@open-mercato/core 0.6.4-develop.4236.1.9fa6806b34 → 0.6.4-develop.4254.1.7a123d970c
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-build.log +1 -1
- package/dist/helpers/integration/authFixtures.js +70 -1
- package/dist/helpers/integration/authFixtures.js.map +2 -2
- package/dist/helpers/integration/dbFixtures.js +98 -0
- package/dist/helpers/integration/dbFixtures.js.map +7 -0
- package/dist/modules/business_rules/api/execute/route.js +2 -1
- package/dist/modules/business_rules/api/execute/route.js.map +2 -2
- package/dist/modules/business_rules/api/rules/route.js +10 -0
- package/dist/modules/business_rules/api/rules/route.js.map +2 -2
- package/dist/modules/business_rules/backend/logs/[id]/page.js +24 -5
- package/dist/modules/business_rules/backend/logs/[id]/page.js.map +2 -2
- package/dist/modules/business_rules/cli.js +6 -0
- package/dist/modules/business_rules/cli.js.map +2 -2
- package/dist/modules/business_rules/lib/rule-engine.js +116 -9
- package/dist/modules/business_rules/lib/rule-engine.js.map +2 -2
- package/dist/modules/business_rules/subscribers/crud-rule-trigger.js +3 -2
- package/dist/modules/business_rules/subscribers/crud-rule-trigger.js.map +2 -2
- package/dist/modules/catalog/api/offers/route.js +15 -5
- package/dist/modules/catalog/api/offers/route.js.map +2 -2
- package/dist/modules/catalog/api/products/route.js +21 -4
- package/dist/modules/catalog/api/products/route.js.map +2 -2
- package/dist/modules/catalog/lib/pricing.js +6 -0
- package/dist/modules/catalog/lib/pricing.js.map +2 -2
- package/dist/modules/catalog/services/catalogPricingService.js +5 -1
- package/dist/modules/catalog/services/catalogPricingService.js.map +2 -2
- package/dist/modules/currencies/backend/currencies/[id]/page.js +19 -2
- package/dist/modules/currencies/backend/currencies/[id]/page.js.map +2 -2
- package/dist/modules/customer_accounts/backend/customer_accounts/roles/[id]/page.js +27 -7
- package/dist/modules/customer_accounts/backend/customer_accounts/roles/[id]/page.js.map +2 -2
- package/dist/modules/customer_accounts/backend/customer_accounts/users/[id]/page.js +27 -7
- package/dist/modules/customer_accounts/backend/customer_accounts/users/[id]/page.js.map +2 -2
- package/dist/modules/customers/api/activities/route.js +15 -2
- package/dist/modules/customers/api/activities/route.js.map +2 -2
- package/dist/modules/customers/api/comments/route.js +15 -3
- package/dist/modules/customers/api/comments/route.js.map +2 -2
- package/dist/modules/customers/api/companies/[id]/people/route.js +2 -4
- package/dist/modules/customers/api/companies/[id]/people/route.js.map +2 -2
- package/dist/modules/customers/api/companies/[id]/route.js +2 -4
- package/dist/modules/customers/api/companies/[id]/route.js.map +2 -2
- package/dist/modules/customers/api/deals/[id]/companies/route.js +2 -4
- package/dist/modules/customers/api/deals/[id]/companies/route.js.map +2 -2
- package/dist/modules/customers/api/deals/[id]/people/route.js +2 -4
- package/dist/modules/customers/api/deals/[id]/people/route.js.map +2 -2
- package/dist/modules/customers/api/deals/[id]/route.js +2 -9
- package/dist/modules/customers/api/deals/[id]/route.js.map +2 -2
- package/dist/modules/customers/api/deals/[id]/stats/route.js +2 -9
- package/dist/modules/customers/api/deals/[id]/stats/route.js.map +2 -2
- package/dist/modules/customers/api/entity-roles-factory.js +2 -8
- package/dist/modules/customers/api/entity-roles-factory.js.map +2 -2
- package/dist/modules/customers/api/people/[id]/companies/context.js +2 -4
- package/dist/modules/customers/api/people/[id]/companies/context.js.map +2 -2
- package/dist/modules/customers/api/people/[id]/companies/enriched/route.js +2 -4
- package/dist/modules/customers/api/people/[id]/companies/enriched/route.js.map +2 -2
- package/dist/modules/customers/api/people/[id]/route.js +2 -4
- package/dist/modules/customers/api/people/[id]/route.js.map +2 -2
- package/dist/modules/customers/backend/customers/people/[id]/page.js +29 -8
- package/dist/modules/customers/backend/customers/people/[id]/page.js.map +2 -2
- package/dist/modules/directory/utils/organizationScopeGuard.js +22 -0
- package/dist/modules/directory/utils/organizationScopeGuard.js.map +7 -0
- package/dist/modules/progress/acl.js +8 -4
- package/dist/modules/progress/acl.js.map +2 -2
- package/dist/modules/workflows/backend/events/[id]/page.js +24 -6
- package/dist/modules/workflows/backend/events/[id]/page.js.map +2 -2
- package/dist/modules/workflows/backend/instances/[id]/page.js +27 -5
- package/dist/modules/workflows/backend/instances/[id]/page.js.map +2 -2
- package/dist/modules/workflows/backend/tasks/[id]/page.js +25 -6
- package/dist/modules/workflows/backend/tasks/[id]/page.js.map +2 -2
- package/dist/modules/workflows/cli.js +8 -0
- package/dist/modules/workflows/cli.js.map +2 -2
- package/dist/modules/workflows/lib/seeds.js +8 -4
- package/dist/modules/workflows/lib/seeds.js.map +2 -2
- package/dist/modules/workflows/setup.js +3 -1
- package/dist/modules/workflows/setup.js.map +2 -2
- package/package.json +7 -7
- package/src/helpers/integration/authFixtures.ts +98 -0
- package/src/helpers/integration/dbFixtures.ts +144 -0
- package/src/modules/business_rules/api/execute/route.ts +2 -1
- package/src/modules/business_rules/api/rules/route.ts +10 -0
- package/src/modules/business_rules/backend/logs/[id]/page.tsx +32 -7
- package/src/modules/business_rules/cli.ts +6 -0
- package/src/modules/business_rules/lib/rule-engine.ts +163 -9
- package/src/modules/business_rules/subscribers/crud-rule-trigger.ts +3 -2
- package/src/modules/catalog/api/offers/route.ts +20 -5
- package/src/modules/catalog/api/products/route.ts +23 -4
- package/src/modules/catalog/lib/pricing.ts +9 -0
- package/src/modules/catalog/services/catalogPricingService.ts +6 -0
- package/src/modules/currencies/backend/currencies/[id]/page.tsx +21 -2
- package/src/modules/currencies/i18n/de.json +1 -0
- package/src/modules/currencies/i18n/en.json +1 -0
- package/src/modules/currencies/i18n/es.json +1 -0
- package/src/modules/currencies/i18n/pl.json +1 -0
- package/src/modules/customer_accounts/backend/customer_accounts/roles/[id]/page.tsx +34 -11
- package/src/modules/customer_accounts/backend/customer_accounts/users/[id]/page.tsx +34 -11
- package/src/modules/customers/api/activities/route.ts +16 -5
- package/src/modules/customers/api/comments/route.ts +15 -5
- package/src/modules/customers/api/companies/[id]/people/route.ts +2 -4
- package/src/modules/customers/api/companies/[id]/route.ts +2 -5
- package/src/modules/customers/api/deals/[id]/companies/route.ts +2 -4
- package/src/modules/customers/api/deals/[id]/people/route.ts +2 -4
- package/src/modules/customers/api/deals/[id]/route.ts +2 -9
- package/src/modules/customers/api/deals/[id]/stats/route.ts +2 -9
- package/src/modules/customers/api/entity-roles-factory.ts +2 -12
- package/src/modules/customers/api/people/[id]/companies/context.ts +2 -5
- package/src/modules/customers/api/people/[id]/companies/enriched/route.ts +2 -5
- package/src/modules/customers/api/people/[id]/route.ts +2 -5
- package/src/modules/customers/backend/customers/people/[id]/page.tsx +35 -11
- package/src/modules/directory/utils/organizationScopeGuard.ts +39 -0
- package/src/modules/progress/acl.ts +4 -0
- package/src/modules/workflows/backend/events/[id]/page.tsx +32 -10
- package/src/modules/workflows/backend/instances/[id]/page.tsx +33 -9
- package/src/modules/workflows/backend/tasks/[id]/page.tsx +33 -10
- package/src/modules/workflows/cli.ts +8 -0
- package/src/modules/workflows/i18n/de.json +1 -0
- package/src/modules/workflows/i18n/en.json +1 -0
- package/src/modules/workflows/i18n/es.json +1 -0
- package/src/modules/workflows/i18n/pl.json +1 -0
- package/src/modules/workflows/lib/seeds.ts +13 -3
- package/src/modules/workflows/setup.ts +3 -1
|
@@ -6,6 +6,7 @@ import { getAuthFromRequest } from "@open-mercato/shared/lib/auth/server";
|
|
|
6
6
|
import { resolveOrganizationScopeForRequest } from "@open-mercato/core/modules/directory/utils/organizationScope";
|
|
7
7
|
import { resolveTranslations } from "@open-mercato/shared/lib/i18n/server";
|
|
8
8
|
import { findOneWithDecryption, findWithDecryption } from "@open-mercato/shared/lib/encryption/find";
|
|
9
|
+
import { isOrganizationReadAccessAllowed } from "@open-mercato/core/modules/directory/utils/organizationScopeGuard";
|
|
9
10
|
import { CustomerCompanyProfile, CustomerDeal, CustomerDealCompanyLink } from "../../../../data/entities.js";
|
|
10
11
|
const paramsSchema = z.object({
|
|
11
12
|
id: z.string().uuid()
|
|
@@ -72,10 +73,7 @@ async function GET(req, ctx) {
|
|
|
72
73
|
if (!deal) {
|
|
73
74
|
throw new CrudHttpError(404, { error: translate("customers.errors.deal_not_found", "Deal not found") });
|
|
74
75
|
}
|
|
75
|
-
|
|
76
|
-
if (scope?.filterIds?.length) scope.filterIds.forEach((entry) => allowedOrgIds.add(entry));
|
|
77
|
-
else if (auth.orgId) allowedOrgIds.add(auth.orgId);
|
|
78
|
-
if (allowedOrgIds.size > 0 && deal.organizationId && !allowedOrgIds.has(deal.organizationId)) {
|
|
76
|
+
if (!isOrganizationReadAccessAllowed({ scope, auth, organizationId: deal.organizationId })) {
|
|
79
77
|
throw new CrudHttpError(403, { error: translate("customers.errors.access_denied", "Access denied") });
|
|
80
78
|
}
|
|
81
79
|
const entityScope = { tenantId: deal.tenantId, organizationId: deal.organizationId };
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../../../../src/modules/customers/api/deals/%5Bid%5D/companies/route.ts"],
|
|
4
|
-
"sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { CrudHttpError, isCrudHttpError } from '@open-mercato/shared/lib/crud/errors'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { resolveOrganizationScopeForRequest } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { findOneWithDecryption, findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\nimport { CustomerCompanyProfile, CustomerDeal, CustomerDealCompanyLink, CustomerEntity } from '../../../../data/entities'\n\nconst paramsSchema = z.object({\n id: z.string().uuid(),\n})\n\nconst querySchema = z.object({\n page: z.coerce.number().min(1).default(1),\n pageSize: z.coerce.number().min(1).max(100).default(20),\n search: z.string().optional(),\n sort: z.enum(['label-asc', 'label-desc', 'name-asc', 'name-desc', 'recent']).default('label-asc'),\n})\n\ntype DealLinkedEntitySort = 'label-asc' | 'label-desc' | 'recent'\n\nfunction normalizeSort(sort: z.infer<typeof querySchema>['sort']): DealLinkedEntitySort {\n if (sort === 'name-asc') return 'label-asc'\n if (sort === 'name-desc') return 'label-desc'\n return sort\n}\n\ntype DealCompanyItem = {\n id: string\n label: string\n subtitle: string | null\n kind: 'company'\n linkedAt: string\n}\n\nfunction matchesSearch(item: DealCompanyItem, query: string): boolean {\n const normalized = query.trim().toLowerCase()\n if (!normalized.length) return true\n return [item.label, item.subtitle]\n .filter((value): value is string => typeof value === 'string' && value.length > 0)\n .some((value) => value.toLowerCase().includes(normalized))\n}\n\nfunction sortItems(items: DealCompanyItem[], sort: 'label-asc' | 'label-desc' | 'recent'): DealCompanyItem[] {\n if (sort === 'recent') {\n return [...items].sort((left, right) => {\n const compare = new Date(right.linkedAt).getTime() - new Date(left.linkedAt).getTime()\n if (compare !== 0) return compare\n return left.label.localeCompare(right.label, undefined, { sensitivity: 'base' })\n })\n }\n return [...items].sort((left, right) => {\n const compare = left.label.localeCompare(right.label, undefined, { sensitivity: 'base' })\n return sort === 'label-asc' ? compare : -compare\n })\n}\n\nexport const metadata = {\n GET: { requireAuth: true, requireFeatures: ['customers.deals.view'] },\n}\n\nexport async function GET(req: Request, ctx: { params?: { id?: string } }) {\n const { translate } = await resolveTranslations()\n try {\n const { id } = paramsSchema.parse({ id: ctx.params?.id })\n const auth = await getAuthFromRequest(req)\n if (!auth?.tenantId) throw new CrudHttpError(401, { error: 'Unauthorized' })\n\n const url = new URL(req.url)\n const query = querySchema.parse({\n page: url.searchParams.get('page') ?? undefined,\n pageSize: url.searchParams.get('pageSize') ?? undefined,\n search: url.searchParams.get('search') ?? undefined,\n sort: url.searchParams.get('sort') ?? undefined,\n })\n\n const container = await createRequestContainer()\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request: req })\n const em = (container.resolve('em') as EntityManager).fork()\n const decryptionScope = {\n tenantId: auth.tenantId,\n organizationId: scope?.selectedId ?? auth.orgId ?? null,\n }\n\n const deal = await findOneWithDecryption(\n em,\n CustomerDeal,\n { id, tenantId: auth.tenantId, deletedAt: null },\n {},\n decryptionScope,\n )\n if (!deal) {\n throw new CrudHttpError(404, { error: translate('customers.errors.deal_not_found', 'Deal not found') })\n }\n\n
|
|
5
|
-
"mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,eAAe,uBAAuB;AAC/C,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,0CAA0C;AACnD,SAAS,2BAA2B;AAEpC,SAAS,uBAAuB,0BAA0B;AAC1D,SAAS,wBAAwB,cAAc,+BAA+C;AAE9F,MAAM,eAAe,EAAE,OAAO;AAAA,EAC5B,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,MAAM,cAAc,EAAE,OAAO;AAAA,EAC3B,MAAM,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,CAAC;AAAA,EACxC,UAAU,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,QAAQ,EAAE;AAAA,EACtD,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,MAAM,EAAE,KAAK,CAAC,aAAa,cAAc,YAAY,aAAa,QAAQ,CAAC,EAAE,QAAQ,WAAW;AAClG,CAAC;AAID,SAAS,cAAc,MAAiE;AACtF,MAAI,SAAS,WAAY,QAAO;AAChC,MAAI,SAAS,YAAa,QAAO;AACjC,SAAO;AACT;AAUA,SAAS,cAAc,MAAuB,OAAwB;AACpE,QAAM,aAAa,MAAM,KAAK,EAAE,YAAY;AAC5C,MAAI,CAAC,WAAW,OAAQ,QAAO;AAC/B,SAAO,CAAC,KAAK,OAAO,KAAK,QAAQ,EAC9B,OAAO,CAAC,UAA2B,OAAO,UAAU,YAAY,MAAM,SAAS,CAAC,EAChF,KAAK,CAAC,UAAU,MAAM,YAAY,EAAE,SAAS,UAAU,CAAC;AAC7D;AAEA,SAAS,UAAU,OAA0B,MAAgE;AAC3G,MAAI,SAAS,UAAU;AACrB,WAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC,MAAM,UAAU;AACtC,YAAM,UAAU,IAAI,KAAK,MAAM,QAAQ,EAAE,QAAQ,IAAI,IAAI,KAAK,KAAK,QAAQ,EAAE,QAAQ;AACrF,UAAI,YAAY,EAAG,QAAO;AAC1B,aAAO,KAAK,MAAM,cAAc,MAAM,OAAO,QAAW,EAAE,aAAa,OAAO,CAAC;AAAA,IACjF,CAAC;AAAA,EACH;AACA,SAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC,MAAM,UAAU;AACtC,UAAM,UAAU,KAAK,MAAM,cAAc,MAAM,OAAO,QAAW,EAAE,aAAa,OAAO,CAAC;AACxF,WAAO,SAAS,cAAc,UAAU,CAAC;AAAA,EAC3C,CAAC;AACH;AAEO,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,sBAAsB,EAAE;AACtE;AAEA,eAAsB,IAAI,KAAc,KAAmC;AACzE,QAAM,EAAE,UAAU,IAAI,MAAM,oBAAoB;AAChD,MAAI;AACF,UAAM,EAAE,GAAG,IAAI,aAAa,MAAM,EAAE,IAAI,IAAI,QAAQ,GAAG,CAAC;AACxD,UAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,QAAI,CAAC,MAAM,SAAU,OAAM,IAAI,cAAc,KAAK,EAAE,OAAO,eAAe,CAAC;AAE3E,UAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,UAAM,QAAQ,YAAY,MAAM;AAAA,MAC9B,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,MACtC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,MAC9C,QAAQ,IAAI,aAAa,IAAI,QAAQ,KAAK;AAAA,MAC1C,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,IACxC,CAAC;AAED,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,SAAS,IAAI,CAAC;AACxF,UAAM,KAAM,UAAU,QAAQ,IAAI,EAAoB,KAAK;AAC3D,UAAM,kBAAkB;AAAA,MACtB,UAAU,KAAK;AAAA,MACf,gBAAgB,OAAO,cAAc,KAAK,SAAS;AAAA,IACrD;AAEA,UAAM,OAAO,MAAM;AAAA,MACjB;AAAA,MACA;AAAA,MACA,EAAE,IAAI,UAAU,KAAK,UAAU,WAAW,KAAK;AAAA,MAC/C,CAAC;AAAA,MACD;AAAA,IACF;AACA,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,KAAK,EAAE,OAAO,UAAU,mCAAmC,gBAAgB,EAAE,CAAC;AAAA,IACxG;AAEA,
|
|
4
|
+
"sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { CrudHttpError, isCrudHttpError } from '@open-mercato/shared/lib/crud/errors'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { resolveOrganizationScopeForRequest } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { findOneWithDecryption, findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\nimport { isOrganizationReadAccessAllowed } from '@open-mercato/core/modules/directory/utils/organizationScopeGuard'\nimport { CustomerCompanyProfile, CustomerDeal, CustomerDealCompanyLink, CustomerEntity } from '../../../../data/entities'\n\nconst paramsSchema = z.object({\n id: z.string().uuid(),\n})\n\nconst querySchema = z.object({\n page: z.coerce.number().min(1).default(1),\n pageSize: z.coerce.number().min(1).max(100).default(20),\n search: z.string().optional(),\n sort: z.enum(['label-asc', 'label-desc', 'name-asc', 'name-desc', 'recent']).default('label-asc'),\n})\n\ntype DealLinkedEntitySort = 'label-asc' | 'label-desc' | 'recent'\n\nfunction normalizeSort(sort: z.infer<typeof querySchema>['sort']): DealLinkedEntitySort {\n if (sort === 'name-asc') return 'label-asc'\n if (sort === 'name-desc') return 'label-desc'\n return sort\n}\n\ntype DealCompanyItem = {\n id: string\n label: string\n subtitle: string | null\n kind: 'company'\n linkedAt: string\n}\n\nfunction matchesSearch(item: DealCompanyItem, query: string): boolean {\n const normalized = query.trim().toLowerCase()\n if (!normalized.length) return true\n return [item.label, item.subtitle]\n .filter((value): value is string => typeof value === 'string' && value.length > 0)\n .some((value) => value.toLowerCase().includes(normalized))\n}\n\nfunction sortItems(items: DealCompanyItem[], sort: 'label-asc' | 'label-desc' | 'recent'): DealCompanyItem[] {\n if (sort === 'recent') {\n return [...items].sort((left, right) => {\n const compare = new Date(right.linkedAt).getTime() - new Date(left.linkedAt).getTime()\n if (compare !== 0) return compare\n return left.label.localeCompare(right.label, undefined, { sensitivity: 'base' })\n })\n }\n return [...items].sort((left, right) => {\n const compare = left.label.localeCompare(right.label, undefined, { sensitivity: 'base' })\n return sort === 'label-asc' ? compare : -compare\n })\n}\n\nexport const metadata = {\n GET: { requireAuth: true, requireFeatures: ['customers.deals.view'] },\n}\n\nexport async function GET(req: Request, ctx: { params?: { id?: string } }) {\n const { translate } = await resolveTranslations()\n try {\n const { id } = paramsSchema.parse({ id: ctx.params?.id })\n const auth = await getAuthFromRequest(req)\n if (!auth?.tenantId) throw new CrudHttpError(401, { error: 'Unauthorized' })\n\n const url = new URL(req.url)\n const query = querySchema.parse({\n page: url.searchParams.get('page') ?? undefined,\n pageSize: url.searchParams.get('pageSize') ?? undefined,\n search: url.searchParams.get('search') ?? undefined,\n sort: url.searchParams.get('sort') ?? undefined,\n })\n\n const container = await createRequestContainer()\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request: req })\n const em = (container.resolve('em') as EntityManager).fork()\n const decryptionScope = {\n tenantId: auth.tenantId,\n organizationId: scope?.selectedId ?? auth.orgId ?? null,\n }\n\n const deal = await findOneWithDecryption(\n em,\n CustomerDeal,\n { id, tenantId: auth.tenantId, deletedAt: null },\n {},\n decryptionScope,\n )\n if (!deal) {\n throw new CrudHttpError(404, { error: translate('customers.errors.deal_not_found', 'Deal not found') })\n }\n\n if (!isOrganizationReadAccessAllowed({ scope, auth, organizationId: deal.organizationId })) {\n throw new CrudHttpError(403, { error: translate('customers.errors.access_denied', 'Access denied') })\n }\n\n const entityScope = { tenantId: deal.tenantId, organizationId: deal.organizationId }\n const links = await findWithDecryption(\n em,\n CustomerDealCompanyLink,\n { deal: deal.id },\n { populate: ['company'] },\n entityScope,\n )\n\n const companyIds = links\n .map((link) => link.company?.id)\n .filter((companyId): companyId is string => typeof companyId === 'string' && companyId.length > 0)\n const profiles = companyIds.length > 0\n ? await findWithDecryption(\n em,\n CustomerCompanyProfile,\n {\n entity: { $in: companyIds },\n tenantId: deal.tenantId,\n organizationId: deal.organizationId,\n },\n {},\n entityScope,\n )\n : []\n const profileByCompanyId = new Map(\n profiles.map((profile) => [(profile.entity as { id: string }).id, profile]),\n )\n\n const items = links\n .map((link) => {\n const company = link.company as CustomerEntity | null\n if (!company?.id) return null\n const profile = profileByCompanyId.get(company.id) ?? null\n return {\n id: company.id,\n label: company.displayName ?? profile?.domain ?? company.id,\n subtitle: profile?.domain ?? company.primaryEmail ?? company.primaryPhone ?? null,\n kind: 'company',\n linkedAt: link.createdAt.toISOString(),\n } satisfies DealCompanyItem\n })\n .filter((item): item is DealCompanyItem => item !== null)\n\n const filtered = query.search?.trim().length ? items.filter((item) => matchesSearch(item, query.search ?? '')) : items\n const sorted = sortItems(filtered, normalizeSort(query.sort))\n const total = sorted.length\n const totalPages = Math.max(1, Math.ceil(total / query.pageSize))\n const page = Math.min(query.page, totalPages)\n const start = (page - 1) * query.pageSize\n\n return NextResponse.json({\n items: sorted.slice(start, start + query.pageSize),\n total,\n page,\n pageSize: query.pageSize,\n totalPages,\n })\n } catch (error) {\n if (isCrudHttpError(error)) {\n return NextResponse.json(error.body, { status: error.status })\n }\n console.error('[customers.deals.companies.GET]', error)\n return NextResponse.json({ error: translate('customers.errors.deal_companies_load_failed', 'Failed to load linked companies') }, { status: 500 })\n }\n}\n\nexport const openApi: OpenApiRouteDoc = {\n tag: 'Customers',\n methods: {\n GET: {\n summary: 'List linked companies for a deal',\n query: querySchema,\n responses: [\n {\n status: 200,\n description: 'Paginated linked companies',\n schema: z.object({\n items: z.array(\n z.object({\n id: z.string().uuid(),\n label: z.string(),\n subtitle: z.string().nullable(),\n kind: z.literal('company'),\n linkedAt: z.string(),\n }),\n ),\n total: z.number().int().nonnegative(),\n page: z.number().int().min(1),\n pageSize: z.number().int().min(1),\n totalPages: z.number().int().min(1),\n }),\n },\n ],\n },\n },\n}\n"],
|
|
5
|
+
"mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,eAAe,uBAAuB;AAC/C,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,0CAA0C;AACnD,SAAS,2BAA2B;AAEpC,SAAS,uBAAuB,0BAA0B;AAC1D,SAAS,uCAAuC;AAChD,SAAS,wBAAwB,cAAc,+BAA+C;AAE9F,MAAM,eAAe,EAAE,OAAO;AAAA,EAC5B,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,MAAM,cAAc,EAAE,OAAO;AAAA,EAC3B,MAAM,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,CAAC;AAAA,EACxC,UAAU,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,QAAQ,EAAE;AAAA,EACtD,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,MAAM,EAAE,KAAK,CAAC,aAAa,cAAc,YAAY,aAAa,QAAQ,CAAC,EAAE,QAAQ,WAAW;AAClG,CAAC;AAID,SAAS,cAAc,MAAiE;AACtF,MAAI,SAAS,WAAY,QAAO;AAChC,MAAI,SAAS,YAAa,QAAO;AACjC,SAAO;AACT;AAUA,SAAS,cAAc,MAAuB,OAAwB;AACpE,QAAM,aAAa,MAAM,KAAK,EAAE,YAAY;AAC5C,MAAI,CAAC,WAAW,OAAQ,QAAO;AAC/B,SAAO,CAAC,KAAK,OAAO,KAAK,QAAQ,EAC9B,OAAO,CAAC,UAA2B,OAAO,UAAU,YAAY,MAAM,SAAS,CAAC,EAChF,KAAK,CAAC,UAAU,MAAM,YAAY,EAAE,SAAS,UAAU,CAAC;AAC7D;AAEA,SAAS,UAAU,OAA0B,MAAgE;AAC3G,MAAI,SAAS,UAAU;AACrB,WAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC,MAAM,UAAU;AACtC,YAAM,UAAU,IAAI,KAAK,MAAM,QAAQ,EAAE,QAAQ,IAAI,IAAI,KAAK,KAAK,QAAQ,EAAE,QAAQ;AACrF,UAAI,YAAY,EAAG,QAAO;AAC1B,aAAO,KAAK,MAAM,cAAc,MAAM,OAAO,QAAW,EAAE,aAAa,OAAO,CAAC;AAAA,IACjF,CAAC;AAAA,EACH;AACA,SAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC,MAAM,UAAU;AACtC,UAAM,UAAU,KAAK,MAAM,cAAc,MAAM,OAAO,QAAW,EAAE,aAAa,OAAO,CAAC;AACxF,WAAO,SAAS,cAAc,UAAU,CAAC;AAAA,EAC3C,CAAC;AACH;AAEO,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,sBAAsB,EAAE;AACtE;AAEA,eAAsB,IAAI,KAAc,KAAmC;AACzE,QAAM,EAAE,UAAU,IAAI,MAAM,oBAAoB;AAChD,MAAI;AACF,UAAM,EAAE,GAAG,IAAI,aAAa,MAAM,EAAE,IAAI,IAAI,QAAQ,GAAG,CAAC;AACxD,UAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,QAAI,CAAC,MAAM,SAAU,OAAM,IAAI,cAAc,KAAK,EAAE,OAAO,eAAe,CAAC;AAE3E,UAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,UAAM,QAAQ,YAAY,MAAM;AAAA,MAC9B,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,MACtC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,MAC9C,QAAQ,IAAI,aAAa,IAAI,QAAQ,KAAK;AAAA,MAC1C,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,IACxC,CAAC;AAED,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,SAAS,IAAI,CAAC;AACxF,UAAM,KAAM,UAAU,QAAQ,IAAI,EAAoB,KAAK;AAC3D,UAAM,kBAAkB;AAAA,MACtB,UAAU,KAAK;AAAA,MACf,gBAAgB,OAAO,cAAc,KAAK,SAAS;AAAA,IACrD;AAEA,UAAM,OAAO,MAAM;AAAA,MACjB;AAAA,MACA;AAAA,MACA,EAAE,IAAI,UAAU,KAAK,UAAU,WAAW,KAAK;AAAA,MAC/C,CAAC;AAAA,MACD;AAAA,IACF;AACA,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,KAAK,EAAE,OAAO,UAAU,mCAAmC,gBAAgB,EAAE,CAAC;AAAA,IACxG;AAEA,QAAI,CAAC,gCAAgC,EAAE,OAAO,MAAM,gBAAgB,KAAK,eAAe,CAAC,GAAG;AAC1F,YAAM,IAAI,cAAc,KAAK,EAAE,OAAO,UAAU,kCAAkC,eAAe,EAAE,CAAC;AAAA,IACtG;AAEA,UAAM,cAAc,EAAE,UAAU,KAAK,UAAU,gBAAgB,KAAK,eAAe;AACnF,UAAM,QAAQ,MAAM;AAAA,MAClB;AAAA,MACA;AAAA,MACA,EAAE,MAAM,KAAK,GAAG;AAAA,MAChB,EAAE,UAAU,CAAC,SAAS,EAAE;AAAA,MACxB;AAAA,IACF;AAEA,UAAM,aAAa,MAChB,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,EAC9B,OAAO,CAAC,cAAmC,OAAO,cAAc,YAAY,UAAU,SAAS,CAAC;AACnG,UAAM,WAAW,WAAW,SAAS,IACjC,MAAM;AAAA,MACJ;AAAA,MACA;AAAA,MACA;AAAA,QACE,QAAQ,EAAE,KAAK,WAAW;AAAA,QAC1B,UAAU,KAAK;AAAA,QACf,gBAAgB,KAAK;AAAA,MACvB;AAAA,MACA,CAAC;AAAA,MACD;AAAA,IACF,IACA,CAAC;AACL,UAAM,qBAAqB,IAAI;AAAA,MAC7B,SAAS,IAAI,CAAC,YAAY,CAAE,QAAQ,OAA0B,IAAI,OAAO,CAAC;AAAA,IAC5E;AAEA,UAAM,QAAQ,MACX,IAAI,CAAC,SAAS;AACb,YAAM,UAAU,KAAK;AACrB,UAAI,CAAC,SAAS,GAAI,QAAO;AACzB,YAAM,UAAU,mBAAmB,IAAI,QAAQ,EAAE,KAAK;AACtD,aAAO;AAAA,QACL,IAAI,QAAQ;AAAA,QACZ,OAAO,QAAQ,eAAe,SAAS,UAAU,QAAQ;AAAA,QACzD,UAAU,SAAS,UAAU,QAAQ,gBAAgB,QAAQ,gBAAgB;AAAA,QAC7E,MAAM;AAAA,QACN,UAAU,KAAK,UAAU,YAAY;AAAA,MACvC;AAAA,IACF,CAAC,EACA,OAAO,CAAC,SAAkC,SAAS,IAAI;AAE1D,UAAM,WAAW,MAAM,QAAQ,KAAK,EAAE,SAAS,MAAM,OAAO,CAAC,SAAS,cAAc,MAAM,MAAM,UAAU,EAAE,CAAC,IAAI;AACjH,UAAM,SAAS,UAAU,UAAU,cAAc,MAAM,IAAI,CAAC;AAC5D,UAAM,QAAQ,OAAO;AACrB,UAAM,aAAa,KAAK,IAAI,GAAG,KAAK,KAAK,QAAQ,MAAM,QAAQ,CAAC;AAChE,UAAM,OAAO,KAAK,IAAI,MAAM,MAAM,UAAU;AAC5C,UAAM,SAAS,OAAO,KAAK,MAAM;AAEjC,WAAO,aAAa,KAAK;AAAA,MACvB,OAAO,OAAO,MAAM,OAAO,QAAQ,MAAM,QAAQ;AAAA,MACjD;AAAA,MACA;AAAA,MACA,UAAU,MAAM;AAAA,MAChB;AAAA,IACF,CAAC;AAAA,EACH,SAAS,OAAO;AACd,QAAI,gBAAgB,KAAK,GAAG;AAC1B,aAAO,aAAa,KAAK,MAAM,MAAM,EAAE,QAAQ,MAAM,OAAO,CAAC;AAAA,IAC/D;AACA,YAAQ,MAAM,mCAAmC,KAAK;AACtD,WAAO,aAAa,KAAK,EAAE,OAAO,UAAU,+CAA+C,iCAAiC,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAClJ;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,OAAO;AAAA,MACP,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,QAAQ,EAAE,OAAO;AAAA,YACf,OAAO,EAAE;AAAA,cACP,EAAE,OAAO;AAAA,gBACP,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,gBACpB,OAAO,EAAE,OAAO;AAAA,gBAChB,UAAU,EAAE,OAAO,EAAE,SAAS;AAAA,gBAC9B,MAAM,EAAE,QAAQ,SAAS;AAAA,gBACzB,UAAU,EAAE,OAAO;AAAA,cACrB,CAAC;AAAA,YACH;AAAA,YACA,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY;AAAA,YACpC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC;AAAA,YAC5B,UAAU,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC;AAAA,YAChC,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC;AAAA,UACpC,CAAC;AAAA,QACH;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;",
|
|
6
6
|
"names": []
|
|
7
7
|
}
|
|
@@ -6,6 +6,7 @@ import { getAuthFromRequest } from "@open-mercato/shared/lib/auth/server";
|
|
|
6
6
|
import { resolveOrganizationScopeForRequest } from "@open-mercato/core/modules/directory/utils/organizationScope";
|
|
7
7
|
import { resolveTranslations } from "@open-mercato/shared/lib/i18n/server";
|
|
8
8
|
import { findOneWithDecryption, findWithDecryption } from "@open-mercato/shared/lib/encryption/find";
|
|
9
|
+
import { isOrganizationReadAccessAllowed } from "@open-mercato/core/modules/directory/utils/organizationScopeGuard";
|
|
9
10
|
import { CustomerDeal, CustomerDealPersonLink } from "../../../../data/entities.js";
|
|
10
11
|
const paramsSchema = z.object({
|
|
11
12
|
id: z.string().uuid()
|
|
@@ -72,10 +73,7 @@ async function GET(req, ctx) {
|
|
|
72
73
|
if (!deal) {
|
|
73
74
|
throw new CrudHttpError(404, { error: translate("customers.errors.deal_not_found", "Deal not found") });
|
|
74
75
|
}
|
|
75
|
-
|
|
76
|
-
if (scope?.filterIds?.length) scope.filterIds.forEach((entry) => allowedOrgIds.add(entry));
|
|
77
|
-
else if (auth.orgId) allowedOrgIds.add(auth.orgId);
|
|
78
|
-
if (allowedOrgIds.size > 0 && deal.organizationId && !allowedOrgIds.has(deal.organizationId)) {
|
|
76
|
+
if (!isOrganizationReadAccessAllowed({ scope, auth, organizationId: deal.organizationId })) {
|
|
79
77
|
throw new CrudHttpError(403, { error: translate("customers.errors.access_denied", "Access denied") });
|
|
80
78
|
}
|
|
81
79
|
const entityScope = { tenantId: deal.tenantId, organizationId: deal.organizationId };
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../../../../src/modules/customers/api/deals/%5Bid%5D/people/route.ts"],
|
|
4
|
-
"sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { CrudHttpError, isCrudHttpError } from '@open-mercato/shared/lib/crud/errors'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { resolveOrganizationScopeForRequest } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { findOneWithDecryption, findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\nimport { CustomerDeal, CustomerDealPersonLink, CustomerEntity } from '../../../../data/entities'\n\nconst paramsSchema = z.object({\n id: z.string().uuid(),\n})\n\nconst querySchema = z.object({\n page: z.coerce.number().min(1).default(1),\n pageSize: z.coerce.number().min(1).max(100).default(20),\n search: z.string().optional(),\n sort: z.enum(['label-asc', 'label-desc', 'name-asc', 'name-desc', 'recent']).default('label-asc'),\n})\n\ntype DealLinkedEntitySort = 'label-asc' | 'label-desc' | 'recent'\n\nfunction normalizeSort(sort: z.infer<typeof querySchema>['sort']): DealLinkedEntitySort {\n if (sort === 'name-asc') return 'label-asc'\n if (sort === 'name-desc') return 'label-desc'\n return sort\n}\n\ntype DealPersonItem = {\n id: string\n label: string\n subtitle: string | null\n kind: 'person'\n linkedAt: string\n}\n\nfunction matchesSearch(item: DealPersonItem, query: string): boolean {\n const normalized = query.trim().toLowerCase()\n if (!normalized.length) return true\n return [item.label, item.subtitle]\n .filter((value): value is string => typeof value === 'string' && value.length > 0)\n .some((value) => value.toLowerCase().includes(normalized))\n}\n\nfunction sortItems(items: DealPersonItem[], sort: 'label-asc' | 'label-desc' | 'recent'): DealPersonItem[] {\n if (sort === 'recent') {\n return [...items].sort((left, right) => {\n const compare = new Date(right.linkedAt).getTime() - new Date(left.linkedAt).getTime()\n if (compare !== 0) return compare\n return left.label.localeCompare(right.label, undefined, { sensitivity: 'base' })\n })\n }\n return [...items].sort((left, right) => {\n const compare = left.label.localeCompare(right.label, undefined, { sensitivity: 'base' })\n return sort === 'label-asc' ? compare : -compare\n })\n}\n\nexport const metadata = {\n GET: { requireAuth: true, requireFeatures: ['customers.deals.view'] },\n}\n\nexport async function GET(req: Request, ctx: { params?: { id?: string } }) {\n const { translate } = await resolveTranslations()\n try {\n const { id } = paramsSchema.parse({ id: ctx.params?.id })\n const auth = await getAuthFromRequest(req)\n if (!auth?.tenantId) throw new CrudHttpError(401, { error: 'Unauthorized' })\n\n const url = new URL(req.url)\n const query = querySchema.parse({\n page: url.searchParams.get('page') ?? undefined,\n pageSize: url.searchParams.get('pageSize') ?? undefined,\n search: url.searchParams.get('search') ?? undefined,\n sort: url.searchParams.get('sort') ?? undefined,\n })\n\n const container = await createRequestContainer()\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request: req })\n const em = (container.resolve('em') as EntityManager).fork()\n const decryptionScope = {\n tenantId: auth.tenantId,\n organizationId: scope?.selectedId ?? auth.orgId ?? null,\n }\n\n const deal = await findOneWithDecryption(\n em,\n CustomerDeal,\n { id, tenantId: auth.tenantId, deletedAt: null },\n {},\n decryptionScope,\n )\n if (!deal) {\n throw new CrudHttpError(404, { error: translate('customers.errors.deal_not_found', 'Deal not found') })\n }\n\n
|
|
5
|
-
"mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,eAAe,uBAAuB;AAC/C,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,0CAA0C;AACnD,SAAS,2BAA2B;AAEpC,SAAS,uBAAuB,0BAA0B;AAC1D,SAAS,cAAc,8BAA8C;AAErE,MAAM,eAAe,EAAE,OAAO;AAAA,EAC5B,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,MAAM,cAAc,EAAE,OAAO;AAAA,EAC3B,MAAM,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,CAAC;AAAA,EACxC,UAAU,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,QAAQ,EAAE;AAAA,EACtD,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,MAAM,EAAE,KAAK,CAAC,aAAa,cAAc,YAAY,aAAa,QAAQ,CAAC,EAAE,QAAQ,WAAW;AAClG,CAAC;AAID,SAAS,cAAc,MAAiE;AACtF,MAAI,SAAS,WAAY,QAAO;AAChC,MAAI,SAAS,YAAa,QAAO;AACjC,SAAO;AACT;AAUA,SAAS,cAAc,MAAsB,OAAwB;AACnE,QAAM,aAAa,MAAM,KAAK,EAAE,YAAY;AAC5C,MAAI,CAAC,WAAW,OAAQ,QAAO;AAC/B,SAAO,CAAC,KAAK,OAAO,KAAK,QAAQ,EAC9B,OAAO,CAAC,UAA2B,OAAO,UAAU,YAAY,MAAM,SAAS,CAAC,EAChF,KAAK,CAAC,UAAU,MAAM,YAAY,EAAE,SAAS,UAAU,CAAC;AAC7D;AAEA,SAAS,UAAU,OAAyB,MAA+D;AACzG,MAAI,SAAS,UAAU;AACrB,WAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC,MAAM,UAAU;AACtC,YAAM,UAAU,IAAI,KAAK,MAAM,QAAQ,EAAE,QAAQ,IAAI,IAAI,KAAK,KAAK,QAAQ,EAAE,QAAQ;AACrF,UAAI,YAAY,EAAG,QAAO;AAC1B,aAAO,KAAK,MAAM,cAAc,MAAM,OAAO,QAAW,EAAE,aAAa,OAAO,CAAC;AAAA,IACjF,CAAC;AAAA,EACH;AACA,SAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC,MAAM,UAAU;AACtC,UAAM,UAAU,KAAK,MAAM,cAAc,MAAM,OAAO,QAAW,EAAE,aAAa,OAAO,CAAC;AACxF,WAAO,SAAS,cAAc,UAAU,CAAC;AAAA,EAC3C,CAAC;AACH;AAEO,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,sBAAsB,EAAE;AACtE;AAEA,eAAsB,IAAI,KAAc,KAAmC;AACzE,QAAM,EAAE,UAAU,IAAI,MAAM,oBAAoB;AAChD,MAAI;AACF,UAAM,EAAE,GAAG,IAAI,aAAa,MAAM,EAAE,IAAI,IAAI,QAAQ,GAAG,CAAC;AACxD,UAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,QAAI,CAAC,MAAM,SAAU,OAAM,IAAI,cAAc,KAAK,EAAE,OAAO,eAAe,CAAC;AAE3E,UAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,UAAM,QAAQ,YAAY,MAAM;AAAA,MAC9B,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,MACtC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,MAC9C,QAAQ,IAAI,aAAa,IAAI,QAAQ,KAAK;AAAA,MAC1C,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,IACxC,CAAC;AAED,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,SAAS,IAAI,CAAC;AACxF,UAAM,KAAM,UAAU,QAAQ,IAAI,EAAoB,KAAK;AAC3D,UAAM,kBAAkB;AAAA,MACtB,UAAU,KAAK;AAAA,MACf,gBAAgB,OAAO,cAAc,KAAK,SAAS;AAAA,IACrD;AAEA,UAAM,OAAO,MAAM;AAAA,MACjB;AAAA,MACA;AAAA,MACA,EAAE,IAAI,UAAU,KAAK,UAAU,WAAW,KAAK;AAAA,MAC/C,CAAC;AAAA,MACD;AAAA,IACF;AACA,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,KAAK,EAAE,OAAO,UAAU,mCAAmC,gBAAgB,EAAE,CAAC;AAAA,IACxG;AAEA,
|
|
4
|
+
"sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { CrudHttpError, isCrudHttpError } from '@open-mercato/shared/lib/crud/errors'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { resolveOrganizationScopeForRequest } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { findOneWithDecryption, findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\nimport { isOrganizationReadAccessAllowed } from '@open-mercato/core/modules/directory/utils/organizationScopeGuard'\nimport { CustomerDeal, CustomerDealPersonLink, CustomerEntity } from '../../../../data/entities'\n\nconst paramsSchema = z.object({\n id: z.string().uuid(),\n})\n\nconst querySchema = z.object({\n page: z.coerce.number().min(1).default(1),\n pageSize: z.coerce.number().min(1).max(100).default(20),\n search: z.string().optional(),\n sort: z.enum(['label-asc', 'label-desc', 'name-asc', 'name-desc', 'recent']).default('label-asc'),\n})\n\ntype DealLinkedEntitySort = 'label-asc' | 'label-desc' | 'recent'\n\nfunction normalizeSort(sort: z.infer<typeof querySchema>['sort']): DealLinkedEntitySort {\n if (sort === 'name-asc') return 'label-asc'\n if (sort === 'name-desc') return 'label-desc'\n return sort\n}\n\ntype DealPersonItem = {\n id: string\n label: string\n subtitle: string | null\n kind: 'person'\n linkedAt: string\n}\n\nfunction matchesSearch(item: DealPersonItem, query: string): boolean {\n const normalized = query.trim().toLowerCase()\n if (!normalized.length) return true\n return [item.label, item.subtitle]\n .filter((value): value is string => typeof value === 'string' && value.length > 0)\n .some((value) => value.toLowerCase().includes(normalized))\n}\n\nfunction sortItems(items: DealPersonItem[], sort: 'label-asc' | 'label-desc' | 'recent'): DealPersonItem[] {\n if (sort === 'recent') {\n return [...items].sort((left, right) => {\n const compare = new Date(right.linkedAt).getTime() - new Date(left.linkedAt).getTime()\n if (compare !== 0) return compare\n return left.label.localeCompare(right.label, undefined, { sensitivity: 'base' })\n })\n }\n return [...items].sort((left, right) => {\n const compare = left.label.localeCompare(right.label, undefined, { sensitivity: 'base' })\n return sort === 'label-asc' ? compare : -compare\n })\n}\n\nexport const metadata = {\n GET: { requireAuth: true, requireFeatures: ['customers.deals.view'] },\n}\n\nexport async function GET(req: Request, ctx: { params?: { id?: string } }) {\n const { translate } = await resolveTranslations()\n try {\n const { id } = paramsSchema.parse({ id: ctx.params?.id })\n const auth = await getAuthFromRequest(req)\n if (!auth?.tenantId) throw new CrudHttpError(401, { error: 'Unauthorized' })\n\n const url = new URL(req.url)\n const query = querySchema.parse({\n page: url.searchParams.get('page') ?? undefined,\n pageSize: url.searchParams.get('pageSize') ?? undefined,\n search: url.searchParams.get('search') ?? undefined,\n sort: url.searchParams.get('sort') ?? undefined,\n })\n\n const container = await createRequestContainer()\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request: req })\n const em = (container.resolve('em') as EntityManager).fork()\n const decryptionScope = {\n tenantId: auth.tenantId,\n organizationId: scope?.selectedId ?? auth.orgId ?? null,\n }\n\n const deal = await findOneWithDecryption(\n em,\n CustomerDeal,\n { id, tenantId: auth.tenantId, deletedAt: null },\n {},\n decryptionScope,\n )\n if (!deal) {\n throw new CrudHttpError(404, { error: translate('customers.errors.deal_not_found', 'Deal not found') })\n }\n\n if (!isOrganizationReadAccessAllowed({ scope, auth, organizationId: deal.organizationId })) {\n throw new CrudHttpError(403, { error: translate('customers.errors.access_denied', 'Access denied') })\n }\n\n const entityScope = { tenantId: deal.tenantId, organizationId: deal.organizationId }\n const links = await findWithDecryption(\n em,\n CustomerDealPersonLink,\n { deal: deal.id },\n { populate: ['person'] },\n entityScope,\n )\n\n const items = links\n .map((link) => {\n const person = link.person as CustomerEntity | null\n if (!person?.id) return null\n return {\n id: person.id,\n label: person.displayName ?? person.primaryEmail ?? person.id,\n subtitle: person.primaryEmail ?? person.primaryPhone ?? null,\n kind: 'person',\n linkedAt: link.createdAt.toISOString(),\n } satisfies DealPersonItem\n })\n .filter((item): item is DealPersonItem => item !== null)\n\n const filtered = query.search?.trim().length ? items.filter((item) => matchesSearch(item, query.search ?? '')) : items\n const sorted = sortItems(filtered, normalizeSort(query.sort))\n const total = sorted.length\n const totalPages = Math.max(1, Math.ceil(total / query.pageSize))\n const page = Math.min(query.page, totalPages)\n const start = (page - 1) * query.pageSize\n\n return NextResponse.json({\n items: sorted.slice(start, start + query.pageSize),\n total,\n page,\n pageSize: query.pageSize,\n totalPages,\n })\n } catch (error) {\n if (isCrudHttpError(error)) {\n return NextResponse.json(error.body, { status: error.status })\n }\n console.error('[customers.deals.people.GET]', error)\n return NextResponse.json({ error: translate('customers.errors.deal_people_load_failed', 'Failed to load linked people') }, { status: 500 })\n }\n}\n\nexport const openApi: OpenApiRouteDoc = {\n tag: 'Customers',\n methods: {\n GET: {\n summary: 'List linked people for a deal',\n query: querySchema,\n responses: [\n {\n status: 200,\n description: 'Paginated linked people',\n schema: z.object({\n items: z.array(\n z.object({\n id: z.string().uuid(),\n label: z.string(),\n subtitle: z.string().nullable(),\n kind: z.literal('person'),\n linkedAt: z.string(),\n }),\n ),\n total: z.number().int().nonnegative(),\n page: z.number().int().min(1),\n pageSize: z.number().int().min(1),\n totalPages: z.number().int().min(1),\n }),\n },\n ],\n },\n },\n}\n"],
|
|
5
|
+
"mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,eAAe,uBAAuB;AAC/C,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,0CAA0C;AACnD,SAAS,2BAA2B;AAEpC,SAAS,uBAAuB,0BAA0B;AAC1D,SAAS,uCAAuC;AAChD,SAAS,cAAc,8BAA8C;AAErE,MAAM,eAAe,EAAE,OAAO;AAAA,EAC5B,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,MAAM,cAAc,EAAE,OAAO;AAAA,EAC3B,MAAM,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,CAAC;AAAA,EACxC,UAAU,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,QAAQ,EAAE;AAAA,EACtD,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,MAAM,EAAE,KAAK,CAAC,aAAa,cAAc,YAAY,aAAa,QAAQ,CAAC,EAAE,QAAQ,WAAW;AAClG,CAAC;AAID,SAAS,cAAc,MAAiE;AACtF,MAAI,SAAS,WAAY,QAAO;AAChC,MAAI,SAAS,YAAa,QAAO;AACjC,SAAO;AACT;AAUA,SAAS,cAAc,MAAsB,OAAwB;AACnE,QAAM,aAAa,MAAM,KAAK,EAAE,YAAY;AAC5C,MAAI,CAAC,WAAW,OAAQ,QAAO;AAC/B,SAAO,CAAC,KAAK,OAAO,KAAK,QAAQ,EAC9B,OAAO,CAAC,UAA2B,OAAO,UAAU,YAAY,MAAM,SAAS,CAAC,EAChF,KAAK,CAAC,UAAU,MAAM,YAAY,EAAE,SAAS,UAAU,CAAC;AAC7D;AAEA,SAAS,UAAU,OAAyB,MAA+D;AACzG,MAAI,SAAS,UAAU;AACrB,WAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC,MAAM,UAAU;AACtC,YAAM,UAAU,IAAI,KAAK,MAAM,QAAQ,EAAE,QAAQ,IAAI,IAAI,KAAK,KAAK,QAAQ,EAAE,QAAQ;AACrF,UAAI,YAAY,EAAG,QAAO;AAC1B,aAAO,KAAK,MAAM,cAAc,MAAM,OAAO,QAAW,EAAE,aAAa,OAAO,CAAC;AAAA,IACjF,CAAC;AAAA,EACH;AACA,SAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC,MAAM,UAAU;AACtC,UAAM,UAAU,KAAK,MAAM,cAAc,MAAM,OAAO,QAAW,EAAE,aAAa,OAAO,CAAC;AACxF,WAAO,SAAS,cAAc,UAAU,CAAC;AAAA,EAC3C,CAAC;AACH;AAEO,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,sBAAsB,EAAE;AACtE;AAEA,eAAsB,IAAI,KAAc,KAAmC;AACzE,QAAM,EAAE,UAAU,IAAI,MAAM,oBAAoB;AAChD,MAAI;AACF,UAAM,EAAE,GAAG,IAAI,aAAa,MAAM,EAAE,IAAI,IAAI,QAAQ,GAAG,CAAC;AACxD,UAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,QAAI,CAAC,MAAM,SAAU,OAAM,IAAI,cAAc,KAAK,EAAE,OAAO,eAAe,CAAC;AAE3E,UAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,UAAM,QAAQ,YAAY,MAAM;AAAA,MAC9B,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,MACtC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,MAC9C,QAAQ,IAAI,aAAa,IAAI,QAAQ,KAAK;AAAA,MAC1C,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,IACxC,CAAC;AAED,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,SAAS,IAAI,CAAC;AACxF,UAAM,KAAM,UAAU,QAAQ,IAAI,EAAoB,KAAK;AAC3D,UAAM,kBAAkB;AAAA,MACtB,UAAU,KAAK;AAAA,MACf,gBAAgB,OAAO,cAAc,KAAK,SAAS;AAAA,IACrD;AAEA,UAAM,OAAO,MAAM;AAAA,MACjB;AAAA,MACA;AAAA,MACA,EAAE,IAAI,UAAU,KAAK,UAAU,WAAW,KAAK;AAAA,MAC/C,CAAC;AAAA,MACD;AAAA,IACF;AACA,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,KAAK,EAAE,OAAO,UAAU,mCAAmC,gBAAgB,EAAE,CAAC;AAAA,IACxG;AAEA,QAAI,CAAC,gCAAgC,EAAE,OAAO,MAAM,gBAAgB,KAAK,eAAe,CAAC,GAAG;AAC1F,YAAM,IAAI,cAAc,KAAK,EAAE,OAAO,UAAU,kCAAkC,eAAe,EAAE,CAAC;AAAA,IACtG;AAEA,UAAM,cAAc,EAAE,UAAU,KAAK,UAAU,gBAAgB,KAAK,eAAe;AACnF,UAAM,QAAQ,MAAM;AAAA,MAClB;AAAA,MACA;AAAA,MACA,EAAE,MAAM,KAAK,GAAG;AAAA,MAChB,EAAE,UAAU,CAAC,QAAQ,EAAE;AAAA,MACvB;AAAA,IACF;AAEA,UAAM,QAAQ,MACX,IAAI,CAAC,SAAS;AACb,YAAM,SAAS,KAAK;AACpB,UAAI,CAAC,QAAQ,GAAI,QAAO;AACxB,aAAO;AAAA,QACL,IAAI,OAAO;AAAA,QACX,OAAO,OAAO,eAAe,OAAO,gBAAgB,OAAO;AAAA,QAC3D,UAAU,OAAO,gBAAgB,OAAO,gBAAgB;AAAA,QACxD,MAAM;AAAA,QACN,UAAU,KAAK,UAAU,YAAY;AAAA,MACvC;AAAA,IACF,CAAC,EACA,OAAO,CAAC,SAAiC,SAAS,IAAI;AAEzD,UAAM,WAAW,MAAM,QAAQ,KAAK,EAAE,SAAS,MAAM,OAAO,CAAC,SAAS,cAAc,MAAM,MAAM,UAAU,EAAE,CAAC,IAAI;AACjH,UAAM,SAAS,UAAU,UAAU,cAAc,MAAM,IAAI,CAAC;AAC5D,UAAM,QAAQ,OAAO;AACrB,UAAM,aAAa,KAAK,IAAI,GAAG,KAAK,KAAK,QAAQ,MAAM,QAAQ,CAAC;AAChE,UAAM,OAAO,KAAK,IAAI,MAAM,MAAM,UAAU;AAC5C,UAAM,SAAS,OAAO,KAAK,MAAM;AAEjC,WAAO,aAAa,KAAK;AAAA,MACvB,OAAO,OAAO,MAAM,OAAO,QAAQ,MAAM,QAAQ;AAAA,MACjD;AAAA,MACA;AAAA,MACA,UAAU,MAAM;AAAA,MAChB;AAAA,IACF,CAAC;AAAA,EACH,SAAS,OAAO;AACd,QAAI,gBAAgB,KAAK,GAAG;AAC1B,aAAO,aAAa,KAAK,MAAM,MAAM,EAAE,QAAQ,MAAM,OAAO,CAAC;AAAA,IAC/D;AACA,YAAQ,MAAM,gCAAgC,KAAK;AACnD,WAAO,aAAa,KAAK,EAAE,OAAO,UAAU,4CAA4C,8BAA8B,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC5I;AACF;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,OAAO;AAAA,MACP,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,QAAQ,EAAE,OAAO;AAAA,YACf,OAAO,EAAE;AAAA,cACP,EAAE,OAAO;AAAA,gBACP,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,gBACpB,OAAO,EAAE,OAAO;AAAA,gBAChB,UAAU,EAAE,OAAO,EAAE,SAAS;AAAA,gBAC9B,MAAM,EAAE,QAAQ,QAAQ;AAAA,gBACxB,UAAU,EAAE,OAAO;AAAA,cACrB,CAAC;AAAA,YACH;AAAA,YACA,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY;AAAA,YACpC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC;AAAA,YAC5B,UAAU,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC;AAAA,YAChC,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC;AAAA,UACpC,CAAC;AAAA,QACH;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;",
|
|
6
6
|
"names": []
|
|
7
7
|
}
|
|
@@ -18,6 +18,7 @@ import { loadCustomFieldValues } from "@open-mercato/shared/lib/crud/custom-fiel
|
|
|
18
18
|
import { normalizeCustomFieldResponse } from "@open-mercato/shared/lib/custom-fields/normalize";
|
|
19
19
|
import { E } from "../../../../../generated/entities.ids.generated.js";
|
|
20
20
|
import { findWithDecryption, findOneWithDecryption } from "@open-mercato/shared/lib/encryption/find";
|
|
21
|
+
import { isOrganizationReadAccessAllowed } from "@open-mercato/core/modules/directory/utils/organizationScopeGuard";
|
|
21
22
|
import { decryptEntitiesWithFallbackScope } from "@open-mercato/shared/lib/encryption/subscriber";
|
|
22
23
|
import { isMissingDealStageTransitionTable, warnMissingDealStageTransitionTable } from "../../../lib/dealStageTransitionTable.js";
|
|
23
24
|
const metadata = {
|
|
@@ -271,15 +272,7 @@ async function GET(request, context) {
|
|
|
271
272
|
if (auth.tenantId && deal.tenantId && auth.tenantId !== deal.tenantId) {
|
|
272
273
|
return notFound("Deal not found");
|
|
273
274
|
}
|
|
274
|
-
|
|
275
|
-
if (Array.isArray(scope?.filterIds)) {
|
|
276
|
-
scope.filterIds.forEach((id) => {
|
|
277
|
-
if (typeof id === "string" && id.trim().length) allowedOrgIds.add(id);
|
|
278
|
-
});
|
|
279
|
-
} else if (auth.orgId) {
|
|
280
|
-
allowedOrgIds.add(auth.orgId);
|
|
281
|
-
}
|
|
282
|
-
if (allowedOrgIds.size && deal.organizationId && !allowedOrgIds.has(deal.organizationId)) {
|
|
275
|
+
if (!isOrganizationReadAccessAllowed({ scope, auth, organizationId: deal.organizationId })) {
|
|
283
276
|
return forbidden("Access denied");
|
|
284
277
|
}
|
|
285
278
|
const decryptionScope = {
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../../../src/modules/customers/api/deals/%5Bid%5D/route.ts"],
|
|
4
|
-
"sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { resolveOrganizationScopeForRequest } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport {\n CustomerDeal,\n CustomerDealPersonLink,\n CustomerDealCompanyLink,\n CustomerDealStageTransition,\n CustomerDictionaryEntry,\n CustomerEntity,\n CustomerPipeline,\n CustomerPipelineStage,\n} from '../../../data/entities'\nimport { User } from '@open-mercato/core/modules/auth/data/entities'\nimport type { ActionLogService } from '@open-mercato/core/modules/audit_logs/services/actionLogService'\nimport { loadCustomFieldValues } from '@open-mercato/shared/lib/crud/custom-fields'\nimport { normalizeCustomFieldResponse } from '@open-mercato/shared/lib/custom-fields/normalize'\nimport { E } from '#generated/entities.ids.generated'\nimport type { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { findWithDecryption, findOneWithDecryption } from '@open-mercato/shared/lib/encryption/find'\nimport { decryptEntitiesWithFallbackScope } from '@open-mercato/shared/lib/encryption/subscriber'\nimport { isMissingDealStageTransitionTable, warnMissingDealStageTransitionTable } from '../../../lib/dealStageTransitionTable'\n\nexport const metadata = {\n GET: { requireAuth: true, requireFeatures: ['customers.deals.view'] },\n}\n\nconst paramsSchema = z.object({\n id: z.string().uuid(),\n})\n\nfunction notFound(message: string) {\n return NextResponse.json({ error: message }, { status: 404 })\n}\n\nfunction forbidden(message: string) {\n return NextResponse.json({ error: message }, { status: 403 })\n}\n\ntype DealAssociation = {\n id: string\n label: string\n subtitle: string | null\n kind: 'person' | 'company'\n}\n\nfunction normalizePersonAssociation(entity: CustomerEntity): { label: string; subtitle: string | null } {\n const displayName = typeof entity.displayName === 'string' ? entity.displayName.trim() : ''\n const email =\n typeof entity.primaryEmail === 'string' && entity.primaryEmail.trim().length\n ? entity.primaryEmail.trim()\n : null\n const phone =\n typeof entity.primaryPhone === 'string' && entity.primaryPhone.trim().length\n ? entity.primaryPhone.trim()\n : null\n const jobTitle =\n entity.personProfile &&\n typeof (entity.personProfile as { jobTitle?: string | null })?.jobTitle === 'string' &&\n (entity.personProfile as { jobTitle?: string | null }).jobTitle?.trim().length\n ? ((entity.personProfile as { jobTitle?: string | null }).jobTitle as string).trim()\n : null\n const subtitle = jobTitle ?? email ?? phone ?? null\n const label = displayName.length ? displayName : email ?? phone ?? entity.id\n return { label, subtitle }\n}\n\nfunction normalizeCompanyAssociation(entity: CustomerEntity): { label: string; subtitle: string | null } {\n const displayName = typeof entity.displayName === 'string' ? entity.displayName.trim() : ''\n const domain =\n entity.companyProfile &&\n typeof (entity.companyProfile as { domain?: string | null })?.domain === 'string' &&\n (entity.companyProfile as { domain?: string | null }).domain?.trim().length\n ? ((entity.companyProfile as { domain?: string | null }).domain as string).trim()\n : null\n const website =\n entity.companyProfile &&\n typeof (entity.companyProfile as { websiteUrl?: string | null })?.websiteUrl === 'string' &&\n (entity.companyProfile as { websiteUrl?: string | null }).websiteUrl?.trim().length\n ? ((entity.companyProfile as { websiteUrl?: string | null }).websiteUrl as string).trim()\n : null\n const subtitle = domain ?? website ?? null\n const label = displayName.length ? displayName : domain ?? website ?? entity.id\n return { label, subtitle }\n}\n\nfunction readIncludeFlags(request: Request): Set<string> {\n const flags = new Set<string>()\n const url = new URL(request.url)\n for (const rawValue of url.searchParams.getAll('include')) {\n rawValue\n .split(',')\n .map((value) => value.trim().toLowerCase())\n .filter(Boolean)\n .forEach((value) => flags.add(value))\n }\n return flags\n}\n\nfunction readViewMode(request: Request): 'full' | 'lite' {\n const raw = new URL(request.url).searchParams.get('view')\n return raw === 'lite' || raw === 'detail-lite' ? 'lite' : 'full'\n}\n\nfunction normalizeStageLabel(value: string | null | undefined): string {\n return typeof value === 'string' ? value.trim().toLowerCase() : ''\n}\n\ntype StageTransitionPayload = {\n stageId: string\n stageLabel: string\n stageOrder: number\n transitionedAt: string\n}\n\ntype DealSnapshotStageInfo = {\n pipelineId: string | null\n stageId: string | null\n stageLabel: string | null\n}\n\nfunction asObject(value: unknown): Record<string, unknown> | null {\n return typeof value === 'object' && value !== null && !Array.isArray(value)\n ? value as Record<string, unknown>\n : null\n}\n\nfunction readRecordString(record: Record<string, unknown> | null, ...keys: string[]): string | null {\n if (!record) return null\n for (const key of keys) {\n const value = record[key]\n if (typeof value === 'string' && value.trim().length > 0) {\n return value.trim()\n }\n }\n return null\n}\n\nfunction readSnapshotDealRecord(snapshot: unknown): Record<string, unknown> | null {\n const root = asObject(snapshot)\n if (!root) return null\n return asObject(root.deal) ?? root\n}\n\nfunction readSnapshotStageInfo(snapshot: unknown): DealSnapshotStageInfo {\n const dealRecord = readSnapshotDealRecord(snapshot)\n return {\n pipelineId: readRecordString(dealRecord, 'pipelineId', 'pipeline_id'),\n stageId: readRecordString(dealRecord, 'pipelineStageId', 'pipeline_stage_id'),\n stageLabel: readRecordString(dealRecord, 'pipelineStage', 'pipeline_stage'),\n }\n}\n\nasync function loadAuditStageTransitionsFallback({\n container,\n deal,\n pipelineStages,\n}: {\n container: Awaited<ReturnType<typeof createRequestContainer>>\n deal: CustomerDeal\n pipelineStages: CustomerPipelineStage[]\n}): Promise<StageTransitionPayload[]> {\n if (!deal.tenantId || !deal.organizationId || !pipelineStages.length) return []\n\n let actionLogs: ActionLogService | null = null\n try {\n actionLogs = container.resolve('actionLogService') as ActionLogService\n } catch {\n return []\n }\n if (!actionLogs || typeof actionLogs.list !== 'function') return []\n const stageOrderById = new Map(pipelineStages.map((stage) => [stage.id, stage.order]))\n const stageLabelById = new Map(pipelineStages.map((stage) => [stage.id, stage.label]))\n const transitionsByStageId = new Map<string, StageTransitionPayload>()\n const logsResult = await actionLogs.list({\n tenantId: deal.tenantId,\n organizationId: deal.organizationId,\n resourceKind: 'customers.deal',\n resourceId: deal.id,\n limit: 200,\n offset: 0,\n sortField: 'createdAt',\n sortDir: 'asc',\n }).catch(() => null)\n const logs = logsResult?.items ?? []\n\n let previousStageId: string | null = null\n for (const log of logs) {\n if (log.executionState === 'failed' || log.executionState === 'undone') continue\n\n const before = readSnapshotStageInfo(log.snapshotBefore)\n const after = readSnapshotStageInfo(log.snapshotAfter)\n const nextStageId = after.stageId\n if (!nextStageId) continue\n\n const stageOrder = stageOrderById.get(nextStageId)\n if (typeof stageOrder !== 'number') {\n previousStageId = nextStageId\n continue\n }\n\n const effectivePreviousStageId: string | null = before.stageId ?? previousStageId\n if (effectivePreviousStageId === nextStageId && transitionsByStageId.has(nextStageId)) {\n previousStageId = nextStageId\n continue\n }\n\n transitionsByStageId.set(nextStageId, {\n stageId: nextStageId,\n stageLabel: after.stageLabel ?? stageLabelById.get(nextStageId) ?? nextStageId,\n stageOrder,\n transitionedAt: log.createdAt.toISOString(),\n })\n previousStageId = nextStageId\n }\n\n return Array.from(transitionsByStageId.values()).sort((left, right) => left.stageOrder - right.stageOrder)\n}\n\nfunction mergeStageTransitions({\n persisted,\n recovered,\n currentStage,\n fallbackTimestamp,\n}: {\n persisted: StageTransitionPayload[]\n recovered: StageTransitionPayload[]\n currentStage: { id: string; label: string; order: number } | null\n fallbackTimestamp: string\n}): StageTransitionPayload[] {\n const merged = new Map<string, StageTransitionPayload>()\n for (const transition of persisted) {\n merged.set(transition.stageId, transition)\n }\n for (const transition of recovered) {\n if (!merged.has(transition.stageId)) {\n merged.set(transition.stageId, transition)\n }\n }\n if (currentStage && !merged.has(currentStage.id)) {\n merged.set(currentStage.id, {\n stageId: currentStage.id,\n stageLabel: currentStage.label,\n stageOrder: currentStage.order,\n transitionedAt: fallbackTimestamp,\n })\n }\n return Array.from(merged.values()).sort((left, right) => left.stageOrder - right.stageOrder)\n}\n\nasync function loadPipelineStageAppearanceMap(\n em: EntityManager,\n stages: CustomerPipelineStage[],\n organizationId: string,\n tenantId: string,\n): Promise<Map<string, CustomerDictionaryEntry>> {\n const normalizedValues = stages\n .map((stage) => stage.label.trim().toLowerCase())\n .filter((value) => value.length > 0)\n if (!normalizedValues.length) return new Map<string, CustomerDictionaryEntry>()\n const entries = await findWithDecryption(\n em,\n CustomerDictionaryEntry,\n {\n organizationId,\n tenantId,\n kind: 'pipeline_stage',\n normalizedValue: { $in: normalizedValues },\n },\n undefined,\n { tenantId, organizationId },\n )\n const map = new Map<string, CustomerDictionaryEntry>()\n entries.forEach((entry) => map.set(entry.normalizedValue, entry))\n return map\n}\n\nasync function resolveEffectivePipelineStage(\n em: EntityManager,\n deal: CustomerDeal,\n decryptionScope: { tenantId: string | null; organizationId: string | null },\n): Promise<CustomerPipelineStage | null> {\n if (deal.pipelineStageId) {\n const exactStage = await findOneWithDecryption(\n em,\n CustomerPipelineStage,\n {\n id: deal.pipelineStageId,\n organizationId: deal.organizationId,\n tenantId: deal.tenantId,\n },\n {},\n decryptionScope,\n )\n if (exactStage) return exactStage\n }\n\n const normalizedStageLabel = normalizeStageLabel(deal.pipelineStage)\n if (!normalizedStageLabel) return null\n\n const scopedStages = await findWithDecryption(\n em,\n CustomerPipelineStage,\n {\n organizationId: deal.organizationId,\n tenantId: deal.tenantId,\n ...(deal.pipelineId ? { pipelineId: deal.pipelineId } : {}),\n },\n { orderBy: { order: 'ASC' } },\n decryptionScope,\n )\n\n const matchingStages = scopedStages.filter((stage) => normalizeStageLabel(stage.label) === normalizedStageLabel)\n if (matchingStages.length === 1) return matchingStages[0] ?? null\n if (matchingStages.length > 1) {\n const distinctPipelineIds = new Set(matchingStages.map((stage) => stage.pipelineId))\n if (distinctPipelineIds.size === 1) return matchingStages[0] ?? null\n }\n return null\n}\n\nexport async function GET(request: Request, context: { params?: Record<string, unknown> }) {\n const parsedParams = paramsSchema.safeParse(context.params)\n if (!parsedParams.success) {\n return notFound('Deal not found')\n }\n\n const includeFlags = readIncludeFlags(request)\n const viewMode = readViewMode(request)\n const liteView = viewMode === 'lite'\n const includeStages = includeFlags.has('stages')\n const container = await createRequestContainer()\n const auth = await getAuthFromRequest(request)\n if (!auth?.sub && !auth?.isApiKey) {\n return NextResponse.json({ error: 'Authentication required' }, { status: 401 })\n }\n\n let rbac: RbacService | null = null\n try {\n rbac = (container.resolve('rbacService') as RbacService)\n } catch {\n rbac = null\n }\n\n if (!rbac || !auth?.sub) {\n return forbidden('Access denied')\n }\n const hasFeature = await rbac.userHasAllFeatures(auth.sub, ['customers.deals.view'], {\n tenantId: auth.tenantId ?? null,\n organizationId: auth.orgId ?? null,\n })\n if (!hasFeature) {\n return forbidden('Access denied')\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const em = (container.resolve('em') as EntityManager)\n\n const deal = await findOneWithDecryption(\n em,\n CustomerDeal,\n { id: parsedParams.data.id, deletedAt: null },\n {\n populate: ['people.person', 'people.person.personProfile', 'companies.company', 'companies.company.companyProfile'],\n },\n { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null },\n )\n if (!deal) {\n return notFound('Deal not found')\n }\n\n if (auth.tenantId && deal.tenantId && auth.tenantId !== deal.tenantId) {\n return notFound('Deal not found')\n }\n\n const allowedOrgIds = new Set<string>()\n if (Array.isArray(scope?.filterIds)) {\n scope.filterIds.forEach((id) => {\n if (typeof id === 'string' && id.trim().length) allowedOrgIds.add(id)\n })\n } else if (auth.orgId) {\n allowedOrgIds.add(auth.orgId)\n }\n if (allowedOrgIds.size && deal.organizationId && !allowedOrgIds.has(deal.organizationId)) {\n return forbidden('Access denied')\n }\n\n const decryptionScope = {\n tenantId: deal.tenantId ?? auth.tenantId ?? null,\n organizationId: deal.organizationId ?? auth.orgId ?? null,\n }\n let linkedPersonIds: string[] = []\n let linkedCompanyIds: string[] = []\n let people: DealAssociation[] = []\n let companies: DealAssociation[] = []\n\n if (liteView) {\n const personLinkRows = await findWithDecryption(\n em,\n CustomerDealPersonLink,\n { deal: deal.id },\n { orderBy: { createdAt: 'ASC' } },\n decryptionScope,\n )\n const companyLinkRows = await findWithDecryption(\n em,\n CustomerDealCompanyLink,\n { deal: deal.id },\n { orderBy: { createdAt: 'ASC' } },\n decryptionScope,\n )\n\n linkedPersonIds = Array.from(\n new Set(\n personLinkRows\n .map((link) => {\n const personRef = link.person\n if (!personRef) return null\n if (typeof personRef === 'string') return personRef\n const personIdValue = personRef.id\n return typeof personIdValue === 'string' ? personIdValue : null\n })\n .filter((value): value is string => typeof value === 'string' && value.trim().length > 0),\n ),\n )\n linkedCompanyIds = Array.from(\n new Set(\n companyLinkRows\n .map((link) => {\n const companyRef = link.company\n if (!companyRef) return null\n if (typeof companyRef === 'string') return companyRef\n const companyIdValue = companyRef.id\n return typeof companyIdValue === 'string' ? companyIdValue : null\n })\n .filter((value): value is string => typeof value === 'string' && value.trim().length > 0),\n ),\n )\n\n const previewPeople = linkedPersonIds.length\n ? await findWithDecryption(\n em,\n CustomerEntity,\n { id: { $in: linkedPersonIds.slice(0, 3) } },\n { populate: ['personProfile'] },\n decryptionScope,\n )\n : []\n const previewCompanies = linkedCompanyIds.length\n ? await findWithDecryption(\n em,\n CustomerEntity,\n { id: { $in: linkedCompanyIds.slice(0, 3) } },\n { populate: ['companyProfile'] },\n decryptionScope,\n )\n : []\n const previewPeopleMap = new Map(previewPeople.map((entity) => [entity.id, entity]))\n const previewCompaniesMap = new Map(previewCompanies.map((entity) => [entity.id, entity]))\n people = linkedPersonIds.slice(0, 3).reduce<DealAssociation[]>((acc, personId) => {\n const entity = previewPeopleMap.get(personId) ?? null\n if (!entity || entity.deletedAt) return acc\n const { label, subtitle } = normalizePersonAssociation(entity)\n acc.push({ id: entity.id, label, subtitle, kind: 'person' })\n return acc\n }, [])\n companies = linkedCompanyIds.slice(0, 3).reduce<DealAssociation[]>((acc, companyId) => {\n const entity = previewCompaniesMap.get(companyId) ?? null\n if (!entity || entity.deletedAt) return acc\n const { label, subtitle } = normalizeCompanyAssociation(entity)\n acc.push({ id: entity.id, label, subtitle, kind: 'company' })\n return acc\n }, [])\n } else {\n const personLinks = await findWithDecryption(\n em,\n CustomerDealPersonLink,\n { deal: deal.id },\n { populate: ['person', 'person.personProfile'] },\n decryptionScope,\n )\n const companyLinks = await findWithDecryption(\n em,\n CustomerDealCompanyLink,\n { deal: deal.id },\n { populate: ['company', 'company.companyProfile'] },\n decryptionScope,\n )\n const fallbackTenantId = deal.tenantId ?? auth.tenantId ?? null\n const fallbackOrgId = deal.organizationId ?? auth.orgId ?? null\n await decryptEntitiesWithFallbackScope(personLinks, {\n em,\n tenantId: fallbackTenantId,\n organizationId: fallbackOrgId,\n })\n await decryptEntitiesWithFallbackScope(companyLinks, {\n em,\n tenantId: fallbackTenantId,\n organizationId: fallbackOrgId,\n })\n\n people = personLinks.reduce<DealAssociation[]>((acc, link) => {\n const entity = link.person as CustomerEntity | null\n if (!entity || entity.deletedAt) return acc\n const { label, subtitle } = normalizePersonAssociation(entity)\n acc.push({ id: entity.id, label, subtitle, kind: 'person' })\n return acc\n }, [])\n\n companies = companyLinks.reduce<DealAssociation[]>((acc, link) => {\n const entity = link.company as CustomerEntity | null\n if (!entity || entity.deletedAt) return acc\n const { label, subtitle } = normalizeCompanyAssociation(entity)\n acc.push({ id: entity.id, label, subtitle, kind: 'company' })\n return acc\n }, [])\n linkedPersonIds = people.map((entry) => entry.id)\n linkedCompanyIds = companies.map((entry) => entry.id)\n }\n\n const customFieldValues = await loadCustomFieldValues({\n em,\n entityId: E.customers.customer_deal,\n recordIds: [deal.id],\n tenantIdByRecord: { [deal.id]: deal.tenantId ?? null },\n organizationIdByRecord: { [deal.id]: deal.organizationId ?? null },\n tenantFallbacks: [deal.tenantId ?? auth.tenantId ?? null].filter((value): value is string => !!value),\n })\n const customFields = normalizeCustomFieldResponse(customFieldValues[deal.id]) ?? {}\n\n const viewerUserId = auth.isApiKey ? null : auth.sub ?? null\n let viewerName: string | null = null\n let viewerEmail: string | null = auth.email ?? null\n if (viewerUserId) {\n const viewerScope = {\n tenantId: auth.tenantId ?? null,\n organizationId: auth.orgId ?? null,\n }\n const viewer = await findOneWithDecryption(\n em,\n User,\n { id: viewerUserId, tenantId: auth.tenantId ?? null },\n {},\n viewerScope,\n )\n viewerName = viewer?.name ?? null\n viewerEmail = viewer?.email ?? viewerEmail ?? null\n }\n\n const owner = deal.ownerUserId\n ? await findOneWithDecryption(\n em,\n User,\n { id: deal.ownerUserId, tenantId: deal.tenantId ?? auth.tenantId ?? null },\n {},\n decryptionScope,\n )\n : null\n const ownerPayload = owner\n ? {\n id: owner.id,\n name: owner.name ?? owner.email ?? owner.id,\n email: owner.email ?? '',\n }\n : null\n\n const effectiveStage = includeStages\n ? await resolveEffectivePipelineStage(em, deal, decryptionScope)\n : null\n const effectivePipelineId = deal.pipelineId ?? effectiveStage?.pipelineId ?? null\n const effectivePipelineStageId = deal.pipelineStageId ?? effectiveStage?.id ?? null\n const effectivePipelineStageLabel = deal.pipelineStage ?? effectiveStage?.label ?? null\n\n const pipelineStages = includeStages && effectivePipelineId\n ? await findWithDecryption(\n em,\n CustomerPipelineStage,\n {\n pipelineId: effectivePipelineId,\n organizationId: deal.organizationId,\n tenantId: deal.tenantId,\n },\n { orderBy: { order: 'ASC' } },\n decryptionScope,\n )\n : []\n const pipeline = effectivePipelineId\n ? await findOneWithDecryption(\n em,\n CustomerPipeline,\n {\n id: effectivePipelineId,\n organizationId: deal.organizationId,\n tenantId: deal.tenantId,\n },\n {},\n decryptionScope,\n )\n : null\n const pipelineStageAppearanceMap = pipelineStages.length\n ? await loadPipelineStageAppearanceMap(em, pipelineStages, deal.organizationId, deal.tenantId)\n : new Map<string, CustomerDictionaryEntry>()\n let stageTransitions: CustomerDealStageTransition[] = []\n if (includeStages) {\n try {\n stageTransitions = await findWithDecryption(\n em,\n CustomerDealStageTransition,\n { deal: deal.id, deletedAt: null },\n { orderBy: { stageOrder: 'ASC', transitionedAt: 'ASC' } },\n decryptionScope,\n )\n } catch (error) {\n if (!isMissingDealStageTransitionTable(error)) {\n throw error\n }\n warnMissingDealStageTransitionTable('customers.api.deals.detail.GET')\n stageTransitions = []\n }\n }\n const persistedStageTransitions = stageTransitions.map((transition) => ({\n stageId: transition.stageId,\n stageLabel: transition.stageLabel,\n stageOrder: transition.stageOrder,\n transitionedAt: transition.transitionedAt.toISOString(),\n }))\n const recoveredStageTransitions = includeStages && persistedStageTransitions.length === 0\n ? await loadAuditStageTransitionsFallback({ container, deal, pipelineStages })\n : []\n const effectiveCurrentStage = (() => {\n if (!effectivePipelineStageId) return null\n const matchingStage = pipelineStages.find((stage) => stage.id === effectivePipelineStageId)\n if (matchingStage) {\n return {\n id: matchingStage.id,\n label: matchingStage.label,\n order: matchingStage.order,\n }\n }\n if (!effectivePipelineStageLabel) return null\n return {\n id: effectivePipelineStageId,\n label: effectivePipelineStageLabel,\n order: 0,\n }\n })()\n const stageTransitionPayload = mergeStageTransitions({\n persisted: persistedStageTransitions,\n recovered: recoveredStageTransitions,\n currentStage: effectiveCurrentStage,\n fallbackTimestamp: deal.createdAt.toISOString(),\n })\n\n return NextResponse.json({\n deal: {\n id: deal.id,\n title: deal.title,\n description: deal.description ?? null,\n status: deal.status ?? null,\n pipelineStage: effectivePipelineStageLabel,\n pipelineId: effectivePipelineId,\n pipelineStageId: effectivePipelineStageId,\n valueAmount: deal.valueAmount ?? null,\n valueCurrency: deal.valueCurrency ?? null,\n probability: deal.probability ?? null,\n expectedCloseAt: deal.expectedCloseAt ? deal.expectedCloseAt.toISOString() : null,\n ownerUserId: deal.ownerUserId ?? null,\n source: deal.source ?? null,\n closureOutcome: deal.closureOutcome ?? null,\n lossReasonId: deal.lossReasonId ?? null,\n lossNotes: deal.lossNotes ?? null,\n organizationId: deal.organizationId ?? null,\n tenantId: deal.tenantId ?? null,\n createdAt: deal.createdAt.toISOString(),\n updatedAt: deal.updatedAt.toISOString(),\n },\n people,\n companies,\n linkedPersonIds,\n linkedCompanyIds,\n counts: {\n people: linkedPersonIds.length,\n companies: linkedCompanyIds.length,\n },\n customFields,\n viewer: {\n userId: viewerUserId,\n name: viewerName,\n email: viewerEmail,\n },\n pipelineStages: pipelineStages.map((stage) => {\n const appearance = pipelineStageAppearanceMap.get(stage.label.trim().toLowerCase())\n return {\n id: stage.id,\n label: stage.label,\n order: stage.order,\n color: appearance?.color ?? null,\n icon: appearance?.icon ?? null,\n }\n }),\n pipelineName: pipeline?.name ?? null,\n stageTransitions: stageTransitionPayload,\n owner: ownerPayload,\n })\n}\n\nconst dealDetailQuerySchema = z.object({\n include: z.string().optional(),\n})\n\nconst pipelineStageInfoSchema = z.object({\n id: z.string().uuid(),\n label: z.string(),\n order: z.number().int(),\n color: z.string().nullable(),\n icon: z.string().nullable(),\n})\n\nconst stageTransitionInfoSchema = z.object({\n stageId: z.string().uuid(),\n stageLabel: z.string(),\n stageOrder: z.number().int(),\n transitionedAt: z.string(),\n})\n\nconst dealDetailResponseSchema = z.object({\n deal: z.object({\n id: z.string().uuid(),\n title: z.string().nullable().optional(),\n description: z.string().nullable().optional(),\n status: z.string().nullable().optional(),\n pipelineStage: z.string().nullable().optional(),\n pipelineId: z.string().uuid().nullable().optional(),\n pipelineStageId: z.string().uuid().nullable().optional(),\n valueAmount: z.string().nullable().optional(),\n valueCurrency: z.string().nullable().optional(),\n probability: z.number().nullable().optional(),\n expectedCloseAt: z.string().nullable().optional(),\n ownerUserId: z.string().uuid().nullable().optional(),\n source: z.string().nullable().optional(),\n closureOutcome: z.enum(['won', 'lost']).nullable().optional(),\n lossReasonId: z.string().uuid().nullable().optional(),\n lossNotes: z.string().nullable().optional(),\n organizationId: z.string().uuid().nullable().optional(),\n tenantId: z.string().uuid().nullable().optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n people: z.array(\n z.object({\n id: z.string().uuid(),\n label: z.string(),\n subtitle: z.string().nullable().optional(),\n kind: z.literal('person'),\n }),\n ),\n companies: z.array(\n z.object({\n id: z.string().uuid(),\n label: z.string(),\n subtitle: z.string().nullable().optional(),\n kind: z.literal('company'),\n }),\n ),\n customFields: z.record(z.string(), z.unknown()),\n viewer: z.object({\n userId: z.string().uuid().nullable(),\n name: z.string().nullable(),\n email: z.string().nullable(),\n }),\n pipelineStages: z.array(pipelineStageInfoSchema),\n stageTransitions: z.array(stageTransitionInfoSchema),\n owner: z.object({\n id: z.string().uuid(),\n name: z.string(),\n email: z.string(),\n }).nullable(),\n})\n\nconst dealDetailErrorSchema = z.object({\n error: z.string(),\n})\n\nexport const openApi: OpenApiRouteDoc = {\n tag: 'Customers',\n summary: 'Fetch deal detail',\n methods: {\n GET: {\n summary: 'Fetch deal with associations and pipeline context',\n description: 'Returns a deal with linked people, companies, closure fields, optional pipeline history, custom fields, and viewer context.',\n query: dealDetailQuerySchema,\n responses: [\n { status: 200, description: 'Deal detail payload', schema: dealDetailResponseSchema },\n ],\n errors: [\n { status: 401, description: 'Unauthorized', schema: dealDetailErrorSchema },\n { status: 403, description: 'Forbidden for tenant/organization scope', schema: dealDetailErrorSchema },\n { status: 404, description: 'Deal not found', schema: dealDetailErrorSchema },\n ],\n },\n },\n}\n"],
|
|
5
|
-
"mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAClB,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,0CAA0C;AAEnD;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,YAAY;AAErB,SAAS,6BAA6B;AACtC,SAAS,oCAAoC;AAC7C,SAAS,SAAS;AAGlB,SAAS,oBAAoB,6BAA6B;AAC1D,SAAS,wCAAwC;AACjD,SAAS,mCAAmC,2CAA2C;AAEhF,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,sBAAsB,EAAE;AACtE;AAEA,MAAM,eAAe,EAAE,OAAO;AAAA,EAC5B,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,SAAS,SAAS,SAAiB;AACjC,SAAO,aAAa,KAAK,EAAE,OAAO,QAAQ,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC9D;AAEA,SAAS,UAAU,SAAiB;AAClC,SAAO,aAAa,KAAK,EAAE,OAAO,QAAQ,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC9D;AASA,SAAS,2BAA2B,QAAoE;AACtG,QAAM,cAAc,OAAO,OAAO,gBAAgB,WAAW,OAAO,YAAY,KAAK,IAAI;AACzF,QAAM,QACJ,OAAO,OAAO,iBAAiB,YAAY,OAAO,aAAa,KAAK,EAAE,SAClE,OAAO,aAAa,KAAK,IACzB;AACN,QAAM,QACJ,OAAO,OAAO,iBAAiB,YAAY,OAAO,aAAa,KAAK,EAAE,SAClE,OAAO,aAAa,KAAK,IACzB;AACN,QAAM,WACJ,OAAO,iBACP,OAAQ,OAAO,eAAgD,aAAa,YAC3E,OAAO,cAA+C,UAAU,KAAK,EAAE,SAClE,OAAO,cAA+C,SAAoB,KAAK,IACjF;AACN,QAAM,WAAW,YAAY,SAAS,SAAS;AAC/C,QAAM,QAAQ,YAAY,SAAS,cAAc,SAAS,SAAS,OAAO;AAC1E,SAAO,EAAE,OAAO,SAAS;AAC3B;AAEA,SAAS,4BAA4B,QAAoE;AACvG,QAAM,cAAc,OAAO,OAAO,gBAAgB,WAAW,OAAO,YAAY,KAAK,IAAI;AACzF,QAAM,SACJ,OAAO,kBACP,OAAQ,OAAO,gBAA+C,WAAW,YACxE,OAAO,eAA8C,QAAQ,KAAK,EAAE,SAC/D,OAAO,eAA8C,OAAkB,KAAK,IAC9E;AACN,QAAM,UACJ,OAAO,kBACP,OAAQ,OAAO,gBAAmD,eAAe,YAChF,OAAO,eAAkD,YAAY,KAAK,EAAE,SACvE,OAAO,eAAkD,WAAsB,KAAK,IACtF;AACN,QAAM,WAAW,UAAU,WAAW;AACtC,QAAM,QAAQ,YAAY,SAAS,cAAc,UAAU,WAAW,OAAO;AAC7E,SAAO,EAAE,OAAO,SAAS;AAC3B;AAEA,SAAS,iBAAiB,SAA+B;AACvD,QAAM,QAAQ,oBAAI,IAAY;AAC9B,QAAM,MAAM,IAAI,IAAI,QAAQ,GAAG;AAC/B,aAAW,YAAY,IAAI,aAAa,OAAO,SAAS,GAAG;AACzD,aACG,MAAM,GAAG,EACT,IAAI,CAAC,UAAU,MAAM,KAAK,EAAE,YAAY,CAAC,EACzC,OAAO,OAAO,EACd,QAAQ,CAAC,UAAU,MAAM,IAAI,KAAK,CAAC;AAAA,EACxC;AACA,SAAO;AACT;AAEA,SAAS,aAAa,SAAmC;AACvD,QAAM,MAAM,IAAI,IAAI,QAAQ,GAAG,EAAE,aAAa,IAAI,MAAM;AACxD,SAAO,QAAQ,UAAU,QAAQ,gBAAgB,SAAS;AAC5D;AAEA,SAAS,oBAAoB,OAA0C;AACrE,SAAO,OAAO,UAAU,WAAW,MAAM,KAAK,EAAE,YAAY,IAAI;AAClE;AAeA,SAAS,SAAS,OAAgD;AAChE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK,IACtE,QACA;AACN;AAEA,SAAS,iBAAiB,WAA2C,MAA+B;AAClG,MAAI,CAAC,OAAQ,QAAO;AACpB,aAAW,OAAO,MAAM;AACtB,UAAM,QAAQ,OAAO,GAAG;AACxB,QAAI,OAAO,UAAU,YAAY,MAAM,KAAK,EAAE,SAAS,GAAG;AACxD,aAAO,MAAM,KAAK;AAAA,IACpB;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,uBAAuB,UAAmD;AACjF,QAAM,OAAO,SAAS,QAAQ;AAC9B,MAAI,CAAC,KAAM,QAAO;AAClB,SAAO,SAAS,KAAK,IAAI,KAAK;AAChC;AAEA,SAAS,sBAAsB,UAA0C;AACvE,QAAM,aAAa,uBAAuB,QAAQ;AAClD,SAAO;AAAA,IACL,YAAY,iBAAiB,YAAY,cAAc,aAAa;AAAA,IACpE,SAAS,iBAAiB,YAAY,mBAAmB,mBAAmB;AAAA,IAC5E,YAAY,iBAAiB,YAAY,iBAAiB,gBAAgB;AAAA,EAC5E;AACF;AAEA,eAAe,kCAAkC;AAAA,EAC/C;AAAA,EACA;AAAA,EACA;AACF,GAIsC;AACpC,MAAI,CAAC,KAAK,YAAY,CAAC,KAAK,kBAAkB,CAAC,eAAe,OAAQ,QAAO,CAAC;AAE9E,MAAI,aAAsC;AAC1C,MAAI;AACF,iBAAa,UAAU,QAAQ,kBAAkB;AAAA,EACnD,QAAQ;AACN,WAAO,CAAC;AAAA,EACV;AACA,MAAI,CAAC,cAAc,OAAO,WAAW,SAAS,WAAY,QAAO,CAAC;AAClE,QAAM,iBAAiB,IAAI,IAAI,eAAe,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,MAAM,KAAK,CAAC,CAAC;AACrF,QAAM,iBAAiB,IAAI,IAAI,eAAe,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,MAAM,KAAK,CAAC,CAAC;AACrF,QAAM,uBAAuB,oBAAI,IAAoC;AACrE,QAAM,aAAa,MAAM,WAAW,KAAK;AAAA,IACvC,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,cAAc;AAAA,IACd,YAAY,KAAK;AAAA,IACjB,OAAO;AAAA,IACP,QAAQ;AAAA,IACR,WAAW;AAAA,IACX,SAAS;AAAA,EACX,CAAC,EAAE,MAAM,MAAM,IAAI;AACnB,QAAM,OAAO,YAAY,SAAS,CAAC;AAEnC,MAAI,kBAAiC;AACrC,aAAW,OAAO,MAAM;AACtB,QAAI,IAAI,mBAAmB,YAAY,IAAI,mBAAmB,SAAU;AAExE,UAAM,SAAS,sBAAsB,IAAI,cAAc;AACvD,UAAM,QAAQ,sBAAsB,IAAI,aAAa;AACrD,UAAM,cAAc,MAAM;AAC1B,QAAI,CAAC,YAAa;AAElB,UAAM,aAAa,eAAe,IAAI,WAAW;AACjD,QAAI,OAAO,eAAe,UAAU;AAClC,wBAAkB;AAClB;AAAA,IACF;AAEA,UAAM,2BAA0C,OAAO,WAAW;AAClE,QAAI,6BAA6B,eAAe,qBAAqB,IAAI,WAAW,GAAG;AACrF,wBAAkB;AAClB;AAAA,IACF;AAEA,yBAAqB,IAAI,aAAa;AAAA,MACpC,SAAS;AAAA,MACT,YAAY,MAAM,cAAc,eAAe,IAAI,WAAW,KAAK;AAAA,MACnE;AAAA,MACA,gBAAgB,IAAI,UAAU,YAAY;AAAA,IAC5C,CAAC;AACD,sBAAkB;AAAA,EACpB;AAEA,SAAO,MAAM,KAAK,qBAAqB,OAAO,CAAC,EAAE,KAAK,CAAC,MAAM,UAAU,KAAK,aAAa,MAAM,UAAU;AAC3G;AAEA,SAAS,sBAAsB;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,GAK6B;AAC3B,QAAM,SAAS,oBAAI,IAAoC;AACvD,aAAW,cAAc,WAAW;AAClC,WAAO,IAAI,WAAW,SAAS,UAAU;AAAA,EAC3C;AACA,aAAW,cAAc,WAAW;AAClC,QAAI,CAAC,OAAO,IAAI,WAAW,OAAO,GAAG;AACnC,aAAO,IAAI,WAAW,SAAS,UAAU;AAAA,IAC3C;AAAA,EACF;AACA,MAAI,gBAAgB,CAAC,OAAO,IAAI,aAAa,EAAE,GAAG;AAChD,WAAO,IAAI,aAAa,IAAI;AAAA,MAC1B,SAAS,aAAa;AAAA,MACtB,YAAY,aAAa;AAAA,MACzB,YAAY,aAAa;AAAA,MACzB,gBAAgB;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO,MAAM,KAAK,OAAO,OAAO,CAAC,EAAE,KAAK,CAAC,MAAM,UAAU,KAAK,aAAa,MAAM,UAAU;AAC7F;AAEA,eAAe,+BACb,IACA,QACA,gBACA,UAC+C;AAC/C,QAAM,mBAAmB,OACtB,IAAI,CAAC,UAAU,MAAM,MAAM,KAAK,EAAE,YAAY,CAAC,EAC/C,OAAO,CAAC,UAAU,MAAM,SAAS,CAAC;AACrC,MAAI,CAAC,iBAAiB,OAAQ,QAAO,oBAAI,IAAqC;AAC9E,QAAM,UAAU,MAAM;AAAA,IACpB;AAAA,IACA;AAAA,IACA;AAAA,MACE;AAAA,MACA;AAAA,MACA,MAAM;AAAA,MACN,iBAAiB,EAAE,KAAK,iBAAiB;AAAA,IAC3C;AAAA,IACA;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,QAAM,MAAM,oBAAI,IAAqC;AACrD,UAAQ,QAAQ,CAAC,UAAU,IAAI,IAAI,MAAM,iBAAiB,KAAK,CAAC;AAChE,SAAO;AACT;AAEA,eAAe,8BACb,IACA,MACA,iBACuC;AACvC,MAAI,KAAK,iBAAiB;AACxB,UAAM,aAAa,MAAM;AAAA,MACvB;AAAA,MACA;AAAA,MACA;AAAA,QACE,IAAI,KAAK;AAAA,QACT,gBAAgB,KAAK;AAAA,QACrB,UAAU,KAAK;AAAA,MACjB;AAAA,MACA,CAAC;AAAA,MACD;AAAA,IACF;AACA,QAAI,WAAY,QAAO;AAAA,EACzB;AAEA,QAAM,uBAAuB,oBAAoB,KAAK,aAAa;AACnE,MAAI,CAAC,qBAAsB,QAAO;AAElC,QAAM,eAAe,MAAM;AAAA,IACzB;AAAA,IACA;AAAA,IACA;AAAA,MACE,gBAAgB,KAAK;AAAA,MACrB,UAAU,KAAK;AAAA,MACf,GAAI,KAAK,aAAa,EAAE,YAAY,KAAK,WAAW,IAAI,CAAC;AAAA,IAC3D;AAAA,IACA,EAAE,SAAS,EAAE,OAAO,MAAM,EAAE;AAAA,IAC5B;AAAA,EACF;AAEA,QAAM,iBAAiB,aAAa,OAAO,CAAC,UAAU,oBAAoB,MAAM,KAAK,MAAM,oBAAoB;AAC/G,MAAI,eAAe,WAAW,EAAG,QAAO,eAAe,CAAC,KAAK;AAC7D,MAAI,eAAe,SAAS,GAAG;AAC7B,UAAM,sBAAsB,IAAI,IAAI,eAAe,IAAI,CAAC,UAAU,MAAM,UAAU,CAAC;AACnF,QAAI,oBAAoB,SAAS,EAAG,QAAO,eAAe,CAAC,KAAK;AAAA,EAClE;AACA,SAAO;AACT;AAEA,eAAsB,IAAI,SAAkB,SAA+C;AACzF,QAAM,eAAe,aAAa,UAAU,QAAQ,MAAM;AAC1D,MAAI,CAAC,aAAa,SAAS;AACzB,WAAO,SAAS,gBAAgB;AAAA,EAClC;AAEA,QAAM,eAAe,iBAAiB,OAAO;AAC7C,QAAM,WAAW,aAAa,OAAO;AACrC,QAAM,WAAW,aAAa;AAC9B,QAAM,gBAAgB,aAAa,IAAI,QAAQ;AAC/C,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,OAAO,MAAM,mBAAmB,OAAO;AAC7C,MAAI,CAAC,MAAM,OAAO,CAAC,MAAM,UAAU;AACjC,WAAO,aAAa,KAAK,EAAE,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChF;AAEA,MAAI,OAA2B;AAC/B,MAAI;AACF,WAAQ,UAAU,QAAQ,aAAa;AAAA,EACzC,QAAQ;AACN,WAAO;AAAA,EACT;AAEA,MAAI,CAAC,QAAQ,CAAC,MAAM,KAAK;AACvB,WAAO,UAAU,eAAe;AAAA,EAClC;AACA,QAAM,aAAa,MAAM,KAAK,mBAAmB,KAAK,KAAK,CAAC,sBAAsB,GAAG;AAAA,IACnF,UAAU,KAAK,YAAY;AAAA,IAC3B,gBAAgB,KAAK,SAAS;AAAA,EAChC,CAAC;AACD,MAAI,CAAC,YAAY;AACf,WAAO,UAAU,eAAe;AAAA,EAClC;AAEA,QAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,QAAM,KAAM,UAAU,QAAQ,IAAI;AAElC,QAAM,OAAO,MAAM;AAAA,IACjB;AAAA,IACA;AAAA,IACA,EAAE,IAAI,aAAa,KAAK,IAAI,WAAW,KAAK;AAAA,IAC5C;AAAA,MACE,UAAU,CAAC,iBAAiB,+BAA+B,qBAAqB,kCAAkC;AAAA,IACpH;AAAA,IACA,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,KAAK,SAAS,KAAK;AAAA,EACxE;AACA,MAAI,CAAC,MAAM;AACT,WAAO,SAAS,gBAAgB;AAAA,EAClC;AAEA,MAAI,KAAK,YAAY,KAAK,YAAY,KAAK,aAAa,KAAK,UAAU;AACrE,WAAO,SAAS,gBAAgB;AAAA,EAClC;AAEA,QAAM,gBAAgB,oBAAI,IAAY;AACtC,MAAI,MAAM,QAAQ,OAAO,SAAS,GAAG;AACnC,UAAM,UAAU,QAAQ,CAAC,OAAO;AAC9B,UAAI,OAAO,OAAO,YAAY,GAAG,KAAK,EAAE,OAAQ,eAAc,IAAI,EAAE;AAAA,IACtE,CAAC;AAAA,EACH,WAAW,KAAK,OAAO;AACrB,kBAAc,IAAI,KAAK,KAAK;AAAA,EAC9B;AACA,MAAI,cAAc,QAAQ,KAAK,kBAAkB,CAAC,cAAc,IAAI,KAAK,cAAc,GAAG;AACxF,WAAO,UAAU,eAAe;AAAA,EAClC;AAEA,QAAM,kBAAkB;AAAA,IACtB,UAAU,KAAK,YAAY,KAAK,YAAY;AAAA,IAC5C,gBAAgB,KAAK,kBAAkB,KAAK,SAAS;AAAA,EACvD;AACA,MAAI,kBAA4B,CAAC;AACjC,MAAI,mBAA6B,CAAC;AAClC,MAAI,SAA4B,CAAC;AACjC,MAAI,YAA+B,CAAC;AAEpC,MAAI,UAAU;AACZ,UAAM,iBAAiB,MAAM;AAAA,MAC3B;AAAA,MACA;AAAA,MACA,EAAE,MAAM,KAAK,GAAG;AAAA,MAChB,EAAE,SAAS,EAAE,WAAW,MAAM,EAAE;AAAA,MAChC;AAAA,IACF;AACA,UAAM,kBAAkB,MAAM;AAAA,MAC5B;AAAA,MACA;AAAA,MACA,EAAE,MAAM,KAAK,GAAG;AAAA,MAChB,EAAE,SAAS,EAAE,WAAW,MAAM,EAAE;AAAA,MAChC;AAAA,IACF;AAEA,sBAAkB,MAAM;AAAA,MACtB,IAAI;AAAA,QACF,eACG,IAAI,CAAC,SAAS;AACb,gBAAM,YAAY,KAAK;AACvB,cAAI,CAAC,UAAW,QAAO;AACvB,cAAI,OAAO,cAAc,SAAU,QAAO;AAC1C,gBAAM,gBAAgB,UAAU;AAChC,iBAAO,OAAO,kBAAkB,WAAW,gBAAgB;AAAA,QAC7D,CAAC,EACA,OAAO,CAAC,UAA2B,OAAO,UAAU,YAAY,MAAM,KAAK,EAAE,SAAS,CAAC;AAAA,MAC5F;AAAA,IACF;AACA,uBAAmB,MAAM;AAAA,MACvB,IAAI;AAAA,QACF,gBACG,IAAI,CAAC,SAAS;AACb,gBAAM,aAAa,KAAK;AACxB,cAAI,CAAC,WAAY,QAAO;AACxB,cAAI,OAAO,eAAe,SAAU,QAAO;AAC3C,gBAAM,iBAAiB,WAAW;AAClC,iBAAO,OAAO,mBAAmB,WAAW,iBAAiB;AAAA,QAC/D,CAAC,EACA,OAAO,CAAC,UAA2B,OAAO,UAAU,YAAY,MAAM,KAAK,EAAE,SAAS,CAAC;AAAA,MAC5F;AAAA,IACF;AAEA,UAAM,gBAAgB,gBAAgB,SAClC,MAAM;AAAA,MACJ;AAAA,MACA;AAAA,MACA,EAAE,IAAI,EAAE,KAAK,gBAAgB,MAAM,GAAG,CAAC,EAAE,EAAE;AAAA,MAC3C,EAAE,UAAU,CAAC,eAAe,EAAE;AAAA,MAC9B;AAAA,IACF,IACA,CAAC;AACL,UAAM,mBAAmB,iBAAiB,SACtC,MAAM;AAAA,MACJ;AAAA,MACA;AAAA,MACA,EAAE,IAAI,EAAE,KAAK,iBAAiB,MAAM,GAAG,CAAC,EAAE,EAAE;AAAA,MAC5C,EAAE,UAAU,CAAC,gBAAgB,EAAE;AAAA,MAC/B;AAAA,IACF,IACA,CAAC;AACL,UAAM,mBAAmB,IAAI,IAAI,cAAc,IAAI,CAAC,WAAW,CAAC,OAAO,IAAI,MAAM,CAAC,CAAC;AACnF,UAAM,sBAAsB,IAAI,IAAI,iBAAiB,IAAI,CAAC,WAAW,CAAC,OAAO,IAAI,MAAM,CAAC,CAAC;AACzF,aAAS,gBAAgB,MAAM,GAAG,CAAC,EAAE,OAA0B,CAAC,KAAK,aAAa;AAChF,YAAM,SAAS,iBAAiB,IAAI,QAAQ,KAAK;AACjD,UAAI,CAAC,UAAU,OAAO,UAAW,QAAO;AACxC,YAAM,EAAE,OAAO,SAAS,IAAI,2BAA2B,MAAM;AAC7D,UAAI,KAAK,EAAE,IAAI,OAAO,IAAI,OAAO,UAAU,MAAM,SAAS,CAAC;AAC3D,aAAO;AAAA,IACT,GAAG,CAAC,CAAC;AACL,gBAAY,iBAAiB,MAAM,GAAG,CAAC,EAAE,OAA0B,CAAC,KAAK,cAAc;AACrF,YAAM,SAAS,oBAAoB,IAAI,SAAS,KAAK;AACrD,UAAI,CAAC,UAAU,OAAO,UAAW,QAAO;AACxC,YAAM,EAAE,OAAO,SAAS,IAAI,4BAA4B,MAAM;AAC9D,UAAI,KAAK,EAAE,IAAI,OAAO,IAAI,OAAO,UAAU,MAAM,UAAU,CAAC;AAC5D,aAAO;AAAA,IACT,GAAG,CAAC,CAAC;AAAA,EACP,OAAO;AACL,UAAM,cAAc,MAAM;AAAA,MACxB;AAAA,MACA;AAAA,MACA,EAAE,MAAM,KAAK,GAAG;AAAA,MAChB,EAAE,UAAU,CAAC,UAAU,sBAAsB,EAAE;AAAA,MAC/C;AAAA,IACF;AACA,UAAM,eAAe,MAAM;AAAA,MACzB;AAAA,MACA;AAAA,MACA,EAAE,MAAM,KAAK,GAAG;AAAA,MAChB,EAAE,UAAU,CAAC,WAAW,wBAAwB,EAAE;AAAA,MAClD;AAAA,IACF;AACA,UAAM,mBAAmB,KAAK,YAAY,KAAK,YAAY;AAC3D,UAAM,gBAAgB,KAAK,kBAAkB,KAAK,SAAS;AAC3D,UAAM,iCAAiC,aAAa;AAAA,MAClD;AAAA,MACA,UAAU;AAAA,MACV,gBAAgB;AAAA,IAClB,CAAC;AACD,UAAM,iCAAiC,cAAc;AAAA,MACnD;AAAA,MACA,UAAU;AAAA,MACV,gBAAgB;AAAA,IAClB,CAAC;AAED,aAAS,YAAY,OAA0B,CAAC,KAAK,SAAS;AAC5D,YAAM,SAAS,KAAK;AACpB,UAAI,CAAC,UAAU,OAAO,UAAW,QAAO;AACxC,YAAM,EAAE,OAAO,SAAS,IAAI,2BAA2B,MAAM;AAC7D,UAAI,KAAK,EAAE,IAAI,OAAO,IAAI,OAAO,UAAU,MAAM,SAAS,CAAC;AAC3D,aAAO;AAAA,IACT,GAAG,CAAC,CAAC;AAEL,gBAAY,aAAa,OAA0B,CAAC,KAAK,SAAS;AAChE,YAAM,SAAS,KAAK;AACpB,UAAI,CAAC,UAAU,OAAO,UAAW,QAAO;AACxC,YAAM,EAAE,OAAO,SAAS,IAAI,4BAA4B,MAAM;AAC9D,UAAI,KAAK,EAAE,IAAI,OAAO,IAAI,OAAO,UAAU,MAAM,UAAU,CAAC;AAC5D,aAAO;AAAA,IACT,GAAG,CAAC,CAAC;AACL,sBAAkB,OAAO,IAAI,CAAC,UAAU,MAAM,EAAE;AAChD,uBAAmB,UAAU,IAAI,CAAC,UAAU,MAAM,EAAE;AAAA,EACtD;AAEA,QAAM,oBAAoB,MAAM,sBAAsB;AAAA,IACpD;AAAA,IACA,UAAU,EAAE,UAAU;AAAA,IACtB,WAAW,CAAC,KAAK,EAAE;AAAA,IACnB,kBAAkB,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,YAAY,KAAK;AAAA,IACrD,wBAAwB,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,kBAAkB,KAAK;AAAA,IACjE,iBAAiB,CAAC,KAAK,YAAY,KAAK,YAAY,IAAI,EAAE,OAAO,CAAC,UAA2B,CAAC,CAAC,KAAK;AAAA,EACtG,CAAC;AACD,QAAM,eAAe,6BAA6B,kBAAkB,KAAK,EAAE,CAAC,KAAK,CAAC;AAElF,QAAM,eAAe,KAAK,WAAW,OAAO,KAAK,OAAO;AACxD,MAAI,aAA4B;AAChC,MAAI,cAA6B,KAAK,SAAS;AAC/C,MAAI,cAAc;AAChB,UAAM,cAAc;AAAA,MAClB,UAAU,KAAK,YAAY;AAAA,MAC3B,gBAAgB,KAAK,SAAS;AAAA,IAChC;AACA,UAAM,SAAS,MAAM;AAAA,MACnB;AAAA,MACA;AAAA,MACA,EAAE,IAAI,cAAc,UAAU,KAAK,YAAY,KAAK;AAAA,MACpD,CAAC;AAAA,MACD;AAAA,IACF;AACA,iBAAa,QAAQ,QAAQ;AAC7B,kBAAc,QAAQ,SAAS,eAAe;AAAA,EAChD;AAEA,QAAM,QAAQ,KAAK,cACf,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA,EAAE,IAAI,KAAK,aAAa,UAAU,KAAK,YAAY,KAAK,YAAY,KAAK;AAAA,IACzE,CAAC;AAAA,IACD;AAAA,EACF,IACE;AACJ,QAAM,eAAe,QACjB;AAAA,IACA,IAAI,MAAM;AAAA,IACV,MAAM,MAAM,QAAQ,MAAM,SAAS,MAAM;AAAA,IACzC,OAAO,MAAM,SAAS;AAAA,EACxB,IACE;AAEJ,QAAM,iBAAiB,gBACnB,MAAM,8BAA8B,IAAI,MAAM,eAAe,IAC7D;AACJ,QAAM,sBAAsB,KAAK,cAAc,gBAAgB,cAAc;AAC7E,QAAM,2BAA2B,KAAK,mBAAmB,gBAAgB,MAAM;AAC/E,QAAM,8BAA8B,KAAK,iBAAiB,gBAAgB,SAAS;AAEnF,QAAM,iBAAiB,iBAAiB,sBACpC,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,MACE,YAAY;AAAA,MACZ,gBAAgB,KAAK;AAAA,MACrB,UAAU,KAAK;AAAA,IACjB;AAAA,IACA,EAAE,SAAS,EAAE,OAAO,MAAM,EAAE;AAAA,IAC5B;AAAA,EACF,IACE,CAAC;AACL,QAAM,WAAW,sBACb,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,MACE,IAAI;AAAA,MACJ,gBAAgB,KAAK;AAAA,MACrB,UAAU,KAAK;AAAA,IACjB;AAAA,IACA,CAAC;AAAA,IACD;AAAA,EACF,IACE;AACJ,QAAM,6BAA6B,eAAe,SAC9C,MAAM,+BAA+B,IAAI,gBAAgB,KAAK,gBAAgB,KAAK,QAAQ,IAC3F,oBAAI,IAAqC;AAC7C,MAAI,mBAAkD,CAAC;AACvD,MAAI,eAAe;AACjB,QAAI;AACF,yBAAmB,MAAM;AAAA,QACvB;AAAA,QACA;AAAA,QACA,EAAE,MAAM,KAAK,IAAI,WAAW,KAAK;AAAA,QACjC,EAAE,SAAS,EAAE,YAAY,OAAO,gBAAgB,MAAM,EAAE;AAAA,QACxD;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,UAAI,CAAC,kCAAkC,KAAK,GAAG;AAC7C,cAAM;AAAA,MACR;AACA,0CAAoC,gCAAgC;AACpE,yBAAmB,CAAC;AAAA,IACtB;AAAA,EACF;AACA,QAAM,4BAA4B,iBAAiB,IAAI,CAAC,gBAAgB;AAAA,IACtE,SAAS,WAAW;AAAA,IACpB,YAAY,WAAW;AAAA,IACvB,YAAY,WAAW;AAAA,IACvB,gBAAgB,WAAW,eAAe,YAAY;AAAA,EACxD,EAAE;AACF,QAAM,4BAA4B,iBAAiB,0BAA0B,WAAW,IACpF,MAAM,kCAAkC,EAAE,WAAW,MAAM,eAAe,CAAC,IAC3E,CAAC;AACL,QAAM,yBAAyB,MAAM;AACnC,QAAI,CAAC,yBAA0B,QAAO;AACtC,UAAM,gBAAgB,eAAe,KAAK,CAAC,UAAU,MAAM,OAAO,wBAAwB;AAC1F,QAAI,eAAe;AACjB,aAAO;AAAA,QACL,IAAI,cAAc;AAAA,QAClB,OAAO,cAAc;AAAA,QACrB,OAAO,cAAc;AAAA,MACvB;AAAA,IACF;AACA,QAAI,CAAC,4BAA6B,QAAO;AACzC,WAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO;AAAA,MACP,OAAO;AAAA,IACT;AAAA,EACF,GAAG;AACH,QAAM,yBAAyB,sBAAsB;AAAA,IACnD,WAAW;AAAA,IACX,WAAW;AAAA,IACX,cAAc;AAAA,IACd,mBAAmB,KAAK,UAAU,YAAY;AAAA,EAChD,CAAC;AAED,SAAO,aAAa,KAAK;AAAA,IACvB,MAAM;AAAA,MACJ,IAAI,KAAK;AAAA,MACT,OAAO,KAAK;AAAA,MACZ,aAAa,KAAK,eAAe;AAAA,MACjC,QAAQ,KAAK,UAAU;AAAA,MACvB,eAAe;AAAA,MACf,YAAY;AAAA,MACZ,iBAAiB;AAAA,MACjB,aAAa,KAAK,eAAe;AAAA,MACjC,eAAe,KAAK,iBAAiB;AAAA,MACrC,aAAa,KAAK,eAAe;AAAA,MACjC,iBAAiB,KAAK,kBAAkB,KAAK,gBAAgB,YAAY,IAAI;AAAA,MAC7E,aAAa,KAAK,eAAe;AAAA,MACjC,QAAQ,KAAK,UAAU;AAAA,MACvB,gBAAgB,KAAK,kBAAkB;AAAA,MACvC,cAAc,KAAK,gBAAgB;AAAA,MACnC,WAAW,KAAK,aAAa;AAAA,MAC7B,gBAAgB,KAAK,kBAAkB;AAAA,MACvC,UAAU,KAAK,YAAY;AAAA,MAC3B,WAAW,KAAK,UAAU,YAAY;AAAA,MACtC,WAAW,KAAK,UAAU,YAAY;AAAA,IACxC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,QAAQ;AAAA,MACN,QAAQ,gBAAgB;AAAA,MACxB,WAAW,iBAAiB;AAAA,IAC9B;AAAA,IACA;AAAA,IACA,QAAQ;AAAA,MACN,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,OAAO;AAAA,IACT;AAAA,IACA,gBAAgB,eAAe,IAAI,CAAC,UAAU;AAC5C,YAAM,aAAa,2BAA2B,IAAI,MAAM,MAAM,KAAK,EAAE,YAAY,CAAC;AAClF,aAAO;AAAA,QACL,IAAI,MAAM;AAAA,QACV,OAAO,MAAM;AAAA,QACb,OAAO,MAAM;AAAA,QACb,OAAO,YAAY,SAAS;AAAA,QAC5B,MAAM,YAAY,QAAQ;AAAA,MAC5B;AAAA,IACF,CAAC;AAAA,IACD,cAAc,UAAU,QAAQ;AAAA,IAChC,kBAAkB;AAAA,IAClB,OAAO;AAAA,EACT,CAAC;AACH;AAEA,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,SAAS,EAAE,OAAO,EAAE,SAAS;AAC/B,CAAC;AAED,MAAM,0BAA0B,EAAE,OAAO;AAAA,EACvC,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,EACpB,OAAO,EAAE,OAAO;AAAA,EAChB,OAAO,EAAE,OAAO,EAAE,IAAI;AAAA,EACtB,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,MAAM,EAAE,OAAO,EAAE,SAAS;AAC5B,CAAC;AAED,MAAM,4BAA4B,EAAE,OAAO;AAAA,EACzC,SAAS,EAAE,OAAO,EAAE,KAAK;AAAA,EACzB,YAAY,EAAE,OAAO;AAAA,EACrB,YAAY,EAAE,OAAO,EAAE,IAAI;AAAA,EAC3B,gBAAgB,EAAE,OAAO;AAC3B,CAAC;AAED,MAAM,2BAA2B,EAAE,OAAO;AAAA,EACxC,MAAM,EAAE,OAAO;AAAA,IACb,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,IACpB,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IACtC,aAAa,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC5C,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IACvC,eAAe,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC9C,YAAY,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,IAClD,iBAAiB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,IACvD,aAAa,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC5C,eAAe,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC9C,aAAa,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC5C,iBAAiB,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAChD,aAAa,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,IACnD,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IACvC,gBAAgB,EAAE,KAAK,CAAC,OAAO,MAAM,CAAC,EAAE,SAAS,EAAE,SAAS;AAAA,IAC5D,cAAc,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,IACpD,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC1C,gBAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,IACtD,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,IAChD,WAAW,EAAE,OAAO;AAAA,IACpB,WAAW,EAAE,OAAO;AAAA,EACtB,CAAC;AAAA,EACD,QAAQ,EAAE;AAAA,IACR,EAAE,OAAO;AAAA,MACP,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,MACpB,OAAO,EAAE,OAAO;AAAA,MAChB,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,MACzC,MAAM,EAAE,QAAQ,QAAQ;AAAA,IAC1B,CAAC;AAAA,EACH;AAAA,EACA,WAAW,EAAE;AAAA,IACX,EAAE,OAAO;AAAA,MACP,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,MACpB,OAAO,EAAE,OAAO;AAAA,MAChB,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,MACzC,MAAM,EAAE,QAAQ,SAAS;AAAA,IAC3B,CAAC;AAAA,EACH;AAAA,EACA,cAAc,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,QAAQ,CAAC;AAAA,EAC9C,QAAQ,EAAE,OAAO;AAAA,IACf,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,IACnC,MAAM,EAAE,OAAO,EAAE,SAAS;AAAA,IAC1B,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC7B,CAAC;AAAA,EACD,gBAAgB,EAAE,MAAM,uBAAuB;AAAA,EAC/C,kBAAkB,EAAE,MAAM,yBAAyB;AAAA,EACnD,OAAO,EAAE,OAAO;AAAA,IACd,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,IACpB,MAAM,EAAE,OAAO;AAAA,IACf,OAAO,EAAE,OAAO;AAAA,EAClB,CAAC,EAAE,SAAS;AACd,CAAC;AAED,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,OAAO,EAAE,OAAO;AAClB,CAAC;AAEM,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,uBAAuB,QAAQ,yBAAyB;AAAA,MACtF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,sBAAsB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,2CAA2C,QAAQ,sBAAsB;AAAA,QACrG,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,sBAAsB;AAAA,MAC9E;AAAA,IACF;AAAA,EACF;AACF;",
|
|
4
|
+
"sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { resolveOrganizationScopeForRequest } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport {\n CustomerDeal,\n CustomerDealPersonLink,\n CustomerDealCompanyLink,\n CustomerDealStageTransition,\n CustomerDictionaryEntry,\n CustomerEntity,\n CustomerPipeline,\n CustomerPipelineStage,\n} from '../../../data/entities'\nimport { User } from '@open-mercato/core/modules/auth/data/entities'\nimport type { ActionLogService } from '@open-mercato/core/modules/audit_logs/services/actionLogService'\nimport { loadCustomFieldValues } from '@open-mercato/shared/lib/crud/custom-fields'\nimport { normalizeCustomFieldResponse } from '@open-mercato/shared/lib/custom-fields/normalize'\nimport { E } from '#generated/entities.ids.generated'\nimport type { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { findWithDecryption, findOneWithDecryption } from '@open-mercato/shared/lib/encryption/find'\nimport { isOrganizationReadAccessAllowed } from '@open-mercato/core/modules/directory/utils/organizationScopeGuard'\nimport { decryptEntitiesWithFallbackScope } from '@open-mercato/shared/lib/encryption/subscriber'\nimport { isMissingDealStageTransitionTable, warnMissingDealStageTransitionTable } from '../../../lib/dealStageTransitionTable'\n\nexport const metadata = {\n GET: { requireAuth: true, requireFeatures: ['customers.deals.view'] },\n}\n\nconst paramsSchema = z.object({\n id: z.string().uuid(),\n})\n\nfunction notFound(message: string) {\n return NextResponse.json({ error: message }, { status: 404 })\n}\n\nfunction forbidden(message: string) {\n return NextResponse.json({ error: message }, { status: 403 })\n}\n\ntype DealAssociation = {\n id: string\n label: string\n subtitle: string | null\n kind: 'person' | 'company'\n}\n\nfunction normalizePersonAssociation(entity: CustomerEntity): { label: string; subtitle: string | null } {\n const displayName = typeof entity.displayName === 'string' ? entity.displayName.trim() : ''\n const email =\n typeof entity.primaryEmail === 'string' && entity.primaryEmail.trim().length\n ? entity.primaryEmail.trim()\n : null\n const phone =\n typeof entity.primaryPhone === 'string' && entity.primaryPhone.trim().length\n ? entity.primaryPhone.trim()\n : null\n const jobTitle =\n entity.personProfile &&\n typeof (entity.personProfile as { jobTitle?: string | null })?.jobTitle === 'string' &&\n (entity.personProfile as { jobTitle?: string | null }).jobTitle?.trim().length\n ? ((entity.personProfile as { jobTitle?: string | null }).jobTitle as string).trim()\n : null\n const subtitle = jobTitle ?? email ?? phone ?? null\n const label = displayName.length ? displayName : email ?? phone ?? entity.id\n return { label, subtitle }\n}\n\nfunction normalizeCompanyAssociation(entity: CustomerEntity): { label: string; subtitle: string | null } {\n const displayName = typeof entity.displayName === 'string' ? entity.displayName.trim() : ''\n const domain =\n entity.companyProfile &&\n typeof (entity.companyProfile as { domain?: string | null })?.domain === 'string' &&\n (entity.companyProfile as { domain?: string | null }).domain?.trim().length\n ? ((entity.companyProfile as { domain?: string | null }).domain as string).trim()\n : null\n const website =\n entity.companyProfile &&\n typeof (entity.companyProfile as { websiteUrl?: string | null })?.websiteUrl === 'string' &&\n (entity.companyProfile as { websiteUrl?: string | null }).websiteUrl?.trim().length\n ? ((entity.companyProfile as { websiteUrl?: string | null }).websiteUrl as string).trim()\n : null\n const subtitle = domain ?? website ?? null\n const label = displayName.length ? displayName : domain ?? website ?? entity.id\n return { label, subtitle }\n}\n\nfunction readIncludeFlags(request: Request): Set<string> {\n const flags = new Set<string>()\n const url = new URL(request.url)\n for (const rawValue of url.searchParams.getAll('include')) {\n rawValue\n .split(',')\n .map((value) => value.trim().toLowerCase())\n .filter(Boolean)\n .forEach((value) => flags.add(value))\n }\n return flags\n}\n\nfunction readViewMode(request: Request): 'full' | 'lite' {\n const raw = new URL(request.url).searchParams.get('view')\n return raw === 'lite' || raw === 'detail-lite' ? 'lite' : 'full'\n}\n\nfunction normalizeStageLabel(value: string | null | undefined): string {\n return typeof value === 'string' ? value.trim().toLowerCase() : ''\n}\n\ntype StageTransitionPayload = {\n stageId: string\n stageLabel: string\n stageOrder: number\n transitionedAt: string\n}\n\ntype DealSnapshotStageInfo = {\n pipelineId: string | null\n stageId: string | null\n stageLabel: string | null\n}\n\nfunction asObject(value: unknown): Record<string, unknown> | null {\n return typeof value === 'object' && value !== null && !Array.isArray(value)\n ? value as Record<string, unknown>\n : null\n}\n\nfunction readRecordString(record: Record<string, unknown> | null, ...keys: string[]): string | null {\n if (!record) return null\n for (const key of keys) {\n const value = record[key]\n if (typeof value === 'string' && value.trim().length > 0) {\n return value.trim()\n }\n }\n return null\n}\n\nfunction readSnapshotDealRecord(snapshot: unknown): Record<string, unknown> | null {\n const root = asObject(snapshot)\n if (!root) return null\n return asObject(root.deal) ?? root\n}\n\nfunction readSnapshotStageInfo(snapshot: unknown): DealSnapshotStageInfo {\n const dealRecord = readSnapshotDealRecord(snapshot)\n return {\n pipelineId: readRecordString(dealRecord, 'pipelineId', 'pipeline_id'),\n stageId: readRecordString(dealRecord, 'pipelineStageId', 'pipeline_stage_id'),\n stageLabel: readRecordString(dealRecord, 'pipelineStage', 'pipeline_stage'),\n }\n}\n\nasync function loadAuditStageTransitionsFallback({\n container,\n deal,\n pipelineStages,\n}: {\n container: Awaited<ReturnType<typeof createRequestContainer>>\n deal: CustomerDeal\n pipelineStages: CustomerPipelineStage[]\n}): Promise<StageTransitionPayload[]> {\n if (!deal.tenantId || !deal.organizationId || !pipelineStages.length) return []\n\n let actionLogs: ActionLogService | null = null\n try {\n actionLogs = container.resolve('actionLogService') as ActionLogService\n } catch {\n return []\n }\n if (!actionLogs || typeof actionLogs.list !== 'function') return []\n const stageOrderById = new Map(pipelineStages.map((stage) => [stage.id, stage.order]))\n const stageLabelById = new Map(pipelineStages.map((stage) => [stage.id, stage.label]))\n const transitionsByStageId = new Map<string, StageTransitionPayload>()\n const logsResult = await actionLogs.list({\n tenantId: deal.tenantId,\n organizationId: deal.organizationId,\n resourceKind: 'customers.deal',\n resourceId: deal.id,\n limit: 200,\n offset: 0,\n sortField: 'createdAt',\n sortDir: 'asc',\n }).catch(() => null)\n const logs = logsResult?.items ?? []\n\n let previousStageId: string | null = null\n for (const log of logs) {\n if (log.executionState === 'failed' || log.executionState === 'undone') continue\n\n const before = readSnapshotStageInfo(log.snapshotBefore)\n const after = readSnapshotStageInfo(log.snapshotAfter)\n const nextStageId = after.stageId\n if (!nextStageId) continue\n\n const stageOrder = stageOrderById.get(nextStageId)\n if (typeof stageOrder !== 'number') {\n previousStageId = nextStageId\n continue\n }\n\n const effectivePreviousStageId: string | null = before.stageId ?? previousStageId\n if (effectivePreviousStageId === nextStageId && transitionsByStageId.has(nextStageId)) {\n previousStageId = nextStageId\n continue\n }\n\n transitionsByStageId.set(nextStageId, {\n stageId: nextStageId,\n stageLabel: after.stageLabel ?? stageLabelById.get(nextStageId) ?? nextStageId,\n stageOrder,\n transitionedAt: log.createdAt.toISOString(),\n })\n previousStageId = nextStageId\n }\n\n return Array.from(transitionsByStageId.values()).sort((left, right) => left.stageOrder - right.stageOrder)\n}\n\nfunction mergeStageTransitions({\n persisted,\n recovered,\n currentStage,\n fallbackTimestamp,\n}: {\n persisted: StageTransitionPayload[]\n recovered: StageTransitionPayload[]\n currentStage: { id: string; label: string; order: number } | null\n fallbackTimestamp: string\n}): StageTransitionPayload[] {\n const merged = new Map<string, StageTransitionPayload>()\n for (const transition of persisted) {\n merged.set(transition.stageId, transition)\n }\n for (const transition of recovered) {\n if (!merged.has(transition.stageId)) {\n merged.set(transition.stageId, transition)\n }\n }\n if (currentStage && !merged.has(currentStage.id)) {\n merged.set(currentStage.id, {\n stageId: currentStage.id,\n stageLabel: currentStage.label,\n stageOrder: currentStage.order,\n transitionedAt: fallbackTimestamp,\n })\n }\n return Array.from(merged.values()).sort((left, right) => left.stageOrder - right.stageOrder)\n}\n\nasync function loadPipelineStageAppearanceMap(\n em: EntityManager,\n stages: CustomerPipelineStage[],\n organizationId: string,\n tenantId: string,\n): Promise<Map<string, CustomerDictionaryEntry>> {\n const normalizedValues = stages\n .map((stage) => stage.label.trim().toLowerCase())\n .filter((value) => value.length > 0)\n if (!normalizedValues.length) return new Map<string, CustomerDictionaryEntry>()\n const entries = await findWithDecryption(\n em,\n CustomerDictionaryEntry,\n {\n organizationId,\n tenantId,\n kind: 'pipeline_stage',\n normalizedValue: { $in: normalizedValues },\n },\n undefined,\n { tenantId, organizationId },\n )\n const map = new Map<string, CustomerDictionaryEntry>()\n entries.forEach((entry) => map.set(entry.normalizedValue, entry))\n return map\n}\n\nasync function resolveEffectivePipelineStage(\n em: EntityManager,\n deal: CustomerDeal,\n decryptionScope: { tenantId: string | null; organizationId: string | null },\n): Promise<CustomerPipelineStage | null> {\n if (deal.pipelineStageId) {\n const exactStage = await findOneWithDecryption(\n em,\n CustomerPipelineStage,\n {\n id: deal.pipelineStageId,\n organizationId: deal.organizationId,\n tenantId: deal.tenantId,\n },\n {},\n decryptionScope,\n )\n if (exactStage) return exactStage\n }\n\n const normalizedStageLabel = normalizeStageLabel(deal.pipelineStage)\n if (!normalizedStageLabel) return null\n\n const scopedStages = await findWithDecryption(\n em,\n CustomerPipelineStage,\n {\n organizationId: deal.organizationId,\n tenantId: deal.tenantId,\n ...(deal.pipelineId ? { pipelineId: deal.pipelineId } : {}),\n },\n { orderBy: { order: 'ASC' } },\n decryptionScope,\n )\n\n const matchingStages = scopedStages.filter((stage) => normalizeStageLabel(stage.label) === normalizedStageLabel)\n if (matchingStages.length === 1) return matchingStages[0] ?? null\n if (matchingStages.length > 1) {\n const distinctPipelineIds = new Set(matchingStages.map((stage) => stage.pipelineId))\n if (distinctPipelineIds.size === 1) return matchingStages[0] ?? null\n }\n return null\n}\n\nexport async function GET(request: Request, context: { params?: Record<string, unknown> }) {\n const parsedParams = paramsSchema.safeParse(context.params)\n if (!parsedParams.success) {\n return notFound('Deal not found')\n }\n\n const includeFlags = readIncludeFlags(request)\n const viewMode = readViewMode(request)\n const liteView = viewMode === 'lite'\n const includeStages = includeFlags.has('stages')\n const container = await createRequestContainer()\n const auth = await getAuthFromRequest(request)\n if (!auth?.sub && !auth?.isApiKey) {\n return NextResponse.json({ error: 'Authentication required' }, { status: 401 })\n }\n\n let rbac: RbacService | null = null\n try {\n rbac = (container.resolve('rbacService') as RbacService)\n } catch {\n rbac = null\n }\n\n if (!rbac || !auth?.sub) {\n return forbidden('Access denied')\n }\n const hasFeature = await rbac.userHasAllFeatures(auth.sub, ['customers.deals.view'], {\n tenantId: auth.tenantId ?? null,\n organizationId: auth.orgId ?? null,\n })\n if (!hasFeature) {\n return forbidden('Access denied')\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const em = (container.resolve('em') as EntityManager)\n\n const deal = await findOneWithDecryption(\n em,\n CustomerDeal,\n { id: parsedParams.data.id, deletedAt: null },\n {\n populate: ['people.person', 'people.person.personProfile', 'companies.company', 'companies.company.companyProfile'],\n },\n { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null },\n )\n if (!deal) {\n return notFound('Deal not found')\n }\n\n if (auth.tenantId && deal.tenantId && auth.tenantId !== deal.tenantId) {\n return notFound('Deal not found')\n }\n\n if (!isOrganizationReadAccessAllowed({ scope, auth, organizationId: deal.organizationId })) {\n return forbidden('Access denied')\n }\n\n const decryptionScope = {\n tenantId: deal.tenantId ?? auth.tenantId ?? null,\n organizationId: deal.organizationId ?? auth.orgId ?? null,\n }\n let linkedPersonIds: string[] = []\n let linkedCompanyIds: string[] = []\n let people: DealAssociation[] = []\n let companies: DealAssociation[] = []\n\n if (liteView) {\n const personLinkRows = await findWithDecryption(\n em,\n CustomerDealPersonLink,\n { deal: deal.id },\n { orderBy: { createdAt: 'ASC' } },\n decryptionScope,\n )\n const companyLinkRows = await findWithDecryption(\n em,\n CustomerDealCompanyLink,\n { deal: deal.id },\n { orderBy: { createdAt: 'ASC' } },\n decryptionScope,\n )\n\n linkedPersonIds = Array.from(\n new Set(\n personLinkRows\n .map((link) => {\n const personRef = link.person\n if (!personRef) return null\n if (typeof personRef === 'string') return personRef\n const personIdValue = personRef.id\n return typeof personIdValue === 'string' ? personIdValue : null\n })\n .filter((value): value is string => typeof value === 'string' && value.trim().length > 0),\n ),\n )\n linkedCompanyIds = Array.from(\n new Set(\n companyLinkRows\n .map((link) => {\n const companyRef = link.company\n if (!companyRef) return null\n if (typeof companyRef === 'string') return companyRef\n const companyIdValue = companyRef.id\n return typeof companyIdValue === 'string' ? companyIdValue : null\n })\n .filter((value): value is string => typeof value === 'string' && value.trim().length > 0),\n ),\n )\n\n const previewPeople = linkedPersonIds.length\n ? await findWithDecryption(\n em,\n CustomerEntity,\n { id: { $in: linkedPersonIds.slice(0, 3) } },\n { populate: ['personProfile'] },\n decryptionScope,\n )\n : []\n const previewCompanies = linkedCompanyIds.length\n ? await findWithDecryption(\n em,\n CustomerEntity,\n { id: { $in: linkedCompanyIds.slice(0, 3) } },\n { populate: ['companyProfile'] },\n decryptionScope,\n )\n : []\n const previewPeopleMap = new Map(previewPeople.map((entity) => [entity.id, entity]))\n const previewCompaniesMap = new Map(previewCompanies.map((entity) => [entity.id, entity]))\n people = linkedPersonIds.slice(0, 3).reduce<DealAssociation[]>((acc, personId) => {\n const entity = previewPeopleMap.get(personId) ?? null\n if (!entity || entity.deletedAt) return acc\n const { label, subtitle } = normalizePersonAssociation(entity)\n acc.push({ id: entity.id, label, subtitle, kind: 'person' })\n return acc\n }, [])\n companies = linkedCompanyIds.slice(0, 3).reduce<DealAssociation[]>((acc, companyId) => {\n const entity = previewCompaniesMap.get(companyId) ?? null\n if (!entity || entity.deletedAt) return acc\n const { label, subtitle } = normalizeCompanyAssociation(entity)\n acc.push({ id: entity.id, label, subtitle, kind: 'company' })\n return acc\n }, [])\n } else {\n const personLinks = await findWithDecryption(\n em,\n CustomerDealPersonLink,\n { deal: deal.id },\n { populate: ['person', 'person.personProfile'] },\n decryptionScope,\n )\n const companyLinks = await findWithDecryption(\n em,\n CustomerDealCompanyLink,\n { deal: deal.id },\n { populate: ['company', 'company.companyProfile'] },\n decryptionScope,\n )\n const fallbackTenantId = deal.tenantId ?? auth.tenantId ?? null\n const fallbackOrgId = deal.organizationId ?? auth.orgId ?? null\n await decryptEntitiesWithFallbackScope(personLinks, {\n em,\n tenantId: fallbackTenantId,\n organizationId: fallbackOrgId,\n })\n await decryptEntitiesWithFallbackScope(companyLinks, {\n em,\n tenantId: fallbackTenantId,\n organizationId: fallbackOrgId,\n })\n\n people = personLinks.reduce<DealAssociation[]>((acc, link) => {\n const entity = link.person as CustomerEntity | null\n if (!entity || entity.deletedAt) return acc\n const { label, subtitle } = normalizePersonAssociation(entity)\n acc.push({ id: entity.id, label, subtitle, kind: 'person' })\n return acc\n }, [])\n\n companies = companyLinks.reduce<DealAssociation[]>((acc, link) => {\n const entity = link.company as CustomerEntity | null\n if (!entity || entity.deletedAt) return acc\n const { label, subtitle } = normalizeCompanyAssociation(entity)\n acc.push({ id: entity.id, label, subtitle, kind: 'company' })\n return acc\n }, [])\n linkedPersonIds = people.map((entry) => entry.id)\n linkedCompanyIds = companies.map((entry) => entry.id)\n }\n\n const customFieldValues = await loadCustomFieldValues({\n em,\n entityId: E.customers.customer_deal,\n recordIds: [deal.id],\n tenantIdByRecord: { [deal.id]: deal.tenantId ?? null },\n organizationIdByRecord: { [deal.id]: deal.organizationId ?? null },\n tenantFallbacks: [deal.tenantId ?? auth.tenantId ?? null].filter((value): value is string => !!value),\n })\n const customFields = normalizeCustomFieldResponse(customFieldValues[deal.id]) ?? {}\n\n const viewerUserId = auth.isApiKey ? null : auth.sub ?? null\n let viewerName: string | null = null\n let viewerEmail: string | null = auth.email ?? null\n if (viewerUserId) {\n const viewerScope = {\n tenantId: auth.tenantId ?? null,\n organizationId: auth.orgId ?? null,\n }\n const viewer = await findOneWithDecryption(\n em,\n User,\n { id: viewerUserId, tenantId: auth.tenantId ?? null },\n {},\n viewerScope,\n )\n viewerName = viewer?.name ?? null\n viewerEmail = viewer?.email ?? viewerEmail ?? null\n }\n\n const owner = deal.ownerUserId\n ? await findOneWithDecryption(\n em,\n User,\n { id: deal.ownerUserId, tenantId: deal.tenantId ?? auth.tenantId ?? null },\n {},\n decryptionScope,\n )\n : null\n const ownerPayload = owner\n ? {\n id: owner.id,\n name: owner.name ?? owner.email ?? owner.id,\n email: owner.email ?? '',\n }\n : null\n\n const effectiveStage = includeStages\n ? await resolveEffectivePipelineStage(em, deal, decryptionScope)\n : null\n const effectivePipelineId = deal.pipelineId ?? effectiveStage?.pipelineId ?? null\n const effectivePipelineStageId = deal.pipelineStageId ?? effectiveStage?.id ?? null\n const effectivePipelineStageLabel = deal.pipelineStage ?? effectiveStage?.label ?? null\n\n const pipelineStages = includeStages && effectivePipelineId\n ? await findWithDecryption(\n em,\n CustomerPipelineStage,\n {\n pipelineId: effectivePipelineId,\n organizationId: deal.organizationId,\n tenantId: deal.tenantId,\n },\n { orderBy: { order: 'ASC' } },\n decryptionScope,\n )\n : []\n const pipeline = effectivePipelineId\n ? await findOneWithDecryption(\n em,\n CustomerPipeline,\n {\n id: effectivePipelineId,\n organizationId: deal.organizationId,\n tenantId: deal.tenantId,\n },\n {},\n decryptionScope,\n )\n : null\n const pipelineStageAppearanceMap = pipelineStages.length\n ? await loadPipelineStageAppearanceMap(em, pipelineStages, deal.organizationId, deal.tenantId)\n : new Map<string, CustomerDictionaryEntry>()\n let stageTransitions: CustomerDealStageTransition[] = []\n if (includeStages) {\n try {\n stageTransitions = await findWithDecryption(\n em,\n CustomerDealStageTransition,\n { deal: deal.id, deletedAt: null },\n { orderBy: { stageOrder: 'ASC', transitionedAt: 'ASC' } },\n decryptionScope,\n )\n } catch (error) {\n if (!isMissingDealStageTransitionTable(error)) {\n throw error\n }\n warnMissingDealStageTransitionTable('customers.api.deals.detail.GET')\n stageTransitions = []\n }\n }\n const persistedStageTransitions = stageTransitions.map((transition) => ({\n stageId: transition.stageId,\n stageLabel: transition.stageLabel,\n stageOrder: transition.stageOrder,\n transitionedAt: transition.transitionedAt.toISOString(),\n }))\n const recoveredStageTransitions = includeStages && persistedStageTransitions.length === 0\n ? await loadAuditStageTransitionsFallback({ container, deal, pipelineStages })\n : []\n const effectiveCurrentStage = (() => {\n if (!effectivePipelineStageId) return null\n const matchingStage = pipelineStages.find((stage) => stage.id === effectivePipelineStageId)\n if (matchingStage) {\n return {\n id: matchingStage.id,\n label: matchingStage.label,\n order: matchingStage.order,\n }\n }\n if (!effectivePipelineStageLabel) return null\n return {\n id: effectivePipelineStageId,\n label: effectivePipelineStageLabel,\n order: 0,\n }\n })()\n const stageTransitionPayload = mergeStageTransitions({\n persisted: persistedStageTransitions,\n recovered: recoveredStageTransitions,\n currentStage: effectiveCurrentStage,\n fallbackTimestamp: deal.createdAt.toISOString(),\n })\n\n return NextResponse.json({\n deal: {\n id: deal.id,\n title: deal.title,\n description: deal.description ?? null,\n status: deal.status ?? null,\n pipelineStage: effectivePipelineStageLabel,\n pipelineId: effectivePipelineId,\n pipelineStageId: effectivePipelineStageId,\n valueAmount: deal.valueAmount ?? null,\n valueCurrency: deal.valueCurrency ?? null,\n probability: deal.probability ?? null,\n expectedCloseAt: deal.expectedCloseAt ? deal.expectedCloseAt.toISOString() : null,\n ownerUserId: deal.ownerUserId ?? null,\n source: deal.source ?? null,\n closureOutcome: deal.closureOutcome ?? null,\n lossReasonId: deal.lossReasonId ?? null,\n lossNotes: deal.lossNotes ?? null,\n organizationId: deal.organizationId ?? null,\n tenantId: deal.tenantId ?? null,\n createdAt: deal.createdAt.toISOString(),\n updatedAt: deal.updatedAt.toISOString(),\n },\n people,\n companies,\n linkedPersonIds,\n linkedCompanyIds,\n counts: {\n people: linkedPersonIds.length,\n companies: linkedCompanyIds.length,\n },\n customFields,\n viewer: {\n userId: viewerUserId,\n name: viewerName,\n email: viewerEmail,\n },\n pipelineStages: pipelineStages.map((stage) => {\n const appearance = pipelineStageAppearanceMap.get(stage.label.trim().toLowerCase())\n return {\n id: stage.id,\n label: stage.label,\n order: stage.order,\n color: appearance?.color ?? null,\n icon: appearance?.icon ?? null,\n }\n }),\n pipelineName: pipeline?.name ?? null,\n stageTransitions: stageTransitionPayload,\n owner: ownerPayload,\n })\n}\n\nconst dealDetailQuerySchema = z.object({\n include: z.string().optional(),\n})\n\nconst pipelineStageInfoSchema = z.object({\n id: z.string().uuid(),\n label: z.string(),\n order: z.number().int(),\n color: z.string().nullable(),\n icon: z.string().nullable(),\n})\n\nconst stageTransitionInfoSchema = z.object({\n stageId: z.string().uuid(),\n stageLabel: z.string(),\n stageOrder: z.number().int(),\n transitionedAt: z.string(),\n})\n\nconst dealDetailResponseSchema = z.object({\n deal: z.object({\n id: z.string().uuid(),\n title: z.string().nullable().optional(),\n description: z.string().nullable().optional(),\n status: z.string().nullable().optional(),\n pipelineStage: z.string().nullable().optional(),\n pipelineId: z.string().uuid().nullable().optional(),\n pipelineStageId: z.string().uuid().nullable().optional(),\n valueAmount: z.string().nullable().optional(),\n valueCurrency: z.string().nullable().optional(),\n probability: z.number().nullable().optional(),\n expectedCloseAt: z.string().nullable().optional(),\n ownerUserId: z.string().uuid().nullable().optional(),\n source: z.string().nullable().optional(),\n closureOutcome: z.enum(['won', 'lost']).nullable().optional(),\n lossReasonId: z.string().uuid().nullable().optional(),\n lossNotes: z.string().nullable().optional(),\n organizationId: z.string().uuid().nullable().optional(),\n tenantId: z.string().uuid().nullable().optional(),\n createdAt: z.string(),\n updatedAt: z.string(),\n }),\n people: z.array(\n z.object({\n id: z.string().uuid(),\n label: z.string(),\n subtitle: z.string().nullable().optional(),\n kind: z.literal('person'),\n }),\n ),\n companies: z.array(\n z.object({\n id: z.string().uuid(),\n label: z.string(),\n subtitle: z.string().nullable().optional(),\n kind: z.literal('company'),\n }),\n ),\n customFields: z.record(z.string(), z.unknown()),\n viewer: z.object({\n userId: z.string().uuid().nullable(),\n name: z.string().nullable(),\n email: z.string().nullable(),\n }),\n pipelineStages: z.array(pipelineStageInfoSchema),\n stageTransitions: z.array(stageTransitionInfoSchema),\n owner: z.object({\n id: z.string().uuid(),\n name: z.string(),\n email: z.string(),\n }).nullable(),\n})\n\nconst dealDetailErrorSchema = z.object({\n error: z.string(),\n})\n\nexport const openApi: OpenApiRouteDoc = {\n tag: 'Customers',\n summary: 'Fetch deal detail',\n methods: {\n GET: {\n summary: 'Fetch deal with associations and pipeline context',\n description: 'Returns a deal with linked people, companies, closure fields, optional pipeline history, custom fields, and viewer context.',\n query: dealDetailQuerySchema,\n responses: [\n { status: 200, description: 'Deal detail payload', schema: dealDetailResponseSchema },\n ],\n errors: [\n { status: 401, description: 'Unauthorized', schema: dealDetailErrorSchema },\n { status: 403, description: 'Forbidden for tenant/organization scope', schema: dealDetailErrorSchema },\n { status: 404, description: 'Deal not found', schema: dealDetailErrorSchema },\n ],\n },\n },\n}\n"],
|
|
5
|
+
"mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAClB,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,0CAA0C;AAEnD;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,YAAY;AAErB,SAAS,6BAA6B;AACtC,SAAS,oCAAoC;AAC7C,SAAS,SAAS;AAGlB,SAAS,oBAAoB,6BAA6B;AAC1D,SAAS,uCAAuC;AAChD,SAAS,wCAAwC;AACjD,SAAS,mCAAmC,2CAA2C;AAEhF,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,sBAAsB,EAAE;AACtE;AAEA,MAAM,eAAe,EAAE,OAAO;AAAA,EAC5B,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,SAAS,SAAS,SAAiB;AACjC,SAAO,aAAa,KAAK,EAAE,OAAO,QAAQ,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC9D;AAEA,SAAS,UAAU,SAAiB;AAClC,SAAO,aAAa,KAAK,EAAE,OAAO,QAAQ,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC9D;AASA,SAAS,2BAA2B,QAAoE;AACtG,QAAM,cAAc,OAAO,OAAO,gBAAgB,WAAW,OAAO,YAAY,KAAK,IAAI;AACzF,QAAM,QACJ,OAAO,OAAO,iBAAiB,YAAY,OAAO,aAAa,KAAK,EAAE,SAClE,OAAO,aAAa,KAAK,IACzB;AACN,QAAM,QACJ,OAAO,OAAO,iBAAiB,YAAY,OAAO,aAAa,KAAK,EAAE,SAClE,OAAO,aAAa,KAAK,IACzB;AACN,QAAM,WACJ,OAAO,iBACP,OAAQ,OAAO,eAAgD,aAAa,YAC3E,OAAO,cAA+C,UAAU,KAAK,EAAE,SAClE,OAAO,cAA+C,SAAoB,KAAK,IACjF;AACN,QAAM,WAAW,YAAY,SAAS,SAAS;AAC/C,QAAM,QAAQ,YAAY,SAAS,cAAc,SAAS,SAAS,OAAO;AAC1E,SAAO,EAAE,OAAO,SAAS;AAC3B;AAEA,SAAS,4BAA4B,QAAoE;AACvG,QAAM,cAAc,OAAO,OAAO,gBAAgB,WAAW,OAAO,YAAY,KAAK,IAAI;AACzF,QAAM,SACJ,OAAO,kBACP,OAAQ,OAAO,gBAA+C,WAAW,YACxE,OAAO,eAA8C,QAAQ,KAAK,EAAE,SAC/D,OAAO,eAA8C,OAAkB,KAAK,IAC9E;AACN,QAAM,UACJ,OAAO,kBACP,OAAQ,OAAO,gBAAmD,eAAe,YAChF,OAAO,eAAkD,YAAY,KAAK,EAAE,SACvE,OAAO,eAAkD,WAAsB,KAAK,IACtF;AACN,QAAM,WAAW,UAAU,WAAW;AACtC,QAAM,QAAQ,YAAY,SAAS,cAAc,UAAU,WAAW,OAAO;AAC7E,SAAO,EAAE,OAAO,SAAS;AAC3B;AAEA,SAAS,iBAAiB,SAA+B;AACvD,QAAM,QAAQ,oBAAI,IAAY;AAC9B,QAAM,MAAM,IAAI,IAAI,QAAQ,GAAG;AAC/B,aAAW,YAAY,IAAI,aAAa,OAAO,SAAS,GAAG;AACzD,aACG,MAAM,GAAG,EACT,IAAI,CAAC,UAAU,MAAM,KAAK,EAAE,YAAY,CAAC,EACzC,OAAO,OAAO,EACd,QAAQ,CAAC,UAAU,MAAM,IAAI,KAAK,CAAC;AAAA,EACxC;AACA,SAAO;AACT;AAEA,SAAS,aAAa,SAAmC;AACvD,QAAM,MAAM,IAAI,IAAI,QAAQ,GAAG,EAAE,aAAa,IAAI,MAAM;AACxD,SAAO,QAAQ,UAAU,QAAQ,gBAAgB,SAAS;AAC5D;AAEA,SAAS,oBAAoB,OAA0C;AACrE,SAAO,OAAO,UAAU,WAAW,MAAM,KAAK,EAAE,YAAY,IAAI;AAClE;AAeA,SAAS,SAAS,OAAgD;AAChE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK,IACtE,QACA;AACN;AAEA,SAAS,iBAAiB,WAA2C,MAA+B;AAClG,MAAI,CAAC,OAAQ,QAAO;AACpB,aAAW,OAAO,MAAM;AACtB,UAAM,QAAQ,OAAO,GAAG;AACxB,QAAI,OAAO,UAAU,YAAY,MAAM,KAAK,EAAE,SAAS,GAAG;AACxD,aAAO,MAAM,KAAK;AAAA,IACpB;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,uBAAuB,UAAmD;AACjF,QAAM,OAAO,SAAS,QAAQ;AAC9B,MAAI,CAAC,KAAM,QAAO;AAClB,SAAO,SAAS,KAAK,IAAI,KAAK;AAChC;AAEA,SAAS,sBAAsB,UAA0C;AACvE,QAAM,aAAa,uBAAuB,QAAQ;AAClD,SAAO;AAAA,IACL,YAAY,iBAAiB,YAAY,cAAc,aAAa;AAAA,IACpE,SAAS,iBAAiB,YAAY,mBAAmB,mBAAmB;AAAA,IAC5E,YAAY,iBAAiB,YAAY,iBAAiB,gBAAgB;AAAA,EAC5E;AACF;AAEA,eAAe,kCAAkC;AAAA,EAC/C;AAAA,EACA;AAAA,EACA;AACF,GAIsC;AACpC,MAAI,CAAC,KAAK,YAAY,CAAC,KAAK,kBAAkB,CAAC,eAAe,OAAQ,QAAO,CAAC;AAE9E,MAAI,aAAsC;AAC1C,MAAI;AACF,iBAAa,UAAU,QAAQ,kBAAkB;AAAA,EACnD,QAAQ;AACN,WAAO,CAAC;AAAA,EACV;AACA,MAAI,CAAC,cAAc,OAAO,WAAW,SAAS,WAAY,QAAO,CAAC;AAClE,QAAM,iBAAiB,IAAI,IAAI,eAAe,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,MAAM,KAAK,CAAC,CAAC;AACrF,QAAM,iBAAiB,IAAI,IAAI,eAAe,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,MAAM,KAAK,CAAC,CAAC;AACrF,QAAM,uBAAuB,oBAAI,IAAoC;AACrE,QAAM,aAAa,MAAM,WAAW,KAAK;AAAA,IACvC,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,cAAc;AAAA,IACd,YAAY,KAAK;AAAA,IACjB,OAAO;AAAA,IACP,QAAQ;AAAA,IACR,WAAW;AAAA,IACX,SAAS;AAAA,EACX,CAAC,EAAE,MAAM,MAAM,IAAI;AACnB,QAAM,OAAO,YAAY,SAAS,CAAC;AAEnC,MAAI,kBAAiC;AACrC,aAAW,OAAO,MAAM;AACtB,QAAI,IAAI,mBAAmB,YAAY,IAAI,mBAAmB,SAAU;AAExE,UAAM,SAAS,sBAAsB,IAAI,cAAc;AACvD,UAAM,QAAQ,sBAAsB,IAAI,aAAa;AACrD,UAAM,cAAc,MAAM;AAC1B,QAAI,CAAC,YAAa;AAElB,UAAM,aAAa,eAAe,IAAI,WAAW;AACjD,QAAI,OAAO,eAAe,UAAU;AAClC,wBAAkB;AAClB;AAAA,IACF;AAEA,UAAM,2BAA0C,OAAO,WAAW;AAClE,QAAI,6BAA6B,eAAe,qBAAqB,IAAI,WAAW,GAAG;AACrF,wBAAkB;AAClB;AAAA,IACF;AAEA,yBAAqB,IAAI,aAAa;AAAA,MACpC,SAAS;AAAA,MACT,YAAY,MAAM,cAAc,eAAe,IAAI,WAAW,KAAK;AAAA,MACnE;AAAA,MACA,gBAAgB,IAAI,UAAU,YAAY;AAAA,IAC5C,CAAC;AACD,sBAAkB;AAAA,EACpB;AAEA,SAAO,MAAM,KAAK,qBAAqB,OAAO,CAAC,EAAE,KAAK,CAAC,MAAM,UAAU,KAAK,aAAa,MAAM,UAAU;AAC3G;AAEA,SAAS,sBAAsB;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,GAK6B;AAC3B,QAAM,SAAS,oBAAI,IAAoC;AACvD,aAAW,cAAc,WAAW;AAClC,WAAO,IAAI,WAAW,SAAS,UAAU;AAAA,EAC3C;AACA,aAAW,cAAc,WAAW;AAClC,QAAI,CAAC,OAAO,IAAI,WAAW,OAAO,GAAG;AACnC,aAAO,IAAI,WAAW,SAAS,UAAU;AAAA,IAC3C;AAAA,EACF;AACA,MAAI,gBAAgB,CAAC,OAAO,IAAI,aAAa,EAAE,GAAG;AAChD,WAAO,IAAI,aAAa,IAAI;AAAA,MAC1B,SAAS,aAAa;AAAA,MACtB,YAAY,aAAa;AAAA,MACzB,YAAY,aAAa;AAAA,MACzB,gBAAgB;AAAA,IAClB,CAAC;AAAA,EACH;AACA,SAAO,MAAM,KAAK,OAAO,OAAO,CAAC,EAAE,KAAK,CAAC,MAAM,UAAU,KAAK,aAAa,MAAM,UAAU;AAC7F;AAEA,eAAe,+BACb,IACA,QACA,gBACA,UAC+C;AAC/C,QAAM,mBAAmB,OACtB,IAAI,CAAC,UAAU,MAAM,MAAM,KAAK,EAAE,YAAY,CAAC,EAC/C,OAAO,CAAC,UAAU,MAAM,SAAS,CAAC;AACrC,MAAI,CAAC,iBAAiB,OAAQ,QAAO,oBAAI,IAAqC;AAC9E,QAAM,UAAU,MAAM;AAAA,IACpB;AAAA,IACA;AAAA,IACA;AAAA,MACE;AAAA,MACA;AAAA,MACA,MAAM;AAAA,MACN,iBAAiB,EAAE,KAAK,iBAAiB;AAAA,IAC3C;AAAA,IACA;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,QAAM,MAAM,oBAAI,IAAqC;AACrD,UAAQ,QAAQ,CAAC,UAAU,IAAI,IAAI,MAAM,iBAAiB,KAAK,CAAC;AAChE,SAAO;AACT;AAEA,eAAe,8BACb,IACA,MACA,iBACuC;AACvC,MAAI,KAAK,iBAAiB;AACxB,UAAM,aAAa,MAAM;AAAA,MACvB;AAAA,MACA;AAAA,MACA;AAAA,QACE,IAAI,KAAK;AAAA,QACT,gBAAgB,KAAK;AAAA,QACrB,UAAU,KAAK;AAAA,MACjB;AAAA,MACA,CAAC;AAAA,MACD;AAAA,IACF;AACA,QAAI,WAAY,QAAO;AAAA,EACzB;AAEA,QAAM,uBAAuB,oBAAoB,KAAK,aAAa;AACnE,MAAI,CAAC,qBAAsB,QAAO;AAElC,QAAM,eAAe,MAAM;AAAA,IACzB;AAAA,IACA;AAAA,IACA;AAAA,MACE,gBAAgB,KAAK;AAAA,MACrB,UAAU,KAAK;AAAA,MACf,GAAI,KAAK,aAAa,EAAE,YAAY,KAAK,WAAW,IAAI,CAAC;AAAA,IAC3D;AAAA,IACA,EAAE,SAAS,EAAE,OAAO,MAAM,EAAE;AAAA,IAC5B;AAAA,EACF;AAEA,QAAM,iBAAiB,aAAa,OAAO,CAAC,UAAU,oBAAoB,MAAM,KAAK,MAAM,oBAAoB;AAC/G,MAAI,eAAe,WAAW,EAAG,QAAO,eAAe,CAAC,KAAK;AAC7D,MAAI,eAAe,SAAS,GAAG;AAC7B,UAAM,sBAAsB,IAAI,IAAI,eAAe,IAAI,CAAC,UAAU,MAAM,UAAU,CAAC;AACnF,QAAI,oBAAoB,SAAS,EAAG,QAAO,eAAe,CAAC,KAAK;AAAA,EAClE;AACA,SAAO;AACT;AAEA,eAAsB,IAAI,SAAkB,SAA+C;AACzF,QAAM,eAAe,aAAa,UAAU,QAAQ,MAAM;AAC1D,MAAI,CAAC,aAAa,SAAS;AACzB,WAAO,SAAS,gBAAgB;AAAA,EAClC;AAEA,QAAM,eAAe,iBAAiB,OAAO;AAC7C,QAAM,WAAW,aAAa,OAAO;AACrC,QAAM,WAAW,aAAa;AAC9B,QAAM,gBAAgB,aAAa,IAAI,QAAQ;AAC/C,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,OAAO,MAAM,mBAAmB,OAAO;AAC7C,MAAI,CAAC,MAAM,OAAO,CAAC,MAAM,UAAU;AACjC,WAAO,aAAa,KAAK,EAAE,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChF;AAEA,MAAI,OAA2B;AAC/B,MAAI;AACF,WAAQ,UAAU,QAAQ,aAAa;AAAA,EACzC,QAAQ;AACN,WAAO;AAAA,EACT;AAEA,MAAI,CAAC,QAAQ,CAAC,MAAM,KAAK;AACvB,WAAO,UAAU,eAAe;AAAA,EAClC;AACA,QAAM,aAAa,MAAM,KAAK,mBAAmB,KAAK,KAAK,CAAC,sBAAsB,GAAG;AAAA,IACnF,UAAU,KAAK,YAAY;AAAA,IAC3B,gBAAgB,KAAK,SAAS;AAAA,EAChC,CAAC;AACD,MAAI,CAAC,YAAY;AACf,WAAO,UAAU,eAAe;AAAA,EAClC;AAEA,QAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,QAAM,KAAM,UAAU,QAAQ,IAAI;AAElC,QAAM,OAAO,MAAM;AAAA,IACjB;AAAA,IACA;AAAA,IACA,EAAE,IAAI,aAAa,KAAK,IAAI,WAAW,KAAK;AAAA,IAC5C;AAAA,MACE,UAAU,CAAC,iBAAiB,+BAA+B,qBAAqB,kCAAkC;AAAA,IACpH;AAAA,IACA,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,KAAK,SAAS,KAAK;AAAA,EACxE;AACA,MAAI,CAAC,MAAM;AACT,WAAO,SAAS,gBAAgB;AAAA,EAClC;AAEA,MAAI,KAAK,YAAY,KAAK,YAAY,KAAK,aAAa,KAAK,UAAU;AACrE,WAAO,SAAS,gBAAgB;AAAA,EAClC;AAEA,MAAI,CAAC,gCAAgC,EAAE,OAAO,MAAM,gBAAgB,KAAK,eAAe,CAAC,GAAG;AAC1F,WAAO,UAAU,eAAe;AAAA,EAClC;AAEA,QAAM,kBAAkB;AAAA,IACtB,UAAU,KAAK,YAAY,KAAK,YAAY;AAAA,IAC5C,gBAAgB,KAAK,kBAAkB,KAAK,SAAS;AAAA,EACvD;AACA,MAAI,kBAA4B,CAAC;AACjC,MAAI,mBAA6B,CAAC;AAClC,MAAI,SAA4B,CAAC;AACjC,MAAI,YAA+B,CAAC;AAEpC,MAAI,UAAU;AACZ,UAAM,iBAAiB,MAAM;AAAA,MAC3B;AAAA,MACA;AAAA,MACA,EAAE,MAAM,KAAK,GAAG;AAAA,MAChB,EAAE,SAAS,EAAE,WAAW,MAAM,EAAE;AAAA,MAChC;AAAA,IACF;AACA,UAAM,kBAAkB,MAAM;AAAA,MAC5B;AAAA,MACA;AAAA,MACA,EAAE,MAAM,KAAK,GAAG;AAAA,MAChB,EAAE,SAAS,EAAE,WAAW,MAAM,EAAE;AAAA,MAChC;AAAA,IACF;AAEA,sBAAkB,MAAM;AAAA,MACtB,IAAI;AAAA,QACF,eACG,IAAI,CAAC,SAAS;AACb,gBAAM,YAAY,KAAK;AACvB,cAAI,CAAC,UAAW,QAAO;AACvB,cAAI,OAAO,cAAc,SAAU,QAAO;AAC1C,gBAAM,gBAAgB,UAAU;AAChC,iBAAO,OAAO,kBAAkB,WAAW,gBAAgB;AAAA,QAC7D,CAAC,EACA,OAAO,CAAC,UAA2B,OAAO,UAAU,YAAY,MAAM,KAAK,EAAE,SAAS,CAAC;AAAA,MAC5F;AAAA,IACF;AACA,uBAAmB,MAAM;AAAA,MACvB,IAAI;AAAA,QACF,gBACG,IAAI,CAAC,SAAS;AACb,gBAAM,aAAa,KAAK;AACxB,cAAI,CAAC,WAAY,QAAO;AACxB,cAAI,OAAO,eAAe,SAAU,QAAO;AAC3C,gBAAM,iBAAiB,WAAW;AAClC,iBAAO,OAAO,mBAAmB,WAAW,iBAAiB;AAAA,QAC/D,CAAC,EACA,OAAO,CAAC,UAA2B,OAAO,UAAU,YAAY,MAAM,KAAK,EAAE,SAAS,CAAC;AAAA,MAC5F;AAAA,IACF;AAEA,UAAM,gBAAgB,gBAAgB,SAClC,MAAM;AAAA,MACJ;AAAA,MACA;AAAA,MACA,EAAE,IAAI,EAAE,KAAK,gBAAgB,MAAM,GAAG,CAAC,EAAE,EAAE;AAAA,MAC3C,EAAE,UAAU,CAAC,eAAe,EAAE;AAAA,MAC9B;AAAA,IACF,IACA,CAAC;AACL,UAAM,mBAAmB,iBAAiB,SACtC,MAAM;AAAA,MACJ;AAAA,MACA;AAAA,MACA,EAAE,IAAI,EAAE,KAAK,iBAAiB,MAAM,GAAG,CAAC,EAAE,EAAE;AAAA,MAC5C,EAAE,UAAU,CAAC,gBAAgB,EAAE;AAAA,MAC/B;AAAA,IACF,IACA,CAAC;AACL,UAAM,mBAAmB,IAAI,IAAI,cAAc,IAAI,CAAC,WAAW,CAAC,OAAO,IAAI,MAAM,CAAC,CAAC;AACnF,UAAM,sBAAsB,IAAI,IAAI,iBAAiB,IAAI,CAAC,WAAW,CAAC,OAAO,IAAI,MAAM,CAAC,CAAC;AACzF,aAAS,gBAAgB,MAAM,GAAG,CAAC,EAAE,OAA0B,CAAC,KAAK,aAAa;AAChF,YAAM,SAAS,iBAAiB,IAAI,QAAQ,KAAK;AACjD,UAAI,CAAC,UAAU,OAAO,UAAW,QAAO;AACxC,YAAM,EAAE,OAAO,SAAS,IAAI,2BAA2B,MAAM;AAC7D,UAAI,KAAK,EAAE,IAAI,OAAO,IAAI,OAAO,UAAU,MAAM,SAAS,CAAC;AAC3D,aAAO;AAAA,IACT,GAAG,CAAC,CAAC;AACL,gBAAY,iBAAiB,MAAM,GAAG,CAAC,EAAE,OAA0B,CAAC,KAAK,cAAc;AACrF,YAAM,SAAS,oBAAoB,IAAI,SAAS,KAAK;AACrD,UAAI,CAAC,UAAU,OAAO,UAAW,QAAO;AACxC,YAAM,EAAE,OAAO,SAAS,IAAI,4BAA4B,MAAM;AAC9D,UAAI,KAAK,EAAE,IAAI,OAAO,IAAI,OAAO,UAAU,MAAM,UAAU,CAAC;AAC5D,aAAO;AAAA,IACT,GAAG,CAAC,CAAC;AAAA,EACP,OAAO;AACL,UAAM,cAAc,MAAM;AAAA,MACxB;AAAA,MACA;AAAA,MACA,EAAE,MAAM,KAAK,GAAG;AAAA,MAChB,EAAE,UAAU,CAAC,UAAU,sBAAsB,EAAE;AAAA,MAC/C;AAAA,IACF;AACA,UAAM,eAAe,MAAM;AAAA,MACzB;AAAA,MACA;AAAA,MACA,EAAE,MAAM,KAAK,GAAG;AAAA,MAChB,EAAE,UAAU,CAAC,WAAW,wBAAwB,EAAE;AAAA,MAClD;AAAA,IACF;AACA,UAAM,mBAAmB,KAAK,YAAY,KAAK,YAAY;AAC3D,UAAM,gBAAgB,KAAK,kBAAkB,KAAK,SAAS;AAC3D,UAAM,iCAAiC,aAAa;AAAA,MAClD;AAAA,MACA,UAAU;AAAA,MACV,gBAAgB;AAAA,IAClB,CAAC;AACD,UAAM,iCAAiC,cAAc;AAAA,MACnD;AAAA,MACA,UAAU;AAAA,MACV,gBAAgB;AAAA,IAClB,CAAC;AAED,aAAS,YAAY,OAA0B,CAAC,KAAK,SAAS;AAC5D,YAAM,SAAS,KAAK;AACpB,UAAI,CAAC,UAAU,OAAO,UAAW,QAAO;AACxC,YAAM,EAAE,OAAO,SAAS,IAAI,2BAA2B,MAAM;AAC7D,UAAI,KAAK,EAAE,IAAI,OAAO,IAAI,OAAO,UAAU,MAAM,SAAS,CAAC;AAC3D,aAAO;AAAA,IACT,GAAG,CAAC,CAAC;AAEL,gBAAY,aAAa,OAA0B,CAAC,KAAK,SAAS;AAChE,YAAM,SAAS,KAAK;AACpB,UAAI,CAAC,UAAU,OAAO,UAAW,QAAO;AACxC,YAAM,EAAE,OAAO,SAAS,IAAI,4BAA4B,MAAM;AAC9D,UAAI,KAAK,EAAE,IAAI,OAAO,IAAI,OAAO,UAAU,MAAM,UAAU,CAAC;AAC5D,aAAO;AAAA,IACT,GAAG,CAAC,CAAC;AACL,sBAAkB,OAAO,IAAI,CAAC,UAAU,MAAM,EAAE;AAChD,uBAAmB,UAAU,IAAI,CAAC,UAAU,MAAM,EAAE;AAAA,EACtD;AAEA,QAAM,oBAAoB,MAAM,sBAAsB;AAAA,IACpD;AAAA,IACA,UAAU,EAAE,UAAU;AAAA,IACtB,WAAW,CAAC,KAAK,EAAE;AAAA,IACnB,kBAAkB,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,YAAY,KAAK;AAAA,IACrD,wBAAwB,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,kBAAkB,KAAK;AAAA,IACjE,iBAAiB,CAAC,KAAK,YAAY,KAAK,YAAY,IAAI,EAAE,OAAO,CAAC,UAA2B,CAAC,CAAC,KAAK;AAAA,EACtG,CAAC;AACD,QAAM,eAAe,6BAA6B,kBAAkB,KAAK,EAAE,CAAC,KAAK,CAAC;AAElF,QAAM,eAAe,KAAK,WAAW,OAAO,KAAK,OAAO;AACxD,MAAI,aAA4B;AAChC,MAAI,cAA6B,KAAK,SAAS;AAC/C,MAAI,cAAc;AAChB,UAAM,cAAc;AAAA,MAClB,UAAU,KAAK,YAAY;AAAA,MAC3B,gBAAgB,KAAK,SAAS;AAAA,IAChC;AACA,UAAM,SAAS,MAAM;AAAA,MACnB;AAAA,MACA;AAAA,MACA,EAAE,IAAI,cAAc,UAAU,KAAK,YAAY,KAAK;AAAA,MACpD,CAAC;AAAA,MACD;AAAA,IACF;AACA,iBAAa,QAAQ,QAAQ;AAC7B,kBAAc,QAAQ,SAAS,eAAe;AAAA,EAChD;AAEA,QAAM,QAAQ,KAAK,cACf,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA,EAAE,IAAI,KAAK,aAAa,UAAU,KAAK,YAAY,KAAK,YAAY,KAAK;AAAA,IACzE,CAAC;AAAA,IACD;AAAA,EACF,IACE;AACJ,QAAM,eAAe,QACjB;AAAA,IACA,IAAI,MAAM;AAAA,IACV,MAAM,MAAM,QAAQ,MAAM,SAAS,MAAM;AAAA,IACzC,OAAO,MAAM,SAAS;AAAA,EACxB,IACE;AAEJ,QAAM,iBAAiB,gBACnB,MAAM,8BAA8B,IAAI,MAAM,eAAe,IAC7D;AACJ,QAAM,sBAAsB,KAAK,cAAc,gBAAgB,cAAc;AAC7E,QAAM,2BAA2B,KAAK,mBAAmB,gBAAgB,MAAM;AAC/E,QAAM,8BAA8B,KAAK,iBAAiB,gBAAgB,SAAS;AAEnF,QAAM,iBAAiB,iBAAiB,sBACpC,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,MACE,YAAY;AAAA,MACZ,gBAAgB,KAAK;AAAA,MACrB,UAAU,KAAK;AAAA,IACjB;AAAA,IACA,EAAE,SAAS,EAAE,OAAO,MAAM,EAAE;AAAA,IAC5B;AAAA,EACF,IACE,CAAC;AACL,QAAM,WAAW,sBACb,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,MACE,IAAI;AAAA,MACJ,gBAAgB,KAAK;AAAA,MACrB,UAAU,KAAK;AAAA,IACjB;AAAA,IACA,CAAC;AAAA,IACD;AAAA,EACF,IACE;AACJ,QAAM,6BAA6B,eAAe,SAC9C,MAAM,+BAA+B,IAAI,gBAAgB,KAAK,gBAAgB,KAAK,QAAQ,IAC3F,oBAAI,IAAqC;AAC7C,MAAI,mBAAkD,CAAC;AACvD,MAAI,eAAe;AACjB,QAAI;AACF,yBAAmB,MAAM;AAAA,QACvB;AAAA,QACA;AAAA,QACA,EAAE,MAAM,KAAK,IAAI,WAAW,KAAK;AAAA,QACjC,EAAE,SAAS,EAAE,YAAY,OAAO,gBAAgB,MAAM,EAAE;AAAA,QACxD;AAAA,MACF;AAAA,IACF,SAAS,OAAO;AACd,UAAI,CAAC,kCAAkC,KAAK,GAAG;AAC7C,cAAM;AAAA,MACR;AACA,0CAAoC,gCAAgC;AACpE,yBAAmB,CAAC;AAAA,IACtB;AAAA,EACF;AACA,QAAM,4BAA4B,iBAAiB,IAAI,CAAC,gBAAgB;AAAA,IACtE,SAAS,WAAW;AAAA,IACpB,YAAY,WAAW;AAAA,IACvB,YAAY,WAAW;AAAA,IACvB,gBAAgB,WAAW,eAAe,YAAY;AAAA,EACxD,EAAE;AACF,QAAM,4BAA4B,iBAAiB,0BAA0B,WAAW,IACpF,MAAM,kCAAkC,EAAE,WAAW,MAAM,eAAe,CAAC,IAC3E,CAAC;AACL,QAAM,yBAAyB,MAAM;AACnC,QAAI,CAAC,yBAA0B,QAAO;AACtC,UAAM,gBAAgB,eAAe,KAAK,CAAC,UAAU,MAAM,OAAO,wBAAwB;AAC1F,QAAI,eAAe;AACjB,aAAO;AAAA,QACL,IAAI,cAAc;AAAA,QAClB,OAAO,cAAc;AAAA,QACrB,OAAO,cAAc;AAAA,MACvB;AAAA,IACF;AACA,QAAI,CAAC,4BAA6B,QAAO;AACzC,WAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO;AAAA,MACP,OAAO;AAAA,IACT;AAAA,EACF,GAAG;AACH,QAAM,yBAAyB,sBAAsB;AAAA,IACnD,WAAW;AAAA,IACX,WAAW;AAAA,IACX,cAAc;AAAA,IACd,mBAAmB,KAAK,UAAU,YAAY;AAAA,EAChD,CAAC;AAED,SAAO,aAAa,KAAK;AAAA,IACvB,MAAM;AAAA,MACJ,IAAI,KAAK;AAAA,MACT,OAAO,KAAK;AAAA,MACZ,aAAa,KAAK,eAAe;AAAA,MACjC,QAAQ,KAAK,UAAU;AAAA,MACvB,eAAe;AAAA,MACf,YAAY;AAAA,MACZ,iBAAiB;AAAA,MACjB,aAAa,KAAK,eAAe;AAAA,MACjC,eAAe,KAAK,iBAAiB;AAAA,MACrC,aAAa,KAAK,eAAe;AAAA,MACjC,iBAAiB,KAAK,kBAAkB,KAAK,gBAAgB,YAAY,IAAI;AAAA,MAC7E,aAAa,KAAK,eAAe;AAAA,MACjC,QAAQ,KAAK,UAAU;AAAA,MACvB,gBAAgB,KAAK,kBAAkB;AAAA,MACvC,cAAc,KAAK,gBAAgB;AAAA,MACnC,WAAW,KAAK,aAAa;AAAA,MAC7B,gBAAgB,KAAK,kBAAkB;AAAA,MACvC,UAAU,KAAK,YAAY;AAAA,MAC3B,WAAW,KAAK,UAAU,YAAY;AAAA,MACtC,WAAW,KAAK,UAAU,YAAY;AAAA,IACxC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,QAAQ;AAAA,MACN,QAAQ,gBAAgB;AAAA,MACxB,WAAW,iBAAiB;AAAA,IAC9B;AAAA,IACA;AAAA,IACA,QAAQ;AAAA,MACN,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,OAAO;AAAA,IACT;AAAA,IACA,gBAAgB,eAAe,IAAI,CAAC,UAAU;AAC5C,YAAM,aAAa,2BAA2B,IAAI,MAAM,MAAM,KAAK,EAAE,YAAY,CAAC;AAClF,aAAO;AAAA,QACL,IAAI,MAAM;AAAA,QACV,OAAO,MAAM;AAAA,QACb,OAAO,MAAM;AAAA,QACb,OAAO,YAAY,SAAS;AAAA,QAC5B,MAAM,YAAY,QAAQ;AAAA,MAC5B;AAAA,IACF,CAAC;AAAA,IACD,cAAc,UAAU,QAAQ;AAAA,IAChC,kBAAkB;AAAA,IAClB,OAAO;AAAA,EACT,CAAC;AACH;AAEA,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,SAAS,EAAE,OAAO,EAAE,SAAS;AAC/B,CAAC;AAED,MAAM,0BAA0B,EAAE,OAAO;AAAA,EACvC,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,EACpB,OAAO,EAAE,OAAO;AAAA,EAChB,OAAO,EAAE,OAAO,EAAE,IAAI;AAAA,EACtB,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,MAAM,EAAE,OAAO,EAAE,SAAS;AAC5B,CAAC;AAED,MAAM,4BAA4B,EAAE,OAAO;AAAA,EACzC,SAAS,EAAE,OAAO,EAAE,KAAK;AAAA,EACzB,YAAY,EAAE,OAAO;AAAA,EACrB,YAAY,EAAE,OAAO,EAAE,IAAI;AAAA,EAC3B,gBAAgB,EAAE,OAAO;AAC3B,CAAC;AAED,MAAM,2BAA2B,EAAE,OAAO;AAAA,EACxC,MAAM,EAAE,OAAO;AAAA,IACb,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,IACpB,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IACtC,aAAa,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC5C,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IACvC,eAAe,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC9C,YAAY,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,IAClD,iBAAiB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,IACvD,aAAa,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC5C,eAAe,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC9C,aAAa,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC5C,iBAAiB,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAChD,aAAa,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,IACnD,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IACvC,gBAAgB,EAAE,KAAK,CAAC,OAAO,MAAM,CAAC,EAAE,SAAS,EAAE,SAAS;AAAA,IAC5D,cAAc,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,IACpD,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IAC1C,gBAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,IACtD,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS;AAAA,IAChD,WAAW,EAAE,OAAO;AAAA,IACpB,WAAW,EAAE,OAAO;AAAA,EACtB,CAAC;AAAA,EACD,QAAQ,EAAE;AAAA,IACR,EAAE,OAAO;AAAA,MACP,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,MACpB,OAAO,EAAE,OAAO;AAAA,MAChB,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,MACzC,MAAM,EAAE,QAAQ,QAAQ;AAAA,IAC1B,CAAC;AAAA,EACH;AAAA,EACA,WAAW,EAAE;AAAA,IACX,EAAE,OAAO;AAAA,MACP,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,MACpB,OAAO,EAAE,OAAO;AAAA,MAChB,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,MACzC,MAAM,EAAE,QAAQ,SAAS;AAAA,IAC3B,CAAC;AAAA,EACH;AAAA,EACA,cAAc,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,QAAQ,CAAC;AAAA,EAC9C,QAAQ,EAAE,OAAO;AAAA,IACf,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,IACnC,MAAM,EAAE,OAAO,EAAE,SAAS;AAAA,IAC1B,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC7B,CAAC;AAAA,EACD,gBAAgB,EAAE,MAAM,uBAAuB;AAAA,EAC/C,kBAAkB,EAAE,MAAM,yBAAyB;AAAA,EACnD,OAAO,EAAE,OAAO;AAAA,IACd,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,IACpB,MAAM,EAAE,OAAO;AAAA,IACf,OAAO,EAAE,OAAO;AAAA,EAClB,CAAC,EAAE,SAAS;AACd,CAAC;AAED,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,OAAO,EAAE,OAAO;AAClB,CAAC;AAEM,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,uBAAuB,QAAQ,yBAAyB;AAAA,MACtF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,sBAAsB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,2CAA2C,QAAQ,sBAAsB;AAAA,QACrG,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,sBAAsB;AAAA,MAC9E;AAAA,IACF;AAAA,EACF;AACF;",
|
|
6
6
|
"names": []
|
|
7
7
|
}
|
|
@@ -7,6 +7,7 @@ import { resolveTranslations } from "@open-mercato/shared/lib/i18n/server";
|
|
|
7
7
|
import { CustomerDeal, CustomerPipeline } from "../../../../data/entities.js";
|
|
8
8
|
import { DictionaryEntry } from "@open-mercato/core/modules/dictionaries/data/entities";
|
|
9
9
|
import { findOneWithDecryption } from "@open-mercato/shared/lib/encryption/find";
|
|
10
|
+
import { isOrganizationReadAccessAllowed } from "@open-mercato/core/modules/directory/utils/organizationScopeGuard";
|
|
10
11
|
const metadata = {
|
|
11
12
|
GET: { requireAuth: true, requireFeatures: ["customers.deals.view"] }
|
|
12
13
|
};
|
|
@@ -80,15 +81,7 @@ async function GET(request, context) {
|
|
|
80
81
|
if (!deal) {
|
|
81
82
|
return notFound(translate("customers.errors.deal_not_found", "Deal not found"));
|
|
82
83
|
}
|
|
83
|
-
|
|
84
|
-
if (Array.isArray(scope?.filterIds)) {
|
|
85
|
-
scope.filterIds.forEach((id) => {
|
|
86
|
-
if (typeof id === "string" && id.trim().length) allowedOrgIds.add(id);
|
|
87
|
-
});
|
|
88
|
-
} else if (auth.orgId) {
|
|
89
|
-
allowedOrgIds.add(auth.orgId);
|
|
90
|
-
}
|
|
91
|
-
if (allowedOrgIds.size && deal.organizationId && !allowedOrgIds.has(deal.organizationId)) {
|
|
84
|
+
if (!isOrganizationReadAccessAllowed({ scope, auth, organizationId: deal.organizationId })) {
|
|
92
85
|
return forbidden(translate("customers.errors.access_denied", "Access denied"));
|
|
93
86
|
}
|
|
94
87
|
if (!deal.closureOutcome) {
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../../../../src/modules/customers/api/deals/%5Bid%5D/stats/route.ts"],
|
|
4
|
-
"sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { resolveOrganizationScopeForRequest } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { CustomerDeal, CustomerPipeline } from '../../../../data/entities'\nimport { DictionaryEntry } from '@open-mercato/core/modules/dictionaries/data/entities'\nimport type { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { findOneWithDecryption } from '@open-mercato/shared/lib/encryption/find'\n\nexport const metadata = {\n GET: { requireAuth: true, requireFeatures: ['customers.deals.view'] },\n}\n\nconst paramsSchema = z.object({\n id: z.string().uuid(),\n})\n\nfunction notFound(message: string) {\n return NextResponse.json({ error: message }, { status: 404 })\n}\n\nfunction forbidden(message: string) {\n return NextResponse.json({ error: message }, { status: 403 })\n}\n\nfunction badRequest(message: string, code?: string) {\n return NextResponse.json(\n code ? { error: message, code } : { error: message },\n { status: 400 },\n )\n}\n\nfunction startOfIsoWeek(date: Date): Date {\n const value = new Date(date)\n const day = value.getDay()\n const diff = day === 0 ? -6 : 1 - day\n value.setHours(0, 0, 0, 0)\n value.setDate(value.getDate() + diff)\n return value\n}\n\nfunction startOfQuarter(date: Date): Date {\n return new Date(date.getFullYear(), Math.floor(date.getMonth() / 3) * 3, 1)\n}\n\nfunction calculateSalesCycleDays(createdAt: Date, closedAt: Date): number {\n const diffMs = closedAt.getTime() - createdAt.getTime()\n if (diffMs <= 0) return 0\n return Math.floor(diffMs / 86400000)\n}\n\nexport async function GET(request: Request, context: { params?: Record<string, unknown> }) {\n const { translate } = await resolveTranslations()\n const parsedParams = paramsSchema.safeParse(context.params)\n if (!parsedParams.success) {\n return notFound(translate('customers.errors.deal_not_found', 'Deal not found'))\n }\n\n const container = await createRequestContainer()\n const auth = await getAuthFromRequest(request)\n if (!auth?.sub && !auth?.isApiKey) {\n return NextResponse.json({ error: translate('customers.errors.authentication_required', 'Authentication required') }, { status: 401 })\n }\n\n let rbac: RbacService | null = null\n try {\n rbac = (container.resolve('rbacService') as RbacService)\n } catch {\n rbac = null\n }\n\n if (!rbac || !auth?.sub) {\n return forbidden(translate('customers.errors.access_denied', 'Access denied'))\n }\n const hasFeature = await rbac.userHasAllFeatures(auth.sub, ['customers.deals.view'], {\n tenantId: auth.tenantId ?? null,\n organizationId: auth.orgId ?? null,\n })\n if (!hasFeature) {\n return forbidden(translate('customers.errors.access_denied', 'Access denied'))\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const em = (container.resolve('em') as EntityManager)\n const deal = await findOneWithDecryption(\n em,\n CustomerDeal,\n { id: parsedParams.data.id, tenantId: auth.tenantId ?? null, deletedAt: null },\n {},\n { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null },\n )\n if (!deal) {\n return notFound(translate('customers.errors.deal_not_found', 'Deal not found'))\n }\n\n
|
|
5
|
-
"mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAClB,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,0CAA0C;AACnD,SAAS,2BAA2B;AAEpC,SAAS,cAAc,wBAAwB;AAC/C,SAAS,uBAAuB;AAGhC,SAAS,6BAA6B;
|
|
4
|
+
"sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { resolveOrganizationScopeForRequest } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { CustomerDeal, CustomerPipeline } from '../../../../data/entities'\nimport { DictionaryEntry } from '@open-mercato/core/modules/dictionaries/data/entities'\nimport type { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { findOneWithDecryption } from '@open-mercato/shared/lib/encryption/find'\nimport { isOrganizationReadAccessAllowed } from '@open-mercato/core/modules/directory/utils/organizationScopeGuard'\n\nexport const metadata = {\n GET: { requireAuth: true, requireFeatures: ['customers.deals.view'] },\n}\n\nconst paramsSchema = z.object({\n id: z.string().uuid(),\n})\n\nfunction notFound(message: string) {\n return NextResponse.json({ error: message }, { status: 404 })\n}\n\nfunction forbidden(message: string) {\n return NextResponse.json({ error: message }, { status: 403 })\n}\n\nfunction badRequest(message: string, code?: string) {\n return NextResponse.json(\n code ? { error: message, code } : { error: message },\n { status: 400 },\n )\n}\n\nfunction startOfIsoWeek(date: Date): Date {\n const value = new Date(date)\n const day = value.getDay()\n const diff = day === 0 ? -6 : 1 - day\n value.setHours(0, 0, 0, 0)\n value.setDate(value.getDate() + diff)\n return value\n}\n\nfunction startOfQuarter(date: Date): Date {\n return new Date(date.getFullYear(), Math.floor(date.getMonth() / 3) * 3, 1)\n}\n\nfunction calculateSalesCycleDays(createdAt: Date, closedAt: Date): number {\n const diffMs = closedAt.getTime() - createdAt.getTime()\n if (diffMs <= 0) return 0\n return Math.floor(diffMs / 86400000)\n}\n\nexport async function GET(request: Request, context: { params?: Record<string, unknown> }) {\n const { translate } = await resolveTranslations()\n const parsedParams = paramsSchema.safeParse(context.params)\n if (!parsedParams.success) {\n return notFound(translate('customers.errors.deal_not_found', 'Deal not found'))\n }\n\n const container = await createRequestContainer()\n const auth = await getAuthFromRequest(request)\n if (!auth?.sub && !auth?.isApiKey) {\n return NextResponse.json({ error: translate('customers.errors.authentication_required', 'Authentication required') }, { status: 401 })\n }\n\n let rbac: RbacService | null = null\n try {\n rbac = (container.resolve('rbacService') as RbacService)\n } catch {\n rbac = null\n }\n\n if (!rbac || !auth?.sub) {\n return forbidden(translate('customers.errors.access_denied', 'Access denied'))\n }\n const hasFeature = await rbac.userHasAllFeatures(auth.sub, ['customers.deals.view'], {\n tenantId: auth.tenantId ?? null,\n organizationId: auth.orgId ?? null,\n })\n if (!hasFeature) {\n return forbidden(translate('customers.errors.access_denied', 'Access denied'))\n }\n\n const scope = await resolveOrganizationScopeForRequest({ container, auth, request })\n const em = (container.resolve('em') as EntityManager)\n const deal = await findOneWithDecryption(\n em,\n CustomerDeal,\n { id: parsedParams.data.id, tenantId: auth.tenantId ?? null, deletedAt: null },\n {},\n { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null },\n )\n if (!deal) {\n return notFound(translate('customers.errors.deal_not_found', 'Deal not found'))\n }\n\n if (!isOrganizationReadAccessAllowed({ scope, auth, organizationId: deal.organizationId })) {\n return forbidden(translate('customers.errors.access_denied', 'Access denied'))\n }\n\n if (!deal.closureOutcome) {\n return badRequest(translate('customers.errors.deal_not_closed', 'Deal is not closed'), 'DEAL_NOT_CLOSED')\n }\n\n const now = new Date()\n const weekStart = startOfIsoWeek(now)\n const quarterStart = startOfQuarter(now)\n const dealsClosedThisPeriod = await em.count(CustomerDeal, {\n organizationId: deal.organizationId,\n tenantId: deal.tenantId,\n closureOutcome: deal.closureOutcome,\n deletedAt: null,\n updatedAt: { $gte: weekStart },\n })\n\n let dealRankInQuarter: number | null = null\n if (deal.closureOutcome === 'won' && deal.valueAmount !== null) {\n const higherValueDeals = await em.count(CustomerDeal, {\n organizationId: deal.organizationId,\n tenantId: deal.tenantId,\n closureOutcome: 'won',\n deletedAt: null,\n updatedAt: { $gte: quarterStart },\n valueAmount: { $gt: deal.valueAmount },\n })\n dealRankInQuarter = higherValueDeals + 1\n }\n\n const pipeline = deal.pipelineId\n ? await findOneWithDecryption(\n em,\n CustomerPipeline,\n { id: deal.pipelineId, tenantId: deal.tenantId, organizationId: deal.organizationId },\n {},\n { tenantId: deal.tenantId, organizationId: deal.organizationId },\n )\n : null\n\n let lossReasonLabel: string | null = null\n if (deal.lossReasonId) {\n const dictionaryEntry = await findOneWithDecryption(\n em,\n DictionaryEntry,\n {\n id: deal.lossReasonId,\n organizationId: deal.organizationId,\n tenantId: deal.tenantId,\n },\n { populate: ['dictionary'] },\n { tenantId: deal.tenantId, organizationId: deal.organizationId },\n )\n const dictionaryKey =\n dictionaryEntry?.dictionary &&\n typeof (dictionaryEntry.dictionary as { key?: unknown }).key === 'string'\n ? (dictionaryEntry.dictionary as { key: string }).key\n : null\n if (dictionaryKey === 'sales.deal_loss_reason') {\n lossReasonLabel = dictionaryEntry?.label ?? dictionaryEntry?.value ?? null\n }\n }\n\n return NextResponse.json({\n dealValue: deal.valueAmount !== null ? Number(deal.valueAmount) : null,\n dealCurrency: deal.valueCurrency ?? null,\n closureOutcome: deal.closureOutcome,\n closedAt: deal.updatedAt.toISOString(),\n pipelineName: pipeline?.name ?? null,\n dealsClosedThisPeriod,\n salesCycleDays: calculateSalesCycleDays(deal.createdAt, deal.updatedAt),\n dealRankInQuarter,\n lossReason: lossReasonLabel,\n })\n}\n\nconst dealStatsResponseSchema = z.object({\n dealValue: z.number().nullable(),\n dealCurrency: z.string().nullable(),\n closureOutcome: z.enum(['won', 'lost']),\n closedAt: z.string(),\n pipelineName: z.string().nullable(),\n dealsClosedThisPeriod: z.number().int(),\n salesCycleDays: z.number().int().nullable(),\n dealRankInQuarter: z.number().int().nullable(),\n lossReason: z.string().nullable(),\n})\n\nconst dealStatsErrorSchema = z.object({\n error: z.string(),\n code: z.string().optional(),\n})\n\nexport const openApi: OpenApiRouteDoc = {\n tag: 'Customers',\n summary: 'Fetch deal closure stats',\n methods: {\n GET: {\n summary: 'Fetch analytics for a closed deal',\n description: 'Returns week-to-date closure counts, sales cycle length, quarter ranking, and loss reason context for a closed deal.',\n responses: [\n { status: 200, description: 'Deal closure stats payload', schema: dealStatsResponseSchema },\n ],\n errors: [\n { status: 400, description: 'Deal is not closed', schema: dealStatsErrorSchema },\n { status: 401, description: 'Unauthorized', schema: dealStatsErrorSchema },\n { status: 403, description: 'Forbidden for tenant/organization scope', schema: dealStatsErrorSchema },\n { status: 404, description: 'Deal not found', schema: dealStatsErrorSchema },\n ],\n },\n },\n}\n"],
|
|
5
|
+
"mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAClB,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,0CAA0C;AACnD,SAAS,2BAA2B;AAEpC,SAAS,cAAc,wBAAwB;AAC/C,SAAS,uBAAuB;AAGhC,SAAS,6BAA6B;AACtC,SAAS,uCAAuC;AAEzC,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,sBAAsB,EAAE;AACtE;AAEA,MAAM,eAAe,EAAE,OAAO;AAAA,EAC5B,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,SAAS,SAAS,SAAiB;AACjC,SAAO,aAAa,KAAK,EAAE,OAAO,QAAQ,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC9D;AAEA,SAAS,UAAU,SAAiB;AAClC,SAAO,aAAa,KAAK,EAAE,OAAO,QAAQ,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC9D;AAEA,SAAS,WAAW,SAAiB,MAAe;AAClD,SAAO,aAAa;AAAA,IAClB,OAAO,EAAE,OAAO,SAAS,KAAK,IAAI,EAAE,OAAO,QAAQ;AAAA,IACnD,EAAE,QAAQ,IAAI;AAAA,EAChB;AACF;AAEA,SAAS,eAAe,MAAkB;AACxC,QAAM,QAAQ,IAAI,KAAK,IAAI;AAC3B,QAAM,MAAM,MAAM,OAAO;AACzB,QAAM,OAAO,QAAQ,IAAI,KAAK,IAAI;AAClC,QAAM,SAAS,GAAG,GAAG,GAAG,CAAC;AACzB,QAAM,QAAQ,MAAM,QAAQ,IAAI,IAAI;AACpC,SAAO;AACT;AAEA,SAAS,eAAe,MAAkB;AACxC,SAAO,IAAI,KAAK,KAAK,YAAY,GAAG,KAAK,MAAM,KAAK,SAAS,IAAI,CAAC,IAAI,GAAG,CAAC;AAC5E;AAEA,SAAS,wBAAwB,WAAiB,UAAwB;AACxE,QAAM,SAAS,SAAS,QAAQ,IAAI,UAAU,QAAQ;AACtD,MAAI,UAAU,EAAG,QAAO;AACxB,SAAO,KAAK,MAAM,SAAS,KAAQ;AACrC;AAEA,eAAsB,IAAI,SAAkB,SAA+C;AACzF,QAAM,EAAE,UAAU,IAAI,MAAM,oBAAoB;AAChD,QAAM,eAAe,aAAa,UAAU,QAAQ,MAAM;AAC1D,MAAI,CAAC,aAAa,SAAS;AACzB,WAAO,SAAS,UAAU,mCAAmC,gBAAgB,CAAC;AAAA,EAChF;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,OAAO,MAAM,mBAAmB,OAAO;AAC7C,MAAI,CAAC,MAAM,OAAO,CAAC,MAAM,UAAU;AACjC,WAAO,aAAa,KAAK,EAAE,OAAO,UAAU,4CAA4C,yBAAyB,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvI;AAEA,MAAI,OAA2B;AAC/B,MAAI;AACF,WAAQ,UAAU,QAAQ,aAAa;AAAA,EACzC,QAAQ;AACN,WAAO;AAAA,EACT;AAEA,MAAI,CAAC,QAAQ,CAAC,MAAM,KAAK;AACvB,WAAO,UAAU,UAAU,kCAAkC,eAAe,CAAC;AAAA,EAC/E;AACA,QAAM,aAAa,MAAM,KAAK,mBAAmB,KAAK,KAAK,CAAC,sBAAsB,GAAG;AAAA,IACnF,UAAU,KAAK,YAAY;AAAA,IAC3B,gBAAgB,KAAK,SAAS;AAAA,EAChC,CAAC;AACD,MAAI,CAAC,YAAY;AACf,WAAO,UAAU,UAAU,kCAAkC,eAAe,CAAC;AAAA,EAC/E;AAEA,QAAM,QAAQ,MAAM,mCAAmC,EAAE,WAAW,MAAM,QAAQ,CAAC;AACnF,QAAM,KAAM,UAAU,QAAQ,IAAI;AAClC,QAAM,OAAO,MAAM;AAAA,IACjB;AAAA,IACA;AAAA,IACA,EAAE,IAAI,aAAa,KAAK,IAAI,UAAU,KAAK,YAAY,MAAM,WAAW,KAAK;AAAA,IAC7E,CAAC;AAAA,IACD,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,KAAK,SAAS,KAAK;AAAA,EACxE;AACA,MAAI,CAAC,MAAM;AACT,WAAO,SAAS,UAAU,mCAAmC,gBAAgB,CAAC;AAAA,EAChF;AAEA,MAAI,CAAC,gCAAgC,EAAE,OAAO,MAAM,gBAAgB,KAAK,eAAe,CAAC,GAAG;AAC1F,WAAO,UAAU,UAAU,kCAAkC,eAAe,CAAC;AAAA,EAC/E;AAEA,MAAI,CAAC,KAAK,gBAAgB;AACxB,WAAO,WAAW,UAAU,oCAAoC,oBAAoB,GAAG,iBAAiB;AAAA,EAC1G;AAEA,QAAM,MAAM,oBAAI,KAAK;AACrB,QAAM,YAAY,eAAe,GAAG;AACpC,QAAM,eAAe,eAAe,GAAG;AACvC,QAAM,wBAAwB,MAAM,GAAG,MAAM,cAAc;AAAA,IACzD,gBAAgB,KAAK;AAAA,IACrB,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,IACX,WAAW,EAAE,MAAM,UAAU;AAAA,EAC/B,CAAC;AAED,MAAI,oBAAmC;AACvC,MAAI,KAAK,mBAAmB,SAAS,KAAK,gBAAgB,MAAM;AAC9D,UAAM,mBAAmB,MAAM,GAAG,MAAM,cAAc;AAAA,MACpD,gBAAgB,KAAK;AAAA,MACrB,UAAU,KAAK;AAAA,MACf,gBAAgB;AAAA,MAChB,WAAW;AAAA,MACX,WAAW,EAAE,MAAM,aAAa;AAAA,MAChC,aAAa,EAAE,KAAK,KAAK,YAAY;AAAA,IACvC,CAAC;AACD,wBAAoB,mBAAmB;AAAA,EACzC;AAEA,QAAM,WAAW,KAAK,aAClB,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA,EAAE,IAAI,KAAK,YAAY,UAAU,KAAK,UAAU,gBAAgB,KAAK,eAAe;AAAA,IACpF,CAAC;AAAA,IACD,EAAE,UAAU,KAAK,UAAU,gBAAgB,KAAK,eAAe;AAAA,EACjE,IACE;AAEJ,MAAI,kBAAiC;AACrC,MAAI,KAAK,cAAc;AACrB,UAAM,kBAAkB,MAAM;AAAA,MAC5B;AAAA,MACA;AAAA,MACA;AAAA,QACE,IAAI,KAAK;AAAA,QACT,gBAAgB,KAAK;AAAA,QACrB,UAAU,KAAK;AAAA,MACjB;AAAA,MACA,EAAE,UAAU,CAAC,YAAY,EAAE;AAAA,MAC3B,EAAE,UAAU,KAAK,UAAU,gBAAgB,KAAK,eAAe;AAAA,IACjE;AACA,UAAM,gBACJ,iBAAiB,cACjB,OAAQ,gBAAgB,WAAiC,QAAQ,WAC5D,gBAAgB,WAA+B,MAChD;AACN,QAAI,kBAAkB,0BAA0B;AAC9C,wBAAkB,iBAAiB,SAAS,iBAAiB,SAAS;AAAA,IACxE;AAAA,EACF;AAEA,SAAO,aAAa,KAAK;AAAA,IACvB,WAAW,KAAK,gBAAgB,OAAO,OAAO,KAAK,WAAW,IAAI;AAAA,IAClE,cAAc,KAAK,iBAAiB;AAAA,IACpC,gBAAgB,KAAK;AAAA,IACrB,UAAU,KAAK,UAAU,YAAY;AAAA,IACrC,cAAc,UAAU,QAAQ;AAAA,IAChC;AAAA,IACA,gBAAgB,wBAAwB,KAAK,WAAW,KAAK,SAAS;AAAA,IACtE;AAAA,IACA,YAAY;AAAA,EACd,CAAC;AACH;AAEA,MAAM,0BAA0B,EAAE,OAAO;AAAA,EACvC,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,cAAc,EAAE,OAAO,EAAE,SAAS;AAAA,EAClC,gBAAgB,EAAE,KAAK,CAAC,OAAO,MAAM,CAAC;AAAA,EACtC,UAAU,EAAE,OAAO;AAAA,EACnB,cAAc,EAAE,OAAO,EAAE,SAAS;AAAA,EAClC,uBAAuB,EAAE,OAAO,EAAE,IAAI;AAAA,EACtC,gBAAgB,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS;AAAA,EAC1C,mBAAmB,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS;AAAA,EAC7C,YAAY,EAAE,OAAO,EAAE,SAAS;AAClC,CAAC;AAED,MAAM,uBAAuB,EAAE,OAAO;AAAA,EACpC,OAAO,EAAE,OAAO;AAAA,EAChB,MAAM,EAAE,OAAO,EAAE,SAAS;AAC5B,CAAC;AAEM,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,8BAA8B,QAAQ,wBAAwB;AAAA,MAC5F;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,qBAAqB;AAAA,QAC/E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,qBAAqB;AAAA,QACzE,EAAE,QAAQ,KAAK,aAAa,2CAA2C,QAAQ,qBAAqB;AAAA,QACpG,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,qBAAqB;AAAA,MAC7E;AAAA,IACF;AAAA,EACF;AACF;",
|
|
6
6
|
"names": []
|
|
7
7
|
}
|
|
@@ -5,6 +5,7 @@ import { validateCrudMutationGuard, runCrudMutationGuardAfterSuccess } from "@op
|
|
|
5
5
|
import { CrudHttpError, isCrudHttpError } from "@open-mercato/shared/lib/crud/errors";
|
|
6
6
|
import { resolveTranslations } from "@open-mercato/shared/lib/i18n/server";
|
|
7
7
|
import { findOneWithDecryption, findWithDecryption } from "@open-mercato/shared/lib/encryption/find";
|
|
8
|
+
import { isOrganizationReadAccessAllowed } from "@open-mercato/core/modules/directory/utils/organizationScopeGuard";
|
|
8
9
|
import { User } from "@open-mercato/core/modules/auth/data/entities";
|
|
9
10
|
import { CustomerEntity, CustomerEntityRole } from "../data/entities.js";
|
|
10
11
|
import { entityRoleCreateSchema, entityRoleUpdateSchema, entityRoleDeleteSchema } from "../data/validators.js";
|
|
@@ -54,15 +55,8 @@ async function buildContext(request) {
|
|
|
54
55
|
ctx: context.commandContext
|
|
55
56
|
};
|
|
56
57
|
}
|
|
57
|
-
function collectAllowedOrganizationIds(scope, auth) {
|
|
58
|
-
const allowedOrgIds = /* @__PURE__ */ new Set();
|
|
59
|
-
if (scope?.filterIds?.length) scope.filterIds.forEach((id) => allowedOrgIds.add(id));
|
|
60
|
-
else if (auth.orgId) allowedOrgIds.add(auth.orgId);
|
|
61
|
-
return allowedOrgIds;
|
|
62
|
-
}
|
|
63
58
|
function ensureRouteOrganizationAccess(organizationId, scope, auth, translate) {
|
|
64
|
-
|
|
65
|
-
if (allowedOrgIds.size > 0 && !allowedOrgIds.has(organizationId)) {
|
|
59
|
+
if (!isOrganizationReadAccessAllowed({ scope, auth, organizationId })) {
|
|
66
60
|
throw new CrudHttpError(403, { error: translate("customers.errors.access_denied", "Access denied") });
|
|
67
61
|
}
|
|
68
62
|
}
|