AAAA,oBACd,YAAY;AAAA,oBACZ,UAAU;AAAA,oBACV,SAAS;AAAA,kBACX;AAAA,gBACF;AAAA,cACF;AAAA,cACA,SAAS;AAAA,cACT,UAAU;AAAA,cACV,gBAAgB;AAAA,cAChB,WAAW;AAAA,cACX,WAAW;AAAA,YACb;AAAA,YACA,SAAS;AAAA,UACX;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,YACP,SAAS;AAAA,cACP;AAAA,gBACE,MAAM;AAAA,gBACN,SAAS;AAAA,gBACT,MAAM,CAAC,cAAc,OAAO;AAAA,cAC9B;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,YACP,OAAO;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;AAGO,MAAM,uBAAuB;AAAA,EAClC,KAAK;AAAA,IACH,SAAS;AAAA,IACT,aAAa;AAAA,IACb,MAAM,CAAC,WAAW;AAAA,IAClB,YAAY;AAAA,MACV;AAAA,QACE,MAAM;AAAA,QACN,IAAI;AAAA,QACJ,aAAa;AAAA,QACb,QAAQ,EAAE,MAAM,UAAU;AAAA,MAC5B;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,IAAI;AAAA,QACJ,aAAa;AAAA,QACb,QAAQ,EAAE,MAAM,SAAS;AAAA,MAC3B;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,IAAI;AAAA,QACJ,aAAa;AAAA,QACb,QAAQ,EAAE,MAAM,SAAS;AAAA,MAC3B;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,IAAI;AAAA,QACJ,aAAa;AAAA,QACb,QAAQ,EAAE,MAAM,WAAW,SAAS,GAAG;AAAA,MACzC;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,IAAI;AAAA,QACJ,aAAa;AAAA,QACb,QAAQ,EAAE,MAAM,WAAW,SAAS,EAAE;AAAA,MACxC;AAAA,IACF;AAAA,IACA,WAAW;AAAA,MACT,KAAK;AAAA,QACH,aAAa;AAAA,QACb,SAAS;AAAA,UACP,oBAAoB;AAAA,YAClB,QAAQ;AAAA,cACN,MAAM;AAAA,cACN,YAAY;AAAA,gBACV,MAAM;AAAA,kBACJ,MAAM;AAAA,kBACN,OAAO,EAAE,MAAM,0CAA0C;AAAA,gBAC3D;AAAA,gBACA,YAAY;AAAA,kBACV,MAAM;AAAA,kBACN,YAAY;AAAA,oBACV,OAAO,EAAE,MAAM,UAAU;AAAA,oBACzB,OAAO,EAAE,MAAM,UAAU;AAAA,oBACzB,QAAQ,EAAE,MAAM,UAAU;AAAA,oBAC1B,SAAS,EAAE,MAAM,UAAU;AAAA,kBAC7B;AAAA,gBACF;AAAA,cACF;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EACA,MAAM;AAAA,IACJ,SAAS;AAAA,IACT,aAAa;AAAA,IACb,MAAM,CAAC,WAAW;AAAA,IAClB,aAAa;AAAA,MACX,UAAU;AAAA,MACV,SAAS;AAAA,QACP,oBAAoB;AAAA,UAClB,QAAQ,EAAE,MAAM,gDAAgD;AAAA,QAClE;AAAA,MACF;AAAA,IACF;AAAA,IACA,WAAW;AAAA,MACT,KAAK;AAAA,QACH,aAAa;AAAA,QACb,SAAS;AAAA,UACP,oBAAoB;AAAA,YAClB,QAAQ;AAAA,cACN,MAAM;AAAA,cACN,YAAY;AAAA,gBACV,MAAM,EAAE,MAAM,0CAA0C;AAAA,gBACxD,SAAS,EAAE,MAAM,SAAS;AAAA,cAC5B;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,MACA,KAAK;AAAA,QACH,aAAa;AAAA,MACf;AAAA,MACA,KAAK;AAAA,QACH,aAAa;AAAA,MACf;AAAA,IACF;AAAA,EACF;AACF;",
6
6
  "names": []
7
7
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@open-mercato/core",
3
- "version": "0.5.1-develop.2744.9c8be0dd93",
3
+ "version": "0.5.1-develop.2756.cce1739df3",
4
4
  "type": "module",
5
5
  "main": "./dist/index.js",
6
6
  "scripts": {
@@ -237,10 +237,10 @@
237
237
  "ts-pattern": "^5.0.0"
238
238
  },
239
239
  "peerDependencies": {
240
- "@open-mercato/shared": "0.5.1-develop.2744.9c8be0dd93"
240
+ "@open-mercato/shared": "0.5.1-develop.2756.cce1739df3"
241
241
  },
242
242
  "devDependencies": {
243
- "@open-mercato/shared": "0.5.1-develop.2744.9c8be0dd93",
243
+ "@open-mercato/shared": "0.5.1-develop.2756.cce1739df3",
244
244
  "@testing-library/dom": "^10.4.1",
245
245
  "@testing-library/jest-dom": "^6.9.1",
246
246
  "@testing-library/react": "^16.3.1",
package/src/modules/auth/api/users/route.ts CHANGED
@@ -14,8 +14,10 @@ import { loadCustomFieldValues } from '@open-mercato/shared/lib/crud/custom-fiel
14
14
  import type { EntityManager } from '@mikro-orm/postgresql'
15
15
  import { userCrudEvents, userCrudIndexer } from '@open-mercato/core/modules/auth/commands/users'
16
16
  import { findWithDecryption } from '@open-mercato/shared/lib/encryption/find'
17
- import { escapeLikePattern } from '@open-mercato/shared/lib/db/escapeLikePattern'
18
17
  import { buildPasswordSchema } from '@open-mercato/shared/lib/auth/passwordPolicy'
18
+ import { resolveSearchConfig } from '@open-mercato/shared/lib/search/config'
19
+ import { tokenizeText } from '@open-mercato/shared/lib/search/tokenize'
20
+ import { sql } from 'kysely'
19
21
 
20
22
  const querySchema = z.object({
21
23
  id: z.string().uuid().optional(),
@@ -162,7 +164,6 @@ export async function GET(req: Request) {
162
164
  where.tenantId = auth.tenantId
163
165
  }
164
166
  if (organizationId) where.organizationId = organizationId
165
- if (search) where.email = { $ilike: `%${escapeLikePattern(search)}%` } as any
166
167
  let idFilter: Set<string> | null = id ? new Set([id]) : null
167
168
  if (Array.isArray(roleIds) && roleIds.length > 0) {
168
169
  const uniqueRoleIds = Array.from(new Set(roleIds))
@@ -182,6 +183,28 @@ export async function GET(req: Request) {
182
183
  }
183
184
  if (!idFilter || idFilter.size === 0) return NextResponse.json({ items: [], total: 0, totalPages: 1 })
184
185
  }
186
+ if (search) {
187
+ // Email is encrypted at rest, so $ilike on the column cannot match plaintext input.
188
+ // Resolve candidate users via search_tokens (tokens are built from the decrypted index doc).
189
+ const tenantScope: string | null | undefined = isSuperAdmin ? undefined : auth.tenantId ?? null
190
+ const matchedIds = await findUserIdsBySearchTokens(em, E.auth.user, search, tenantScope)
191
+ if (matchedIds !== null) {
192
+ if (matchedIds.length === 0) {
193
+ return NextResponse.json({ items: [], total: 0, totalPages: 1, isSuperAdmin })
194
+ }
195
+ const matchedSet = new Set(matchedIds)
196
+ if (idFilter) {
197
+ for (const uid of Array.from(idFilter)) {
198
+ if (!matchedSet.has(uid)) idFilter.delete(uid)
199
+ }
200
+ if (idFilter.size === 0) {
201
+ return NextResponse.json({ items: [], total: 0, totalPages: 1, isSuperAdmin })
202
+ }
203
+ } else {
204
+ idFilter = matchedSet
205
+ }
206
+ }
207
+ }
185
208
  if (idFilter && idFilter.size) {
186
209
  where.id = { $in: Array.from(idFilter) as any }
187
210
  } else if (id) {
@@ -311,6 +334,36 @@ export const PUT = async (req: Request) => {
311
334
 
312
335
  export const DELETE = crud.DELETE
313
336
 
337
+ async function findUserIdsBySearchTokens(
338
+ em: EntityManager,
339
+ entityType: string,
340
+ search: string,
341
+ tenantScope: string | null | undefined,
342
+ ): Promise<string[] | null> {
343
+ const trimmed = search.trim()
344
+ if (!trimmed) return null
345
+ const searchConfig = resolveSearchConfig()
346
+ if (!searchConfig.enabled) return []
347
+ const { hashes } = tokenizeText(trimmed, searchConfig)
348
+ if (!hashes.length) return []
349
+
350
+ const db = (em as any).getKysely() as any
351
+ let query = db
352
+ .selectFrom('search_tokens')
353
+ .select('entity_id')
354
+ .where('entity_type', '=', entityType)
355
+ .where('token_hash', 'in', hashes)
356
+ .groupBy('entity_id')
357
+ .having(sql<boolean>`count(distinct token_hash) >= ${hashes.length}`)
358
+ if (tenantScope !== undefined) {
359
+ query = query.where(sql<boolean>`tenant_id is not distinct from ${tenantScope}`)
360
+ }
361
+ const rows = (await query.execute()) as Array<{ entity_id?: unknown }>
362
+ return rows
363
+ .map((row) => (typeof row.entity_id === 'string' ? row.entity_id : null))
364
+ .filter((id): id is string => typeof id === 'string' && id.length > 0)
365
+ }
366
+
314
367
  const UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i
315
368
 
316
369
  async function assertCanAssignRoles(req: Request, roles: unknown) {
package/src/modules/catalog/lib/bulkDelete.ts CHANGED
@@ -1,6 +1,7 @@
1
1
  import type { AwilixContainer } from 'awilix'
2
2
  import type { CommandBus, CommandRuntimeContext } from '@open-mercato/shared/lib/commands'
3
3
  import { invalidateCrudCache } from '@open-mercato/shared/lib/crud/cache'
4
+ import { runWithCacheTenant } from '@open-mercato/cache'
4
5
  import { createModuleQueue, type Queue } from '@open-mercato/queue'
5
6
  import type { ProgressService, ProgressServiceContext } from '../../progress/lib/progressService'
6
7
 
@@ -101,20 +102,22 @@ export async function deleteCatalogProductsWithProgress(params: {
101
102
  }
102
103
 
103
104
  const summary: CatalogProductBulkDeleteSummary = { affectedCount }
104
- for (const id of deletedIds) {
105
- await invalidateCrudCache(
106
- container,
107
- 'catalog.product',
108
- {
109
- id,
110
- organizationId: scope.organizationId,
111
- tenantId: scope.tenantId,
112
- },
113
- scope.tenantId,
114
- 'bulk-delete:catalog.products',
115
- BULK_DELETE_CACHE_ALIASES,
116
- )
117
- }
105
+ await runWithCacheTenant(scope.tenantId, async () => {
106
+ for (const id of deletedIds) {
107
+ await invalidateCrudCache(
108
+ container,
109
+ 'catalog.product',
110
+ {
111
+ id,
112
+ organizationId: scope.organizationId,
113
+ tenantId: scope.tenantId,
114
+ },
115
+ scope.tenantId,
116
+ 'bulk-delete:catalog.products',
117
+ BULK_DELETE_CACHE_ALIASES,
118
+ )
119
+ }
120
+ })
118
121
  await progressService.completeJob(progressJobId, { resultSummary: summary }, progressContext)
119
122
 
120
123
  return summary
package/src/modules/configs/lib/system-status.ts CHANGED
@@ -60,6 +60,7 @@ const CATEGORY_METADATA: Record<
60
60
  }
61
61
 
62
62
  const SYSTEM_STATUS_DOC_BASE = 'https://docs.openmercato.com/docs/framework/operations/system-status'
63
+ const DEFAULT_SQLITE_CACHE_PATH = './.mercato/cache/cache.db'
63
64
 
64
65
  function maskConnectionCredentials(raw: string | undefined): string | undefined {
65
66
  if (typeof raw !== 'string') return raw
@@ -246,7 +247,7 @@ export const SYSTEM_STATUS_VARIABLES: SystemStatusVariableDefinition[] = [
246
247
  labelKey: 'configs.systemStatus.variables.cacheSqlitePath.label',
247
248
  descriptionKey: 'configs.systemStatus.variables.cacheSqlitePath.description',
248
249
  docUrl: `${SYSTEM_STATUS_DOC_BASE}#cache_sqlite_path`,
249
- defaultValue: './data/cache.db',
250
+ defaultValue: DEFAULT_SQLITE_CACHE_PATH,
250
251
  },
251
252
  {
252
253
  key: 'SCHEDULE_AUTO_REINDEX',
package/src/modules/customer_accounts/api/portal/password-change.ts CHANGED
@@ -4,6 +4,7 @@ import type { OpenApiRouteDoc, OpenApiMethodDoc } from '@open-mercato/shared/lib
4
4
  import { getCustomerAuthFromRequest } from '@open-mercato/core/modules/customer_accounts/lib/customerAuth'
5
5
  import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
6
6
  import { CustomerUserService } from '@open-mercato/core/modules/customer_accounts/services/customerUserService'
7
+ import { CustomerSessionService } from '@open-mercato/core/modules/customer_accounts/services/customerSessionService'
7
8
  import { passwordChangeSchema } from '@open-mercato/core/modules/customer_accounts/data/validators'
8
9
 
9
10
  export const metadata: { path?: string; requireAuth?: boolean } = { requireAuth: false }
@@ -28,6 +29,7 @@ export async function POST(req: Request) {
28
29
 
29
30
  const container = await createRequestContainer()
30
31
  const customerUserService = container.resolve('customerUserService') as CustomerUserService
32
+ const customerSessionService = container.resolve('customerSessionService') as CustomerSessionService
31
33
 
32
34
  const user = await customerUserService.findById(auth.sub, auth.tenantId)
33
35
  if (!user) {
@@ -41,6 +43,9 @@ export async function POST(req: Request) {
41
43
 
42
44
  await customerUserService.updatePassword(user, parsed.data.newPassword)
43
45
 
46
+ // Revoke all existing sessions for security
47
+ await customerSessionService.revokeAllUserSessions(user.id)
48
+
44
49
  return NextResponse.json({ ok: true })
45
50
  }
46
51
 
@@ -49,7 +54,7 @@ const errorSchema = z.object({ ok: z.literal(false), error: z.string() })
49
54
 
50
55
  const methodDoc: OpenApiMethodDoc = {
51
56
  summary: 'Change customer password',
52
- description: 'Changes the authenticated customer user password after verifying the current password.',
57
+ description: 'Changes the authenticated customer user password after verifying the current password. Revokes all existing sessions.',
53
58
  tags: ['Customer Portal'],
54
59
  requestBody: { schema: passwordChangeSchema },
55
60
  responses: [{ status: 200, description: 'Password changed', schema: successSchema }],
package/src/modules/inbox_ops/encryption.ts ADDED
@@ -0,0 +1,51 @@
1
+ import type { ModuleEncryptionMap } from '@open-mercato/shared/modules/encryption'
2
+
3
+ // Message body, extracted business data, and correspondent identities all
4
+ // count as tenant PII. Columns routed through WHERE/ILIKE lookups or UNIQUE
5
+ // indexes (`inbox_settings.inbox_address`, `inbox_emails.message_id`,
6
+ // `in_reply_to`, `references`, `*.metadata`) are intentionally left plaintext
7
+ // for now — encrypting them requires paired `*_hash` columns plus rewriting
8
+ // the inbound-webhook lookups, which is out of scope for this fix.
9
+ export const defaultEncryptionMaps: ModuleEncryptionMap[] = [
10
+ {
11
+ entityId: 'inbox_ops:inbox_email',
12
+ fields: [
13
+ { field: 'subject' },
14
+ { field: 'raw_text' },
15
+ { field: 'raw_html' },
16
+ { field: 'cleaned_text' },
17
+ { field: 'thread_messages' },
18
+ { field: 'forwarded_by_address' },
19
+ { field: 'forwarded_by_name' },
20
+ { field: 'to_address' },
21
+ { field: 'reply_to' },
22
+ { field: 'processing_error' },
23
+ ],
24
+ },
25
+ {
26
+ entityId: 'inbox_ops:inbox_proposal',
27
+ fields: [
28
+ { field: 'summary' },
29
+ { field: 'participants' },
30
+ { field: 'translations' },
31
+ ],
32
+ },
33
+ {
34
+ entityId: 'inbox_ops:inbox_proposal_action',
35
+ fields: [
36
+ { field: 'description' },
37
+ { field: 'payload' },
38
+ { field: 'execution_error' },
39
+ ],
40
+ },
41
+ {
42
+ entityId: 'inbox_ops:inbox_discrepancy',
43
+ fields: [
44
+ { field: 'description' },
45
+ { field: 'expected_value' },
46
+ { field: 'found_value' },
47
+ ],
48
+ },
49
+ ]
50
+
51
+ export default defaultEncryptionMaps
package/src/modules/workflows/api/definitions/[id]/route.ts CHANGED
@@ -19,6 +19,7 @@ import {
19
19
  type UpdateWorkflowDefinitionApiInput,
20
20
  } from '../../../data/validators'
21
21
  import { serializeWorkflowDefinition } from '../serialize'
22
+ import { invalidateTriggerCache } from '../../../lib/event-trigger-service'
22
23
 
23
24
  export const metadata = {
24
25
  requireAuth: true,
@@ -178,6 +179,10 @@ export async function PUT(
178
179
 
179
180
  await em.flush()
180
181
 
182
+ // Embedded triggers may have changed; invalidate the in-memory cache so
183
+ // the wildcard event subscriber reloads them on the next event.
184
+ if (tenantId) invalidateTriggerCache(tenantId, organizationId ?? undefined)
185
+
181
186
  return NextResponse.json({
182
187
  data: serializeWorkflowDefinition(definition),
183
188
  message: 'Workflow definition updated successfully',
@@ -269,6 +274,8 @@ export async function DELETE(
269
274
 
270
275
  await em.flush()
271
276
 
277
+ if (tenantId) invalidateTriggerCache(tenantId, organizationId ?? undefined)
278
+
272
279
  return NextResponse.json({
273
280
  message: 'Workflow definition deleted successfully',
274
281
  })
package/src/modules/workflows/api/definitions/route.ts CHANGED
@@ -18,6 +18,7 @@ import {
18
18
  type CreateWorkflowDefinitionApiInput,
19
19
  } from '../../data/validators'
20
20
  import { serializeWorkflowDefinition } from './serialize'
21
+ import { invalidateTriggerCache } from '../../lib/event-trigger-service'
21
22
 
22
23
  export const metadata = {
23
24
  requireAuth: true,
@@ -209,6 +210,11 @@ export async function POST(request: NextRequest) {
209
210
 
210
211
  await em.persist(definition).flush()
211
212
 
213
+ // Newly-created embedded triggers must be visible to the wildcard event
214
+ // subscriber immediately; invalidate the in-memory trigger cache so the
215
+ // next event reload picks up this definition.
216
+ if (tenantId) invalidateTriggerCache(tenantId, organizationId ?? undefined)
217
+
212
218
  return NextResponse.json(
213
219
  {
214
220
  data: serializeWorkflowDefinition(definition),