npm - @open-mercato/core - Versions diffs - 0.6.5-develop.4534.1.b459babe6d → 0.6.5-develop.4544.1.71c003c861 - Mend

@open-mercato/core 0.6.5-develop.4534.1.b459babe6d → 0.6.5-develop.4544.1.71c003c861

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (633) hide show

package/dist/modules/auth/services/sidebarPreferencesService.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../src/modules/auth/services/sidebarPreferencesService.ts"],
-  "sourcesContent": ["import { EntityManager, type FilterQuery } from '@mikro-orm/postgresql'\nimport { findOneWithDecryption, findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\nimport { withAtomicFlush } from '@open-mercato/shared/lib/commands/flush'\nimport { Role, RoleSidebarPreference, SidebarVariant, User, UserSidebarPreference } from '../data/entities'\nimport {\n  SIDEBAR_PREFERENCES_VERSION,\n  SidebarPreferencesSettings,\n  normalizeSidebarSettings,\n} from '@open-mercato/shared/modules/navigation/sidebarPreferences'\n\nexport type SidebarPreferenceScope = {\n  userId: string\n  tenantId?: string | null\n  organizationId?: string | null\n  locale: string\n}\n\nexport type RoleSidebarPreferenceScope = {\n  roleId: string\n  tenantId?: string | null\n  locale: string\n}\n\nexport type SidebarItemLike<T = Record<string, unknown>> = {\n  id?: string\n  href: string\n  title: string\n  defaultTitle: string\n  children?: SidebarItemLike<T>[]\n} & T\n\nexport type SidebarGroupLike<T = Record<string, unknown>> = {\n  id: string\n  name: string\n  defaultName: string\n  items: SidebarItemLike<T>[]\n  weight?: number\n} & T\n\nexport async function loadSidebarPreference(\n  em: EntityManager,\n  scope: SidebarPreferenceScope,\n): Promise<SidebarPreferencesSettings> {\n  // Cross-locale: variants & preferences are scoped per (user, tenant, org) only.\n  // The `locale` field on the row is kept for audit / when the row was created.\n  const { userId, tenantId, organizationId } = normalizeScope(scope)\n  const existing = await findOneWithDecryption(\n    em,\n    UserSidebarPreference,\n    { user: userId, tenantId, organizationId },\n    undefined,\n    { tenantId, organizationId },\n  )\n  return normalizeSidebarSettings(existing?.settingsJson as SidebarPreferencesSettings | undefined)\n}\n\nexport async function saveSidebarPreference(\n  em: EntityManager,\n  scope: SidebarPreferenceScope,\n  input: SidebarPreferencesSettings,\n): Promise<SidebarPreferencesSettings> {\n  const normalized = normalizeSidebarSettings({\n    ...input,\n    version: input?.version ?? SIDEBAR_PREFERENCES_VERSION,\n  })\n  const { userId, tenantId, organizationId, locale } = normalizeScope(scope)\n  let pref = await findOneWithDecryption(\n    em,\n    UserSidebarPreference,\n    { user: userId, tenantId, organizationId },\n    undefined,\n    { tenantId, organizationId },\n  )\n  if (!pref) {\n    pref = em.create(UserSidebarPreference, {\n      user: em.getReference(User, userId),\n      tenantId,\n      organizationId,\n      locale,\n      settingsJson: normalized,\n      createdAt: new Date(),\n    })\n  } else {\n    pref.settingsJson = normalized\n  }\n  await em.flush()\n  return normalized\n}\n\nexport async function loadRoleSidebarPreferences(\n  em: EntityManager,\n  options: { roleIds: string[]; tenantId?: string | null; locale?: string },\n): Promise<Map<string, SidebarPreferencesSettings>> {\n  if (!options.roleIds.length) return new Map()\n  const tenantId = options.tenantId ?? null\n  const tenantFilter = tenantId === null ? null : { $in: [tenantId, null] }\n  const prefs = await findWithDecryption(\n    em,\n    RoleSidebarPreference,\n    { role: { $in: options.roleIds }, tenantId: tenantFilter } as FilterQuery<RoleSidebarPreference>,\n    undefined,\n    { tenantId, organizationId: null },\n  )\n  const map = new Map<string, SidebarPreferencesSettings>()\n  for (const pref of prefs) {\n    const key = pref.role.id\n    if (tenantId !== null) {\n      const existing = map.get(key)\n      if (existing && pref.tenantId === null) continue\n      if (!existing || pref.tenantId === tenantId) {\n        map.set(key, normalizeSidebarSettings(pref.settingsJson as SidebarPreferencesSettings | undefined))\n      }\n      continue\n    }\n    map.set(key, normalizeSidebarSettings(pref.settingsJson as SidebarPreferencesSettings | undefined))\n  }\n  return map\n}\n\nexport async function loadFirstRoleSidebarPreference(\n  em: EntityManager,\n  options: { roleIds: string[]; tenantId?: string | null; locale?: string },\n): Promise<SidebarPreferencesSettings | null> {\n  if (!options.roleIds.length) return null\n  const tenantId = options.tenantId ?? null\n  const tenantFilter = tenantId === null ? null : { $in: [tenantId, null] }\n  const prefs = await findWithDecryption(\n    em,\n    RoleSidebarPreference,\n    { role: { $in: options.roleIds }, tenantId: tenantFilter } as FilterQuery<RoleSidebarPreference>,\n    undefined,\n    { tenantId, organizationId: null },\n  )\n  if (!prefs.length) return null\n  const ordered = options.roleIds\n    .map((id) => {\n      if (tenantId !== null) {\n        const specific = prefs.find((pref) => pref.role.id === id && pref.tenantId === tenantId)\n        if (specific) return specific\n      }\n      return prefs.find((pref) => pref.role.id === id && pref.tenantId === null)\n    })\n    .filter(Boolean) as RoleSidebarPreference[]\n  const first = ordered[0] ?? prefs[0]\n  return normalizeSidebarSettings(first?.settingsJson as SidebarPreferencesSettings | undefined)\n}\n\nexport async function saveRoleSidebarPreference(\n  em: EntityManager,\n  scope: RoleSidebarPreferenceScope,\n  input: SidebarPreferencesSettings,\n): Promise<SidebarPreferencesSettings> {\n  const normalized = normalizeSidebarSettings({\n    ...input,\n    version: input?.version ?? SIDEBAR_PREFERENCES_VERSION,\n  })\n  const { roleId, tenantId, locale } = normalizeRoleScope(scope)\n  let pref = await findOneWithDecryption(\n    em,\n    RoleSidebarPreference,\n    { role: roleId, tenantId },\n    undefined,\n    { tenantId, organizationId: null },\n  )\n  if (!pref) {\n    pref = em.create(RoleSidebarPreference, {\n      role: em.getReference(Role, roleId),\n      tenantId,\n      locale,\n      settingsJson: normalized,\n      createdAt: new Date(),\n    })\n  } else {\n    pref.settingsJson = normalized\n  }\n  await em.flush()\n  return normalized\n}\n\nexport function applySidebarPreference<T extends SidebarGroupLike>(\n  groups: T[],\n  settings?: SidebarPreferencesSettings | null,\n): T[] {\n  const normalized = normalizeSidebarSettings(settings)\n  const orderIndex = new Map<string, number>()\n  normalized.groupOrder?.forEach((id, idx) => {\n    if (!orderIndex.has(id)) orderIndex.set(id, idx)\n  })\n  const hiddenSet = new Set(normalized.hiddenItems ?? [])\n  const resolveItemKey = (item: SidebarItemLike): string => {\n    const candidate = item.id?.trim()\n    if (candidate && candidate.length > 0) return candidate\n    return item.href\n  }\n  const applyItems = <TI extends SidebarItemLike>(items: TI[]): TI[] => {\n    return items.map((item) => {\n      const itemKey = resolveItemKey(item)\n      const override = normalized.itemLabels?.[itemKey] ?? normalized.itemLabels?.[item.href]\n      const nextChildren = item.children ? applyItems(item.children) : undefined\n      const hidden = hiddenSet.has(itemKey) || hiddenSet.has(item.href)\n      const next = {\n        ...item,\n        title: override && override.trim().length > 0 ? override.trim() : item.defaultTitle,\n        children: nextChildren,\n      } as TI & { hidden?: boolean }\n      next.hidden = hidden\n      return next\n    })\n  }\n  const mapped = groups.map((group) => {\n    const override = normalized.groupLabels?.[group.id]\n    return {\n      ...group,\n      name: override && override.trim().length > 0 ? override.trim() : group.defaultName,\n      items: applyItems(group.items),\n    }\n  })\n  mapped.sort((a, b) => {\n    const ao = orderIndex.has(a.id) ? orderIndex.get(a.id)! : Number.POSITIVE_INFINITY\n    const bo = orderIndex.has(b.id) ? orderIndex.get(b.id)! : Number.POSITIVE_INFINITY\n    if (ao !== bo) return ao - bo\n    const aw = typeof a.weight === 'number' ? a.weight : 10_000\n    const bw = typeof b.weight === 'number' ? b.weight : 10_000\n    if (aw !== bw) return aw - bw\n    return a.defaultName.localeCompare(b.defaultName)\n  })\n  return mapped\n}\n\nfunction normalizeScope(scope: SidebarPreferenceScope) {\n  return {\n    userId: scope.userId,\n    tenantId: scope.tenantId ?? null,\n    organizationId: scope.organizationId ?? null,\n    locale: scope.locale,\n  }\n}\n\nfunction normalizeRoleScope(scope: RoleSidebarPreferenceScope) {\n  return {\n    roleId: scope.roleId,\n    tenantId: scope.tenantId ?? null,\n    locale: scope.locale,\n  }\n}\n\n// --- Named variants (per-user library of saved sidebar layouts) ----------------\n\nexport type VariantScope = {\n  userId: string\n  tenantId?: string | null\n  organizationId?: string | null\n  locale: string\n}\n\nexport type SidebarVariantRecord = {\n  id: string\n  name: string\n  isActive: boolean\n  settings: SidebarPreferencesSettings\n  createdAt: Date\n  updatedAt?: Date | null\n}\n\nfunction toVariantRecord(variant: SidebarVariant): SidebarVariantRecord {\n  return {\n    id: variant.id,\n    name: variant.name,\n    isActive: variant.isActive === true,\n    settings: normalizeSidebarSettings(variant.settingsJson as SidebarPreferencesSettings | undefined),\n    createdAt: variant.createdAt,\n    updatedAt: variant.updatedAt ?? null,\n  }\n}\n\nexport async function listSidebarVariants(\n  em: EntityManager,\n  scope: VariantScope,\n): Promise<SidebarVariantRecord[]> {\n  // Cross-locale: variants are scoped per (user, tenant) only.\n  const { userId, tenantId, organizationId } = normalizeVariantScope(scope)\n  const variants = await findWithDecryption(\n    em,\n    SidebarVariant,\n    { user: userId, tenantId, deletedAt: null },\n    { orderBy: { createdAt: 'asc' } },\n    { tenantId, organizationId },\n  )\n  return variants.map(toVariantRecord)\n}\n\nexport async function loadSidebarVariant(\n  em: EntityManager,\n  scope: VariantScope,\n  variantId: string,\n): Promise<SidebarVariantRecord | null> {\n  const { userId, tenantId, organizationId } = normalizeVariantScope(scope)\n  const variant = await findOneWithDecryption(\n    em,\n    SidebarVariant,\n    { id: variantId, user: userId, tenantId, deletedAt: null },\n    undefined,\n    { tenantId, organizationId },\n  )\n  return variant ? toVariantRecord(variant) : null\n}\n\nexport async function nextVariantAutoName(\n  em: EntityManager,\n  scope: VariantScope,\n  prefix = 'My preferences',\n): Promise<string> {\n  const variants = await listSidebarVariants(em, scope)\n  // Match names like \"My preferences\", \"My preferences 2\", \"My preferences 17\"\n  const usedNumbers = new Set<number>()\n  for (const variant of variants) {\n    if (variant.name === prefix) {\n      usedNumbers.add(1)\n      continue\n    }\n    const escaped = prefix.replace(/[.*+?^${}()|[\\]\\\\]/g, '\\\\$&')\n    const match = variant.name.match(new RegExp(`^${escaped}\\\\s+(\\\\d+)$`))\n    if (match) {\n      const n = Number.parseInt(match[1], 10)\n      if (!Number.isNaN(n)) usedNumbers.add(n)\n    }\n  }\n  if (!usedNumbers.has(1)) return prefix\n  let next = 2\n  while (usedNumbers.has(next)) next += 1\n  return `${prefix} ${next}`\n}\n\nexport async function createSidebarVariant(\n  em: EntityManager,\n  scope: VariantScope,\n  input: {\n    name?: string | null\n    settings?: Partial<SidebarPreferencesSettings> | null\n    isActive?: boolean\n  },\n): Promise<SidebarVariantRecord> {\n  const { userId, tenantId, organizationId, locale } = normalizeVariantScope(scope)\n  const finalName = (input.name ?? '').trim() || (await nextVariantAutoName(em, scope))\n  const settings = normalizeSidebarSettings({\n    ...(input.settings ?? {}),\n    version: input.settings?.version ?? SIDEBAR_PREFERENCES_VERSION,\n  })\n\n  let variant!: SidebarVariant\n  await withAtomicFlush(em, [\n    async () => {\n      if (input.isActive === true) {\n        await deactivateAllVariants(em, scope)\n      }\n      variant = em.create(SidebarVariant, {\n        user: em.getReference(User, userId),\n        tenantId,\n        organizationId,\n        locale,\n        name: finalName,\n        settingsJson: settings,\n        isActive: input.isActive === true,\n        createdAt: new Date(),\n      })\n    },\n  ], { transaction: true })\n  return toVariantRecord(variant)\n}\n\nexport async function updateSidebarVariant(\n  em: EntityManager,\n  scope: VariantScope,\n  variantId: string,\n  input: {\n    name?: string\n    settings?: Partial<SidebarPreferencesSettings> | null\n    isActive?: boolean\n  },\n): Promise<SidebarVariantRecord | null> {\n  const { userId, tenantId, organizationId } = normalizeVariantScope(scope)\n  const variant = await findOneWithDecryption(\n    em,\n    SidebarVariant,\n    { id: variantId, user: userId, tenantId, deletedAt: null },\n    undefined,\n    { tenantId, organizationId },\n  )\n  if (!variant) return null\n  const target = variant\n  await withAtomicFlush(em, [\n    async () => {\n      if (typeof input.name === 'string' && input.name.trim().length > 0) {\n        target.name = input.name.trim()\n      }\n      if (input.settings) {\n        target.settingsJson = normalizeSidebarSettings({\n          ...input.settings,\n          version: input.settings.version ?? SIDEBAR_PREFERENCES_VERSION,\n        })\n      }\n      if (typeof input.isActive === 'boolean') {\n        if (input.isActive) {\n          await deactivateAllVariants(em, scope, variantId)\n        }\n        target.isActive = input.isActive\n      }\n    },\n  ], { transaction: true })\n  return toVariantRecord(target)\n}\n\nexport async function deleteSidebarVariant(\n  em: EntityManager,\n  scope: VariantScope,\n  variantId: string,\n): Promise<boolean> {\n  const { userId, tenantId, organizationId } = normalizeVariantScope(scope)\n  const variant = await findOneWithDecryption(\n    em,\n    SidebarVariant,\n    { id: variantId, user: userId, tenantId, deletedAt: null },\n    undefined,\n    { tenantId, organizationId },\n  )\n  if (!variant) return false\n  variant.deletedAt = new Date()\n  variant.isActive = false\n  await em.flush()\n  return true\n}\n\nasync function deactivateAllVariants(\n  em: EntityManager,\n  scope: VariantScope,\n  exceptId?: string,\n): Promise<void> {\n  const { userId, tenantId } = normalizeVariantScope(scope)\n  const where: FilterQuery<SidebarVariant> = exceptId\n    ? { user: userId, tenantId, isActive: true, deletedAt: null, id: { $ne: exceptId } }\n    : { user: userId, tenantId, isActive: true, deletedAt: null }\n  await em.nativeUpdate(SidebarVariant, where, { isActive: false })\n}\n\nfunction normalizeVariantScope(scope: VariantScope) {\n  return {\n    userId: scope.userId,\n    tenantId: scope.tenantId ?? null,\n    organizationId: scope.organizationId ?? null,\n    locale: scope.locale,\n  }\n}\n"],
-  "mappings": "AACA,SAAS,uBAAuB,0BAA0B;AAC1D,SAAS,uBAAuB;AAChC,SAAS,MAAM,uBAAuB,gBAAgB,MAAM,6BAA6B;AACzF;AAAA,EACE;AAAA,EAEA;AAAA,OACK;AA+BP,eAAsB,sBACpB,IACA,OACqC;AAGrC,QAAM,EAAE,QAAQ,UAAU,eAAe,IAAI,eAAe,KAAK;AACjE,QAAM,WAAW,MAAM;AAAA,IACrB;AAAA,IACA;AAAA,IACA,EAAE,MAAM,QAAQ,UAAU,eAAe;AAAA,IACzC;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,SAAO,yBAAyB,UAAU,YAAsD;AAClG;AAEA,eAAsB,sBACpB,IACA,OACA,OACqC;AACrC,QAAM,aAAa,yBAAyB;AAAA,IAC1C,GAAG;AAAA,IACH,SAAS,OAAO,WAAW;AAAA,EAC7B,CAAC;AACD,QAAM,EAAE,QAAQ,UAAU,gBAAgB,OAAO,IAAI,eAAe,KAAK;AACzE,MAAI,OAAO,MAAM;AAAA,IACf;AAAA,IACA;AAAA,IACA,EAAE,MAAM,QAAQ,UAAU,eAAe;AAAA,IACzC;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,MAAI,CAAC,MAAM;AACT,WAAO,GAAG,OAAO,uBAAuB;AAAA,MACtC,MAAM,GAAG,aAAa,MAAM,MAAM;AAAA,MAClC;AAAA,MACA;AAAA,MACA;AAAA,MACA,cAAc;AAAA,MACd,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAC;AAAA,EACH,OAAO;AACL,SAAK,eAAe;AAAA,EACtB;AACA,QAAM,GAAG,MAAM;AACf,SAAO;AACT;AAEA,eAAsB,2BACpB,IACA,SACkD;AAClD,MAAI,CAAC,QAAQ,QAAQ,OAAQ,QAAO,oBAAI,IAAI;AAC5C,QAAM,WAAW,QAAQ,YAAY;AACrC,QAAM,eAAe,aAAa,OAAO,OAAO,EAAE,KAAK,CAAC,UAAU,IAAI,EAAE;AACxE,QAAM,QAAQ,MAAM;AAAA,IAClB;AAAA,IACA;AAAA,IACA,EAAE,MAAM,EAAE,KAAK,QAAQ,QAAQ,GAAG,UAAU,aAAa;AAAA,IACzD;AAAA,IACA,EAAE,UAAU,gBAAgB,KAAK;AAAA,EACnC;AACA,QAAM,MAAM,oBAAI,IAAwC;AACxD,aAAW,QAAQ,OAAO;AACxB,UAAM,MAAM,KAAK,KAAK;AACtB,QAAI,aAAa,MAAM;AACrB,YAAM,WAAW,IAAI,IAAI,GAAG;AAC5B,UAAI,YAAY,KAAK,aAAa,KAAM;AACxC,UAAI,CAAC,YAAY,KAAK,aAAa,UAAU;AAC3C,YAAI,IAAI,KAAK,yBAAyB,KAAK,YAAsD,CAAC;AAAA,MACpG;AACA;AAAA,IACF;AACA,QAAI,IAAI,KAAK,yBAAyB,KAAK,YAAsD,CAAC;AAAA,EACpG;AACA,SAAO;AACT;AAEA,eAAsB,+BACpB,IACA,SAC4C;AAC5C,MAAI,CAAC,QAAQ,QAAQ,OAAQ,QAAO;AACpC,QAAM,WAAW,QAAQ,YAAY;AACrC,QAAM,eAAe,aAAa,OAAO,OAAO,EAAE,KAAK,CAAC,UAAU,IAAI,EAAE;AACxE,QAAM,QAAQ,MAAM;AAAA,IAClB;AAAA,IACA;AAAA,IACA,EAAE,MAAM,EAAE,KAAK,QAAQ,QAAQ,GAAG,UAAU,aAAa;AAAA,IACzD;AAAA,IACA,EAAE,UAAU,gBAAgB,KAAK;AAAA,EACnC;AACA,MAAI,CAAC,MAAM,OAAQ,QAAO;AAC1B,QAAM,UAAU,QAAQ,QACrB,IAAI,CAAC,OAAO;AACX,QAAI,aAAa,MAAM;AACrB,YAAM,WAAW,MAAM,KAAK,CAAC,SAAS,KAAK,KAAK,OAAO,MAAM,KAAK,aAAa,QAAQ;AACvF,UAAI,SAAU,QAAO;AAAA,IACvB;AACA,WAAO,MAAM,KAAK,CAAC,SAAS,KAAK,KAAK,OAAO,MAAM,KAAK,aAAa,IAAI;AAAA,EAC3E,CAAC,EACA,OAAO,OAAO;AACjB,QAAM,QAAQ,QAAQ,CAAC,KAAK,MAAM,CAAC;AACnC,SAAO,yBAAyB,OAAO,YAAsD;AAC/F;AAEA,eAAsB,0BACpB,IACA,OACA,OACqC;AACrC,QAAM,aAAa,yBAAyB;AAAA,IAC1C,GAAG;AAAA,IACH,SAAS,OAAO,WAAW;AAAA,EAC7B,CAAC;AACD,QAAM,EAAE,QAAQ,UAAU,OAAO,IAAI,mBAAmB,KAAK;AAC7D,MAAI,OAAO,MAAM;AAAA,IACf;AAAA,IACA;AAAA,IACA,EAAE,MAAM,QAAQ,SAAS;AAAA,IACzB;AAAA,IACA,EAAE,UAAU,gBAAgB,KAAK;AAAA,EACnC;AACA,MAAI,CAAC,MAAM;AACT,WAAO,GAAG,OAAO,uBAAuB;AAAA,MACtC,MAAM,GAAG,aAAa,MAAM,MAAM;AAAA,MAClC;AAAA,MACA;AAAA,MACA,cAAc;AAAA,MACd,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAC;AAAA,EACH,OAAO;AACL,SAAK,eAAe;AAAA,EACtB;AACA,QAAM,GAAG,MAAM;AACf,SAAO;AACT;AAEO,SAAS,uBACd,QACA,UACK;AACL,QAAM,aAAa,yBAAyB,QAAQ;AACpD,QAAM,aAAa,oBAAI,IAAoB;AAC3C,aAAW,YAAY,QAAQ,CAAC,IAAI,QAAQ;AAC1C,QAAI,CAAC,WAAW,IAAI,EAAE,EAAG,YAAW,IAAI,IAAI,GAAG;AAAA,EACjD,CAAC;AACD,QAAM,YAAY,IAAI,IAAI,WAAW,eAAe,CAAC,CAAC;AACtD,QAAM,iBAAiB,CAAC,SAAkC;AACxD,UAAM,YAAY,KAAK,IAAI,KAAK;AAChC,QAAI,aAAa,UAAU,SAAS,EAAG,QAAO;AAC9C,WAAO,KAAK;AAAA,EACd;AACA,QAAM,aAAa,CAA6B,UAAsB;AACpE,WAAO,MAAM,IAAI,CAAC,SAAS;AACzB,YAAM,UAAU,eAAe,IAAI;AACnC,YAAM,WAAW,WAAW,aAAa,OAAO,KAAK,WAAW,aAAa,KAAK,IAAI;AACtF,YAAM,eAAe,KAAK,WAAW,WAAW,KAAK,QAAQ,IAAI;AACjE,YAAM,SAAS,UAAU,IAAI,OAAO,KAAK,UAAU,IAAI,KAAK,IAAI;AAChE,YAAM,OAAO;AAAA,QACX,GAAG;AAAA,QACH,OAAO,YAAY,SAAS,KAAK,EAAE,SAAS,IAAI,SAAS,KAAK,IAAI,KAAK;AAAA,QACvE,UAAU;AAAA,MACZ;AACA,WAAK,SAAS;AACd,aAAO;AAAA,IACT,CAAC;AAAA,EACH;AACA,QAAM,SAAS,OAAO,IAAI,CAAC,UAAU;AACnC,UAAM,WAAW,WAAW,cAAc,MAAM,EAAE;AAClD,WAAO;AAAA,MACL,GAAG;AAAA,MACH,MAAM,YAAY,SAAS,KAAK,EAAE,SAAS,IAAI,SAAS,KAAK,IAAI,MAAM;AAAA,MACvE,OAAO,WAAW,MAAM,KAAK;AAAA,IAC/B;AAAA,EACF,CAAC;AACD,SAAO,KAAK,CAAC,GAAG,MAAM;AACpB,UAAM,KAAK,WAAW,IAAI,EAAE,EAAE,IAAI,WAAW,IAAI,EAAE,EAAE,IAAK,OAAO;AACjE,UAAM,KAAK,WAAW,IAAI,EAAE,EAAE,IAAI,WAAW,IAAI,EAAE,EAAE,IAAK,OAAO;AACjE,QAAI,OAAO,GAAI,QAAO,KAAK;AAC3B,UAAM,KAAK,OAAO,EAAE,WAAW,WAAW,EAAE,SAAS;AACrD,UAAM,KAAK,OAAO,EAAE,WAAW,WAAW,EAAE,SAAS;AACrD,QAAI,OAAO,GAAI,QAAO,KAAK;AAC3B,WAAO,EAAE,YAAY,cAAc,EAAE,WAAW;AAAA,EAClD,CAAC;AACD,SAAO;AACT;AAEA,SAAS,eAAe,OAA+B;AACrD,SAAO;AAAA,IACL,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM,YAAY;AAAA,IAC5B,gBAAgB,MAAM,kBAAkB;AAAA,IACxC,QAAQ,MAAM;AAAA,EAChB;AACF;AAEA,SAAS,mBAAmB,OAAmC;AAC7D,SAAO;AAAA,IACL,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM,YAAY;AAAA,IAC5B,QAAQ,MAAM;AAAA,EAChB;AACF;AAoBA,SAAS,gBAAgB,SAA+C;AACtE,SAAO;AAAA,IACL,IAAI,QAAQ;AAAA,IACZ,MAAM,QAAQ;AAAA,IACd,UAAU,QAAQ,aAAa;AAAA,IAC/B,UAAU,yBAAyB,QAAQ,YAAsD;AAAA,IACjG,WAAW,QAAQ;AAAA,IACnB,WAAW,QAAQ,aAAa;AAAA,EAClC;AACF;AAEA,eAAsB,oBACpB,IACA,OACiC;AAEjC,QAAM,EAAE,QAAQ,UAAU,eAAe,IAAI,sBAAsB,KAAK;AACxE,QAAM,WAAW,MAAM;AAAA,IACrB;AAAA,IACA;AAAA,IACA,EAAE,MAAM,QAAQ,UAAU,WAAW,KAAK;AAAA,IAC1C,EAAE,SAAS,EAAE,WAAW,MAAM,EAAE;AAAA,IAChC,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,SAAO,SAAS,IAAI,eAAe;AACrC;AAEA,eAAsB,mBACpB,IACA,OACA,WACsC;AACtC,QAAM,EAAE,QAAQ,UAAU,eAAe,IAAI,sBAAsB,KAAK;AACxE,QAAM,UAAU,MAAM;AAAA,IACpB;AAAA,IACA;AAAA,IACA,EAAE,IAAI,WAAW,MAAM,QAAQ,UAAU,WAAW,KAAK;AAAA,IACzD;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,SAAO,UAAU,gBAAgB,OAAO,IAAI;AAC9C;AAEA,eAAsB,oBACpB,IACA,OACA,SAAS,kBACQ;AACjB,QAAM,WAAW,MAAM,oBAAoB,IAAI,KAAK;AAEpD,QAAM,cAAc,oBAAI,IAAY;AACpC,aAAW,WAAW,UAAU;AAC9B,QAAI,QAAQ,SAAS,QAAQ;AAC3B,kBAAY,IAAI,CAAC;AACjB;AAAA,IACF;AACA,UAAM,UAAU,OAAO,QAAQ,uBAAuB,MAAM;AAC5D,UAAM,QAAQ,QAAQ,KAAK,MAAM,IAAI,OAAO,IAAI,OAAO,aAAa,CAAC;AACrE,QAAI,OAAO;AACT,YAAM,IAAI,OAAO,SAAS,MAAM,CAAC,GAAG,EAAE;AACtC,UAAI,CAAC,OAAO,MAAM,CAAC,EAAG,aAAY,IAAI,CAAC;AAAA,IACzC;AAAA,EACF;AACA,MAAI,CAAC,YAAY,IAAI,CAAC,EAAG,QAAO;AAChC,MAAI,OAAO;AACX,SAAO,YAAY,IAAI,IAAI,EAAG,SAAQ;AACtC,SAAO,GAAG,MAAM,IAAI,IAAI;AAC1B;AAEA,eAAsB,qBACpB,IACA,OACA,OAK+B;AAC/B,QAAM,EAAE,QAAQ,UAAU,gBAAgB,OAAO,IAAI,sBAAsB,KAAK;AAChF,QAAM,aAAa,MAAM,QAAQ,IAAI,KAAK,KAAM,MAAM,oBAAoB,IAAI,KAAK;AACnF,QAAM,WAAW,yBAAyB;AAAA,IACxC,GAAI,MAAM,YAAY,CAAC;AAAA,IACvB,SAAS,MAAM,UAAU,WAAW;AAAA,EACtC,CAAC;AAED,MAAI;AACJ,QAAM,gBAAgB,IAAI;AAAA,IACxB,YAAY;AACV,UAAI,MAAM,aAAa,MAAM;AAC3B,cAAM,sBAAsB,IAAI,KAAK;AAAA,MACvC;AACA,gBAAU,GAAG,OAAO,gBAAgB;AAAA,QAClC,MAAM,GAAG,aAAa,MAAM,MAAM;AAAA,QAClC;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN,cAAc;AAAA,QACd,UAAU,MAAM,aAAa;AAAA,QAC7B,WAAW,oBAAI,KAAK;AAAA,MACtB,CAAC;AAAA,IACH;AAAA,EACF,GAAG,EAAE,aAAa,KAAK,CAAC;AACxB,SAAO,gBAAgB,OAAO;AAChC;AAEA,eAAsB,qBACpB,IACA,OACA,WACA,OAKsC;AACtC,QAAM,EAAE,QAAQ,UAAU,eAAe,IAAI,sBAAsB,KAAK;AACxE,QAAM,UAAU,MAAM;AAAA,IACpB;AAAA,IACA;AAAA,IACA,EAAE,IAAI,WAAW,MAAM,QAAQ,UAAU,WAAW,KAAK;AAAA,IACzD;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,MAAI,CAAC,QAAS,QAAO;AACrB,QAAM,SAAS;AACf,QAAM,gBAAgB,IAAI;AAAA,IACxB,YAAY;AACV,UAAI,OAAO,MAAM,SAAS,YAAY,MAAM,KAAK,KAAK,EAAE,SAAS,GAAG;AAClE,eAAO,OAAO,MAAM,KAAK,KAAK;AAAA,MAChC;AACA,UAAI,MAAM,UAAU;AAClB,eAAO,eAAe,yBAAyB;AAAA,UAC7C,GAAG,MAAM;AAAA,UACT,SAAS,MAAM,SAAS,WAAW;AAAA,QACrC,CAAC;AAAA,MACH;AACA,UAAI,OAAO,MAAM,aAAa,WAAW;AACvC,YAAI,MAAM,UAAU;AAClB,gBAAM,sBAAsB,IAAI,OAAO,SAAS;AAAA,QAClD;AACA,eAAO,WAAW,MAAM;AAAA,MAC1B;AAAA,IACF;AAAA,EACF,GAAG,EAAE,aAAa,KAAK,CAAC;AACxB,SAAO,gBAAgB,MAAM;AAC/B;AAEA,eAAsB,qBACpB,IACA,OACA,WACkB;AAClB,QAAM,EAAE,QAAQ,UAAU,eAAe,IAAI,sBAAsB,KAAK;AACxE,QAAM,UAAU,MAAM;AAAA,IACpB;AAAA,IACA;AAAA,IACA,EAAE,IAAI,WAAW,MAAM,QAAQ,UAAU,WAAW,KAAK;AAAA,IACzD;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,MAAI,CAAC,QAAS,QAAO;AACrB,UAAQ,YAAY,oBAAI,KAAK;AAC7B,UAAQ,WAAW;AACnB,QAAM,GAAG,MAAM;AACf,SAAO;AACT;AAEA,eAAe,sBACb,IACA,OACA,UACe;AACf,QAAM,EAAE,QAAQ,SAAS,IAAI,sBAAsB,KAAK;AACxD,QAAM,QAAqC,WACvC,EAAE,MAAM,QAAQ,UAAU,UAAU,MAAM,WAAW,MAAM,IAAI,EAAE,KAAK,SAAS,EAAE,IACjF,EAAE,MAAM,QAAQ,UAAU,UAAU,MAAM,WAAW,KAAK;AAC9D,QAAM,GAAG,aAAa,gBAAgB,OAAO,EAAE,UAAU,MAAM,CAAC;AAClE;AAEA,SAAS,sBAAsB,OAAqB;AAClD,SAAO;AAAA,IACL,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM,YAAY;AAAA,IAC5B,gBAAgB,MAAM,kBAAkB;AAAA,IACxC,QAAQ,MAAM;AAAA,EAChB;AACF;",
+  "sourcesContent": ["import { EntityManager, type FilterQuery } from '@mikro-orm/postgresql'\nimport { findOneWithDecryption, findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\nimport { withAtomicFlush } from '@open-mercato/shared/lib/commands/flush'\nimport { Role, RoleSidebarPreference, SidebarVariant, User, UserSidebarPreference } from '../data/entities'\nimport {\n  SIDEBAR_PREFERENCES_VERSION,\n  SidebarPreferencesSettings,\n  normalizeSidebarSettings,\n} from '@open-mercato/shared/modules/navigation/sidebarPreferences'\n\nexport type SidebarPreferenceScope = {\n  userId: string\n  tenantId?: string | null\n  organizationId?: string | null\n  locale: string\n}\n\nexport type RoleSidebarPreferenceScope = {\n  roleId: string\n  tenantId?: string | null\n  locale: string\n}\n\nexport type SidebarItemLike<T = Record<string, unknown>> = {\n  id?: string\n  href: string\n  title: string\n  defaultTitle: string\n  children?: SidebarItemLike<T>[]\n} & T\n\nexport type SidebarGroupLike<T = Record<string, unknown>> = {\n  id: string\n  name: string\n  defaultName: string\n  items: SidebarItemLike<T>[]\n  weight?: number\n} & T\n\nexport async function loadSidebarPreference(\n  em: EntityManager,\n  scope: SidebarPreferenceScope,\n): Promise<SidebarPreferencesSettings> {\n  // Cross-locale: variants & preferences are scoped per (user, tenant, org) only.\n  // The `locale` field on the row is kept for audit / when the row was created.\n  const { userId, tenantId, organizationId } = normalizeScope(scope)\n  const existing = await findOneWithDecryption(\n    em,\n    UserSidebarPreference,\n    { user: userId, tenantId, organizationId },\n    undefined,\n    { tenantId, organizationId },\n  )\n  return normalizeSidebarSettings(existing?.settingsJson as SidebarPreferencesSettings | undefined)\n}\n\nexport async function loadSidebarPreferenceUpdatedAt(\n  em: EntityManager,\n  scope: SidebarPreferenceScope,\n): Promise<{ id: string; updatedAt: Date | null } | null> {\n  const { userId, tenantId, organizationId } = normalizeScope(scope)\n  const existing = await findOneWithDecryption(\n    em,\n    UserSidebarPreference,\n    { user: userId, tenantId, organizationId },\n    undefined,\n    { tenantId, organizationId },\n  )\n  if (!existing) return null\n  return { id: existing.id, updatedAt: existing.updatedAt ?? null }\n}\n\nexport async function loadRoleSidebarPreferenceUpdatedAt(\n  em: EntityManager,\n  scope: RoleSidebarPreferenceScope,\n): Promise<{ id: string; updatedAt: Date | null } | null> {\n  const { roleId, tenantId } = normalizeRoleScope(scope)\n  const existing = await findOneWithDecryption(\n    em,\n    RoleSidebarPreference,\n    { role: roleId, tenantId },\n    undefined,\n    { tenantId, organizationId: null },\n  )\n  if (!existing) return null\n  return { id: existing.id, updatedAt: existing.updatedAt ?? null }\n}\n\nexport async function saveSidebarPreference(\n  em: EntityManager,\n  scope: SidebarPreferenceScope,\n  input: SidebarPreferencesSettings,\n): Promise<SidebarPreferencesSettings> {\n  const normalized = normalizeSidebarSettings({\n    ...input,\n    version: input?.version ?? SIDEBAR_PREFERENCES_VERSION,\n  })\n  const { userId, tenantId, organizationId, locale } = normalizeScope(scope)\n  let pref = await findOneWithDecryption(\n    em,\n    UserSidebarPreference,\n    { user: userId, tenantId, organizationId },\n    undefined,\n    { tenantId, organizationId },\n  )\n  if (!pref) {\n    pref = em.create(UserSidebarPreference, {\n      user: em.getReference(User, userId),\n      tenantId,\n      organizationId,\n      locale,\n      settingsJson: normalized,\n      createdAt: new Date(),\n    })\n  } else {\n    pref.settingsJson = normalized\n  }\n  await em.flush()\n  return normalized\n}\n\nexport async function loadRoleSidebarPreferences(\n  em: EntityManager,\n  options: { roleIds: string[]; tenantId?: string | null; locale?: string },\n): Promise<Map<string, SidebarPreferencesSettings>> {\n  if (!options.roleIds.length) return new Map()\n  const tenantId = options.tenantId ?? null\n  const tenantFilter = tenantId === null ? null : { $in: [tenantId, null] }\n  const prefs = await findWithDecryption(\n    em,\n    RoleSidebarPreference,\n    { role: { $in: options.roleIds }, tenantId: tenantFilter } as FilterQuery<RoleSidebarPreference>,\n    undefined,\n    { tenantId, organizationId: null },\n  )\n  const map = new Map<string, SidebarPreferencesSettings>()\n  for (const pref of prefs) {\n    const key = pref.role.id\n    if (tenantId !== null) {\n      const existing = map.get(key)\n      if (existing && pref.tenantId === null) continue\n      if (!existing || pref.tenantId === tenantId) {\n        map.set(key, normalizeSidebarSettings(pref.settingsJson as SidebarPreferencesSettings | undefined))\n      }\n      continue\n    }\n    map.set(key, normalizeSidebarSettings(pref.settingsJson as SidebarPreferencesSettings | undefined))\n  }\n  return map\n}\n\nexport async function loadFirstRoleSidebarPreference(\n  em: EntityManager,\n  options: { roleIds: string[]; tenantId?: string | null; locale?: string },\n): Promise<SidebarPreferencesSettings | null> {\n  if (!options.roleIds.length) return null\n  const tenantId = options.tenantId ?? null\n  const tenantFilter = tenantId === null ? null : { $in: [tenantId, null] }\n  const prefs = await findWithDecryption(\n    em,\n    RoleSidebarPreference,\n    { role: { $in: options.roleIds }, tenantId: tenantFilter } as FilterQuery<RoleSidebarPreference>,\n    undefined,\n    { tenantId, organizationId: null },\n  )\n  if (!prefs.length) return null\n  const ordered = options.roleIds\n    .map((id) => {\n      if (tenantId !== null) {\n        const specific = prefs.find((pref) => pref.role.id === id && pref.tenantId === tenantId)\n        if (specific) return specific\n      }\n      return prefs.find((pref) => pref.role.id === id && pref.tenantId === null)\n    })\n    .filter(Boolean) as RoleSidebarPreference[]\n  const first = ordered[0] ?? prefs[0]\n  return normalizeSidebarSettings(first?.settingsJson as SidebarPreferencesSettings | undefined)\n}\n\nexport async function saveRoleSidebarPreference(\n  em: EntityManager,\n  scope: RoleSidebarPreferenceScope,\n  input: SidebarPreferencesSettings,\n): Promise<SidebarPreferencesSettings> {\n  const normalized = normalizeSidebarSettings({\n    ...input,\n    version: input?.version ?? SIDEBAR_PREFERENCES_VERSION,\n  })\n  const { roleId, tenantId, locale } = normalizeRoleScope(scope)\n  let pref = await findOneWithDecryption(\n    em,\n    RoleSidebarPreference,\n    { role: roleId, tenantId },\n    undefined,\n    { tenantId, organizationId: null },\n  )\n  if (!pref) {\n    pref = em.create(RoleSidebarPreference, {\n      role: em.getReference(Role, roleId),\n      tenantId,\n      locale,\n      settingsJson: normalized,\n      createdAt: new Date(),\n    })\n  } else {\n    pref.settingsJson = normalized\n  }\n  await em.flush()\n  return normalized\n}\n\nexport function applySidebarPreference<T extends SidebarGroupLike>(\n  groups: T[],\n  settings?: SidebarPreferencesSettings | null,\n): T[] {\n  const normalized = normalizeSidebarSettings(settings)\n  const orderIndex = new Map<string, number>()\n  normalized.groupOrder?.forEach((id, idx) => {\n    if (!orderIndex.has(id)) orderIndex.set(id, idx)\n  })\n  const hiddenSet = new Set(normalized.hiddenItems ?? [])\n  const resolveItemKey = (item: SidebarItemLike): string => {\n    const candidate = item.id?.trim()\n    if (candidate && candidate.length > 0) return candidate\n    return item.href\n  }\n  const applyItems = <TI extends SidebarItemLike>(items: TI[]): TI[] => {\n    return items.map((item) => {\n      const itemKey = resolveItemKey(item)\n      const override = normalized.itemLabels?.[itemKey] ?? normalized.itemLabels?.[item.href]\n      const nextChildren = item.children ? applyItems(item.children) : undefined\n      const hidden = hiddenSet.has(itemKey) || hiddenSet.has(item.href)\n      const next = {\n        ...item,\n        title: override && override.trim().length > 0 ? override.trim() : item.defaultTitle,\n        children: nextChildren,\n      } as TI & { hidden?: boolean }\n      next.hidden = hidden\n      return next\n    })\n  }\n  const mapped = groups.map((group) => {\n    const override = normalized.groupLabels?.[group.id]\n    return {\n      ...group,\n      name: override && override.trim().length > 0 ? override.trim() : group.defaultName,\n      items: applyItems(group.items),\n    }\n  })\n  mapped.sort((a, b) => {\n    const ao = orderIndex.has(a.id) ? orderIndex.get(a.id)! : Number.POSITIVE_INFINITY\n    const bo = orderIndex.has(b.id) ? orderIndex.get(b.id)! : Number.POSITIVE_INFINITY\n    if (ao !== bo) return ao - bo\n    const aw = typeof a.weight === 'number' ? a.weight : 10_000\n    const bw = typeof b.weight === 'number' ? b.weight : 10_000\n    if (aw !== bw) return aw - bw\n    return a.defaultName.localeCompare(b.defaultName)\n  })\n  return mapped\n}\n\nfunction normalizeScope(scope: SidebarPreferenceScope) {\n  return {\n    userId: scope.userId,\n    tenantId: scope.tenantId ?? null,\n    organizationId: scope.organizationId ?? null,\n    locale: scope.locale,\n  }\n}\n\nfunction normalizeRoleScope(scope: RoleSidebarPreferenceScope) {\n  return {\n    roleId: scope.roleId,\n    tenantId: scope.tenantId ?? null,\n    locale: scope.locale,\n  }\n}\n\n// --- Named variants (per-user library of saved sidebar layouts) ----------------\n\nexport type VariantScope = {\n  userId: string\n  tenantId?: string | null\n  organizationId?: string | null\n  locale: string\n}\n\nexport type SidebarVariantRecord = {\n  id: string\n  name: string\n  isActive: boolean\n  settings: SidebarPreferencesSettings\n  createdAt: Date\n  updatedAt?: Date | null\n}\n\nfunction toVariantRecord(variant: SidebarVariant): SidebarVariantRecord {\n  return {\n    id: variant.id,\n    name: variant.name,\n    isActive: variant.isActive === true,\n    settings: normalizeSidebarSettings(variant.settingsJson as SidebarPreferencesSettings | undefined),\n    createdAt: variant.createdAt,\n    updatedAt: variant.updatedAt ?? null,\n  }\n}\n\nexport async function listSidebarVariants(\n  em: EntityManager,\n  scope: VariantScope,\n): Promise<SidebarVariantRecord[]> {\n  // Cross-locale: variants are scoped per (user, tenant) only.\n  const { userId, tenantId, organizationId } = normalizeVariantScope(scope)\n  const variants = await findWithDecryption(\n    em,\n    SidebarVariant,\n    { user: userId, tenantId, deletedAt: null },\n    { orderBy: { createdAt: 'asc' } },\n    { tenantId, organizationId },\n  )\n  return variants.map(toVariantRecord)\n}\n\nexport async function loadSidebarVariant(\n  em: EntityManager,\n  scope: VariantScope,\n  variantId: string,\n): Promise<SidebarVariantRecord | null> {\n  const { userId, tenantId, organizationId } = normalizeVariantScope(scope)\n  const variant = await findOneWithDecryption(\n    em,\n    SidebarVariant,\n    { id: variantId, user: userId, tenantId, deletedAt: null },\n    undefined,\n    { tenantId, organizationId },\n  )\n  return variant ? toVariantRecord(variant) : null\n}\n\nexport async function nextVariantAutoName(\n  em: EntityManager,\n  scope: VariantScope,\n  prefix = 'My preferences',\n): Promise<string> {\n  const variants = await listSidebarVariants(em, scope)\n  // Match names like \"My preferences\", \"My preferences 2\", \"My preferences 17\"\n  const usedNumbers = new Set<number>()\n  for (const variant of variants) {\n    if (variant.name === prefix) {\n      usedNumbers.add(1)\n      continue\n    }\n    const escaped = prefix.replace(/[.*+?^${}()|[\\]\\\\]/g, '\\\\$&')\n    const match = variant.name.match(new RegExp(`^${escaped}\\\\s+(\\\\d+)$`))\n    if (match) {\n      const n = Number.parseInt(match[1], 10)\n      if (!Number.isNaN(n)) usedNumbers.add(n)\n    }\n  }\n  if (!usedNumbers.has(1)) return prefix\n  let next = 2\n  while (usedNumbers.has(next)) next += 1\n  return `${prefix} ${next}`\n}\n\nexport async function createSidebarVariant(\n  em: EntityManager,\n  scope: VariantScope,\n  input: {\n    name?: string | null\n    settings?: Partial<SidebarPreferencesSettings> | null\n    isActive?: boolean\n  },\n): Promise<SidebarVariantRecord> {\n  const { userId, tenantId, organizationId, locale } = normalizeVariantScope(scope)\n  const finalName = (input.name ?? '').trim() || (await nextVariantAutoName(em, scope))\n  const settings = normalizeSidebarSettings({\n    ...(input.settings ?? {}),\n    version: input.settings?.version ?? SIDEBAR_PREFERENCES_VERSION,\n  })\n\n  let variant!: SidebarVariant\n  await withAtomicFlush(em, [\n    async () => {\n      if (input.isActive === true) {\n        await deactivateAllVariants(em, scope)\n      }\n      variant = em.create(SidebarVariant, {\n        user: em.getReference(User, userId),\n        tenantId,\n        organizationId,\n        locale,\n        name: finalName,\n        settingsJson: settings,\n        isActive: input.isActive === true,\n        createdAt: new Date(),\n      })\n    },\n  ], { transaction: true })\n  return toVariantRecord(variant)\n}\n\nexport async function updateSidebarVariant(\n  em: EntityManager,\n  scope: VariantScope,\n  variantId: string,\n  input: {\n    name?: string\n    settings?: Partial<SidebarPreferencesSettings> | null\n    isActive?: boolean\n  },\n): Promise<SidebarVariantRecord | null> {\n  const { userId, tenantId, organizationId } = normalizeVariantScope(scope)\n  const variant = await findOneWithDecryption(\n    em,\n    SidebarVariant,\n    { id: variantId, user: userId, tenantId, deletedAt: null },\n    undefined,\n    { tenantId, organizationId },\n  )\n  if (!variant) return null\n  const target = variant\n  await withAtomicFlush(em, [\n    () => {\n      if (typeof input.name === 'string' && input.name.trim().length > 0) {\n        target.name = input.name.trim()\n      }\n      if (input.settings) {\n        target.settingsJson = normalizeSidebarSettings({\n          ...input.settings,\n          version: input.settings.version ?? SIDEBAR_PREFERENCES_VERSION,\n        })\n      }\n      if (typeof input.isActive === 'boolean') {\n        target.isActive = input.isActive\n      }\n    },\n    async () => {\n      if (input.isActive === true) {\n        await deactivateAllVariants(em, scope, variantId)\n      }\n    },\n  ], { transaction: true })\n  return toVariantRecord(target)\n}\n\nexport async function deleteSidebarVariant(\n  em: EntityManager,\n  scope: VariantScope,\n  variantId: string,\n): Promise<boolean> {\n  const { userId, tenantId, organizationId } = normalizeVariantScope(scope)\n  const variant = await findOneWithDecryption(\n    em,\n    SidebarVariant,\n    { id: variantId, user: userId, tenantId, deletedAt: null },\n    undefined,\n    { tenantId, organizationId },\n  )\n  if (!variant) return false\n  variant.deletedAt = new Date()\n  variant.isActive = false\n  await em.flush()\n  return true\n}\n\nasync function deactivateAllVariants(\n  em: EntityManager,\n  scope: VariantScope,\n  exceptId?: string,\n): Promise<void> {\n  const { userId, tenantId } = normalizeVariantScope(scope)\n  const where: FilterQuery<SidebarVariant> = exceptId\n    ? { user: userId, tenantId, isActive: true, deletedAt: null, id: { $ne: exceptId } }\n    : { user: userId, tenantId, isActive: true, deletedAt: null }\n  await em.nativeUpdate(SidebarVariant, where, { isActive: false })\n}\n\nfunction normalizeVariantScope(scope: VariantScope) {\n  return {\n    userId: scope.userId,\n    tenantId: scope.tenantId ?? null,\n    organizationId: scope.organizationId ?? null,\n    locale: scope.locale,\n  }\n}\n"],
+  "mappings": "AACA,SAAS,uBAAuB,0BAA0B;AAC1D,SAAS,uBAAuB;AAChC,SAAS,MAAM,uBAAuB,gBAAgB,MAAM,6BAA6B;AACzF;AAAA,EACE;AAAA,EAEA;AAAA,OACK;AA+BP,eAAsB,sBACpB,IACA,OACqC;AAGrC,QAAM,EAAE,QAAQ,UAAU,eAAe,IAAI,eAAe,KAAK;AACjE,QAAM,WAAW,MAAM;AAAA,IACrB;AAAA,IACA;AAAA,IACA,EAAE,MAAM,QAAQ,UAAU,eAAe;AAAA,IACzC;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,SAAO,yBAAyB,UAAU,YAAsD;AAClG;AAEA,eAAsB,+BACpB,IACA,OACwD;AACxD,QAAM,EAAE,QAAQ,UAAU,eAAe,IAAI,eAAe,KAAK;AACjE,QAAM,WAAW,MAAM;AAAA,IACrB;AAAA,IACA;AAAA,IACA,EAAE,MAAM,QAAQ,UAAU,eAAe;AAAA,IACzC;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,MAAI,CAAC,SAAU,QAAO;AACtB,SAAO,EAAE,IAAI,SAAS,IAAI,WAAW,SAAS,aAAa,KAAK;AAClE;AAEA,eAAsB,mCACpB,IACA,OACwD;AACxD,QAAM,EAAE,QAAQ,SAAS,IAAI,mBAAmB,KAAK;AACrD,QAAM,WAAW,MAAM;AAAA,IACrB;AAAA,IACA;AAAA,IACA,EAAE,MAAM,QAAQ,SAAS;AAAA,IACzB;AAAA,IACA,EAAE,UAAU,gBAAgB,KAAK;AAAA,EACnC;AACA,MAAI,CAAC,SAAU,QAAO;AACtB,SAAO,EAAE,IAAI,SAAS,IAAI,WAAW,SAAS,aAAa,KAAK;AAClE;AAEA,eAAsB,sBACpB,IACA,OACA,OACqC;AACrC,QAAM,aAAa,yBAAyB;AAAA,IAC1C,GAAG;AAAA,IACH,SAAS,OAAO,WAAW;AAAA,EAC7B,CAAC;AACD,QAAM,EAAE,QAAQ,UAAU,gBAAgB,OAAO,IAAI,eAAe,KAAK;AACzE,MAAI,OAAO,MAAM;AAAA,IACf;AAAA,IACA;AAAA,IACA,EAAE,MAAM,QAAQ,UAAU,eAAe;AAAA,IACzC;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,MAAI,CAAC,MAAM;AACT,WAAO,GAAG,OAAO,uBAAuB;AAAA,MACtC,MAAM,GAAG,aAAa,MAAM,MAAM;AAAA,MAClC;AAAA,MACA;AAAA,MACA;AAAA,MACA,cAAc;AAAA,MACd,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAC;AAAA,EACH,OAAO;AACL,SAAK,eAAe;AAAA,EACtB;AACA,QAAM,GAAG,MAAM;AACf,SAAO;AACT;AAEA,eAAsB,2BACpB,IACA,SACkD;AAClD,MAAI,CAAC,QAAQ,QAAQ,OAAQ,QAAO,oBAAI,IAAI;AAC5C,QAAM,WAAW,QAAQ,YAAY;AACrC,QAAM,eAAe,aAAa,OAAO,OAAO,EAAE,KAAK,CAAC,UAAU,IAAI,EAAE;AACxE,QAAM,QAAQ,MAAM;AAAA,IAClB;AAAA,IACA;AAAA,IACA,EAAE,MAAM,EAAE,KAAK,QAAQ,QAAQ,GAAG,UAAU,aAAa;AAAA,IACzD;AAAA,IACA,EAAE,UAAU,gBAAgB,KAAK;AAAA,EACnC;AACA,QAAM,MAAM,oBAAI,IAAwC;AACxD,aAAW,QAAQ,OAAO;AACxB,UAAM,MAAM,KAAK,KAAK;AACtB,QAAI,aAAa,MAAM;AACrB,YAAM,WAAW,IAAI,IAAI,GAAG;AAC5B,UAAI,YAAY,KAAK,aAAa,KAAM;AACxC,UAAI,CAAC,YAAY,KAAK,aAAa,UAAU;AAC3C,YAAI,IAAI,KAAK,yBAAyB,KAAK,YAAsD,CAAC;AAAA,MACpG;AACA;AAAA,IACF;AACA,QAAI,IAAI,KAAK,yBAAyB,KAAK,YAAsD,CAAC;AAAA,EACpG;AACA,SAAO;AACT;AAEA,eAAsB,+BACpB,IACA,SAC4C;AAC5C,MAAI,CAAC,QAAQ,QAAQ,OAAQ,QAAO;AACpC,QAAM,WAAW,QAAQ,YAAY;AACrC,QAAM,eAAe,aAAa,OAAO,OAAO,EAAE,KAAK,CAAC,UAAU,IAAI,EAAE;AACxE,QAAM,QAAQ,MAAM;AAAA,IAClB;AAAA,IACA;AAAA,IACA,EAAE,MAAM,EAAE,KAAK,QAAQ,QAAQ,GAAG,UAAU,aAAa;AAAA,IACzD;AAAA,IACA,EAAE,UAAU,gBAAgB,KAAK;AAAA,EACnC;AACA,MAAI,CAAC,MAAM,OAAQ,QAAO;AAC1B,QAAM,UAAU,QAAQ,QACrB,IAAI,CAAC,OAAO;AACX,QAAI,aAAa,MAAM;AACrB,YAAM,WAAW,MAAM,KAAK,CAAC,SAAS,KAAK,KAAK,OAAO,MAAM,KAAK,aAAa,QAAQ;AACvF,UAAI,SAAU,QAAO;AAAA,IACvB;AACA,WAAO,MAAM,KAAK,CAAC,SAAS,KAAK,KAAK,OAAO,MAAM,KAAK,aAAa,IAAI;AAAA,EAC3E,CAAC,EACA,OAAO,OAAO;AACjB,QAAM,QAAQ,QAAQ,CAAC,KAAK,MAAM,CAAC;AACnC,SAAO,yBAAyB,OAAO,YAAsD;AAC/F;AAEA,eAAsB,0BACpB,IACA,OACA,OACqC;AACrC,QAAM,aAAa,yBAAyB;AAAA,IAC1C,GAAG;AAAA,IACH,SAAS,OAAO,WAAW;AAAA,EAC7B,CAAC;AACD,QAAM,EAAE,QAAQ,UAAU,OAAO,IAAI,mBAAmB,KAAK;AAC7D,MAAI,OAAO,MAAM;AAAA,IACf;AAAA,IACA;AAAA,IACA,EAAE,MAAM,QAAQ,SAAS;AAAA,IACzB;AAAA,IACA,EAAE,UAAU,gBAAgB,KAAK;AAAA,EACnC;AACA,MAAI,CAAC,MAAM;AACT,WAAO,GAAG,OAAO,uBAAuB;AAAA,MACtC,MAAM,GAAG,aAAa,MAAM,MAAM;AAAA,MAClC;AAAA,MACA;AAAA,MACA,cAAc;AAAA,MACd,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAC;AAAA,EACH,OAAO;AACL,SAAK,eAAe;AAAA,EACtB;AACA,QAAM,GAAG,MAAM;AACf,SAAO;AACT;AAEO,SAAS,uBACd,QACA,UACK;AACL,QAAM,aAAa,yBAAyB,QAAQ;AACpD,QAAM,aAAa,oBAAI,IAAoB;AAC3C,aAAW,YAAY,QAAQ,CAAC,IAAI,QAAQ;AAC1C,QAAI,CAAC,WAAW,IAAI,EAAE,EAAG,YAAW,IAAI,IAAI,GAAG;AAAA,EACjD,CAAC;AACD,QAAM,YAAY,IAAI,IAAI,WAAW,eAAe,CAAC,CAAC;AACtD,QAAM,iBAAiB,CAAC,SAAkC;AACxD,UAAM,YAAY,KAAK,IAAI,KAAK;AAChC,QAAI,aAAa,UAAU,SAAS,EAAG,QAAO;AAC9C,WAAO,KAAK;AAAA,EACd;AACA,QAAM,aAAa,CAA6B,UAAsB;AACpE,WAAO,MAAM,IAAI,CAAC,SAAS;AACzB,YAAM,UAAU,eAAe,IAAI;AACnC,YAAM,WAAW,WAAW,aAAa,OAAO,KAAK,WAAW,aAAa,KAAK,IAAI;AACtF,YAAM,eAAe,KAAK,WAAW,WAAW,KAAK,QAAQ,IAAI;AACjE,YAAM,SAAS,UAAU,IAAI,OAAO,KAAK,UAAU,IAAI,KAAK,IAAI;AAChE,YAAM,OAAO;AAAA,QACX,GAAG;AAAA,QACH,OAAO,YAAY,SAAS,KAAK,EAAE,SAAS,IAAI,SAAS,KAAK,IAAI,KAAK;AAAA,QACvE,UAAU;AAAA,MACZ;AACA,WAAK,SAAS;AACd,aAAO;AAAA,IACT,CAAC;AAAA,EACH;AACA,QAAM,SAAS,OAAO,IAAI,CAAC,UAAU;AACnC,UAAM,WAAW,WAAW,cAAc,MAAM,EAAE;AAClD,WAAO;AAAA,MACL,GAAG;AAAA,MACH,MAAM,YAAY,SAAS,KAAK,EAAE,SAAS,IAAI,SAAS,KAAK,IAAI,MAAM;AAAA,MACvE,OAAO,WAAW,MAAM,KAAK;AAAA,IAC/B;AAAA,EACF,CAAC;AACD,SAAO,KAAK,CAAC,GAAG,MAAM;AACpB,UAAM,KAAK,WAAW,IAAI,EAAE,EAAE,IAAI,WAAW,IAAI,EAAE,EAAE,IAAK,OAAO;AACjE,UAAM,KAAK,WAAW,IAAI,EAAE,EAAE,IAAI,WAAW,IAAI,EAAE,EAAE,IAAK,OAAO;AACjE,QAAI,OAAO,GAAI,QAAO,KAAK;AAC3B,UAAM,KAAK,OAAO,EAAE,WAAW,WAAW,EAAE,SAAS;AACrD,UAAM,KAAK,OAAO,EAAE,WAAW,WAAW,EAAE,SAAS;AACrD,QAAI,OAAO,GAAI,QAAO,KAAK;AAC3B,WAAO,EAAE,YAAY,cAAc,EAAE,WAAW;AAAA,EAClD,CAAC;AACD,SAAO;AACT;AAEA,SAAS,eAAe,OAA+B;AACrD,SAAO;AAAA,IACL,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM,YAAY;AAAA,IAC5B,gBAAgB,MAAM,kBAAkB;AAAA,IACxC,QAAQ,MAAM;AAAA,EAChB;AACF;AAEA,SAAS,mBAAmB,OAAmC;AAC7D,SAAO;AAAA,IACL,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM,YAAY;AAAA,IAC5B,QAAQ,MAAM;AAAA,EAChB;AACF;AAoBA,SAAS,gBAAgB,SAA+C;AACtE,SAAO;AAAA,IACL,IAAI,QAAQ;AAAA,IACZ,MAAM,QAAQ;AAAA,IACd,UAAU,QAAQ,aAAa;AAAA,IAC/B,UAAU,yBAAyB,QAAQ,YAAsD;AAAA,IACjG,WAAW,QAAQ;AAAA,IACnB,WAAW,QAAQ,aAAa;AAAA,EAClC;AACF;AAEA,eAAsB,oBACpB,IACA,OACiC;AAEjC,QAAM,EAAE,QAAQ,UAAU,eAAe,IAAI,sBAAsB,KAAK;AACxE,QAAM,WAAW,MAAM;AAAA,IACrB;AAAA,IACA;AAAA,IACA,EAAE,MAAM,QAAQ,UAAU,WAAW,KAAK;AAAA,IAC1C,EAAE,SAAS,EAAE,WAAW,MAAM,EAAE;AAAA,IAChC,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,SAAO,SAAS,IAAI,eAAe;AACrC;AAEA,eAAsB,mBACpB,IACA,OACA,WACsC;AACtC,QAAM,EAAE,QAAQ,UAAU,eAAe,IAAI,sBAAsB,KAAK;AACxE,QAAM,UAAU,MAAM;AAAA,IACpB;AAAA,IACA;AAAA,IACA,EAAE,IAAI,WAAW,MAAM,QAAQ,UAAU,WAAW,KAAK;AAAA,IACzD;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,SAAO,UAAU,gBAAgB,OAAO,IAAI;AAC9C;AAEA,eAAsB,oBACpB,IACA,OACA,SAAS,kBACQ;AACjB,QAAM,WAAW,MAAM,oBAAoB,IAAI,KAAK;AAEpD,QAAM,cAAc,oBAAI,IAAY;AACpC,aAAW,WAAW,UAAU;AAC9B,QAAI,QAAQ,SAAS,QAAQ;AAC3B,kBAAY,IAAI,CAAC;AACjB;AAAA,IACF;AACA,UAAM,UAAU,OAAO,QAAQ,uBAAuB,MAAM;AAC5D,UAAM,QAAQ,QAAQ,KAAK,MAAM,IAAI,OAAO,IAAI,OAAO,aAAa,CAAC;AACrE,QAAI,OAAO;AACT,YAAM,IAAI,OAAO,SAAS,MAAM,CAAC,GAAG,EAAE;AACtC,UAAI,CAAC,OAAO,MAAM,CAAC,EAAG,aAAY,IAAI,CAAC;AAAA,IACzC;AAAA,EACF;AACA,MAAI,CAAC,YAAY,IAAI,CAAC,EAAG,QAAO;AAChC,MAAI,OAAO;AACX,SAAO,YAAY,IAAI,IAAI,EAAG,SAAQ;AACtC,SAAO,GAAG,MAAM,IAAI,IAAI;AAC1B;AAEA,eAAsB,qBACpB,IACA,OACA,OAK+B;AAC/B,QAAM,EAAE,QAAQ,UAAU,gBAAgB,OAAO,IAAI,sBAAsB,KAAK;AAChF,QAAM,aAAa,MAAM,QAAQ,IAAI,KAAK,KAAM,MAAM,oBAAoB,IAAI,KAAK;AACnF,QAAM,WAAW,yBAAyB;AAAA,IACxC,GAAI,MAAM,YAAY,CAAC;AAAA,IACvB,SAAS,MAAM,UAAU,WAAW;AAAA,EACtC,CAAC;AAED,MAAI;AACJ,QAAM,gBAAgB,IAAI;AAAA,IACxB,YAAY;AACV,UAAI,MAAM,aAAa,MAAM;AAC3B,cAAM,sBAAsB,IAAI,KAAK;AAAA,MACvC;AACA,gBAAU,GAAG,OAAO,gBAAgB;AAAA,QAClC,MAAM,GAAG,aAAa,MAAM,MAAM;AAAA,QAClC;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN,cAAc;AAAA,QACd,UAAU,MAAM,aAAa;AAAA,QAC7B,WAAW,oBAAI,KAAK;AAAA,MACtB,CAAC;AAAA,IACH;AAAA,EACF,GAAG,EAAE,aAAa,KAAK,CAAC;AACxB,SAAO,gBAAgB,OAAO;AAChC;AAEA,eAAsB,qBACpB,IACA,OACA,WACA,OAKsC;AACtC,QAAM,EAAE,QAAQ,UAAU,eAAe,IAAI,sBAAsB,KAAK;AACxE,QAAM,UAAU,MAAM;AAAA,IACpB;AAAA,IACA;AAAA,IACA,EAAE,IAAI,WAAW,MAAM,QAAQ,UAAU,WAAW,KAAK;AAAA,IACzD;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,MAAI,CAAC,QAAS,QAAO;AACrB,QAAM,SAAS;AACf,QAAM,gBAAgB,IAAI;AAAA,IACxB,MAAM;AACJ,UAAI,OAAO,MAAM,SAAS,YAAY,MAAM,KAAK,KAAK,EAAE,SAAS,GAAG;AAClE,eAAO,OAAO,MAAM,KAAK,KAAK;AAAA,MAChC;AACA,UAAI,MAAM,UAAU;AAClB,eAAO,eAAe,yBAAyB;AAAA,UAC7C,GAAG,MAAM;AAAA,UACT,SAAS,MAAM,SAAS,WAAW;AAAA,QACrC,CAAC;AAAA,MACH;AACA,UAAI,OAAO,MAAM,aAAa,WAAW;AACvC,eAAO,WAAW,MAAM;AAAA,MAC1B;AAAA,IACF;AAAA,IACA,YAAY;AACV,UAAI,MAAM,aAAa,MAAM;AAC3B,cAAM,sBAAsB,IAAI,OAAO,SAAS;AAAA,MAClD;AAAA,IACF;AAAA,EACF,GAAG,EAAE,aAAa,KAAK,CAAC;AACxB,SAAO,gBAAgB,MAAM;AAC/B;AAEA,eAAsB,qBACpB,IACA,OACA,WACkB;AAClB,QAAM,EAAE,QAAQ,UAAU,eAAe,IAAI,sBAAsB,KAAK;AACxE,QAAM,UAAU,MAAM;AAAA,IACpB;AAAA,IACA;AAAA,IACA,EAAE,IAAI,WAAW,MAAM,QAAQ,UAAU,WAAW,KAAK;AAAA,IACzD;AAAA,IACA,EAAE,UAAU,eAAe;AAAA,EAC7B;AACA,MAAI,CAAC,QAAS,QAAO;AACrB,UAAQ,YAAY,oBAAI,KAAK;AAC7B,UAAQ,WAAW;AACnB,QAAM,GAAG,MAAM;AACf,SAAO;AACT;AAEA,eAAe,sBACb,IACA,OACA,UACe;AACf,QAAM,EAAE,QAAQ,SAAS,IAAI,sBAAsB,KAAK;AACxD,QAAM,QAAqC,WACvC,EAAE,MAAM,QAAQ,UAAU,UAAU,MAAM,WAAW,MAAM,IAAI,EAAE,KAAK,SAAS,EAAE,IACjF,EAAE,MAAM,QAAQ,UAAU,UAAU,MAAM,WAAW,KAAK;AAC9D,QAAM,GAAG,aAAa,gBAAgB,OAAO,EAAE,UAAU,MAAM,CAAC;AAClE;AAEA,SAAS,sBAAsB,OAAqB;AAClD,SAAO;AAAA,IACL,QAAQ,MAAM;AAAA,IACd,UAAU,MAAM,YAAY;AAAA,IAC5B,gBAAgB,MAAM,kBAAkB;AAAA,IACxC,QAAQ,MAAM;AAAA,EAChB;AACF;",
   "names": []
 }

package/dist/modules/business_rules/api/rules/route.js CHANGED Viewed

@@ -3,6 +3,8 @@ import { z } from "zod";
 import { getAuthFromRequest } from "@open-mercato/shared/lib/auth/server";
 import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
 import { resolveTranslations } from "@open-mercato/shared/lib/i18n/server";
+import { isCrudHttpError } from "@open-mercato/shared/lib/crud/errors";
+import { enforceCommandOptimisticLock } from "@open-mercato/shared/lib/crud/optimistic-lock-command";
 import { BusinessRule } from "../../data/entities.js";
 import { escapeLikePattern } from "@open-mercato/shared/lib/db/escapeLikePattern";
 import {
@@ -235,6 +237,19 @@ async function PUT(req) {
   if (!rule) {
     return NextResponse.json({ error: "Rule not found" }, { status: 404 });
   }
+  try {
+    enforceCommandOptimisticLock({
+      resourceKind: "business_rules.rule",
+      resourceId: rule.id,
+      current: rule.updatedAt ?? null,
+      request: req
+    });
+  } catch (err) {
+    if (isCrudHttpError(err)) {
+      return NextResponse.json(err.body, { status: err.status });
+    }
+    throw err;
+  }
   em.assign(rule, parsed.data);
   try {
     await em.persist(rule).flush();
@@ -270,6 +285,19 @@ async function DELETE(req) {
   if (!rule) {
     return NextResponse.json({ error: "Rule not found" }, { status: 404 });
   }
+  try {
+    enforceCommandOptimisticLock({
+      resourceKind: "business_rules.rule",
+      resourceId: rule.id,
+      current: rule.updatedAt ?? null,
+      request: req
+    });
+  } catch (err) {
+    if (isCrudHttpError(err)) {
+      return NextResponse.json(err.body, { status: err.status });
+    }
+    throw err;
+  }
   rule.deletedAt = /* @__PURE__ */ new Date();
   await em.persist(rule).flush();
   await invalidateBusinessRuleDiscoveryCache(cache, rule.tenantId, rule.organizationId);

package/dist/modules/business_rules/api/rules/route.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/modules/business_rules/api/rules/route.ts"],
-  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport { BusinessRule } from '../../data/entities'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { escapeLikePattern } from '@open-mercato/shared/lib/db/escapeLikePattern'\nimport {\n  createBusinessRuleSchema,\n  updateBusinessRuleSchema,\n  createLocalizedBusinessRuleSchema,\n  createLocalizedUpdateBusinessRuleSchema,\n  businessRuleFilterSchema,\n  ruleTypeSchema,\n} from '../../data/validators'\nimport {\n  invalidateBusinessRuleDiscoveryCache,\n  resolveBusinessRuleDiscoveryCache,\n} from '../../lib/rule-engine'\n\nconst querySchema = z.looseObject({\n  id: z.uuid().optional(),\n  page: z.coerce.number().min(1).default(1),\n  pageSize: z.coerce.number().min(1).max(100).default(50),\n  search: z.string().optional(),\n  ruleId: z.string().optional(),\n  ruleType: ruleTypeSchema.optional(),\n  entityType: z.string().optional(),\n  eventType: z.string().optional(),\n  enabled: z.coerce.boolean().optional(),\n  ruleCategory: z.string().optional(),\n  sortField: z.string().optional(),\n  sortDir: z.enum(['asc', 'desc']).optional().default('desc'),\n})\n\nconst ruleListItemSchema = z.object({\n  id: z.string().uuid(),\n  ruleId: z.string(),\n  ruleName: z.string(),\n  description: z.string().nullable(),\n  ruleType: ruleTypeSchema,\n  ruleCategory: z.string().nullable(),\n  entityType: z.string(),\n  eventType: z.string().nullable(),\n  enabled: z.boolean(),\n  priority: z.number(),\n  version: z.number(),\n  effectiveFrom: z.string().nullable(),\n  effectiveTo: z.string().nullable(),\n  tenantId: z.string().uuid(),\n  organizationId: z.string().uuid(),\n  createdAt: z.string(),\n  updatedAt: z.string(),\n})\n\nconst ruleListResponseSchema = z.object({\n  items: z.array(ruleListItemSchema),\n  total: z.number().int().nonnegative(),\n  totalPages: z.number().int().positive(),\n})\n\nconst ruleCreateResponseSchema = z.object({\n  id: z.string().uuid(),\n})\n\nconst okResponseSchema = z.object({\n  ok: z.literal(true),\n})\n\nconst errorResponseSchema = z.object({\n  error: z.string(),\n})\n\nconst routeMetadata = {\n  GET: { requireAuth: true, requireFeatures: ['business_rules.view'] },\n  POST: { requireAuth: true, requireFeatures: ['business_rules.manage'] },\n  PUT: { requireAuth: true, requireFeatures: ['business_rules.manage'] },\n  DELETE: { requireAuth: true, requireFeatures: ['business_rules.manage'] },\n}\n\nexport const metadata = routeMetadata\n\nexport async function GET(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const url = new URL(req.url)\n  const parsed = querySchema.safeParse({\n    id: url.searchParams.get('id') || undefined,\n    page: url.searchParams.get('page') || undefined,\n    pageSize: url.searchParams.get('pageSize') || undefined,\n    search: url.searchParams.get('search') || undefined,\n    ruleId: url.searchParams.get('ruleId') || undefined,\n    ruleType: url.searchParams.get('ruleType') || undefined,\n    entityType: url.searchParams.get('entityType') || undefined,\n    eventType: url.searchParams.get('eventType') || undefined,\n    enabled: url.searchParams.get('enabled') || undefined,\n    ruleCategory: url.searchParams.get('ruleCategory') || undefined,\n    sortField: url.searchParams.get('sortField') || undefined,\n    sortDir: url.searchParams.get('sortDir') || undefined,\n  })\n\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid query parameters' }, { status: 400 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n\n  const { id, page, pageSize, search, ruleId, ruleType, entityType, eventType, enabled, ruleCategory, sortField, sortDir } = parsed.data\n\n  const filters: Record<string, any> = {\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    deletedAt: null,\n  }\n\n  if (id) filters.id = id\n  if (ruleId) filters.ruleId = { $ilike: `%${escapeLikePattern(ruleId)}%` }\n  if (search) filters.ruleName = { $ilike: `%${escapeLikePattern(search)}%` }\n  if (ruleType) filters.ruleType = ruleType\n  if (entityType) filters.entityType = entityType\n  if (eventType) filters.eventType = eventType\n  if (enabled !== undefined) filters.enabled = enabled\n  if (ruleCategory) filters.ruleCategory = ruleCategory\n\n  const sortFieldMap: Record<string, string> = {\n    ruleId: 'ruleId',\n    ruleName: 'ruleName',\n    ruleType: 'ruleType',\n    entityType: 'entityType',\n    priority: 'priority',\n    createdAt: 'createdAt',\n    updatedAt: 'updatedAt',\n  }\n\n  const orderByField = sortField && sortFieldMap[sortField] ? sortFieldMap[sortField] : 'priority'\n  const orderBy = { [orderByField]: sortDir, ruleId: 'asc' as const }\n\n  const [rows, count] = await em.findAndCount(\n    BusinessRule,\n    filters,\n    {\n      limit: pageSize,\n      offset: (page - 1) * pageSize,\n      orderBy,\n    }\n  )\n\n  const items = rows.map((rule) => ({\n    id: rule.id,\n    ruleId: rule.ruleId,\n    ruleName: rule.ruleName,\n    description: rule.description ?? null,\n    ruleType: rule.ruleType,\n    ruleCategory: rule.ruleCategory ?? null,\n    entityType: rule.entityType,\n    eventType: rule.eventType ?? null,\n    enabled: rule.enabled,\n    priority: rule.priority,\n    version: rule.version,\n    effectiveFrom: rule.effectiveFrom ? rule.effectiveFrom.toISOString() : null,\n    effectiveTo: rule.effectiveTo ? rule.effectiveTo.toISOString() : null,\n    tenantId: rule.tenantId,\n    organizationId: rule.organizationId,\n    createdAt: rule.createdAt.toISOString(),\n    updatedAt: rule.updatedAt.toISOString(),\n  }))\n\n  const totalPages = Math.max(1, Math.ceil(count / pageSize))\n\n  return NextResponse.json({ items, total: count, totalPages })\n}\n\nexport async function POST(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n  const cache = resolveBusinessRuleDiscoveryCache(container.resolve.bind(container))\n\n  let body: any\n  try {\n    body = await req.json()\n  } catch {\n    return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 })\n  }\n\n  const payload = {\n    ...body,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    createdBy: auth.sub ?? auth.email ?? null,\n  }\n\n  const { t } = await resolveTranslations()\n  const schema = createLocalizedBusinessRuleSchema(t)\n  const parsed = schema.safeParse(payload)\n  if (!parsed.success) {\n    const errors = parsed.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)\n    return NextResponse.json({ error: `Validation failed: ${errors.join(', ')}` }, { status: 400 })\n  }\n\n  const data = {\n    ...parsed.data,\n    conditionExpression: parsed.data.conditionExpression ?? null,\n  }\n\n  const rule = em.create(BusinessRule, data)\n\n  try {\n    await em.persist(rule).flush()\n    await invalidateBusinessRuleDiscoveryCache(cache, rule.tenantId, rule.organizationId)\n  } catch (error) {\n    console.error('[business_rules.rules] Failed to persist new rule:', error)\n    return NextResponse.json(\n      { error: t('business_rules.errors.createFailed') },\n      { status: 500 },\n    )\n  }\n\n  return NextResponse.json({ id: rule.id }, { status: 201 })\n}\n\nexport async function PUT(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n  const cache = resolveBusinessRuleDiscoveryCache(container.resolve.bind(container))\n\n  let body: any\n  try {\n    body = await req.json()\n  } catch {\n    return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 })\n  }\n\n  if (!body.id) {\n    return NextResponse.json({ error: 'Rule id is required' }, { status: 400 })\n  }\n\n  const payload = {\n    ...body,\n    updatedBy: auth.sub ?? auth.email ?? null,\n  }\n  delete (payload as Record<string, unknown>).tenantId\n  delete (payload as Record<string, unknown>).organizationId\n  delete (payload as Record<string, unknown>).createdBy\n\n  const { t } = await resolveTranslations()\n  const schema = createLocalizedUpdateBusinessRuleSchema(t)\n  const parsed = schema.safeParse(payload)\n  if (!parsed.success) {\n    const errors = parsed.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)\n    return NextResponse.json({ error: `Validation failed: ${errors.join(', ')}` }, { status: 400 })\n  }\n\n  const rule = await em.findOne(BusinessRule, {\n    id: parsed.data.id,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    deletedAt: null,\n  })\n\n  if (!rule) {\n    return NextResponse.json({ error: 'Rule not found' }, { status: 404 })\n  }\n\n  em.assign(rule, parsed.data)\n\n  try {\n    await em.persist(rule).flush()\n    await invalidateBusinessRuleDiscoveryCache(cache, rule.tenantId, rule.organizationId)\n  } catch (error) {\n    console.error('[business_rules.rules] Failed to persist rule update:', error)\n    return NextResponse.json(\n      { error: t('business_rules.errors.updateFailed') },\n      { status: 500 },\n    )\n  }\n\n  return NextResponse.json({ ok: true })\n}\n\nexport async function DELETE(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const url = new URL(req.url)\n  const id = url.searchParams.get('id')\n\n  if (!id) {\n    return NextResponse.json({ error: 'Rule id is required' }, { status: 400 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n  const cache = resolveBusinessRuleDiscoveryCache(container.resolve.bind(container))\n\n  const rule = await em.findOne(BusinessRule, {\n    id,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    deletedAt: null,\n  })\n\n  if (!rule) {\n    return NextResponse.json({ error: 'Rule not found' }, { status: 404 })\n  }\n\n  rule.deletedAt = new Date()\n  await em.persist(rule).flush()\n  await invalidateBusinessRuleDiscoveryCache(cache, rule.tenantId, rule.organizationId)\n\n  return NextResponse.json({ ok: true })\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: 'Business Rules',\n  summary: 'Business rule management',\n  methods: {\n    GET: {\n      summary: 'List business rules',\n      description: 'Returns business rules for the current tenant and organization with filtering and pagination.',\n      query: querySchema,\n      responses: [\n        { status: 200, description: 'Business rules collection', schema: ruleListResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid query parameters', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n      ],\n    },\n    POST: {\n      summary: 'Create business rule',\n      description: 'Creates a new business rule for the current tenant and organization.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: createBusinessRuleSchema,\n      },\n      responses: [\n        {\n          status: 201,\n          description: 'Business rule created',\n          schema: ruleCreateResponseSchema,\n        },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n      ],\n    },\n    PUT: {\n      summary: 'Update business rule',\n      description: 'Updates an existing business rule.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: updateBusinessRuleSchema,\n      },\n      responses: [\n        {\n          status: 200,\n          description: 'Business rule updated',\n          schema: okResponseSchema,\n        },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n        { status: 404, description: 'Business rule not found', schema: errorResponseSchema },\n      ],\n    },\n    DELETE: {\n      summary: 'Delete business rule',\n      description: 'Soft deletes a business rule by identifier.',\n      query: z.object({ id: z.string().uuid().describe('Business rule identifier') }),\n      responses: [\n        { status: 200, description: 'Business rule deleted', schema: okResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid identifier', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n        { status: 404, description: 'Business rule not found', schema: errorResponseSchema },\n      ],\n    },\n  },\n}\n"],
-  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,2BAA2B;AACpC,SAAS,oBAAoB;AAE7B,SAAS,yBAAyB;AAClC;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,OACK;AACP;AAAA,EACE;AAAA,EACA;AAAA,OACK;AAEP,MAAM,cAAc,EAAE,YAAY;AAAA,EAChC,IAAI,EAAE,KAAK,EAAE,SAAS;AAAA,EACtB,MAAM,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,CAAC;AAAA,EACxC,UAAU,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,QAAQ,EAAE;AAAA,EACtD,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,UAAU,eAAe,SAAS;AAAA,EAClC,YAAY,EAAE,OAAO,EAAE,SAAS;AAAA,EAChC,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,SAAS,EAAE,OAAO,QAAQ,EAAE,SAAS;AAAA,EACrC,cAAc,EAAE,OAAO,EAAE,SAAS;AAAA,EAClC,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,SAAS,EAAE,KAAK,CAAC,OAAO,MAAM,CAAC,EAAE,SAAS,EAAE,QAAQ,MAAM;AAC5D,CAAC;AAED,MAAM,qBAAqB,EAAE,OAAO;AAAA,EAClC,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,EACpB,QAAQ,EAAE,OAAO;AAAA,EACjB,UAAU,EAAE,OAAO;AAAA,EACnB,aAAa,EAAE,OAAO,EAAE,SAAS;AAAA,EACjC,UAAU;AAAA,EACV,cAAc,EAAE,OAAO,EAAE,SAAS;AAAA,EAClC,YAAY,EAAE,OAAO;AAAA,EACrB,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,SAAS,EAAE,QAAQ;AAAA,EACnB,UAAU,EAAE,OAAO;AAAA,EACnB,SAAS,EAAE,OAAO;AAAA,EAClB,eAAe,EAAE,OAAO,EAAE,SAAS;AAAA,EACnC,aAAa,EAAE,OAAO,EAAE,SAAS;AAAA,EACjC,UAAU,EAAE,OAAO,EAAE,KAAK;AAAA,EAC1B,gBAAgB,EAAE,OAAO,EAAE,KAAK;AAAA,EAChC,WAAW,EAAE,OAAO;AAAA,EACpB,WAAW,EAAE,OAAO;AACtB,CAAC;AAED,MAAM,yBAAyB,EAAE,OAAO;AAAA,EACtC,OAAO,EAAE,MAAM,kBAAkB;AAAA,EACjC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY;AAAA,EACpC,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS;AACxC,CAAC;AAED,MAAM,2BAA2B,EAAE,OAAO;AAAA,EACxC,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,MAAM,mBAAmB,EAAE,OAAO;AAAA,EAChC,IAAI,EAAE,QAAQ,IAAI;AACpB,CAAC;AAED,MAAM,sBAAsB,EAAE,OAAO;AAAA,EACnC,OAAO,EAAE,OAAO;AAClB,CAAC;AAED,MAAM,gBAAgB;AAAA,EACpB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,qBAAqB,EAAE;AAAA,EACnE,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,uBAAuB,EAAE;AAAA,EACtE,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,uBAAuB,EAAE;AAAA,EACrE,QAAQ,EAAE,aAAa,MAAM,iBAAiB,CAAC,uBAAuB,EAAE;AAC1E;AAEO,MAAM,WAAW;AAExB,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,SAAS,YAAY,UAAU;AAAA,IACnC,IAAI,IAAI,aAAa,IAAI,IAAI,KAAK;AAAA,IAClC,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,IACtC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,IAC9C,QAAQ,IAAI,aAAa,IAAI,QAAQ,KAAK;AAAA,IAC1C,QAAQ,IAAI,aAAa,IAAI,QAAQ,KAAK;AAAA,IAC1C,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,IAC9C,YAAY,IAAI,aAAa,IAAI,YAAY,KAAK;AAAA,IAClD,WAAW,IAAI,aAAa,IAAI,WAAW,KAAK;AAAA,IAChD,SAAS,IAAI,aAAa,IAAI,SAAS,KAAK;AAAA,IAC5C,cAAc,IAAI,aAAa,IAAI,cAAc,KAAK;AAAA,IACtD,WAAW,IAAI,aAAa,IAAI,WAAW,KAAK;AAAA,IAChD,SAAS,IAAI,aAAa,IAAI,SAAS,KAAK;AAAA,EAC9C,CAAC;AAED,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,2BAA2B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjF;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,EAAE,IAAI,MAAM,UAAU,QAAQ,QAAQ,UAAU,YAAY,WAAW,SAAS,cAAc,WAAW,QAAQ,IAAI,OAAO;AAElI,QAAM,UAA+B;AAAA,IACnC,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,EACb;AAEA,MAAI,GAAI,SAAQ,KAAK;AACrB,MAAI,OAAQ,SAAQ,SAAS,EAAE,QAAQ,IAAI,kBAAkB,MAAM,CAAC,IAAI;AACxE,MAAI,OAAQ,SAAQ,WAAW,EAAE,QAAQ,IAAI,kBAAkB,MAAM,CAAC,IAAI;AAC1E,MAAI,SAAU,SAAQ,WAAW;AACjC,MAAI,WAAY,SAAQ,aAAa;AACrC,MAAI,UAAW,SAAQ,YAAY;AACnC,MAAI,YAAY,OAAW,SAAQ,UAAU;AAC7C,MAAI,aAAc,SAAQ,eAAe;AAEzC,QAAM,eAAuC;AAAA,IAC3C,QAAQ;AAAA,IACR,UAAU;AAAA,IACV,UAAU;AAAA,IACV,YAAY;AAAA,IACZ,UAAU;AAAA,IACV,WAAW;AAAA,IACX,WAAW;AAAA,EACb;AAEA,QAAM,eAAe,aAAa,aAAa,SAAS,IAAI,aAAa,SAAS,IAAI;AACtF,QAAM,UAAU,EAAE,CAAC,YAAY,GAAG,SAAS,QAAQ,MAAe;AAElE,QAAM,CAAC,MAAM,KAAK,IAAI,MAAM,GAAG;AAAA,IAC7B;AAAA,IACA;AAAA,IACA;AAAA,MACE,OAAO;AAAA,MACP,SAAS,OAAO,KAAK;AAAA,MACrB;AAAA,IACF;AAAA,EACF;AAEA,QAAM,QAAQ,KAAK,IAAI,CAAC,UAAU;AAAA,IAChC,IAAI,KAAK;AAAA,IACT,QAAQ,KAAK;AAAA,IACb,UAAU,KAAK;AAAA,IACf,aAAa,KAAK,eAAe;AAAA,IACjC,UAAU,KAAK;AAAA,IACf,cAAc,KAAK,gBAAgB;AAAA,IACnC,YAAY,KAAK;AAAA,IACjB,WAAW,KAAK,aAAa;AAAA,IAC7B,SAAS,KAAK;AAAA,IACd,UAAU,KAAK;AAAA,IACf,SAAS,KAAK;AAAA,IACd,eAAe,KAAK,gBAAgB,KAAK,cAAc,YAAY,IAAI;AAAA,IACvE,aAAa,KAAK,cAAc,KAAK,YAAY,YAAY,IAAI;AAAA,IACjE,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW,KAAK,UAAU,YAAY;AAAA,IACtC,WAAW,KAAK,UAAU,YAAY;AAAA,EACxC,EAAE;AAEF,QAAM,aAAa,KAAK,IAAI,GAAG,KAAK,KAAK,QAAQ,QAAQ,CAAC;AAE1D,SAAO,aAAa,KAAK,EAAE,OAAO,OAAO,OAAO,WAAW,CAAC;AAC9D;AAEA,eAAsB,KAAK,KAAc;AACvC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,QAAM,QAAQ,kCAAkC,UAAU,QAAQ,KAAK,SAAS,CAAC;AAEjF,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC1E;AAEA,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW,KAAK,OAAO,KAAK,SAAS;AAAA,EACvC;AAEA,QAAM,EAAE,EAAE,IAAI,MAAM,oBAAoB;AACxC,QAAM,SAAS,kCAAkC,CAAC;AAClD,QAAM,SAAS,OAAO,UAAU,OAAO;AACvC,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,SAAS,OAAO,MAAM,OAAO,IAAI,OAAK,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE;AAC/E,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,OAAO,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChG;AAEA,QAAM,OAAO;AAAA,IACX,GAAG,OAAO;AAAA,IACV,qBAAqB,OAAO,KAAK,uBAAuB;AAAA,EAC1D;AAEA,QAAM,OAAO,GAAG,OAAO,cAAc,IAAI;AAEzC,MAAI;AACF,UAAM,GAAG,QAAQ,IAAI,EAAE,MAAM;AAC7B,UAAM,qCAAqC,OAAO,KAAK,UAAU,KAAK,cAAc;AAAA,EACtF,SAAS,OAAO;AACd,YAAQ,MAAM,sDAAsD,KAAK;AACzE,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,EAAE,oCAAoC,EAAE;AAAA,MACjD,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AAEA,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,GAAG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC3D;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,QAAM,QAAQ,kCAAkC,UAAU,QAAQ,KAAK,SAAS,CAAC;AAEjF,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC1E;AAEA,MAAI,CAAC,KAAK,IAAI;AACZ,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC5E;AAEA,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH,WAAW,KAAK,OAAO,KAAK,SAAS;AAAA,EACvC;AACA,SAAQ,QAAoC;AAC5C,SAAQ,QAAoC;AAC5C,SAAQ,QAAoC;AAE5C,QAAM,EAAE,EAAE,IAAI,MAAM,oBAAoB;AACxC,QAAM,SAAS,wCAAwC,CAAC;AACxD,QAAM,SAAS,OAAO,UAAU,OAAO;AACvC,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,SAAS,OAAO,MAAM,OAAO,IAAI,OAAK,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE;AAC/E,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,OAAO,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChG;AAEA,QAAM,OAAO,MAAM,GAAG,QAAQ,cAAc;AAAA,IAC1C,IAAI,OAAO,KAAK;AAAA,IAChB,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,EACb,CAAC;AAED,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvE;AAEA,KAAG,OAAO,MAAM,OAAO,IAAI;AAE3B,MAAI;AACF,UAAM,GAAG,QAAQ,IAAI,EAAE,MAAM;AAC7B,UAAM,qCAAqC,OAAO,KAAK,UAAU,KAAK,cAAc;AAAA,EACtF,SAAS,OAAO;AACd,YAAQ,MAAM,yDAAyD,KAAK;AAC5E,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,EAAE,oCAAoC,EAAE;AAAA,MACjD,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AAEA,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEA,eAAsB,OAAO,KAAc;AACzC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,KAAK,IAAI,aAAa,IAAI,IAAI;AAEpC,MAAI,CAAC,IAAI;AACP,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC5E;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,QAAM,QAAQ,kCAAkC,UAAU,QAAQ,KAAK,SAAS,CAAC;AAEjF,QAAM,OAAO,MAAM,GAAG,QAAQ,cAAc;AAAA,IAC1C;AAAA,IACA,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,EACb,CAAC;AAED,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvE;AAEA,OAAK,YAAY,oBAAI,KAAK;AAC1B,QAAM,GAAG,QAAQ,IAAI,EAAE,MAAM;AAC7B,QAAM,qCAAqC,OAAO,KAAK,UAAU,KAAK,cAAc;AAEpF,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,6BAA6B,QAAQ,uBAAuB;AAAA,MAC1F;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,4BAA4B,QAAQ,oBAAoB;AAAA,QACpF,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,MAC1E;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,QAAQ;AAAA,QACV;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,oBAAoB;AAAA,QAC3E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,MAC1E;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,QAAQ;AAAA,QACV;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,oBAAoB;AAAA,QAC3E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,2BAA2B,QAAQ,oBAAoB;AAAA,MACrF;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,0BAA0B,EAAE,CAAC;AAAA,MAC9E,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,yBAAyB,QAAQ,iBAAiB;AAAA,MAChF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,oBAAoB;AAAA,QAC9E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,2BAA2B,QAAQ,oBAAoB;AAAA,MACrF;AAAA,IACF;AAAA,EACF;AACF;",
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport { isCrudHttpError } from '@open-mercato/shared/lib/crud/errors'\nimport { enforceCommandOptimisticLock } from '@open-mercato/shared/lib/crud/optimistic-lock-command'\nimport { BusinessRule } from '../../data/entities'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { escapeLikePattern } from '@open-mercato/shared/lib/db/escapeLikePattern'\nimport {\n  createBusinessRuleSchema,\n  updateBusinessRuleSchema,\n  createLocalizedBusinessRuleSchema,\n  createLocalizedUpdateBusinessRuleSchema,\n  businessRuleFilterSchema,\n  ruleTypeSchema,\n} from '../../data/validators'\nimport {\n  invalidateBusinessRuleDiscoveryCache,\n  resolveBusinessRuleDiscoveryCache,\n} from '../../lib/rule-engine'\n\nconst querySchema = z.looseObject({\n  id: z.uuid().optional(),\n  page: z.coerce.number().min(1).default(1),\n  pageSize: z.coerce.number().min(1).max(100).default(50),\n  search: z.string().optional(),\n  ruleId: z.string().optional(),\n  ruleType: ruleTypeSchema.optional(),\n  entityType: z.string().optional(),\n  eventType: z.string().optional(),\n  enabled: z.coerce.boolean().optional(),\n  ruleCategory: z.string().optional(),\n  sortField: z.string().optional(),\n  sortDir: z.enum(['asc', 'desc']).optional().default('desc'),\n})\n\nconst ruleListItemSchema = z.object({\n  id: z.string().uuid(),\n  ruleId: z.string(),\n  ruleName: z.string(),\n  description: z.string().nullable(),\n  ruleType: ruleTypeSchema,\n  ruleCategory: z.string().nullable(),\n  entityType: z.string(),\n  eventType: z.string().nullable(),\n  enabled: z.boolean(),\n  priority: z.number(),\n  version: z.number(),\n  effectiveFrom: z.string().nullable(),\n  effectiveTo: z.string().nullable(),\n  tenantId: z.string().uuid(),\n  organizationId: z.string().uuid(),\n  createdAt: z.string(),\n  updatedAt: z.string(),\n})\n\nconst ruleListResponseSchema = z.object({\n  items: z.array(ruleListItemSchema),\n  total: z.number().int().nonnegative(),\n  totalPages: z.number().int().positive(),\n})\n\nconst ruleCreateResponseSchema = z.object({\n  id: z.string().uuid(),\n})\n\nconst okResponseSchema = z.object({\n  ok: z.literal(true),\n})\n\nconst errorResponseSchema = z.object({\n  error: z.string(),\n})\n\nconst routeMetadata = {\n  GET: { requireAuth: true, requireFeatures: ['business_rules.view'] },\n  POST: { requireAuth: true, requireFeatures: ['business_rules.manage'] },\n  PUT: { requireAuth: true, requireFeatures: ['business_rules.manage'] },\n  DELETE: { requireAuth: true, requireFeatures: ['business_rules.manage'] },\n}\n\nexport const metadata = routeMetadata\n\nexport async function GET(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const url = new URL(req.url)\n  const parsed = querySchema.safeParse({\n    id: url.searchParams.get('id') || undefined,\n    page: url.searchParams.get('page') || undefined,\n    pageSize: url.searchParams.get('pageSize') || undefined,\n    search: url.searchParams.get('search') || undefined,\n    ruleId: url.searchParams.get('ruleId') || undefined,\n    ruleType: url.searchParams.get('ruleType') || undefined,\n    entityType: url.searchParams.get('entityType') || undefined,\n    eventType: url.searchParams.get('eventType') || undefined,\n    enabled: url.searchParams.get('enabled') || undefined,\n    ruleCategory: url.searchParams.get('ruleCategory') || undefined,\n    sortField: url.searchParams.get('sortField') || undefined,\n    sortDir: url.searchParams.get('sortDir') || undefined,\n  })\n\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid query parameters' }, { status: 400 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n\n  const { id, page, pageSize, search, ruleId, ruleType, entityType, eventType, enabled, ruleCategory, sortField, sortDir } = parsed.data\n\n  const filters: Record<string, any> = {\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    deletedAt: null,\n  }\n\n  if (id) filters.id = id\n  if (ruleId) filters.ruleId = { $ilike: `%${escapeLikePattern(ruleId)}%` }\n  if (search) filters.ruleName = { $ilike: `%${escapeLikePattern(search)}%` }\n  if (ruleType) filters.ruleType = ruleType\n  if (entityType) filters.entityType = entityType\n  if (eventType) filters.eventType = eventType\n  if (enabled !== undefined) filters.enabled = enabled\n  if (ruleCategory) filters.ruleCategory = ruleCategory\n\n  const sortFieldMap: Record<string, string> = {\n    ruleId: 'ruleId',\n    ruleName: 'ruleName',\n    ruleType: 'ruleType',\n    entityType: 'entityType',\n    priority: 'priority',\n    createdAt: 'createdAt',\n    updatedAt: 'updatedAt',\n  }\n\n  const orderByField = sortField && sortFieldMap[sortField] ? sortFieldMap[sortField] : 'priority'\n  const orderBy = { [orderByField]: sortDir, ruleId: 'asc' as const }\n\n  const [rows, count] = await em.findAndCount(\n    BusinessRule,\n    filters,\n    {\n      limit: pageSize,\n      offset: (page - 1) * pageSize,\n      orderBy,\n    }\n  )\n\n  const items = rows.map((rule) => ({\n    id: rule.id,\n    ruleId: rule.ruleId,\n    ruleName: rule.ruleName,\n    description: rule.description ?? null,\n    ruleType: rule.ruleType,\n    ruleCategory: rule.ruleCategory ?? null,\n    entityType: rule.entityType,\n    eventType: rule.eventType ?? null,\n    enabled: rule.enabled,\n    priority: rule.priority,\n    version: rule.version,\n    effectiveFrom: rule.effectiveFrom ? rule.effectiveFrom.toISOString() : null,\n    effectiveTo: rule.effectiveTo ? rule.effectiveTo.toISOString() : null,\n    tenantId: rule.tenantId,\n    organizationId: rule.organizationId,\n    createdAt: rule.createdAt.toISOString(),\n    updatedAt: rule.updatedAt.toISOString(),\n  }))\n\n  const totalPages = Math.max(1, Math.ceil(count / pageSize))\n\n  return NextResponse.json({ items, total: count, totalPages })\n}\n\nexport async function POST(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n  const cache = resolveBusinessRuleDiscoveryCache(container.resolve.bind(container))\n\n  let body: any\n  try {\n    body = await req.json()\n  } catch {\n    return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 })\n  }\n\n  const payload = {\n    ...body,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    createdBy: auth.sub ?? auth.email ?? null,\n  }\n\n  const { t } = await resolveTranslations()\n  const schema = createLocalizedBusinessRuleSchema(t)\n  const parsed = schema.safeParse(payload)\n  if (!parsed.success) {\n    const errors = parsed.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)\n    return NextResponse.json({ error: `Validation failed: ${errors.join(', ')}` }, { status: 400 })\n  }\n\n  const data = {\n    ...parsed.data,\n    conditionExpression: parsed.data.conditionExpression ?? null,\n  }\n\n  const rule = em.create(BusinessRule, data)\n\n  try {\n    await em.persist(rule).flush()\n    await invalidateBusinessRuleDiscoveryCache(cache, rule.tenantId, rule.organizationId)\n  } catch (error) {\n    console.error('[business_rules.rules] Failed to persist new rule:', error)\n    return NextResponse.json(\n      { error: t('business_rules.errors.createFailed') },\n      { status: 500 },\n    )\n  }\n\n  return NextResponse.json({ id: rule.id }, { status: 201 })\n}\n\nexport async function PUT(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n  const cache = resolveBusinessRuleDiscoveryCache(container.resolve.bind(container))\n\n  let body: any\n  try {\n    body = await req.json()\n  } catch {\n    return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 })\n  }\n\n  if (!body.id) {\n    return NextResponse.json({ error: 'Rule id is required' }, { status: 400 })\n  }\n\n  const payload = {\n    ...body,\n    updatedBy: auth.sub ?? auth.email ?? null,\n  }\n  delete (payload as Record<string, unknown>).tenantId\n  delete (payload as Record<string, unknown>).organizationId\n  delete (payload as Record<string, unknown>).createdBy\n\n  const { t } = await resolveTranslations()\n  const schema = createLocalizedUpdateBusinessRuleSchema(t)\n  const parsed = schema.safeParse(payload)\n  if (!parsed.success) {\n    const errors = parsed.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)\n    return NextResponse.json({ error: `Validation failed: ${errors.join(', ')}` }, { status: 400 })\n  }\n\n  const rule = await em.findOne(BusinessRule, {\n    id: parsed.data.id,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    deletedAt: null,\n  })\n\n  if (!rule) {\n    return NextResponse.json({ error: 'Rule not found' }, { status: 404 })\n  }\n\n  try {\n    enforceCommandOptimisticLock({\n      resourceKind: 'business_rules.rule',\n      resourceId: rule.id,\n      current: rule.updatedAt ?? null,\n      request: req,\n    })\n  } catch (err) {\n    if (isCrudHttpError(err)) {\n      return NextResponse.json(err.body, { status: err.status })\n    }\n    throw err\n  }\n\n  em.assign(rule, parsed.data)\n\n  try {\n    await em.persist(rule).flush()\n    await invalidateBusinessRuleDiscoveryCache(cache, rule.tenantId, rule.organizationId)\n  } catch (error) {\n    console.error('[business_rules.rules] Failed to persist rule update:', error)\n    return NextResponse.json(\n      { error: t('business_rules.errors.updateFailed') },\n      { status: 500 },\n    )\n  }\n\n  return NextResponse.json({ ok: true })\n}\n\nexport async function DELETE(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const url = new URL(req.url)\n  const id = url.searchParams.get('id')\n\n  if (!id) {\n    return NextResponse.json({ error: 'Rule id is required' }, { status: 400 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n  const cache = resolveBusinessRuleDiscoveryCache(container.resolve.bind(container))\n\n  const rule = await em.findOne(BusinessRule, {\n    id,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    deletedAt: null,\n  })\n\n  if (!rule) {\n    return NextResponse.json({ error: 'Rule not found' }, { status: 404 })\n  }\n\n  try {\n    enforceCommandOptimisticLock({\n      resourceKind: 'business_rules.rule',\n      resourceId: rule.id,\n      current: rule.updatedAt ?? null,\n      request: req,\n    })\n  } catch (err) {\n    if (isCrudHttpError(err)) {\n      return NextResponse.json(err.body, { status: err.status })\n    }\n    throw err\n  }\n\n  rule.deletedAt = new Date()\n  await em.persist(rule).flush()\n  await invalidateBusinessRuleDiscoveryCache(cache, rule.tenantId, rule.organizationId)\n\n  return NextResponse.json({ ok: true })\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: 'Business Rules',\n  summary: 'Business rule management',\n  methods: {\n    GET: {\n      summary: 'List business rules',\n      description: 'Returns business rules for the current tenant and organization with filtering and pagination.',\n      query: querySchema,\n      responses: [\n        { status: 200, description: 'Business rules collection', schema: ruleListResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid query parameters', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n      ],\n    },\n    POST: {\n      summary: 'Create business rule',\n      description: 'Creates a new business rule for the current tenant and organization.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: createBusinessRuleSchema,\n      },\n      responses: [\n        {\n          status: 201,\n          description: 'Business rule created',\n          schema: ruleCreateResponseSchema,\n        },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n      ],\n    },\n    PUT: {\n      summary: 'Update business rule',\n      description: 'Updates an existing business rule.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: updateBusinessRuleSchema,\n      },\n      responses: [\n        {\n          status: 200,\n          description: 'Business rule updated',\n          schema: okResponseSchema,\n        },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n        { status: 404, description: 'Business rule not found', schema: errorResponseSchema },\n      ],\n    },\n    DELETE: {\n      summary: 'Delete business rule',\n      description: 'Soft deletes a business rule by identifier.',\n      query: z.object({ id: z.string().uuid().describe('Business rule identifier') }),\n      responses: [\n        { status: 200, description: 'Business rule deleted', schema: okResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid identifier', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n        { status: 404, description: 'Business rule not found', schema: errorResponseSchema },\n      ],\n    },\n  },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,2BAA2B;AACpC,SAAS,uBAAuB;AAChC,SAAS,oCAAoC;AAC7C,SAAS,oBAAoB;AAE7B,SAAS,yBAAyB;AAClC;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,OACK;AACP;AAAA,EACE;AAAA,EACA;AAAA,OACK;AAEP,MAAM,cAAc,EAAE,YAAY;AAAA,EAChC,IAAI,EAAE,KAAK,EAAE,SAAS;AAAA,EACtB,MAAM,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,CAAC;AAAA,EACxC,UAAU,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,QAAQ,EAAE;AAAA,EACtD,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,UAAU,eAAe,SAAS;AAAA,EAClC,YAAY,EAAE,OAAO,EAAE,SAAS;AAAA,EAChC,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,SAAS,EAAE,OAAO,QAAQ,EAAE,SAAS;AAAA,EACrC,cAAc,EAAE,OAAO,EAAE,SAAS;AAAA,EAClC,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,SAAS,EAAE,KAAK,CAAC,OAAO,MAAM,CAAC,EAAE,SAAS,EAAE,QAAQ,MAAM;AAC5D,CAAC;AAED,MAAM,qBAAqB,EAAE,OAAO;AAAA,EAClC,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,EACpB,QAAQ,EAAE,OAAO;AAAA,EACjB,UAAU,EAAE,OAAO;AAAA,EACnB,aAAa,EAAE,OAAO,EAAE,SAAS;AAAA,EACjC,UAAU;AAAA,EACV,cAAc,EAAE,OAAO,EAAE,SAAS;AAAA,EAClC,YAAY,EAAE,OAAO;AAAA,EACrB,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,SAAS,EAAE,QAAQ;AAAA,EACnB,UAAU,EAAE,OAAO;AAAA,EACnB,SAAS,EAAE,OAAO;AAAA,EAClB,eAAe,EAAE,OAAO,EAAE,SAAS;AAAA,EACnC,aAAa,EAAE,OAAO,EAAE,SAAS;AAAA,EACjC,UAAU,EAAE,OAAO,EAAE,KAAK;AAAA,EAC1B,gBAAgB,EAAE,OAAO,EAAE,KAAK;AAAA,EAChC,WAAW,EAAE,OAAO;AAAA,EACpB,WAAW,EAAE,OAAO;AACtB,CAAC;AAED,MAAM,yBAAyB,EAAE,OAAO;AAAA,EACtC,OAAO,EAAE,MAAM,kBAAkB;AAAA,EACjC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY;AAAA,EACpC,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS;AACxC,CAAC;AAED,MAAM,2BAA2B,EAAE,OAAO;AAAA,EACxC,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,MAAM,mBAAmB,EAAE,OAAO;AAAA,EAChC,IAAI,EAAE,QAAQ,IAAI;AACpB,CAAC;AAED,MAAM,sBAAsB,EAAE,OAAO;AAAA,EACnC,OAAO,EAAE,OAAO;AAClB,CAAC;AAED,MAAM,gBAAgB;AAAA,EACpB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,qBAAqB,EAAE;AAAA,EACnE,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,uBAAuB,EAAE;AAAA,EACtE,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,uBAAuB,EAAE;AAAA,EACrE,QAAQ,EAAE,aAAa,MAAM,iBAAiB,CAAC,uBAAuB,EAAE;AAC1E;AAEO,MAAM,WAAW;AAExB,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,SAAS,YAAY,UAAU;AAAA,IACnC,IAAI,IAAI,aAAa,IAAI,IAAI,KAAK;AAAA,IAClC,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,IACtC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,IAC9C,QAAQ,IAAI,aAAa,IAAI,QAAQ,KAAK;AAAA,IAC1C,QAAQ,IAAI,aAAa,IAAI,QAAQ,KAAK;AAAA,IAC1C,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,IAC9C,YAAY,IAAI,aAAa,IAAI,YAAY,KAAK;AAAA,IAClD,WAAW,IAAI,aAAa,IAAI,WAAW,KAAK;AAAA,IAChD,SAAS,IAAI,aAAa,IAAI,SAAS,KAAK;AAAA,IAC5C,cAAc,IAAI,aAAa,IAAI,cAAc,KAAK;AAAA,IACtD,WAAW,IAAI,aAAa,IAAI,WAAW,KAAK;AAAA,IAChD,SAAS,IAAI,aAAa,IAAI,SAAS,KAAK;AAAA,EAC9C,CAAC;AAED,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,2BAA2B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjF;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,EAAE,IAAI,MAAM,UAAU,QAAQ,QAAQ,UAAU,YAAY,WAAW,SAAS,cAAc,WAAW,QAAQ,IAAI,OAAO;AAElI,QAAM,UAA+B;AAAA,IACnC,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,EACb;AAEA,MAAI,GAAI,SAAQ,KAAK;AACrB,MAAI,OAAQ,SAAQ,SAAS,EAAE,QAAQ,IAAI,kBAAkB,MAAM,CAAC,IAAI;AACxE,MAAI,OAAQ,SAAQ,WAAW,EAAE,QAAQ,IAAI,kBAAkB,MAAM,CAAC,IAAI;AAC1E,MAAI,SAAU,SAAQ,WAAW;AACjC,MAAI,WAAY,SAAQ,aAAa;AACrC,MAAI,UAAW,SAAQ,YAAY;AACnC,MAAI,YAAY,OAAW,SAAQ,UAAU;AAC7C,MAAI,aAAc,SAAQ,eAAe;AAEzC,QAAM,eAAuC;AAAA,IAC3C,QAAQ;AAAA,IACR,UAAU;AAAA,IACV,UAAU;AAAA,IACV,YAAY;AAAA,IACZ,UAAU;AAAA,IACV,WAAW;AAAA,IACX,WAAW;AAAA,EACb;AAEA,QAAM,eAAe,aAAa,aAAa,SAAS,IAAI,aAAa,SAAS,IAAI;AACtF,QAAM,UAAU,EAAE,CAAC,YAAY,GAAG,SAAS,QAAQ,MAAe;AAElE,QAAM,CAAC,MAAM,KAAK,IAAI,MAAM,GAAG;AAAA,IAC7B;AAAA,IACA;AAAA,IACA;AAAA,MACE,OAAO;AAAA,MACP,SAAS,OAAO,KAAK;AAAA,MACrB;AAAA,IACF;AAAA,EACF;AAEA,QAAM,QAAQ,KAAK,IAAI,CAAC,UAAU;AAAA,IAChC,IAAI,KAAK;AAAA,IACT,QAAQ,KAAK;AAAA,IACb,UAAU,KAAK;AAAA,IACf,aAAa,KAAK,eAAe;AAAA,IACjC,UAAU,KAAK;AAAA,IACf,cAAc,KAAK,gBAAgB;AAAA,IACnC,YAAY,KAAK;AAAA,IACjB,WAAW,KAAK,aAAa;AAAA,IAC7B,SAAS,KAAK;AAAA,IACd,UAAU,KAAK;AAAA,IACf,SAAS,KAAK;AAAA,IACd,eAAe,KAAK,gBAAgB,KAAK,cAAc,YAAY,IAAI;AAAA,IACvE,aAAa,KAAK,cAAc,KAAK,YAAY,YAAY,IAAI;AAAA,IACjE,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW,KAAK,UAAU,YAAY;AAAA,IACtC,WAAW,KAAK,UAAU,YAAY;AAAA,EACxC,EAAE;AAEF,QAAM,aAAa,KAAK,IAAI,GAAG,KAAK,KAAK,QAAQ,QAAQ,CAAC;AAE1D,SAAO,aAAa,KAAK,EAAE,OAAO,OAAO,OAAO,WAAW,CAAC;AAC9D;AAEA,eAAsB,KAAK,KAAc;AACvC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,QAAM,QAAQ,kCAAkC,UAAU,QAAQ,KAAK,SAAS,CAAC;AAEjF,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC1E;AAEA,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW,KAAK,OAAO,KAAK,SAAS;AAAA,EACvC;AAEA,QAAM,EAAE,EAAE,IAAI,MAAM,oBAAoB;AACxC,QAAM,SAAS,kCAAkC,CAAC;AAClD,QAAM,SAAS,OAAO,UAAU,OAAO;AACvC,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,SAAS,OAAO,MAAM,OAAO,IAAI,OAAK,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE;AAC/E,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,OAAO,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChG;AAEA,QAAM,OAAO;AAAA,IACX,GAAG,OAAO;AAAA,IACV,qBAAqB,OAAO,KAAK,uBAAuB;AAAA,EAC1D;AAEA,QAAM,OAAO,GAAG,OAAO,cAAc,IAAI;AAEzC,MAAI;AACF,UAAM,GAAG,QAAQ,IAAI,EAAE,MAAM;AAC7B,UAAM,qCAAqC,OAAO,KAAK,UAAU,KAAK,cAAc;AAAA,EACtF,SAAS,OAAO;AACd,YAAQ,MAAM,sDAAsD,KAAK;AACzE,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,EAAE,oCAAoC,EAAE;AAAA,MACjD,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AAEA,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,GAAG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC3D;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,QAAM,QAAQ,kCAAkC,UAAU,QAAQ,KAAK,SAAS,CAAC;AAEjF,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC1E;AAEA,MAAI,CAAC,KAAK,IAAI;AACZ,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC5E;AAEA,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH,WAAW,KAAK,OAAO,KAAK,SAAS;AAAA,EACvC;AACA,SAAQ,QAAoC;AAC5C,SAAQ,QAAoC;AAC5C,SAAQ,QAAoC;AAE5C,QAAM,EAAE,EAAE,IAAI,MAAM,oBAAoB;AACxC,QAAM,SAAS,wCAAwC,CAAC;AACxD,QAAM,SAAS,OAAO,UAAU,OAAO;AACvC,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,SAAS,OAAO,MAAM,OAAO,IAAI,OAAK,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE;AAC/E,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,OAAO,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChG;AAEA,QAAM,OAAO,MAAM,GAAG,QAAQ,cAAc;AAAA,IAC1C,IAAI,OAAO,KAAK;AAAA,IAChB,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,EACb,CAAC;AAED,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvE;AAEA,MAAI;AACF,iCAA6B;AAAA,MAC3B,cAAc;AAAA,MACd,YAAY,KAAK;AAAA,MACjB,SAAS,KAAK,aAAa;AAAA,MAC3B,SAAS;AAAA,IACX,CAAC;AAAA,EACH,SAAS,KAAK;AACZ,QAAI,gBAAgB,GAAG,GAAG;AACxB,aAAO,aAAa,KAAK,IAAI,MAAM,EAAE,QAAQ,IAAI,OAAO,CAAC;AAAA,IAC3D;AACA,UAAM;AAAA,EACR;AAEA,KAAG,OAAO,MAAM,OAAO,IAAI;AAE3B,MAAI;AACF,UAAM,GAAG,QAAQ,IAAI,EAAE,MAAM;AAC7B,UAAM,qCAAqC,OAAO,KAAK,UAAU,KAAK,cAAc;AAAA,EACtF,SAAS,OAAO;AACd,YAAQ,MAAM,yDAAyD,KAAK;AAC5E,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,EAAE,oCAAoC,EAAE;AAAA,MACjD,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AAEA,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEA,eAAsB,OAAO,KAAc;AACzC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,KAAK,IAAI,aAAa,IAAI,IAAI;AAEpC,MAAI,CAAC,IAAI;AACP,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC5E;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,QAAM,QAAQ,kCAAkC,UAAU,QAAQ,KAAK,SAAS,CAAC;AAEjF,QAAM,OAAO,MAAM,GAAG,QAAQ,cAAc;AAAA,IAC1C;AAAA,IACA,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,EACb,CAAC;AAED,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,iBAAiB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvE;AAEA,MAAI;AACF,iCAA6B;AAAA,MAC3B,cAAc;AAAA,MACd,YAAY,KAAK;AAAA,MACjB,SAAS,KAAK,aAAa;AAAA,MAC3B,SAAS;AAAA,IACX,CAAC;AAAA,EACH,SAAS,KAAK;AACZ,QAAI,gBAAgB,GAAG,GAAG;AACxB,aAAO,aAAa,KAAK,IAAI,MAAM,EAAE,QAAQ,IAAI,OAAO,CAAC;AAAA,IAC3D;AACA,UAAM;AAAA,EACR;AAEA,OAAK,YAAY,oBAAI,KAAK;AAC1B,QAAM,GAAG,QAAQ,IAAI,EAAE,MAAM;AAC7B,QAAM,qCAAqC,OAAO,KAAK,UAAU,KAAK,cAAc;AAEpF,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,6BAA6B,QAAQ,uBAAuB;AAAA,MAC1F;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,4BAA4B,QAAQ,oBAAoB;AAAA,QACpF,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,MAC1E;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,QAAQ;AAAA,QACV;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,oBAAoB;AAAA,QAC3E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,MAC1E;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,QAAQ;AAAA,QACV;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,oBAAoB;AAAA,QAC3E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,2BAA2B,QAAQ,oBAAoB;AAAA,MACrF;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,0BAA0B,EAAE,CAAC;AAAA,MAC9E,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,yBAAyB,QAAQ,iBAAiB;AAAA,MAChF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,oBAAoB;AAAA,QAC9E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,2BAA2B,QAAQ,oBAAoB;AAAA,MACrF;AAAA,IACF;AAAA,EACF;AACF;",
   "names": []
 }

package/dist/modules/business_rules/api/sets/route.js CHANGED Viewed

@@ -2,6 +2,8 @@ import { NextResponse } from "next/server";
 import { z } from "zod";
 import { getAuthFromRequest } from "@open-mercato/shared/lib/auth/server";
 import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
+import { isCrudHttpError } from "@open-mercato/shared/lib/crud/errors";
+import { enforceCommandOptimisticLock } from "@open-mercato/shared/lib/crud/optimistic-lock-command";
 import { RuleSet } from "../../data/entities.js";
 import { escapeLikePattern } from "@open-mercato/shared/lib/db/escapeLikePattern";
 import {
@@ -182,6 +184,19 @@ async function PUT(req) {
   if (!ruleSet) {
     return NextResponse.json({ error: "Rule set not found" }, { status: 404 });
   }
+  try {
+    enforceCommandOptimisticLock({
+      resourceKind: "business_rules.ruleSet",
+      resourceId: ruleSet.id,
+      current: ruleSet.updatedAt ?? null,
+      request: req
+    });
+  } catch (err) {
+    if (isCrudHttpError(err)) {
+      return NextResponse.json(err.body, { status: err.status });
+    }
+    throw err;
+  }
   em.assign(ruleSet, parsed.data);
   await em.persist(ruleSet).flush();
   return NextResponse.json({ ok: true });
@@ -207,6 +222,19 @@ async function DELETE(req) {
   if (!ruleSet) {
     return NextResponse.json({ error: "Rule set not found" }, { status: 404 });
   }
+  try {
+    enforceCommandOptimisticLock({
+      resourceKind: "business_rules.ruleSet",
+      resourceId: ruleSet.id,
+      current: ruleSet.updatedAt ?? null,
+      request: req
+    });
+  } catch (err) {
+    if (isCrudHttpError(err)) {
+      return NextResponse.json(err.body, { status: err.status });
+    }
+    throw err;
+  }
   ruleSet.deletedAt = /* @__PURE__ */ new Date();
   await em.persist(ruleSet).flush();
   return NextResponse.json({ ok: true });

package/dist/modules/business_rules/api/sets/route.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/modules/business_rules/api/sets/route.ts"],
-  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { RuleSet } from '../../data/entities'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { escapeLikePattern } from '@open-mercato/shared/lib/db/escapeLikePattern'\nimport {\n  createRuleSetSchema,\n  updateRuleSetSchema,\n} from '../../data/validators'\n\nconst querySchema = z.looseObject({\n  id: z.string().uuid().optional(),\n  page: z.coerce.number().min(1).default(1),\n  pageSize: z.coerce.number().min(1).max(100).default(50),\n  search: z.string().optional(),\n  setId: z.string().optional(),\n  enabled: z.coerce.boolean().optional(),\n  sortField: z.string().optional(),\n  sortDir: z.enum(['asc', 'desc']).optional().default('asc'),\n})\n\nconst ruleSetListItemSchema = z.object({\n  id: z.string().uuid(),\n  setId: z.string(),\n  setName: z.string(),\n  description: z.string().nullable(),\n  enabled: z.boolean(),\n  tenantId: z.string().uuid(),\n  organizationId: z.string().uuid(),\n  createdBy: z.string().nullable(),\n  updatedBy: z.string().nullable(),\n  createdAt: z.string(),\n  updatedAt: z.string(),\n})\n\nconst ruleSetListResponseSchema = z.object({\n  items: z.array(ruleSetListItemSchema),\n  total: z.number().int().nonnegative(),\n  totalPages: z.number().int().positive(),\n})\n\nconst ruleSetCreateResponseSchema = z.object({\n  id: z.string().uuid(),\n})\n\nconst okResponseSchema = z.object({\n  ok: z.literal(true),\n})\n\nconst errorResponseSchema = z.object({\n  error: z.string(),\n})\n\nconst routeMetadata = {\n  GET: { requireAuth: true, requireFeatures: ['business_rules.view'] },\n  POST: { requireAuth: true, requireFeatures: ['business_rules.manage_sets'] },\n  PUT: { requireAuth: true, requireFeatures: ['business_rules.manage_sets'] },\n  DELETE: { requireAuth: true, requireFeatures: ['business_rules.manage_sets'] },\n}\n\nexport const metadata = routeMetadata\n\nexport async function GET(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const url = new URL(req.url)\n  const parsed = querySchema.safeParse({\n    id: url.searchParams.get('id') || undefined,\n    page: url.searchParams.get('page') || undefined,\n    pageSize: url.searchParams.get('pageSize') || undefined,\n    search: url.searchParams.get('search') || undefined,\n    setId: url.searchParams.get('setId') || undefined,\n    enabled: url.searchParams.get('enabled') || undefined,\n    sortField: url.searchParams.get('sortField') || undefined,\n    sortDir: url.searchParams.get('sortDir') || undefined,\n  })\n\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid query parameters' }, { status: 400 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n\n  const { id, page, pageSize, search, setId, enabled, sortField, sortDir } = parsed.data\n\n  const filters: Record<string, any> = {\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    deletedAt: null,\n  }\n\n  if (id) filters.id = id\n  if (setId) filters.setId = { $ilike: `%${escapeLikePattern(setId)}%` }\n  if (search) filters.setName = { $ilike: `%${escapeLikePattern(search)}%` }\n  if (enabled !== undefined) filters.enabled = enabled\n\n  const sortFieldMap: Record<string, string> = {\n    setId: 'setId',\n    setName: 'setName',\n    enabled: 'enabled',\n    createdAt: 'createdAt',\n    updatedAt: 'updatedAt',\n  }\n\n  const orderByField = sortField && sortFieldMap[sortField] ? sortFieldMap[sortField] : 'setId'\n  const orderBy = { [orderByField]: sortDir }\n\n  const [rows, count] = await em.findAndCount(\n    RuleSet,\n    filters,\n    {\n      limit: pageSize,\n      offset: (page - 1) * pageSize,\n      orderBy,\n    }\n  )\n\n  const items = rows.map((set) => ({\n    id: set.id,\n    setId: set.setId,\n    setName: set.setName,\n    description: set.description ?? null,\n    enabled: set.enabled,\n    tenantId: set.tenantId,\n    organizationId: set.organizationId,\n    createdBy: set.createdBy ?? null,\n    updatedBy: set.updatedBy ?? null,\n    createdAt: set.createdAt.toISOString(),\n    updatedAt: set.updatedAt.toISOString(),\n  }))\n\n  const totalPages = Math.max(1, Math.ceil(count / pageSize))\n\n  return NextResponse.json({ items, total: count, totalPages })\n}\n\nexport async function POST(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n\n  let body: any\n  try {\n    body = await req.json()\n  } catch {\n    return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 })\n  }\n\n  const payload = {\n    ...body,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    createdBy: auth.sub ?? auth.email ?? null,\n  }\n\n  const parsed = createRuleSetSchema.safeParse(payload)\n  if (!parsed.success) {\n    const errors = parsed.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)\n    return NextResponse.json({ error: `Validation failed: ${errors.join(', ')}` }, { status: 400 })\n  }\n\n  const ruleSet = em.create(RuleSet, parsed.data)\n  await em.persist(ruleSet).flush()\n\n  return NextResponse.json({ id: ruleSet.id }, { status: 201 })\n}\n\nexport async function PUT(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n\n  let body: any\n  try {\n    body = await req.json()\n  } catch {\n    return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 })\n  }\n\n  if (!body.id) {\n    return NextResponse.json({ error: 'Rule set id is required' }, { status: 400 })\n  }\n\n  const payload = {\n    ...body,\n    updatedBy: auth.sub ?? auth.email ?? null,\n  }\n  delete (payload as Record<string, unknown>).tenantId\n  delete (payload as Record<string, unknown>).organizationId\n  delete (payload as Record<string, unknown>).createdBy\n\n  const parsed = updateRuleSetSchema.safeParse(payload)\n  if (!parsed.success) {\n    const errors = parsed.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)\n    return NextResponse.json({ error: `Validation failed: ${errors.join(', ')}` }, { status: 400 })\n  }\n\n  const ruleSet = await em.findOne(RuleSet, {\n    id: parsed.data.id,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    deletedAt: null,\n  })\n\n  if (!ruleSet) {\n    return NextResponse.json({ error: 'Rule set not found' }, { status: 404 })\n  }\n\n  em.assign(ruleSet, parsed.data)\n  await em.persist(ruleSet).flush()\n\n  return NextResponse.json({ ok: true })\n}\n\nexport async function DELETE(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const url = new URL(req.url)\n  const id = url.searchParams.get('id')\n\n  if (!id) {\n    return NextResponse.json({ error: 'Rule set id is required' }, { status: 400 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n\n  const ruleSet = await em.findOne(RuleSet, {\n    id,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    deletedAt: null,\n  })\n\n  if (!ruleSet) {\n    return NextResponse.json({ error: 'Rule set not found' }, { status: 404 })\n  }\n\n  ruleSet.deletedAt = new Date()\n  await em.persist(ruleSet).flush()\n\n  return NextResponse.json({ ok: true })\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: 'Business Rules',\n  summary: 'Rule set management',\n  methods: {\n    GET: {\n      summary: 'List rule sets',\n      description: 'Returns rule sets for the current tenant and organization with filtering and pagination.',\n      query: querySchema,\n      responses: [\n        { status: 200, description: 'Rule sets collection', schema: ruleSetListResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid query parameters', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n      ],\n    },\n    POST: {\n      summary: 'Create rule set',\n      description: 'Creates a new rule set for organizing business rules.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: createRuleSetSchema,\n      },\n      responses: [\n        {\n          status: 201,\n          description: 'Rule set created',\n          schema: ruleSetCreateResponseSchema,\n        },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n      ],\n    },\n    PUT: {\n      summary: 'Update rule set',\n      description: 'Updates an existing rule set.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: updateRuleSetSchema,\n      },\n      responses: [\n        {\n          status: 200,\n          description: 'Rule set updated',\n          schema: okResponseSchema,\n        },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n        { status: 404, description: 'Rule set not found', schema: errorResponseSchema },\n      ],\n    },\n    DELETE: {\n      summary: 'Delete rule set',\n      description: 'Soft deletes a rule set by identifier.',\n      query: z.object({ id: z.string().uuid().describe('Rule set identifier') }),\n      responses: [\n        { status: 200, description: 'Rule set deleted', schema: okResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid identifier', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n        { status: 404, description: 'Rule set not found', schema: errorResponseSchema },\n      ],\n    },\n  },\n}\n"],
-  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,eAAe;AAExB,SAAS,yBAAyB;AAClC;AAAA,EACE;AAAA,EACA;AAAA,OACK;AAEP,MAAM,cAAc,EAAE,YAAY;AAAA,EAChC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,EAC/B,MAAM,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,CAAC;AAAA,EACxC,UAAU,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,QAAQ,EAAE;AAAA,EACtD,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,SAAS,EAAE,OAAO,QAAQ,EAAE,SAAS;AAAA,EACrC,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,SAAS,EAAE,KAAK,CAAC,OAAO,MAAM,CAAC,EAAE,SAAS,EAAE,QAAQ,KAAK;AAC3D,CAAC;AAED,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,EACpB,OAAO,EAAE,OAAO;AAAA,EAChB,SAAS,EAAE,OAAO;AAAA,EAClB,aAAa,EAAE,OAAO,EAAE,SAAS;AAAA,EACjC,SAAS,EAAE,QAAQ;AAAA,EACnB,UAAU,EAAE,OAAO,EAAE,KAAK;AAAA,EAC1B,gBAAgB,EAAE,OAAO,EAAE,KAAK;AAAA,EAChC,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,WAAW,EAAE,OAAO;AAAA,EACpB,WAAW,EAAE,OAAO;AACtB,CAAC;AAED,MAAM,4BAA4B,EAAE,OAAO;AAAA,EACzC,OAAO,EAAE,MAAM,qBAAqB;AAAA,EACpC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY;AAAA,EACpC,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS;AACxC,CAAC;AAED,MAAM,8BAA8B,EAAE,OAAO;AAAA,EAC3C,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,MAAM,mBAAmB,EAAE,OAAO;AAAA,EAChC,IAAI,EAAE,QAAQ,IAAI;AACpB,CAAC;AAED,MAAM,sBAAsB,EAAE,OAAO;AAAA,EACnC,OAAO,EAAE,OAAO;AAClB,CAAC;AAED,MAAM,gBAAgB;AAAA,EACpB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,qBAAqB,EAAE;AAAA,EACnE,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,4BAA4B,EAAE;AAAA,EAC3E,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,4BAA4B,EAAE;AAAA,EAC1E,QAAQ,EAAE,aAAa,MAAM,iBAAiB,CAAC,4BAA4B,EAAE;AAC/E;AAEO,MAAM,WAAW;AAExB,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,SAAS,YAAY,UAAU;AAAA,IACnC,IAAI,IAAI,aAAa,IAAI,IAAI,KAAK;AAAA,IAClC,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,IACtC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,IAC9C,QAAQ,IAAI,aAAa,IAAI,QAAQ,KAAK;AAAA,IAC1C,OAAO,IAAI,aAAa,IAAI,OAAO,KAAK;AAAA,IACxC,SAAS,IAAI,aAAa,IAAI,SAAS,KAAK;AAAA,IAC5C,WAAW,IAAI,aAAa,IAAI,WAAW,KAAK;AAAA,IAChD,SAAS,IAAI,aAAa,IAAI,SAAS,KAAK;AAAA,EAC9C,CAAC;AAED,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,2BAA2B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjF;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,EAAE,IAAI,MAAM,UAAU,QAAQ,OAAO,SAAS,WAAW,QAAQ,IAAI,OAAO;AAElF,QAAM,UAA+B;AAAA,IACnC,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,EACb;AAEA,MAAI,GAAI,SAAQ,KAAK;AACrB,MAAI,MAAO,SAAQ,QAAQ,EAAE,QAAQ,IAAI,kBAAkB,KAAK,CAAC,IAAI;AACrE,MAAI,OAAQ,SAAQ,UAAU,EAAE,QAAQ,IAAI,kBAAkB,MAAM,CAAC,IAAI;AACzE,MAAI,YAAY,OAAW,SAAQ,UAAU;AAE7C,QAAM,eAAuC;AAAA,IAC3C,OAAO;AAAA,IACP,SAAS;AAAA,IACT,SAAS;AAAA,IACT,WAAW;AAAA,IACX,WAAW;AAAA,EACb;AAEA,QAAM,eAAe,aAAa,aAAa,SAAS,IAAI,aAAa,SAAS,IAAI;AACtF,QAAM,UAAU,EAAE,CAAC,YAAY,GAAG,QAAQ;AAE1C,QAAM,CAAC,MAAM,KAAK,IAAI,MAAM,GAAG;AAAA,IAC7B;AAAA,IACA;AAAA,IACA;AAAA,MACE,OAAO;AAAA,MACP,SAAS,OAAO,KAAK;AAAA,MACrB;AAAA,IACF;AAAA,EACF;AAEA,QAAM,QAAQ,KAAK,IAAI,CAAC,SAAS;AAAA,IAC/B,IAAI,IAAI;AAAA,IACR,OAAO,IAAI;AAAA,IACX,SAAS,IAAI;AAAA,IACb,aAAa,IAAI,eAAe;AAAA,IAChC,SAAS,IAAI;AAAA,IACb,UAAU,IAAI;AAAA,IACd,gBAAgB,IAAI;AAAA,IACpB,WAAW,IAAI,aAAa;AAAA,IAC5B,WAAW,IAAI,aAAa;AAAA,IAC5B,WAAW,IAAI,UAAU,YAAY;AAAA,IACrC,WAAW,IAAI,UAAU,YAAY;AAAA,EACvC,EAAE;AAEF,QAAM,aAAa,KAAK,IAAI,GAAG,KAAK,KAAK,QAAQ,QAAQ,CAAC;AAE1D,SAAO,aAAa,KAAK,EAAE,OAAO,OAAO,OAAO,WAAW,CAAC;AAC9D;AAEA,eAAsB,KAAK,KAAc;AACvC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC1E;AAEA,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW,KAAK,OAAO,KAAK,SAAS;AAAA,EACvC;AAEA,QAAM,SAAS,oBAAoB,UAAU,OAAO;AACpD,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,SAAS,OAAO,MAAM,OAAO,IAAI,OAAK,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE;AAC/E,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,OAAO,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChG;AAEA,QAAM,UAAU,GAAG,OAAO,SAAS,OAAO,IAAI;AAC9C,QAAM,GAAG,QAAQ,OAAO,EAAE,MAAM;AAEhC,SAAO,aAAa,KAAK,EAAE,IAAI,QAAQ,GAAG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC9D;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC1E;AAEA,MAAI,CAAC,KAAK,IAAI;AACZ,WAAO,aAAa,KAAK,EAAE,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChF;AAEA,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH,WAAW,KAAK,OAAO,KAAK,SAAS;AAAA,EACvC;AACA,SAAQ,QAAoC;AAC5C,SAAQ,QAAoC;AAC5C,SAAQ,QAAoC;AAE5C,QAAM,SAAS,oBAAoB,UAAU,OAAO;AACpD,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,SAAS,OAAO,MAAM,OAAO,IAAI,OAAK,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE;AAC/E,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,OAAO,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChG;AAEA,QAAM,UAAU,MAAM,GAAG,QAAQ,SAAS;AAAA,IACxC,IAAI,OAAO,KAAK;AAAA,IAChB,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,EACb,CAAC;AAED,MAAI,CAAC,SAAS;AACZ,WAAO,aAAa,KAAK,EAAE,OAAO,qBAAqB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3E;AAEA,KAAG,OAAO,SAAS,OAAO,IAAI;AAC9B,QAAM,GAAG,QAAQ,OAAO,EAAE,MAAM;AAEhC,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEA,eAAsB,OAAO,KAAc;AACzC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,KAAK,IAAI,aAAa,IAAI,IAAI;AAEpC,MAAI,CAAC,IAAI;AACP,WAAO,aAAa,KAAK,EAAE,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChF;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,UAAU,MAAM,GAAG,QAAQ,SAAS;AAAA,IACxC;AAAA,IACA,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,EACb,CAAC;AAED,MAAI,CAAC,SAAS;AACZ,WAAO,aAAa,KAAK,EAAE,OAAO,qBAAqB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3E;AAEA,UAAQ,YAAY,oBAAI,KAAK;AAC7B,QAAM,GAAG,QAAQ,OAAO,EAAE,MAAM;AAEhC,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,wBAAwB,QAAQ,0BAA0B;AAAA,MACxF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,4BAA4B,QAAQ,oBAAoB;AAAA,QACpF,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,MAC1E;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,QAAQ;AAAA,QACV;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,oBAAoB;AAAA,QAC3E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,MAC1E;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,QAAQ;AAAA,QACV;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,oBAAoB;AAAA,QAC3E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,oBAAoB;AAAA,MAChF;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,qBAAqB,EAAE,CAAC;AAAA,MACzE,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,oBAAoB,QAAQ,iBAAiB;AAAA,MAC3E;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,oBAAoB;AAAA,QAC9E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,oBAAoB;AAAA,MAChF;AAAA,IACF;AAAA,EACF;AACF;",
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { isCrudHttpError } from '@open-mercato/shared/lib/crud/errors'\nimport { enforceCommandOptimisticLock } from '@open-mercato/shared/lib/crud/optimistic-lock-command'\nimport { RuleSet } from '../../data/entities'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { escapeLikePattern } from '@open-mercato/shared/lib/db/escapeLikePattern'\nimport {\n  createRuleSetSchema,\n  updateRuleSetSchema,\n} from '../../data/validators'\n\nconst querySchema = z.looseObject({\n  id: z.string().uuid().optional(),\n  page: z.coerce.number().min(1).default(1),\n  pageSize: z.coerce.number().min(1).max(100).default(50),\n  search: z.string().optional(),\n  setId: z.string().optional(),\n  enabled: z.coerce.boolean().optional(),\n  sortField: z.string().optional(),\n  sortDir: z.enum(['asc', 'desc']).optional().default('asc'),\n})\n\nconst ruleSetListItemSchema = z.object({\n  id: z.string().uuid(),\n  setId: z.string(),\n  setName: z.string(),\n  description: z.string().nullable(),\n  enabled: z.boolean(),\n  tenantId: z.string().uuid(),\n  organizationId: z.string().uuid(),\n  createdBy: z.string().nullable(),\n  updatedBy: z.string().nullable(),\n  createdAt: z.string(),\n  updatedAt: z.string(),\n})\n\nconst ruleSetListResponseSchema = z.object({\n  items: z.array(ruleSetListItemSchema),\n  total: z.number().int().nonnegative(),\n  totalPages: z.number().int().positive(),\n})\n\nconst ruleSetCreateResponseSchema = z.object({\n  id: z.string().uuid(),\n})\n\nconst okResponseSchema = z.object({\n  ok: z.literal(true),\n})\n\nconst errorResponseSchema = z.object({\n  error: z.string(),\n})\n\nconst routeMetadata = {\n  GET: { requireAuth: true, requireFeatures: ['business_rules.view'] },\n  POST: { requireAuth: true, requireFeatures: ['business_rules.manage_sets'] },\n  PUT: { requireAuth: true, requireFeatures: ['business_rules.manage_sets'] },\n  DELETE: { requireAuth: true, requireFeatures: ['business_rules.manage_sets'] },\n}\n\nexport const metadata = routeMetadata\n\nexport async function GET(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const url = new URL(req.url)\n  const parsed = querySchema.safeParse({\n    id: url.searchParams.get('id') || undefined,\n    page: url.searchParams.get('page') || undefined,\n    pageSize: url.searchParams.get('pageSize') || undefined,\n    search: url.searchParams.get('search') || undefined,\n    setId: url.searchParams.get('setId') || undefined,\n    enabled: url.searchParams.get('enabled') || undefined,\n    sortField: url.searchParams.get('sortField') || undefined,\n    sortDir: url.searchParams.get('sortDir') || undefined,\n  })\n\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid query parameters' }, { status: 400 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n\n  const { id, page, pageSize, search, setId, enabled, sortField, sortDir } = parsed.data\n\n  const filters: Record<string, any> = {\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    deletedAt: null,\n  }\n\n  if (id) filters.id = id\n  if (setId) filters.setId = { $ilike: `%${escapeLikePattern(setId)}%` }\n  if (search) filters.setName = { $ilike: `%${escapeLikePattern(search)}%` }\n  if (enabled !== undefined) filters.enabled = enabled\n\n  const sortFieldMap: Record<string, string> = {\n    setId: 'setId',\n    setName: 'setName',\n    enabled: 'enabled',\n    createdAt: 'createdAt',\n    updatedAt: 'updatedAt',\n  }\n\n  const orderByField = sortField && sortFieldMap[sortField] ? sortFieldMap[sortField] : 'setId'\n  const orderBy = { [orderByField]: sortDir }\n\n  const [rows, count] = await em.findAndCount(\n    RuleSet,\n    filters,\n    {\n      limit: pageSize,\n      offset: (page - 1) * pageSize,\n      orderBy,\n    }\n  )\n\n  const items = rows.map((set) => ({\n    id: set.id,\n    setId: set.setId,\n    setName: set.setName,\n    description: set.description ?? null,\n    enabled: set.enabled,\n    tenantId: set.tenantId,\n    organizationId: set.organizationId,\n    createdBy: set.createdBy ?? null,\n    updatedBy: set.updatedBy ?? null,\n    createdAt: set.createdAt.toISOString(),\n    updatedAt: set.updatedAt.toISOString(),\n  }))\n\n  const totalPages = Math.max(1, Math.ceil(count / pageSize))\n\n  return NextResponse.json({ items, total: count, totalPages })\n}\n\nexport async function POST(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n\n  let body: any\n  try {\n    body = await req.json()\n  } catch {\n    return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 })\n  }\n\n  const payload = {\n    ...body,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    createdBy: auth.sub ?? auth.email ?? null,\n  }\n\n  const parsed = createRuleSetSchema.safeParse(payload)\n  if (!parsed.success) {\n    const errors = parsed.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)\n    return NextResponse.json({ error: `Validation failed: ${errors.join(', ')}` }, { status: 400 })\n  }\n\n  const ruleSet = em.create(RuleSet, parsed.data)\n  await em.persist(ruleSet).flush()\n\n  return NextResponse.json({ id: ruleSet.id }, { status: 201 })\n}\n\nexport async function PUT(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n\n  let body: any\n  try {\n    body = await req.json()\n  } catch {\n    return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 })\n  }\n\n  if (!body.id) {\n    return NextResponse.json({ error: 'Rule set id is required' }, { status: 400 })\n  }\n\n  const payload = {\n    ...body,\n    updatedBy: auth.sub ?? auth.email ?? null,\n  }\n  delete (payload as Record<string, unknown>).tenantId\n  delete (payload as Record<string, unknown>).organizationId\n  delete (payload as Record<string, unknown>).createdBy\n\n  const parsed = updateRuleSetSchema.safeParse(payload)\n  if (!parsed.success) {\n    const errors = parsed.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)\n    return NextResponse.json({ error: `Validation failed: ${errors.join(', ')}` }, { status: 400 })\n  }\n\n  const ruleSet = await em.findOne(RuleSet, {\n    id: parsed.data.id,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    deletedAt: null,\n  })\n\n  if (!ruleSet) {\n    return NextResponse.json({ error: 'Rule set not found' }, { status: 404 })\n  }\n\n  try {\n    enforceCommandOptimisticLock({\n      resourceKind: 'business_rules.ruleSet',\n      resourceId: ruleSet.id,\n      current: ruleSet.updatedAt ?? null,\n      request: req,\n    })\n  } catch (err) {\n    if (isCrudHttpError(err)) {\n      return NextResponse.json(err.body, { status: err.status })\n    }\n    throw err\n  }\n\n  em.assign(ruleSet, parsed.data)\n  await em.persist(ruleSet).flush()\n\n  return NextResponse.json({ ok: true })\n}\n\nexport async function DELETE(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n\n  const url = new URL(req.url)\n  const id = url.searchParams.get('id')\n\n  if (!id) {\n    return NextResponse.json({ error: 'Rule set id is required' }, { status: 400 })\n  }\n\n  const container = await createRequestContainer()\n  const em = container.resolve('em') as EntityManager\n\n  const ruleSet = await em.findOne(RuleSet, {\n    id,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n    deletedAt: null,\n  })\n\n  if (!ruleSet) {\n    return NextResponse.json({ error: 'Rule set not found' }, { status: 404 })\n  }\n\n  try {\n    enforceCommandOptimisticLock({\n      resourceKind: 'business_rules.ruleSet',\n      resourceId: ruleSet.id,\n      current: ruleSet.updatedAt ?? null,\n      request: req,\n    })\n  } catch (err) {\n    if (isCrudHttpError(err)) {\n      return NextResponse.json(err.body, { status: err.status })\n    }\n    throw err\n  }\n\n  ruleSet.deletedAt = new Date()\n  await em.persist(ruleSet).flush()\n\n  return NextResponse.json({ ok: true })\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: 'Business Rules',\n  summary: 'Rule set management',\n  methods: {\n    GET: {\n      summary: 'List rule sets',\n      description: 'Returns rule sets for the current tenant and organization with filtering and pagination.',\n      query: querySchema,\n      responses: [\n        { status: 200, description: 'Rule sets collection', schema: ruleSetListResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid query parameters', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n      ],\n    },\n    POST: {\n      summary: 'Create rule set',\n      description: 'Creates a new rule set for organizing business rules.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: createRuleSetSchema,\n      },\n      responses: [\n        {\n          status: 201,\n          description: 'Rule set created',\n          schema: ruleSetCreateResponseSchema,\n        },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n      ],\n    },\n    PUT: {\n      summary: 'Update rule set',\n      description: 'Updates an existing rule set.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: updateRuleSetSchema,\n      },\n      responses: [\n        {\n          status: 200,\n          description: 'Rule set updated',\n          schema: okResponseSchema,\n        },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n        { status: 404, description: 'Rule set not found', schema: errorResponseSchema },\n      ],\n    },\n    DELETE: {\n      summary: 'Delete rule set',\n      description: 'Soft deletes a rule set by identifier.',\n      query: z.object({ id: z.string().uuid().describe('Rule set identifier') }),\n      responses: [\n        { status: 200, description: 'Rule set deleted', schema: okResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid identifier', schema: errorResponseSchema },\n        { status: 401, description: 'Unauthorized', schema: errorResponseSchema },\n        { status: 404, description: 'Rule set not found', schema: errorResponseSchema },\n      ],\n    },\n  },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,uBAAuB;AAChC,SAAS,oCAAoC;AAC7C,SAAS,eAAe;AAExB,SAAS,yBAAyB;AAClC;AAAA,EACE;AAAA,EACA;AAAA,OACK;AAEP,MAAM,cAAc,EAAE,YAAY;AAAA,EAChC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AAAA,EAC/B,MAAM,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,CAAC;AAAA,EACxC,UAAU,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,QAAQ,EAAE;AAAA,EACtD,QAAQ,EAAE,OAAO,EAAE,SAAS;AAAA,EAC5B,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,SAAS,EAAE,OAAO,QAAQ,EAAE,SAAS;AAAA,EACrC,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,SAAS,EAAE,KAAK,CAAC,OAAO,MAAM,CAAC,EAAE,SAAS,EAAE,QAAQ,KAAK;AAC3D,CAAC;AAED,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,IAAI,EAAE,OAAO,EAAE,KAAK;AAAA,EACpB,OAAO,EAAE,OAAO;AAAA,EAChB,SAAS,EAAE,OAAO;AAAA,EAClB,aAAa,EAAE,OAAO,EAAE,SAAS;AAAA,EACjC,SAAS,EAAE,QAAQ;AAAA,EACnB,UAAU,EAAE,OAAO,EAAE,KAAK;AAAA,EAC1B,gBAAgB,EAAE,OAAO,EAAE,KAAK;AAAA,EAChC,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,WAAW,EAAE,OAAO;AAAA,EACpB,WAAW,EAAE,OAAO;AACtB,CAAC;AAED,MAAM,4BAA4B,EAAE,OAAO;AAAA,EACzC,OAAO,EAAE,MAAM,qBAAqB;AAAA,EACpC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY;AAAA,EACpC,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS;AACxC,CAAC;AAED,MAAM,8BAA8B,EAAE,OAAO;AAAA,EAC3C,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,MAAM,mBAAmB,EAAE,OAAO;AAAA,EAChC,IAAI,EAAE,QAAQ,IAAI;AACpB,CAAC;AAED,MAAM,sBAAsB,EAAE,OAAO;AAAA,EACnC,OAAO,EAAE,OAAO;AAClB,CAAC;AAED,MAAM,gBAAgB;AAAA,EACpB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,qBAAqB,EAAE;AAAA,EACnE,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,4BAA4B,EAAE;AAAA,EAC3E,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,4BAA4B,EAAE;AAAA,EAC1E,QAAQ,EAAE,aAAa,MAAM,iBAAiB,CAAC,4BAA4B,EAAE;AAC/E;AAEO,MAAM,WAAW;AAExB,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,SAAS,YAAY,UAAU;AAAA,IACnC,IAAI,IAAI,aAAa,IAAI,IAAI,KAAK;AAAA,IAClC,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,IACtC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,IAC9C,QAAQ,IAAI,aAAa,IAAI,QAAQ,KAAK;AAAA,IAC1C,OAAO,IAAI,aAAa,IAAI,OAAO,KAAK;AAAA,IACxC,SAAS,IAAI,aAAa,IAAI,SAAS,KAAK;AAAA,IAC5C,WAAW,IAAI,aAAa,IAAI,WAAW,KAAK;AAAA,IAChD,SAAS,IAAI,aAAa,IAAI,SAAS,KAAK;AAAA,EAC9C,CAAC;AAED,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,2BAA2B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjF;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,EAAE,IAAI,MAAM,UAAU,QAAQ,OAAO,SAAS,WAAW,QAAQ,IAAI,OAAO;AAElF,QAAM,UAA+B;AAAA,IACnC,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,EACb;AAEA,MAAI,GAAI,SAAQ,KAAK;AACrB,MAAI,MAAO,SAAQ,QAAQ,EAAE,QAAQ,IAAI,kBAAkB,KAAK,CAAC,IAAI;AACrE,MAAI,OAAQ,SAAQ,UAAU,EAAE,QAAQ,IAAI,kBAAkB,MAAM,CAAC,IAAI;AACzE,MAAI,YAAY,OAAW,SAAQ,UAAU;AAE7C,QAAM,eAAuC;AAAA,IAC3C,OAAO;AAAA,IACP,SAAS;AAAA,IACT,SAAS;AAAA,IACT,WAAW;AAAA,IACX,WAAW;AAAA,EACb;AAEA,QAAM,eAAe,aAAa,aAAa,SAAS,IAAI,aAAa,SAAS,IAAI;AACtF,QAAM,UAAU,EAAE,CAAC,YAAY,GAAG,QAAQ;AAE1C,QAAM,CAAC,MAAM,KAAK,IAAI,MAAM,GAAG;AAAA,IAC7B;AAAA,IACA;AAAA,IACA;AAAA,MACE,OAAO;AAAA,MACP,SAAS,OAAO,KAAK;AAAA,MACrB;AAAA,IACF;AAAA,EACF;AAEA,QAAM,QAAQ,KAAK,IAAI,CAAC,SAAS;AAAA,IAC/B,IAAI,IAAI;AAAA,IACR,OAAO,IAAI;AAAA,IACX,SAAS,IAAI;AAAA,IACb,aAAa,IAAI,eAAe;AAAA,IAChC,SAAS,IAAI;AAAA,IACb,UAAU,IAAI;AAAA,IACd,gBAAgB,IAAI;AAAA,IACpB,WAAW,IAAI,aAAa;AAAA,IAC5B,WAAW,IAAI,aAAa;AAAA,IAC5B,WAAW,IAAI,UAAU,YAAY;AAAA,IACrC,WAAW,IAAI,UAAU,YAAY;AAAA,EACvC,EAAE;AAEF,QAAM,aAAa,KAAK,IAAI,GAAG,KAAK,KAAK,QAAQ,QAAQ,CAAC;AAE1D,SAAO,aAAa,KAAK,EAAE,OAAO,OAAO,OAAO,WAAW,CAAC;AAC9D;AAEA,eAAsB,KAAK,KAAc;AACvC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC1E;AAEA,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW,KAAK,OAAO,KAAK,SAAS;AAAA,EACvC;AAEA,QAAM,SAAS,oBAAoB,UAAU,OAAO;AACpD,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,SAAS,OAAO,MAAM,OAAO,IAAI,OAAK,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE;AAC/E,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,OAAO,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChG;AAEA,QAAM,UAAU,GAAG,OAAO,SAAS,OAAO,IAAI;AAC9C,QAAM,GAAG,QAAQ,OAAO,EAAE,MAAM;AAEhC,SAAO,aAAa,KAAK,EAAE,IAAI,QAAQ,GAAG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC9D;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,MAAI;AACJ,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,OAAO,oBAAoB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC1E;AAEA,MAAI,CAAC,KAAK,IAAI;AACZ,WAAO,aAAa,KAAK,EAAE,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChF;AAEA,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH,WAAW,KAAK,OAAO,KAAK,SAAS;AAAA,EACvC;AACA,SAAQ,QAAoC;AAC5C,SAAQ,QAAoC;AAC5C,SAAQ,QAAoC;AAE5C,QAAM,SAAS,oBAAoB,UAAU,OAAO;AACpD,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,SAAS,OAAO,MAAM,OAAO,IAAI,OAAK,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE;AAC/E,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,OAAO,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChG;AAEA,QAAM,UAAU,MAAM,GAAG,QAAQ,SAAS;AAAA,IACxC,IAAI,OAAO,KAAK;AAAA,IAChB,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,EACb,CAAC;AAED,MAAI,CAAC,SAAS;AACZ,WAAO,aAAa,KAAK,EAAE,OAAO,qBAAqB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3E;AAEA,MAAI;AACF,iCAA6B;AAAA,MAC3B,cAAc;AAAA,MACd,YAAY,QAAQ;AAAA,MACpB,SAAS,QAAQ,aAAa;AAAA,MAC9B,SAAS;AAAA,IACX,CAAC;AAAA,EACH,SAAS,KAAK;AACZ,QAAI,gBAAgB,GAAG,GAAG;AACxB,aAAO,aAAa,KAAK,IAAI,MAAM,EAAE,QAAQ,IAAI,OAAO,CAAC;AAAA,IAC3D;AACA,UAAM;AAAA,EACR;AAEA,KAAG,OAAO,SAAS,OAAO,IAAI;AAC9B,QAAM,GAAG,QAAQ,OAAO,EAAE,MAAM;AAEhC,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEA,eAAsB,OAAO,KAAc;AACzC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,KAAK,IAAI,aAAa,IAAI,IAAI;AAEpC,MAAI,CAAC,IAAI;AACP,WAAO,aAAa,KAAK,EAAE,OAAO,0BAA0B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChF;AAEA,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,UAAU,MAAM,GAAG,QAAQ,SAAS;AAAA,IACxC;AAAA,IACA,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,IACrB,WAAW;AAAA,EACb,CAAC;AAED,MAAI,CAAC,SAAS;AACZ,WAAO,aAAa,KAAK,EAAE,OAAO,qBAAqB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3E;AAEA,MAAI;AACF,iCAA6B;AAAA,MAC3B,cAAc;AAAA,MACd,YAAY,QAAQ;AAAA,MACpB,SAAS,QAAQ,aAAa;AAAA,MAC9B,SAAS;AAAA,IACX,CAAC;AAAA,EACH,SAAS,KAAK;AACZ,QAAI,gBAAgB,GAAG,GAAG;AACxB,aAAO,aAAa,KAAK,IAAI,MAAM,EAAE,QAAQ,IAAI,OAAO,CAAC;AAAA,IAC3D;AACA,UAAM;AAAA,EACR;AAEA,UAAQ,YAAY,oBAAI,KAAK;AAC7B,QAAM,GAAG,QAAQ,OAAO,EAAE,MAAM;AAEhC,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,wBAAwB,QAAQ,0BAA0B;AAAA,MACxF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,4BAA4B,QAAQ,oBAAoB;AAAA,QACpF,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,MAC1E;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,QAAQ;AAAA,QACV;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,oBAAoB;AAAA,QAC3E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,MAC1E;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,QAAQ;AAAA,QACV;AAAA,MACF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,oBAAoB;AAAA,QAC3E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,oBAAoB;AAAA,MAChF;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,qBAAqB,EAAE,CAAC;AAAA,MACzE,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,oBAAoB,QAAQ,iBAAiB;AAAA,MAC3E;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,oBAAoB;AAAA,QAC9E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,oBAAoB;AAAA,QACxE,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,oBAAoB;AAAA,MAChF;AAAA,IACF;AAAA,EACF;AACF;",
   "names": []
 }

package/dist/modules/business_rules/backend/rules/[id]/page.js CHANGED Viewed

@@ -8,7 +8,10 @@ import { Page, PageBody } from "@open-mercato/ui/backend/Page";
 import { CrudForm } from "@open-mercato/ui/backend/CrudForm";
 import { Spinner } from "@open-mercato/ui/primitives/spinner";
 import { Button } from "@open-mercato/ui/primitives/button";
-import { apiFetch } from "@open-mercato/ui/backend/utils/api";
+import { apiFetch, withScopedApiHeaders } from "@open-mercato/ui/backend/utils/api";
+import { buildOptimisticLockHeader } from "@open-mercato/ui/backend/utils/optimisticLock";
+import { readJsonSafe } from "@open-mercato/ui/backend/utils/serverErrors";
+import { CrudHttpError } from "@open-mercato/shared/lib/crud/errors";
 import { useT } from "@open-mercato/shared/lib/i18n/context";
 import { useOrganizationScopeDetail } from "@open-mercato/shared/lib/frontend/useOrganizationScope";
 import {
@@ -55,7 +58,7 @@ function EditBusinessRulePage() {
       throw new Error(t("business_rules.errors.missingTenantOrOrg"));
     }
     const payload = buildRulePayload(values, effectiveTenantId, effectiveOrgId, void 0);
-    const response = await apiFetch("/api/business_rules/rules", {
+    const updateRule = () => apiFetch("/api/business_rules/rules", {
       method: "PUT",
       headers: { "Content-Type": "application/json" },
       body: JSON.stringify({
@@ -63,9 +66,12 @@ function EditBusinessRulePage() {
         id: ruleId
       })
     });
+    const headers = buildOptimisticLockHeader(rule?.updatedAt ?? rule?.updated_at ?? null);
+    const response = Object.keys(headers).length ? await withScopedApiHeaders(headers, updateRule) : await updateRule();
     if (!response.ok) {
-      const error2 = await response.json();
-      throw new Error(error2.error || error2.message || t("business_rules.errors.updateFailed"));
+      const body = await readJsonSafe(response) ?? {};
+      const message = typeof body.error === "string" && body.error || typeof body.message === "string" && body.message || t("business_rules.errors.updateFailed");
+      throw new CrudHttpError(response.status, { ...body, error: message });
     }
     router.push("/backend/rules");
     router.refresh();
@@ -98,6 +104,7 @@ function EditBusinessRulePage() {
       schema: businessRuleFormSchema,
       fields,
       initialValues,
+      optimisticLockUpdatedAt: rule?.updatedAt ?? rule?.updated_at ?? null,
       onSubmit: handleSubmit,
       cancelHref: "/backend/rules",
       groups: formGroups,

package/dist/modules/business_rules/backend/rules/[id]/page.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../../src/modules/business_rules/backend/rules/%5Bid%5D/page.tsx"],
-  "sourcesContent": ["\"use client\"\n\nimport * as React from 'react'\nimport Link from 'next/link'\nimport { useRouter, useParams } from 'next/navigation'\nimport { useQuery } from '@tanstack/react-query'\nimport { Page, PageBody } from '@open-mercato/ui/backend/Page'\nimport { CrudForm } from '@open-mercato/ui/backend/CrudForm'\nimport { Spinner } from '@open-mercato/ui/primitives/spinner'\nimport { Button } from '@open-mercato/ui/primitives/button'\nimport { apiFetch } from '@open-mercato/ui/backend/utils/api'\nimport { useT } from '@open-mercato/shared/lib/i18n/context'\nimport { useOrganizationScopeDetail } from '@open-mercato/shared/lib/frontend/useOrganizationScope'\nimport {\n  businessRuleFormSchema,\n  createFormGroups,\n  createFieldDefinitions,\n  type BusinessRuleFormValues,\n} from '../../../components/formConfig'\nimport { ConditionBuilder } from '../../../components/ConditionBuilder'\nimport { ActionBuilder } from '../../../components/ActionBuilder'\nimport { buildRulePayload, parseRuleToFormValues } from '../../../components/utils/formHelpers'\n\nexport default function EditBusinessRulePage() {\n  const router = useRouter()\n  const params = useParams()\n\n  // Handle catch-all route: params.slug = ['rules', 'uuid']\n  let ruleId: string | undefined\n  if (params?.slug && Array.isArray(params.slug)) {\n    ruleId = params.slug[1] // Second element is the ID\n  } else if (params?.id) {\n    ruleId = Array.isArray(params.id) ? params.id[0] : params.id\n  }\n\n  const t = useT()\n  const { organizationId, tenantId } = useOrganizationScopeDetail()\n\n  const { data: rule, isLoading, error } = useQuery({\n    queryKey: ['business_rule', ruleId],\n    queryFn: async () => {\n      const response = await apiFetch(`/api/business_rules/rules/${ruleId}`)\n      if (!response.ok) {\n        throw new Error(t('business_rules.errors.fetchFailed'))\n      }\n      const result = await response.json()\n      return result\n    },\n    enabled: !!ruleId,\n  })\n\n  const initialValues = React.useMemo(() => {\n    if (rule) {\n      return parseRuleToFormValues(rule)\n    }\n    return null\n  }, [rule])\n\n  const handleSubmit = async (values: BusinessRuleFormValues) => {\n    // Use tenant/org from the loaded rule if available, otherwise from context\n    const effectiveTenantId = rule?.tenantId || tenantId\n    const effectiveOrgId = rule?.organizationId || organizationId\n\n    if (!effectiveTenantId || !effectiveOrgId) {\n      throw new Error(t('business_rules.errors.missingTenantOrOrg'))\n    }\n\n    const payload = buildRulePayload(values, effectiveTenantId, effectiveOrgId, undefined)\n\n    const response = await apiFetch('/api/business_rules/rules', {\n      method: 'PUT',\n      headers: { 'Content-Type': 'application/json' },\n      body: JSON.stringify({\n        ...payload,\n        id: ruleId,\n      }),\n    })\n\n    if (!response.ok) {\n      const error = await response.json()\n      throw new Error(error.error || error.message || t('business_rules.errors.updateFailed'))\n    }\n\n    router.push('/backend/rules')\n    router.refresh()\n  }\n\n  const fields = React.useMemo(() => createFieldDefinitions(t), [t])\n\n  const formGroups = React.useMemo(\n    () => createFormGroups(t, ConditionBuilder, ActionBuilder),\n    [t]\n  )\n\n  if (isLoading) {\n    return (\n      <Page>\n        <PageBody>\n          <div className=\"flex h-[50vh] flex-col items-center justify-center gap-2 text-muted-foreground\">\n            <Spinner className=\"h-6 w-6\" />\n            <span>{t('business_rules.rules.edit.loading')}</span>\n          </div>\n        </PageBody>\n      </Page>\n    )\n  }\n\n  if (error || !rule) {\n    return (\n      <Page>\n        <PageBody>\n            <div className=\"flex h-[50vh] flex-col items-center justify-center gap-2 text-muted-foreground\">\n            <p>{t('business_rules.errors.loadFailed')}</p>\n            <Button asChild variant=\"outline\">\n              <Link href=\"/backend/rules\">{t('business_rules.rules.backToList')}</Link>\n            </Button>\n          </div>\n        </PageBody>\n      </Page>\n    )\n  }\n\n  if (!initialValues) {\n    return null\n  }\n\n  return (\n    <Page>\n      <PageBody>\n        <CrudForm\n          key={ruleId}\n          title={t('business_rules.rules.edit.title')}\n          backHref=\"/backend/rules\"\n          schema={businessRuleFormSchema}\n          fields={fields}\n          initialValues={initialValues}\n          onSubmit={handleSubmit}\n          cancelHref=\"/backend/rules\"\n          groups={formGroups}\n          submitLabel={t('business_rules.rules.form.update')}\n        />\n      </PageBody>\n    </Page>\n  )\n}\n"],
-  "mappings": ";AAkGU,SACE,KADF;AAhGV,YAAY,WAAW;AACvB,OAAO,UAAU;AACjB,SAAS,WAAW,iBAAiB;AACrC,SAAS,gBAAgB;AACzB,SAAS,MAAM,gBAAgB;AAC/B,SAAS,gBAAgB;AACzB,SAAS,eAAe;AACxB,SAAS,cAAc;AACvB,SAAS,gBAAgB;AACzB,SAAS,YAAY;AACrB,SAAS,kCAAkC;AAC3C;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OAEK;AACP,SAAS,wBAAwB;AACjC,SAAS,qBAAqB;AAC9B,SAAS,kBAAkB,6BAA6B;AAEzC,SAAR,uBAAwC;AAC7C,QAAM,SAAS,UAAU;AACzB,QAAM,SAAS,UAAU;AAGzB,MAAI;AACJ,MAAI,QAAQ,QAAQ,MAAM,QAAQ,OAAO,IAAI,GAAG;AAC9C,aAAS,OAAO,KAAK,CAAC;AAAA,EACxB,WAAW,QAAQ,IAAI;AACrB,aAAS,MAAM,QAAQ,OAAO,EAAE,IAAI,OAAO,GAAG,CAAC,IAAI,OAAO;AAAA,EAC5D;AAEA,QAAM,IAAI,KAAK;AACf,QAAM,EAAE,gBAAgB,SAAS,IAAI,2BAA2B;AAEhE,QAAM,EAAE,MAAM,MAAM,WAAW,MAAM,IAAI,SAAS;AAAA,IAChD,UAAU,CAAC,iBAAiB,MAAM;AAAA,IAClC,SAAS,YAAY;AACnB,YAAM,WAAW,MAAM,SAAS,6BAA6B,MAAM,EAAE;AACrE,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,IAAI,MAAM,EAAE,mCAAmC,CAAC;AAAA,MACxD;AACA,YAAM,SAAS,MAAM,SAAS,KAAK;AACnC,aAAO;AAAA,IACT;AAAA,IACA,SAAS,CAAC,CAAC;AAAA,EACb,CAAC;AAED,QAAM,gBAAgB,MAAM,QAAQ,MAAM;AACxC,QAAI,MAAM;AACR,aAAO,sBAAsB,IAAI;AAAA,IACnC;AACA,WAAO;AAAA,EACT,GAAG,CAAC,IAAI,CAAC;AAET,QAAM,eAAe,OAAO,WAAmC;AAE7D,UAAM,oBAAoB,MAAM,YAAY;AAC5C,UAAM,iBAAiB,MAAM,kBAAkB;AAE/C,QAAI,CAAC,qBAAqB,CAAC,gBAAgB;AACzC,YAAM,IAAI,MAAM,EAAE,0CAA0C,CAAC;AAAA,IAC/D;AAEA,UAAM,UAAU,iBAAiB,QAAQ,mBAAmB,gBAAgB,MAAS;AAErF,UAAM,WAAW,MAAM,SAAS,6BAA6B;AAAA,MAC3D,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU;AAAA,QACnB,GAAG;AAAA,QACH,IAAI;AAAA,MACN,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAMA,SAAQ,MAAM,SAAS,KAAK;AAClC,YAAM,IAAI,MAAMA,OAAM,SAASA,OAAM,WAAW,EAAE,oCAAoC,CAAC;AAAA,IACzF;AAEA,WAAO,KAAK,gBAAgB;AAC5B,WAAO,QAAQ;AAAA,EACjB;AAEA,QAAM,SAAS,MAAM,QAAQ,MAAM,uBAAuB,CAAC,GAAG,CAAC,CAAC,CAAC;AAEjE,QAAM,aAAa,MAAM;AAAA,IACvB,MAAM,iBAAiB,GAAG,kBAAkB,aAAa;AAAA,IACzD,CAAC,CAAC;AAAA,EACJ;AAEA,MAAI,WAAW;AACb,WACE,oBAAC,QACC,8BAAC,YACC,+BAAC,SAAI,WAAU,kFACb;AAAA,0BAAC,WAAQ,WAAU,WAAU;AAAA,MAC7B,oBAAC,UAAM,YAAE,mCAAmC,GAAE;AAAA,OAChD,GACF,GACF;AAAA,EAEJ;AAEA,MAAI,SAAS,CAAC,MAAM;AAClB,WACE,oBAAC,QACC,8BAAC,YACG,+BAAC,SAAI,WAAU,kFACf;AAAA,0BAAC,OAAG,YAAE,kCAAkC,GAAE;AAAA,MAC1C,oBAAC,UAAO,SAAO,MAAC,SAAQ,WACtB,8BAAC,QAAK,MAAK,kBAAkB,YAAE,iCAAiC,GAAE,GACpE;AAAA,OACF,GACF,GACF;AAAA,EAEJ;AAEA,MAAI,CAAC,eAAe;AAClB,WAAO;AAAA,EACT;AAEA,SACE,oBAAC,QACC,8BAAC,YACC;AAAA,IAAC;AAAA;AAAA,MAEC,OAAO,EAAE,iCAAiC;AAAA,MAC1C,UAAS;AAAA,MACT,QAAQ;AAAA,MACR;AAAA,MACA;AAAA,MACA,UAAU;AAAA,MACV,YAAW;AAAA,MACX,QAAQ;AAAA,MACR,aAAa,EAAE,kCAAkC;AAAA;AAAA,IAT5C;AAAA,EAUP,GACF,GACF;AAEJ;",
-  "names": ["error"]
+  "sourcesContent": ["\"use client\"\n\nimport * as React from 'react'\nimport Link from 'next/link'\nimport { useRouter, useParams } from 'next/navigation'\nimport { useQuery } from '@tanstack/react-query'\nimport { Page, PageBody } from '@open-mercato/ui/backend/Page'\nimport { CrudForm } from '@open-mercato/ui/backend/CrudForm'\nimport { Spinner } from '@open-mercato/ui/primitives/spinner'\nimport { Button } from '@open-mercato/ui/primitives/button'\nimport { apiFetch, withScopedApiHeaders } from '@open-mercato/ui/backend/utils/api'\nimport { buildOptimisticLockHeader } from '@open-mercato/ui/backend/utils/optimisticLock'\nimport { readJsonSafe } from '@open-mercato/ui/backend/utils/serverErrors'\nimport { CrudHttpError } from '@open-mercato/shared/lib/crud/errors'\nimport { useT } from '@open-mercato/shared/lib/i18n/context'\nimport { useOrganizationScopeDetail } from '@open-mercato/shared/lib/frontend/useOrganizationScope'\nimport {\n  businessRuleFormSchema,\n  createFormGroups,\n  createFieldDefinitions,\n  type BusinessRuleFormValues,\n} from '../../../components/formConfig'\nimport { ConditionBuilder } from '../../../components/ConditionBuilder'\nimport { ActionBuilder } from '../../../components/ActionBuilder'\nimport { buildRulePayload, parseRuleToFormValues } from '../../../components/utils/formHelpers'\n\nexport default function EditBusinessRulePage() {\n  const router = useRouter()\n  const params = useParams()\n\n  // Handle catch-all route: params.slug = ['rules', 'uuid']\n  let ruleId: string | undefined\n  if (params?.slug && Array.isArray(params.slug)) {\n    ruleId = params.slug[1] // Second element is the ID\n  } else if (params?.id) {\n    ruleId = Array.isArray(params.id) ? params.id[0] : params.id\n  }\n\n  const t = useT()\n  const { organizationId, tenantId } = useOrganizationScopeDetail()\n\n  const { data: rule, isLoading, error } = useQuery({\n    queryKey: ['business_rule', ruleId],\n    queryFn: async () => {\n      const response = await apiFetch(`/api/business_rules/rules/${ruleId}`)\n      if (!response.ok) {\n        throw new Error(t('business_rules.errors.fetchFailed'))\n      }\n      const result = await response.json()\n      return result\n    },\n    enabled: !!ruleId,\n  })\n\n  const initialValues = React.useMemo(() => {\n    if (rule) {\n      return parseRuleToFormValues(rule)\n    }\n    return null\n  }, [rule])\n\n  const handleSubmit = async (values: BusinessRuleFormValues) => {\n    // Use tenant/org from the loaded rule if available, otherwise from context\n    const effectiveTenantId = rule?.tenantId || tenantId\n    const effectiveOrgId = rule?.organizationId || organizationId\n\n    if (!effectiveTenantId || !effectiveOrgId) {\n      throw new Error(t('business_rules.errors.missingTenantOrOrg'))\n    }\n\n    const payload = buildRulePayload(values, effectiveTenantId, effectiveOrgId, undefined)\n\n    const updateRule = () => apiFetch('/api/business_rules/rules', {\n      method: 'PUT',\n      headers: { 'Content-Type': 'application/json' },\n      body: JSON.stringify({\n        ...payload,\n        id: ruleId,\n      }),\n    })\n    const headers = buildOptimisticLockHeader(rule?.updatedAt ?? rule?.updated_at ?? null)\n    const response = Object.keys(headers).length\n      ? await withScopedApiHeaders(headers, updateRule)\n      : await updateRule()\n\n    if (!response.ok) {\n      const body = (await readJsonSafe<Record<string, unknown>>(response)) ?? {}\n      const message =\n        (typeof body.error === 'string' && body.error) ||\n        (typeof body.message === 'string' && body.message) ||\n        t('business_rules.errors.updateFailed')\n      throw new CrudHttpError(response.status, { ...body, error: message })\n    }\n\n    router.push('/backend/rules')\n    router.refresh()\n  }\n\n  const fields = React.useMemo(() => createFieldDefinitions(t), [t])\n\n  const formGroups = React.useMemo(\n    () => createFormGroups(t, ConditionBuilder, ActionBuilder),\n    [t]\n  )\n\n  if (isLoading) {\n    return (\n      <Page>\n        <PageBody>\n          <div className=\"flex h-[50vh] flex-col items-center justify-center gap-2 text-muted-foreground\">\n            <Spinner className=\"h-6 w-6\" />\n            <span>{t('business_rules.rules.edit.loading')}</span>\n          </div>\n        </PageBody>\n      </Page>\n    )\n  }\n\n  if (error || !rule) {\n    return (\n      <Page>\n        <PageBody>\n            <div className=\"flex h-[50vh] flex-col items-center justify-center gap-2 text-muted-foreground\">\n            <p>{t('business_rules.errors.loadFailed')}</p>\n            <Button asChild variant=\"outline\">\n              <Link href=\"/backend/rules\">{t('business_rules.rules.backToList')}</Link>\n            </Button>\n          </div>\n        </PageBody>\n      </Page>\n    )\n  }\n\n  if (!initialValues) {\n    return null\n  }\n\n  return (\n    <Page>\n      <PageBody>\n        <CrudForm\n          key={ruleId}\n          title={t('business_rules.rules.edit.title')}\n          backHref=\"/backend/rules\"\n          schema={businessRuleFormSchema}\n          fields={fields}\n          initialValues={initialValues}\n          optimisticLockUpdatedAt={rule?.updatedAt ?? rule?.updated_at ?? null}\n          onSubmit={handleSubmit}\n          cancelHref=\"/backend/rules\"\n          groups={formGroups}\n          submitLabel={t('business_rules.rules.form.update')}\n        />\n      </PageBody>\n    </Page>\n  )\n}\n"],
+  "mappings": ";AA6GU,SACE,KADF;AA3GV,YAAY,WAAW;AACvB,OAAO,UAAU;AACjB,SAAS,WAAW,iBAAiB;AACrC,SAAS,gBAAgB;AACzB,SAAS,MAAM,gBAAgB;AAC/B,SAAS,gBAAgB;AACzB,SAAS,eAAe;AACxB,SAAS,cAAc;AACvB,SAAS,UAAU,4BAA4B;AAC/C,SAAS,iCAAiC;AAC1C,SAAS,oBAAoB;AAC7B,SAAS,qBAAqB;AAC9B,SAAS,YAAY;AACrB,SAAS,kCAAkC;AAC3C;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OAEK;AACP,SAAS,wBAAwB;AACjC,SAAS,qBAAqB;AAC9B,SAAS,kBAAkB,6BAA6B;AAEzC,SAAR,uBAAwC;AAC7C,QAAM,SAAS,UAAU;AACzB,QAAM,SAAS,UAAU;AAGzB,MAAI;AACJ,MAAI,QAAQ,QAAQ,MAAM,QAAQ,OAAO,IAAI,GAAG;AAC9C,aAAS,OAAO,KAAK,CAAC;AAAA,EACxB,WAAW,QAAQ,IAAI;AACrB,aAAS,MAAM,QAAQ,OAAO,EAAE,IAAI,OAAO,GAAG,CAAC,IAAI,OAAO;AAAA,EAC5D;AAEA,QAAM,IAAI,KAAK;AACf,QAAM,EAAE,gBAAgB,SAAS,IAAI,2BAA2B;AAEhE,QAAM,EAAE,MAAM,MAAM,WAAW,MAAM,IAAI,SAAS;AAAA,IAChD,UAAU,CAAC,iBAAiB,MAAM;AAAA,IAClC,SAAS,YAAY;AACnB,YAAM,WAAW,MAAM,SAAS,6BAA6B,MAAM,EAAE;AACrE,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,IAAI,MAAM,EAAE,mCAAmC,CAAC;AAAA,MACxD;AACA,YAAM,SAAS,MAAM,SAAS,KAAK;AACnC,aAAO;AAAA,IACT;AAAA,IACA,SAAS,CAAC,CAAC;AAAA,EACb,CAAC;AAED,QAAM,gBAAgB,MAAM,QAAQ,MAAM;AACxC,QAAI,MAAM;AACR,aAAO,sBAAsB,IAAI;AAAA,IACnC;AACA,WAAO;AAAA,EACT,GAAG,CAAC,IAAI,CAAC;AAET,QAAM,eAAe,OAAO,WAAmC;AAE7D,UAAM,oBAAoB,MAAM,YAAY;AAC5C,UAAM,iBAAiB,MAAM,kBAAkB;AAE/C,QAAI,CAAC,qBAAqB,CAAC,gBAAgB;AACzC,YAAM,IAAI,MAAM,EAAE,0CAA0C,CAAC;AAAA,IAC/D;AAEA,UAAM,UAAU,iBAAiB,QAAQ,mBAAmB,gBAAgB,MAAS;AAErF,UAAM,aAAa,MAAM,SAAS,6BAA6B;AAAA,MAC7D,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU;AAAA,QACnB,GAAG;AAAA,QACH,IAAI;AAAA,MACN,CAAC;AAAA,IACH,CAAC;AACD,UAAM,UAAU,0BAA0B,MAAM,aAAa,MAAM,cAAc,IAAI;AACrF,UAAM,WAAW,OAAO,KAAK,OAAO,EAAE,SAClC,MAAM,qBAAqB,SAAS,UAAU,IAC9C,MAAM,WAAW;AAErB,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,OAAQ,MAAM,aAAsC,QAAQ,KAAM,CAAC;AACzE,YAAM,UACH,OAAO,KAAK,UAAU,YAAY,KAAK,SACvC,OAAO,KAAK,YAAY,YAAY,KAAK,WAC1C,EAAE,oCAAoC;AACxC,YAAM,IAAI,cAAc,SAAS,QAAQ,EAAE,GAAG,MAAM,OAAO,QAAQ,CAAC;AAAA,IACtE;AAEA,WAAO,KAAK,gBAAgB;AAC5B,WAAO,QAAQ;AAAA,EACjB;AAEA,QAAM,SAAS,MAAM,QAAQ,MAAM,uBAAuB,CAAC,GAAG,CAAC,CAAC,CAAC;AAEjE,QAAM,aAAa,MAAM;AAAA,IACvB,MAAM,iBAAiB,GAAG,kBAAkB,aAAa;AAAA,IACzD,CAAC,CAAC;AAAA,EACJ;AAEA,MAAI,WAAW;AACb,WACE,oBAAC,QACC,8BAAC,YACC,+BAAC,SAAI,WAAU,kFACb;AAAA,0BAAC,WAAQ,WAAU,WAAU;AAAA,MAC7B,oBAAC,UAAM,YAAE,mCAAmC,GAAE;AAAA,OAChD,GACF,GACF;AAAA,EAEJ;AAEA,MAAI,SAAS,CAAC,MAAM;AAClB,WACE,oBAAC,QACC,8BAAC,YACG,+BAAC,SAAI,WAAU,kFACf;AAAA,0BAAC,OAAG,YAAE,kCAAkC,GAAE;AAAA,MAC1C,oBAAC,UAAO,SAAO,MAAC,SAAQ,WACtB,8BAAC,QAAK,MAAK,kBAAkB,YAAE,iCAAiC,GAAE,GACpE;AAAA,OACF,GACF,GACF;AAAA,EAEJ;AAEA,MAAI,CAAC,eAAe;AAClB,WAAO;AAAA,EACT;AAEA,SACE,oBAAC,QACC,8BAAC,YACC;AAAA,IAAC;AAAA;AAAA,MAEC,OAAO,EAAE,iCAAiC;AAAA,MAC1C,UAAS;AAAA,MACT,QAAQ;AAAA,MACR;AAAA,MACA;AAAA,MACA,yBAAyB,MAAM,aAAa,MAAM,cAAc;AAAA,MAChE,UAAU;AAAA,MACV,YAAW;AAAA,MACX,QAAQ;AAAA,MACR,aAAa,EAAE,kCAAkC;AAAA;AAAA,IAV5C;AAAA,EAWP,GACF,GACF;AAEJ;",
+  "names": []
 }

package/dist/modules/business_rules/backend/rules/page.js CHANGED Viewed

@@ -7,7 +7,8 @@ import { Page, PageBody } from "@open-mercato/ui/backend/Page";
 import { DataTable } from "@open-mercato/ui/backend/DataTable";
 import { Button } from "@open-mercato/ui/primitives/button";
 import { RowActions } from "@open-mercato/ui/backend/RowActions";
-import { apiCall } from "@open-mercato/ui/backend/utils/apiCall";
+import { apiCall, withScopedApiRequestHeaders } from "@open-mercato/ui/backend/utils/apiCall";
+import { buildOptimisticLockHeader } from "@open-mercato/ui/backend/utils/optimisticLock";
 import { flash } from "@open-mercato/ui/backend/FlashMessages";
 import { useQuery, useQueryClient } from "@tanstack/react-query";
 import { useT } from "@open-mercato/shared/lib/i18n/context";
@@ -55,9 +56,13 @@ function RulesListPage() {
       variant: "destructive"
     });
     if (!confirmed) return;
-    const result = await apiCall(`/api/business_rules/rules?id=${id}`, {
-      method: "DELETE"
-    });
+    const record = (data || []).find((item) => item.id === id);
+    const result = await withScopedApiRequestHeaders(
+      buildOptimisticLockHeader(record?.updatedAt),
+      () => apiCall(`/api/business_rules/rules?id=${id}`, {
+        method: "DELETE"
+      })
+    );
     if (result.ok) {
       flash(t("business_rules.messages.deleted"), "success");
       queryClient.invalidateQueries({ queryKey: ["business-rules"] });
@@ -66,14 +71,18 @@ function RulesListPage() {
     }
   };
   const handleToggleEnabled = async (id, currentEnabled) => {
-    const result = await apiCall("/api/business_rules/rules", {
-      method: "PUT",
-      headers: { "Content-Type": "application/json" },
-      body: JSON.stringify({
-        id,
-        enabled: !currentEnabled
+    const record = (data || []).find((item) => item.id === id);
+    const result = await withScopedApiRequestHeaders(
+      buildOptimisticLockHeader(record?.updatedAt),
+      () => apiCall("/api/business_rules/rules", {
+        method: "PUT",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          id,
+          enabled: !currentEnabled
+        })
       })
-    });
+    );
     if (result.ok) {
       flash(t("business_rules.messages.updated"), "success");
       queryClient.invalidateQueries({ queryKey: ["business-rules"] });