npm - @open-mercato/ui - Versions diffs - 0.4.2-canary-c02407ff85 - Mend

@open-mercato/ui 0.4.2-canary-c02407ff85

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (319) hide show

package/build.mjs +62 -0
package/dist/backend/AppShell.js +902 -0
package/dist/backend/AppShell.js.map +7 -0
package/dist/backend/ConfirmDialog.js +17 -0
package/dist/backend/ConfirmDialog.js.map +7 -0
package/dist/backend/ContextHelp.js +31 -0
package/dist/backend/ContextHelp.js.map +7 -0
package/dist/backend/CrudForm.js +2028 -0
package/dist/backend/CrudForm.js.map +7 -0
package/dist/backend/DataTable.js +1363 -0
package/dist/backend/DataTable.js.map +7 -0
package/dist/backend/EmptyState.js +52 -0
package/dist/backend/EmptyState.js.map +7 -0
package/dist/backend/FilterBar.js +140 -0
package/dist/backend/FilterBar.js.map +7 -0
package/dist/backend/FilterOverlay.js +279 -0
package/dist/backend/FilterOverlay.js.map +7 -0
package/dist/backend/FlashMessages.js +66 -0
package/dist/backend/FlashMessages.js.map +7 -0
package/dist/backend/JsonBuilder.js +322 -0
package/dist/backend/JsonBuilder.js.map +7 -0
package/dist/backend/JsonDisplay.js +203 -0
package/dist/backend/JsonDisplay.js.map +7 -0
package/dist/backend/Page.js +27 -0
package/dist/backend/Page.js.map +7 -0
package/dist/backend/PerspectiveSidebar.js +282 -0
package/dist/backend/PerspectiveSidebar.js.map +7 -0
package/dist/backend/RowActions.js +148 -0
package/dist/backend/RowActions.js.map +7 -0
package/dist/backend/TruncatedCell.js +92 -0
package/dist/backend/TruncatedCell.js.map +7 -0
package/dist/backend/UserMenu.js +107 -0
package/dist/backend/UserMenu.js.map +7 -0
package/dist/backend/ValueIcons.js +34 -0
package/dist/backend/ValueIcons.js.map +7 -0
package/dist/backend/custom-fields/FieldDefinitionsEditor.js +1264 -0
package/dist/backend/custom-fields/FieldDefinitionsEditor.js.map +7 -0
package/dist/backend/custom-fields/FieldDefinitionsManager.js +332 -0
package/dist/backend/custom-fields/FieldDefinitionsManager.js.map +7 -0
package/dist/backend/dashboard/DashboardScreen.js +578 -0
package/dist/backend/dashboard/DashboardScreen.js.map +7 -0
package/dist/backend/dashboard/index.js +5 -0
package/dist/backend/dashboard/index.js.map +7 -0
package/dist/backend/dashboard/widgetRegistry.js +55 -0
package/dist/backend/dashboard/widgetRegistry.js.map +7 -0
package/dist/backend/detail/ActivitiesSection.js +962 -0
package/dist/backend/detail/ActivitiesSection.js.map +7 -0
package/dist/backend/detail/AddressEditor.js +413 -0
package/dist/backend/detail/AddressEditor.js.map +7 -0
package/dist/backend/detail/AddressTiles.js +437 -0
package/dist/backend/detail/AddressTiles.js.map +7 -0
package/dist/backend/detail/AddressesSection.js +264 -0
package/dist/backend/detail/AddressesSection.js.map +7 -0
package/dist/backend/detail/AttachmentDeleteDialog.js +41 -0
package/dist/backend/detail/AttachmentDeleteDialog.js.map +7 -0
package/dist/backend/detail/AttachmentMetadataDialog.js +517 -0
package/dist/backend/detail/AttachmentMetadataDialog.js.map +7 -0
package/dist/backend/detail/AttachmentsSection.js +367 -0
package/dist/backend/detail/AttachmentsSection.js.map +7 -0
package/dist/backend/detail/CustomDataSection.js +433 -0
package/dist/backend/detail/CustomDataSection.js.map +7 -0
package/dist/backend/detail/DetailFieldsSection.js +75 -0
package/dist/backend/detail/DetailFieldsSection.js.map +7 -0
package/dist/backend/detail/ErrorMessage.js +28 -0
package/dist/backend/detail/ErrorMessage.js.map +7 -0
package/dist/backend/detail/InlineEditors.js +681 -0
package/dist/backend/detail/InlineEditors.js.map +7 -0
package/dist/backend/detail/LoadingMessage.js +14 -0
package/dist/backend/detail/LoadingMessage.js.map +7 -0
package/dist/backend/detail/NotesSection.js +1032 -0
package/dist/backend/detail/NotesSection.js.map +7 -0
package/dist/backend/detail/TabEmptyState.js +25 -0
package/dist/backend/detail/TabEmptyState.js.map +7 -0
package/dist/backend/detail/TagsSection.js +254 -0
package/dist/backend/detail/TagsSection.js.map +7 -0
package/dist/backend/detail/addressFormat.js +77 -0
package/dist/backend/detail/addressFormat.js.map +7 -0
package/dist/backend/detail/index.js +34 -0
package/dist/backend/detail/index.js.map +7 -0
package/dist/backend/fields/registry.generated.js +8 -0
package/dist/backend/fields/registry.generated.js.map +7 -0
package/dist/backend/fields/registry.js +29 -0
package/dist/backend/fields/registry.js.map +7 -0
package/dist/backend/indexes/PartialIndexBanner.js +58 -0
package/dist/backend/indexes/PartialIndexBanner.js.map +7 -0
package/dist/backend/indexes/store.js +62 -0
package/dist/backend/indexes/store.js.map +7 -0
package/dist/backend/injection/InjectionSpot.js +179 -0
package/dist/backend/injection/InjectionSpot.js.map +7 -0
package/dist/backend/injection/PageInjectionBoundary.js +26 -0
package/dist/backend/injection/PageInjectionBoundary.js.map +7 -0
package/dist/backend/injection/helpers.js +26 -0
package/dist/backend/injection/helpers.js.map +7 -0
package/dist/backend/injection/widgetRegistry.js +55 -0
package/dist/backend/injection/widgetRegistry.js.map +7 -0
package/dist/backend/inputs/ComboboxInput.js +225 -0
package/dist/backend/inputs/ComboboxInput.js.map +7 -0
package/dist/backend/inputs/LookupSelect.js +191 -0
package/dist/backend/inputs/LookupSelect.js.map +7 -0
package/dist/backend/inputs/PhoneNumberField.js +100 -0
package/dist/backend/inputs/PhoneNumberField.js.map +7 -0
package/dist/backend/inputs/SwitchableMarkdownInput.js +92 -0
package/dist/backend/inputs/SwitchableMarkdownInput.js.map +7 -0
package/dist/backend/inputs/TagsInput.js +222 -0
package/dist/backend/inputs/TagsInput.js.map +7 -0
package/dist/backend/inputs/index.js +6 -0
package/dist/backend/inputs/index.js.map +7 -0
package/dist/backend/operations/LastOperationBanner.js +80 -0
package/dist/backend/operations/LastOperationBanner.js.map +7 -0
package/dist/backend/operations/store.js +183 -0
package/dist/backend/operations/store.js.map +7 -0
package/dist/backend/schedule/ScheduleAgenda.js +107 -0
package/dist/backend/schedule/ScheduleAgenda.js.map +7 -0
package/dist/backend/schedule/ScheduleGrid.js +107 -0
package/dist/backend/schedule/ScheduleGrid.js.map +7 -0
package/dist/backend/schedule/ScheduleToolbar.js +166 -0
package/dist/backend/schedule/ScheduleToolbar.js.map +7 -0
package/dist/backend/schedule/ScheduleView.js +165 -0
package/dist/backend/schedule/ScheduleView.js.map +7 -0
package/dist/backend/schedule/index.js +6 -0
package/dist/backend/schedule/index.js.map +7 -0
package/dist/backend/schedule/recurrence.js +83 -0
package/dist/backend/schedule/recurrence.js.map +7 -0
package/dist/backend/schedule/types.js +1 -0
package/dist/backend/schedule/types.js.map +7 -0
package/dist/backend/upgrades/UpgradeActionBanner.js +91 -0
package/dist/backend/upgrades/UpgradeActionBanner.js.map +7 -0
package/dist/backend/utils/api.js +127 -0
package/dist/backend/utils/api.js.map +7 -0
package/dist/backend/utils/apiCall.js +48 -0
package/dist/backend/utils/apiCall.js.map +7 -0
package/dist/backend/utils/crud.js +126 -0
package/dist/backend/utils/crud.js.map +7 -0
package/dist/backend/utils/customFieldColumns.js +56 -0
package/dist/backend/utils/customFieldColumns.js.map +7 -0
package/dist/backend/utils/customFieldDefs.js +143 -0
package/dist/backend/utils/customFieldDefs.js.map +7 -0
package/dist/backend/utils/customFieldFilters.js +126 -0
package/dist/backend/utils/customFieldFilters.js.map +7 -0
package/dist/backend/utils/customFieldForms.js +162 -0
package/dist/backend/utils/customFieldForms.js.map +7 -0
package/dist/backend/utils/customFieldValues.js +26 -0
package/dist/backend/utils/customFieldValues.js.map +7 -0
package/dist/backend/utils/flash.js +16 -0
package/dist/backend/utils/flash.js.map +7 -0
package/dist/backend/utils/nav.js +185 -0
package/dist/backend/utils/nav.js.map +7 -0
package/dist/backend/utils/serverErrors.js +230 -0
package/dist/backend/utils/serverErrors.js.map +7 -0
package/dist/frontend/AuthFooter.js +23 -0
package/dist/frontend/AuthFooter.js.map +7 -0
package/dist/frontend/LanguageSwitcher.js +57 -0
package/dist/frontend/LanguageSwitcher.js.map +7 -0
package/dist/frontend/Layout.js +14 -0
package/dist/frontend/Layout.js.map +7 -0
package/dist/index.js +32 -0
package/dist/index.js.map +7 -0
package/dist/primitives/DataLoader.js +67 -0
package/dist/primitives/DataLoader.js.map +7 -0
package/dist/primitives/ErrorNotice.js +20 -0
package/dist/primitives/ErrorNotice.js.map +7 -0
package/dist/primitives/alert.js +38 -0
package/dist/primitives/alert.js.map +7 -0
package/dist/primitives/badge.js +28 -0
package/dist/primitives/badge.js.map +7 -0
package/dist/primitives/button.js +44 -0
package/dist/primitives/button.js.map +7 -0
package/dist/primitives/card.js +91 -0
package/dist/primitives/card.js.map +7 -0
package/dist/primitives/checkbox.js +28 -0
package/dist/primitives/checkbox.js.map +7 -0
package/dist/primitives/dialog.js +90 -0
package/dist/primitives/dialog.js.map +7 -0
package/dist/primitives/input.js +22 -0
package/dist/primitives/input.js.map +7 -0
package/dist/primitives/label.js +21 -0
package/dist/primitives/label.js.map +7 -0
package/dist/primitives/separator.js +9 -0
package/dist/primitives/separator.js.map +7 -0
package/dist/primitives/spinner.js +24 -0
package/dist/primitives/spinner.js.map +7 -0
package/dist/primitives/switch.js +80 -0
package/dist/primitives/switch.js.map +7 -0
package/dist/primitives/table.js +29 -0
package/dist/primitives/table.js.map +7 -0
package/dist/primitives/tabs.js +87 -0
package/dist/primitives/tabs.js.map +7 -0
package/dist/primitives/textarea.js +21 -0
package/dist/primitives/textarea.js.map +7 -0
package/dist/primitives/tooltip.js +60 -0
package/dist/primitives/tooltip.js.map +7 -0
package/dist/theme/QueryProvider.js +44 -0
package/dist/theme/QueryProvider.js.map +7 -0
package/dist/theme/ThemeProvider.js +95 -0
package/dist/theme/ThemeProvider.js.map +7 -0
package/dist/theme/ThemeToggle.js +88 -0
package/dist/theme/ThemeToggle.js.map +7 -0
package/dist/theme/index.js +10 -0
package/dist/theme/index.js.map +7 -0
package/dist/types/react-big-calendar.d.js +1 -0
package/dist/types/react-big-calendar.d.js.map +7 -0
package/jest.config.cjs +23 -0
package/jest.setup.ts +55 -0
package/package.json +105 -0
package/src/backend/AppShell.tsx +1096 -0
package/src/backend/ConfirmDialog.tsx +19 -0
package/src/backend/ContextHelp.tsx +38 -0
package/src/backend/CrudForm.tsx +2503 -0
package/src/backend/DataTable.tsx +1730 -0
package/src/backend/EmptyState.tsx +65 -0
package/src/backend/FilterBar.tsx +161 -0
package/src/backend/FilterOverlay.tsx +328 -0
package/src/backend/FlashMessages.tsx +82 -0
package/src/backend/JsonBuilder.tsx +362 -0
package/src/backend/JsonDisplay.tsx +254 -0
package/src/backend/Page.tsx +30 -0
package/src/backend/PerspectiveSidebar.tsx +337 -0
package/src/backend/RowActions.tsx +151 -0
package/src/backend/TruncatedCell.tsx +133 -0
package/src/backend/UserMenu.tsx +118 -0
package/src/backend/ValueIcons.tsx +48 -0
package/src/backend/__tests__/AppShell.test.tsx +115 -0
package/src/backend/__tests__/CrudForm.render.test.tsx +30 -0
package/src/backend/__tests__/DataTable.render.test.tsx +48 -0
package/src/backend/__tests__/custom-field-filters.test.ts +72 -0
package/src/backend/__tests__/custom-field-forms.test.ts +54 -0
package/src/backend/__tests__/serverErrors.test.ts +83 -0
package/src/backend/custom-fields/FieldDefinitionsEditor.tsx +1292 -0
package/src/backend/custom-fields/FieldDefinitionsManager.tsx +381 -0
package/src/backend/dashboard/DashboardScreen.tsx +684 -0
package/src/backend/dashboard/__tests__/DashboardScreen.test.tsx +112 -0
package/src/backend/dashboard/index.ts +1 -0
package/src/backend/dashboard/widgetRegistry.ts +68 -0
package/src/backend/detail/ActivitiesSection.tsx +1284 -0
package/src/backend/detail/AddressEditor.tsx +472 -0
package/src/backend/detail/AddressTiles.tsx +587 -0
package/src/backend/detail/AddressesSection.tsx +346 -0
package/src/backend/detail/AttachmentDeleteDialog.tsx +56 -0
package/src/backend/detail/AttachmentMetadataDialog.tsx +672 -0
package/src/backend/detail/AttachmentsSection.tsx +414 -0
package/src/backend/detail/CustomDataSection.tsx +530 -0
package/src/backend/detail/DetailFieldsSection.tsx +147 -0
package/src/backend/detail/ErrorMessage.tsx +32 -0
package/src/backend/detail/InlineEditors.tsx +877 -0
package/src/backend/detail/LoadingMessage.tsx +14 -0
package/src/backend/detail/NotesSection.tsx +1275 -0
package/src/backend/detail/TabEmptyState.tsx +48 -0
package/src/backend/detail/TagsSection.tsx +314 -0
package/src/backend/detail/addressFormat.tsx +121 -0
package/src/backend/detail/index.ts +44 -0
package/src/backend/fields/registry.generated.ts +8 -0
package/src/backend/fields/registry.ts +38 -0
package/src/backend/indexes/PartialIndexBanner.tsx +68 -0
package/src/backend/indexes/store.ts +88 -0
package/src/backend/injection/InjectionSpot.tsx +236 -0
package/src/backend/injection/PageInjectionBoundary.tsx +31 -0
package/src/backend/injection/helpers.ts +35 -0
package/src/backend/injection/widgetRegistry.ts +68 -0
package/src/backend/inputs/ComboboxInput.tsx +269 -0
package/src/backend/inputs/LookupSelect.tsx +247 -0
package/src/backend/inputs/PhoneNumberField.tsx +129 -0
package/src/backend/inputs/SwitchableMarkdownInput.tsx +128 -0
package/src/backend/inputs/TagsInput.tsx +259 -0
package/src/backend/inputs/index.ts +5 -0
package/src/backend/operations/LastOperationBanner.tsx +85 -0
package/src/backend/operations/__tests__/LastOperationBanner.test.tsx +99 -0
package/src/backend/operations/store.ts +230 -0
package/src/backend/schedule/ScheduleAgenda.tsx +136 -0
package/src/backend/schedule/ScheduleGrid.tsx +136 -0
package/src/backend/schedule/ScheduleToolbar.tsx +178 -0
package/src/backend/schedule/ScheduleView.tsx +198 -0
package/src/backend/schedule/index.ts +5 -0
package/src/backend/schedule/recurrence.ts +99 -0
package/src/backend/schedule/types.ts +26 -0
package/src/backend/upgrades/UpgradeActionBanner.tsx +128 -0
package/src/backend/utils/__tests__/apiCall.test.ts +109 -0
package/src/backend/utils/__tests__/crud.test.ts +87 -0
package/src/backend/utils/__tests__/customFieldDefs.test.ts +25 -0
package/src/backend/utils/__tests__/customFieldValues.test.ts +35 -0
package/src/backend/utils/api.ts +149 -0
package/src/backend/utils/apiCall.ts +96 -0
package/src/backend/utils/crud.ts +174 -0
package/src/backend/utils/customFieldColumns.ts +71 -0
package/src/backend/utils/customFieldDefs.ts +245 -0
package/src/backend/utils/customFieldFilters.ts +145 -0
package/src/backend/utils/customFieldForms.ts +196 -0
package/src/backend/utils/customFieldValues.ts +41 -0
package/src/backend/utils/flash.ts +17 -0
package/src/backend/utils/nav.ts +238 -0
package/src/backend/utils/serverErrors.ts +302 -0
package/src/frontend/AuthFooter.tsx +29 -0
package/src/frontend/LanguageSwitcher.tsx +66 -0
package/src/frontend/Layout.tsx +13 -0
package/src/index.ts +32 -0
package/src/primitives/DataLoader.tsx +92 -0
package/src/primitives/ErrorNotice.tsx +26 -0
package/src/primitives/alert.tsx +52 -0
package/src/primitives/badge.tsx +31 -0
package/src/primitives/button.tsx +47 -0
package/src/primitives/card.tsx +92 -0
package/src/primitives/checkbox.tsx +28 -0
package/src/primitives/dialog.tsx +110 -0
package/src/primitives/input.tsx +20 -0
package/src/primitives/label.tsx +18 -0
package/src/primitives/separator.tsx +7 -0
package/src/primitives/spinner.tsx +27 -0
package/src/primitives/switch.tsx +86 -0
package/src/primitives/table.tsx +27 -0
package/src/primitives/tabs.tsx +128 -0
package/src/primitives/textarea.tsx +20 -0
package/src/primitives/tooltip.tsx +85 -0
package/src/theme/QueryProvider.tsx +46 -0
package/src/theme/ThemeProvider.tsx +120 -0
package/src/theme/ThemeToggle.tsx +88 -0
package/src/theme/index.ts +3 -0
package/src/types/react-big-calendar.d.ts +16 -0
package/tsconfig.build.json +11 -0
package/tsconfig.json +9 -0
package/watch.mjs +6 -0

package/src/backend/utils/__tests__/customFieldValues.test.ts ADDED Viewed

@@ -0,0 +1,35 @@
+import { collectCustomFieldValues } from '../customFieldValues'
+describe('collectCustomFieldValues', () => {
+  it('strips cf_ prefix by default', () => {
+    const input = { cf_name: 'Alice', cf_age: 30, email: 'alice@example.com' }
+    expect(collectCustomFieldValues(input)).toEqual({ name: 'Alice', age: 30 })
+  })
+  it('handles cf: prefix and keeps both by default', () => {
+    const input = { 'cf:city': 'Berlin', cf_country: 'DE' }
+    expect(collectCustomFieldValues(input)).toEqual({ city: 'Berlin', country: 'DE' })
+  })
+  it('applies transform and accept hooks', () => {
+    const input = { cf_name: 'Alice', cf_notes: '', cf_skip: 'value' }
+    const result = collectCustomFieldValues(input, {
+      transform: (value) => (typeof value === 'string' ? value.trim() : value),
+      accept: (fieldId) => fieldId !== 'skip',
+    })
+    expect(result).toEqual({ name: 'Alice', notes: '' })
+  })
+  it('retains prefix when stripPrefix is false', () => {
+    const input = { cf_name: 'Alice' }
+    expect(collectCustomFieldValues(input, { stripPrefix: false })).toEqual({ cf_name: 'Alice' })
+  })
+  it('omits undefined results when requested', () => {
+    const input = { cf_name: 'Alice', cf_age: 30, cf_extra: null }
+    const result = collectCustomFieldValues(input, {
+      transform: (value, key) => (key === 'extra' ? undefined : value),
+    })
+    expect(result).toEqual({ name: 'Alice', age: 30 })
+  })
+})

package/src/backend/utils/api.ts ADDED Viewed

@@ -0,0 +1,149 @@
+"use client"
+// Simple fetch wrapper that redirects to session refresh on 401 (Unauthorized)
+// Used across UI data utilities to avoid duplication.
+import { flash } from '../FlashMessages'
+import { deserializeOperationMetadata } from '@open-mercato/shared/lib/commands/operationMetadata'
+import { pushOperation } from '../operations/store'
+import { pushPartialIndexWarning } from '../indexes/store'
+export class UnauthorizedError extends Error {
+  readonly status = 401
+  constructor(message = 'Unauthorized') {
+    super(message)
+    this.name = 'UnauthorizedError'
+  }
+}
+export function redirectToSessionRefresh() {
+  if (typeof window === 'undefined') return
+  const current = window.location.pathname + window.location.search
+  // Avoid redirect loops if already on an auth/session route
+  if (window.location.pathname.startsWith('/api/auth')) return
+  try {
+    flash('Session expired. Redirecting to sign in…', 'warning')
+    setTimeout(() => {
+      window.location.href = `/api/auth/session/refresh?redirect=${encodeURIComponent(current)}`
+    }, 20)
+  } catch {
+    // no-op
+  }
+}
+export class ForbiddenError extends Error {
+  readonly status = 403
+  constructor(message = 'Forbidden') {
+    super(message)
+    this.name = 'ForbiddenError'
+  }
+}
+let DEFAULT_FORBIDDEN_ROLES: string[] = ['admin']
+export function setAuthRedirectConfig(cfg: { defaultForbiddenRoles?: readonly string[] }) {
+  if (cfg?.defaultForbiddenRoles && cfg.defaultForbiddenRoles.length) {
+    DEFAULT_FORBIDDEN_ROLES = [...cfg.defaultForbiddenRoles].map(String)
+  }
+}
+export function redirectToForbiddenLogin(options?: { requiredRoles?: string[] | null; requiredFeatures?: string[] | null }) {
+  if (typeof window === 'undefined') return
+  // We don't know required roles from the API response; use a generic hint.
+  if (window.location.pathname.startsWith('/login')) return
+  try {
+    const current = window.location.pathname + window.location.search
+    const features = options?.requiredFeatures?.filter(Boolean) ?? []
+    const roles = options?.requiredRoles?.filter(Boolean) ?? []
+    const query = features.length
+      ? `requireFeature=${encodeURIComponent(features.join(','))}`
+      : `requireRole=${encodeURIComponent((roles.length ? roles : DEFAULT_FORBIDDEN_ROLES).map(String).join(','))}`
+    const url = `/login?${query}&redirect=${encodeURIComponent(current)}`
+    flash('Insufficient permissions. Redirecting to login…', 'warning')
+    setTimeout(() => { window.location.href = url }, 60)
+  } catch {
+    // no-op
+  }
+}
+export async function apiFetch(input: RequestInfo | URL, init?: RequestInit): Promise<Response> {
+  type FetchType = (input: RequestInfo | URL, init?: RequestInit) => Promise<Response>;
+  const baseFetch: FetchType = (typeof window !== 'undefined' && (window as any).__omOriginalFetch)
+    ? ((window as any).__omOriginalFetch as FetchType)
+    : fetch;
+  const res = await baseFetch(input, init);
+  const onLoginPage = typeof window !== 'undefined' && window.location.pathname.startsWith('/login')
+  if (res.status === 401) {
+    // Trigger same redirect flow as protected pages
+    if (!onLoginPage) {
+      redirectToSessionRefresh()
+      // Throw a typed error for callers that might still handle it
+      throw new UnauthorizedError(await res.text().catch(() => 'Unauthorized'))
+    }
+    return res
+  }
+  if (res.status === 403) {
+    // Try to read requiredRoles from JSON body; ignore if not JSON
+    let roles: string[] | null = null
+    let features: string[] | null = null
+    let payload: unknown = null
+    try {
+      const clone = res.clone()
+      const data = await clone.json()
+      if (Array.isArray(data?.requiredRoles)) roles = data.requiredRoles.map((r: any) => String(r))
+      if (Array.isArray(data?.requiredFeatures)) features = data.requiredFeatures.map((f: any) => String(f))
+      if (data && typeof data === 'object') payload = data
+    } catch {}
+    // Only redirect if not already on login page
+    if (!onLoginPage) {
+      const target =
+        typeof input === 'string'
+          ? input
+          : input instanceof URL
+            ? input.toString()
+            : (typeof Request !== 'undefined' && input instanceof Request)
+              ? input.url
+              : 'unknown'
+      try {
+        // eslint-disable-next-line no-console
+        console.warn('[apiFetch] Forbidden response', {
+          url: target,
+          status: res.status,
+          requiredRoles: roles,
+          requiredFeatures: features,
+          details: payload,
+        })
+      } catch {}
+      redirectToForbiddenLogin({ requiredRoles: roles, requiredFeatures: features })
+      const msg = await res.text().catch(() => 'Forbidden')
+      throw new ForbiddenError(msg)
+    }
+    // If already on login, just return the response for the caller to handle
+  }
+  try {
+    const header = res.headers.get('x-om-operation')
+    const metadata = deserializeOperationMetadata(header)
+    if (metadata) pushOperation(metadata)
+  } catch {
+    // ignore malformed headers
+  }
+  try {
+    const warningRaw = res.headers.get('x-om-partial-index')
+    if (warningRaw) {
+      const parsed = JSON.parse(warningRaw) as Record<string, unknown>
+      if (parsed && typeof parsed === 'object' && parsed.type === 'partial_index') {
+        const entity = typeof parsed.entity === 'string' ? parsed.entity : String(parsed.entity ?? '')
+        if (entity) {
+          const baseCount = typeof parsed.baseCount === 'number' ? parsed.baseCount : null
+          const indexedCount = typeof parsed.indexedCount === 'number' ? parsed.indexedCount : null
+          const scope = parsed.scope === 'global' ? 'global' : 'scoped'
+          const entityLabel =
+            typeof parsed.entityLabel === 'string' && parsed.entityLabel.trim()
+              ? parsed.entityLabel.trim()
+              : entity
+          pushPartialIndexWarning({ entity, entityLabel, baseCount, indexedCount, scope })
+        }
+      }
+    }
+  } catch {
+    // ignore malformed headers
+  }
+  return res
+}

package/src/backend/utils/apiCall.ts ADDED Viewed

@@ -0,0 +1,96 @@
+"use client"
+import { apiFetch } from './api'
+import { raiseCrudError, readJsonSafe } from './serverErrors'
+export type ApiCallOptions<TReturn> = {
+  parse?: (res: Response) => Promise<TReturn | null>
+  fallback?: TReturn | null
+}
+export type ApiCallResult<TReturn> = {
+  ok: boolean
+  status: number
+  result: TReturn | null
+  response: Response
+  cacheStatus: 'hit' | 'miss' | null
+}
+export async function apiCall<TReturn = Record<string, unknown>>(
+  input: RequestInfo | URL,
+  init?: RequestInit,
+  options?: ApiCallOptions<TReturn>,
+): Promise<ApiCallResult<TReturn>> {
+  const response = await apiFetch(input, init)
+  const parser = options?.parse
+  const fallback = options?.fallback ?? null
+  let result: TReturn | null = null
+  const rawCacheStatus =
+    response.headers?.get?.('x-om-cache') ??
+    response.headers?.get?.('x-cache-status') ??
+    null
+  const cacheStatus = rawCacheStatus === 'hit' || rawCacheStatus === 'miss' ? rawCacheStatus : null
+  try {
+    const source = typeof (response as Response & { clone?: () => Response }).clone === 'function'
+      ? response.clone()
+      : response
+    if (parser) result = await parser(source)
+    else result = await readJsonSafe<TReturn>(source, fallback)
+  } catch {
+    result = fallback
+  }
+  return {
+    ok: response.ok,
+    status: response.status,
+    result,
+    response,
+    cacheStatus,
+  }
+}
+export type ApiCallOrThrowOptions<TReturn> = ApiCallOptions<TReturn> & {
+  errorMessage?: string
+}
+export async function apiCallOrThrow<TReturn = Record<string, unknown>>(
+  input: RequestInfo | URL,
+  init?: RequestInit,
+  options?: ApiCallOrThrowOptions<TReturn>,
+): Promise<ApiCallResult<TReturn>> {
+  const { errorMessage, ...callOptions } = options ?? {}
+  const call = await apiCall<TReturn>(input, init, callOptions)
+  if (!call.ok) {
+    await raiseCrudError(call.response, errorMessage)
+  }
+  return call
+}
+export type ReadApiResultOrThrowOptions<TReturn> = ApiCallOrThrowOptions<TReturn> & {
+  allowNullResult?: boolean
+  emptyResultMessage?: string
+}
+export async function readApiResultOrThrow<TReturn = Record<string, unknown>>(
+  input: RequestInfo | URL,
+  init?: RequestInit,
+  options?: ReadApiResultOrThrowOptions<TReturn> & { allowNullResult?: false },
+): Promise<TReturn>
+export async function readApiResultOrThrow<TReturn = Record<string, unknown>>(
+  input: RequestInfo | URL,
+  init: RequestInit | undefined,
+  options: ReadApiResultOrThrowOptions<TReturn> & { allowNullResult: true },
+): Promise<TReturn | null>
+export async function readApiResultOrThrow<TReturn = Record<string, unknown>>(
+  input: RequestInfo | URL,
+  init?: RequestInit,
+  options?: ReadApiResultOrThrowOptions<TReturn>,
+): Promise<TReturn | null> {
+  const { allowNullResult = false, emptyResultMessage, ...callOptions } = options ?? {}
+  const call = await apiCallOrThrow<TReturn>(input, init, callOptions)
+  if (call.result == null && !allowNullResult) {
+    const fallback =
+      emptyResultMessage ?? callOptions.errorMessage ?? `Missing response payload (${call.status})`
+    throw new Error(fallback)
+  }
+  return call.result
+}

package/src/backend/utils/crud.ts ADDED Viewed

@@ -0,0 +1,174 @@
+export type SortDir = 'asc' | 'desc'
+export type ListResponse<T> = {
+  items: T[]
+  total: number
+  page: number
+  pageSize: number
+  totalPages: number
+}
+export type CrudExportFormat = 'csv' | 'json' | 'xml' | 'markdown'
+function toQuery(params: Record<string, any>) {
+  const sp = new URLSearchParams()
+  for (const [k, v] of Object.entries(params)) {
+    if (v === undefined || v === null) continue
+    if (Array.isArray(v)) {
+      if (v.length === 0) continue
+      sp.set(k, v.join(','))
+    } else {
+      sp.set(k, String(v))
+    }
+  }
+  return sp.toString()
+}
+export function buildCrudQuery(params: Record<string, any>): string {
+  return toQuery(params)
+}
+import { apiCall, readApiResultOrThrow, type ApiCallResult } from './apiCall'
+import { raiseCrudError } from './serverErrors'
+function mergeHeaders(base: HeadersInit | undefined, extra: Record<string, string>): HeadersInit {
+  if (!base) return extra
+  const hasHeadersCtor = typeof Headers !== 'undefined'
+  if (hasHeadersCtor && base instanceof Headers) {
+    const merged = new Headers(base)
+    Object.entries(extra).forEach(([key, value]) => merged.set(key, value))
+    return merged
+  }
+  if (Array.isArray(base)) {
+    return [...base, ...Object.entries(extra)]
+  }
+  return { ...(base as Record<string, string>), ...extra }
+}
+type CrudRequestExtras<TReturn> = {
+  parseResult?: (res: Response) => Promise<TReturn | null>
+  fallbackResult?: TReturn | null
+  errorMessage?: string
+}
+export type CrudRequestInit<TReturn> = Omit<RequestInit, 'body' | 'method'> & CrudRequestExtras<TReturn>
+type CrudDeleteOptions<TReturn> = Omit<RequestInit, 'method' | 'body'> &
+  CrudRequestExtras<TReturn> & {
+    body?: unknown
+    id?: string
+  }
+export type CrudResponse<TReturn> = ApiCallResult<TReturn>
+export async function fetchCrudList<T>(apiPath: string, params: Record<string, any>, init?: RequestInit): Promise<ListResponse<T>> {
+  const qs = buildCrudQuery(params)
+  return readApiResultOrThrow<ListResponse<T>>(`/api/${apiPath}?${qs}`, init, {
+    errorMessage: 'Failed to fetch list',
+  })
+}
+export function buildCrudExportUrl(apiPath: string, params: Record<string, any>, format: CrudExportFormat): string {
+  const qs = buildCrudQuery({ ...params, format })
+  return `/api/${apiPath}?${qs}`
+}
+export function buildCrudCsvUrl(apiPath: string, params: Record<string, any>): string {
+  return buildCrudExportUrl(apiPath, params, 'csv')
+}
+export async function createCrud<TReturn = Record<string, unknown>>(
+  apiPath: string,
+  body: any,
+  init?: CrudRequestInit<TReturn>,
+): Promise<CrudResponse<TReturn>> {
+  const { parseResult, fallbackResult, errorMessage, headers, ...rest } = init ?? {}
+  const call = await apiCall<TReturn>(
+    `/api/${apiPath}`,
+    {
+      ...rest,
+      method: 'POST',
+      headers: mergeHeaders(headers, { 'content-type': 'application/json' }),
+      body: JSON.stringify(body),
+    },
+    {
+      parse: parseResult,
+      fallback: fallbackResult ?? null,
+    },
+  )
+  if (!call.ok) await raiseCrudError(call.response, errorMessage ?? 'Failed to create')
+  return call
+}
+export async function updateCrud<TReturn = Record<string, unknown>>(
+  apiPath: string,
+  body: any,
+  init?: CrudRequestInit<TReturn>,
+): Promise<CrudResponse<TReturn>> {
+  const { parseResult, fallbackResult, errorMessage, headers, ...rest } = init ?? {}
+  const call = await apiCall<TReturn>(
+    `/api/${apiPath}`,
+    {
+      ...rest,
+      method: 'PUT',
+      headers: mergeHeaders(headers, { 'content-type': 'application/json' }),
+      body: JSON.stringify(body),
+    },
+    {
+      parse: parseResult,
+      fallback: fallbackResult ?? null,
+    },
+  )
+  if (!call.ok) await raiseCrudError(call.response, errorMessage ?? 'Failed to update')
+  return call
+}
+export async function deleteCrud<TReturn = Record<string, unknown>>(
+  apiPath: string,
+  id: string,
+  init?: CrudRequestInit<TReturn>,
+): Promise<CrudResponse<TReturn>>
+export async function deleteCrud<TReturn = Record<string, unknown>>(
+  apiPath: string,
+  options: CrudDeleteOptions<TReturn>,
+): Promise<CrudResponse<TReturn>>
+export async function deleteCrud<TReturn = Record<string, unknown>>(
+  apiPath: string,
+  idOrOptions: string | CrudDeleteOptions<TReturn>,
+  maybeInit?: CrudRequestInit<TReturn>,
+): Promise<CrudResponse<TReturn>> {
+  if (typeof idOrOptions === 'string') {
+    const { parseResult, fallbackResult, errorMessage, ...rest } = maybeInit ?? {}
+    const call = await apiCall<TReturn>(
+      `/api/${apiPath}?id=${encodeURIComponent(idOrOptions)}`,
+      {
+        ...rest,
+        method: 'DELETE',
+      },
+      {
+        parse: parseResult,
+        fallback: fallbackResult ?? null,
+      },
+    )
+    if (!call.ok) await raiseCrudError(call.response, errorMessage ?? 'Failed to delete')
+    return call
+  }
+  const { parseResult, fallbackResult, errorMessage, headers, body, id, ...rest } = idOrOptions
+  const payload = body ?? (id ? { id } : undefined)
+  const requestHeaders =
+    payload !== undefined ? mergeHeaders(headers, { 'content-type': 'application/json' }) : headers
+  const call = await apiCall<TReturn>(
+    `/api/${apiPath}`,
+    {
+      ...rest,
+      method: 'DELETE',
+      headers: requestHeaders,
+      body: payload !== undefined ? JSON.stringify(payload) : undefined,
+    },
+    {
+      parse: parseResult,
+      fallback: fallbackResult ?? null,
+    },
+  )
+  if (!call.ok) await raiseCrudError(call.response, errorMessage ?? 'Failed to delete')
+  return call
+}

package/src/backend/utils/customFieldColumns.ts ADDED Viewed

@@ -0,0 +1,71 @@
+import type { ColumnDef } from '@tanstack/react-table'
+import type { CustomFieldDefDto, CustomFieldVisibility } from './customFieldDefs'
+import { isDefVisible } from './customFieldDefs'
+// Filters and annotates columns with custom-field definitions:
+// - Drops cf_* columns when no definition exists or listVisible === false
+// - Uses definition label as header when header is missing
+export function applyCustomFieldVisibility<T>(columns: ColumnDef<T, any>[], defs: CustomFieldDefDto[], mode: CustomFieldVisibility = 'list'): ColumnDef<T, any>[] {
+  const byKey = new Map(defs.map((d) => [d.key, d]))
+  // First, filter and annotate headers
+  const filtered = columns.filter((c) => {
+    const key = String((c as any).accessorKey || '')
+    if (!key.startsWith('cf_')) return true
+    const cfKey = key.slice(3)
+    const def = byKey.get(cfKey)
+    if (!def) return false
+    if (!isDefVisible(def, mode)) return false
+    const currentHeader = (c as any).header
+    const fallbackHeader = typeof currentHeader === 'string' && currentHeader.trim().length ? currentHeader : key
+    const label = def.label && def.label.trim().length ? def.label : fallbackHeader
+    if (currentHeader == null || typeof currentHeader === 'string') {
+      (c as any).header = label
+    }
+    const existingMeta = ((c as any).meta || {}) as Record<string, unknown>
+    const nextMeta = Object.assign({}, existingMeta, { label })
+    ;(c as any).meta = nextMeta
+    return true
+  })
+  // Then, reorder only the cf_* columns by definition priority while preserving
+  // the positions of non-cf columns and the count of cf slots.
+  const cfEntries: Array<{ col: ColumnDef<T, any>; key: string; prio: number }> = []
+  filtered.forEach((c) => {
+    const key = String((c as any).accessorKey || '')
+    if (key.startsWith('cf_')) {
+      const cfKey = key.slice(3)
+      const def = byKey.get(cfKey)
+      cfEntries.push({ col: c, key: cfKey, prio: def?.priority ?? 0 })
+    }
+  })
+  cfEntries.sort((a, b) => a.prio - b.prio)
+  let cfIdx = 0
+  const result = filtered.map((c) => {
+    const key = String((c as any).accessorKey || '')
+    if (!key.startsWith('cf_')) return c
+    const next = cfEntries[cfIdx++]?.col ?? c
+    return next
+  })
+  // Append any missing cf columns (defs visible but not present in incoming columns)
+  const existingCfKeys = new Set<string>(result
+    .map((c) => String((c as any).accessorKey || ''))
+    .filter((k) => k.startsWith('cf_'))
+    .map((k) => k.slice(3)))
+  const visibleSorted = defs
+    .filter((d) => isDefVisible(d, mode))
+    .sort((a, b) => (a.priority ?? 0) - (b.priority ?? 0))
+  const missing = visibleSorted.filter((d) => !existingCfKeys.has(d.key))
+  for (const d of missing) {
+    const col: ColumnDef<T, any> = {
+      accessorKey: `cf_${d.key}` as any,
+      header: d.label || `cf_${d.key}`,
+      // Respect responsive priority when provided; default leaves it visible
+      meta: { priority: (d as any).priority, label: d.label || `cf_${d.key}` } as any,
+    }
+    result.push(col)
+  }
+  return result
+}