bulltrackers-module 1.0.591 → 1.0.592

package/functions/api-v2/helpers/task_engine_helper.js

@@ -0,0 +1,51 @@
+/**
+ * Dispatch sync request to task engine
+ * @param {PubSub} pubsub - PubSub instance
+ * @param {number} cid - User/PI CID
+ * @param {string} username - Username
+ * @param {object} options - Options including type, requestId, requestedBy, etc.
+ */
+const dispatchSyncRequest = async (pubsub, cid, username, options = {}) => {
+    const topicName = options.topicName || 'etoro-user-fetch-topic-ondemand';
+    
+    // Calculate 7 days ago for since field
+    const sevenDaysAgo = new Date(Date.now() - (7 * 24 * 60 * 60 * 1000)).toISOString();
+    
+    const payload = {
+        type: options.type, // 'ON_DEMAND_USER_UPDATE' | 'POPULAR_INVESTOR_UPDATE'
+        cid: cid,
+        username: username,
+        priority: options.priority || 'high',
+        source: options.source || 'on_demand_sync',
+        requestId: options.requestId,
+        requestedBy: options.requestedBy,
+        data: options.data || { 
+            includeSocial: true, 
+            since: sevenDaysAgo 
+        },
+        metadata: {
+            onDemand: true,
+            targetCid: cid,
+            requestedAt: new Date().toISOString(),
+            userType: options.userType,
+            ...options.metadata
+        }
+    };
+    
+    // Add optional fields if provided
+    if (options.effectiveRequestedBy !== undefined) {
+        payload.effectiveRequestedBy = options.effectiveRequestedBy;
+    }
+    if (options.actualRequestedBy !== undefined) {
+        payload.actualRequestedBy = options.actualRequestedBy;
+    }
+    if (options.userType && options.type === 'POPULAR_INVESTOR_UPDATE') {
+        payload.userType = options.userType; // Top-level field for PI updates
+    }
+    
+    const dataBuffer = Buffer.from(JSON.stringify(payload));
+    const messageId = await pubsub.topic(topicName).publishMessage({ data: dataBuffer });
+    return messageId;
+};
+
+module.exports = { dispatchSyncRequest };

package/functions/api-v2/index.js

@@ -0,0 +1,36 @@
+/**
+ * @fileoverview Main entry point for API v2
+ * Creates Express app and mounts all routes
+ */
+
+const express = require('express');
+const cors = require('cors');
+const createRouter = require('./routes/index.js');
+
+/**
+ * Main pipe: pipe.api.createApiV2App
+ * Creates Express app with API v2 routes
+ */
+function createApiV2App(config, dependencies) {
+    const app = express();
+    const { logger } = dependencies;
+    
+    // Middleware
+    app.use(cors({ origin: true }));
+    app.use(express.json());
+    
+    // Health Check
+    app.get('/health', (req, res) => {
+        res.status(200).json({ status: 'OK', version: 'v2' });
+    });
+    
+    // Mount API v2 routes
+    const router = createRouter(dependencies);
+    app.use('/', router);
+    
+    logger.log('INFO', '[API v2] Routes mounted successfully');
+    
+    return app;
+}
+
+module.exports = { createApiV2App };

package/functions/api-v2/middleware/identity_middleware.js

@@ -0,0 +1,48 @@
+/**
+ * Middleware to resolve the effective user ID, handling Developer Impersonation.
+ * Sets req.targetUserId, req.isImpersonating, and req.actualUserId.
+ */
+const { isDeveloper } = require('../helpers/data-fetchers/firestore.js'); // Using your provided helper
+
+const resolveUserIdentity = async (req, res, next) => {
+    try {
+        // 1. Identify the actual authenticated user (from Auth middleware or params)
+        const actualUserId = req.query.userCid || req.body.userCid || req.headers['x-user-cid'];
+        
+        if (!actualUserId) {
+            return res.status(400).json({ error: "Missing user identification (userCid)" });
+        }
+
+        // 2. Check for Impersonation Request (Headers or Query)
+        const impersonateId = req.headers['x-impersonate-cid'] || req.query.impersonateCid;
+
+        req.actualUserId = actualUserId;
+        req.targetUserId = actualUserId; // Default to actual
+        req.isImpersonating = false;
+
+        // 3. specific logic for Developers
+        if (impersonateId && impersonateId !== actualUserId) {
+            // Verify if the ACTUAL user is a developer
+            // We pass the db instance from dependencies (assuming standard express injection)
+            const db = req.app.locals.db || req.dependencies.db; 
+            const isDev = await isDeveloper(db, actualUserId);
+
+            if (isDev) {
+                req.targetUserId = impersonateId;
+                req.isImpersonating = true;
+                console.log(`[Identity] Dev ${actualUserId} is impersonating ${impersonateId}`);
+            } else {
+                // Fail silently or warn? For security, maybe just ignore or strict fail.
+                // Ignoring ensures they just see their own data.
+                console.warn(`[Identity] Unauthorized impersonation attempt by ${actualUserId}`);
+            }
+        }
+
+        next();
+    } catch (error) {
+        console.error('[IdentityMiddleware] Error:', error);
+        res.status(500).json({ error: "Internal Identity Error" });
+    }
+};
+
+module.exports = { resolveUserIdentity };

package/functions/api-v2/package.json

@@ -0,0 +1,6 @@
+{
+  "type": "module",
+  "name": "api-v2",
+  "version": "1.0.0",
+  "description": "API v2 - Refactored user API with middleware architecture"
+}

package/functions/api-v2/routes/alerts.js

@@ -0,0 +1,168 @@
+const express = require('express');
+const { 
+    fetchUserAlerts, 
+    subscribeToWatchlistAlerts, 
+    fetchAlertTypes,
+    getUserSubscriptions,
+    updateSubscription,
+    unsubscribeFromAlerts
+} = require('../helpers/data-fetchers/firestore.js');
+
+const router = express.Router();
+
+// GET /alerts/history
+router.get('/history', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const { limit, unreadOnly, type } = req.query;
+        const alerts = await fetchUserAlerts(db, req.targetUserId, { 
+            limit: parseInt(limit || 50), 
+            unreadOnly: unreadOnly === 'true',
+            type
+        });
+        res.json({ success: true, count: alerts.length, data: alerts });
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// GET /alerts/count (Rec 13)
+router.get('/count', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const alerts = await fetchUserAlerts(db, req.targetUserId, { unreadOnly: true, limit: 1000 });
+        res.json({ success: true, count: alerts.length });
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// PUT /alerts/:id/read (Rec 13)
+router.put('/:id/read', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        await db.collection('user_alerts').doc(req.targetUserId).collection('alerts').doc(req.params.id)
+            .update({ read: true, readAt: new Date() });
+        res.json({ success: true });
+    } catch (e) { res.status(500).json({ error: e.message }); }
+});
+
+// PUT /alerts/read-all (Rec 13)
+router.put('/read-all', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const batch = db.batch();
+        const snaps = await db.collection('user_alerts').doc(req.targetUserId).collection('alerts').where('read', '==', false).get();
+        snaps.docs.forEach(doc => batch.update(doc.ref, { read: true, readAt: new Date() }));
+        await batch.commit();
+        res.json({ success: true, updated: snaps.size });
+    } catch (e) { res.status(500).json({ error: e.message }); }
+});
+
+// DELETE /alerts/:id (Rec 13)
+router.delete('/:id', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        await db.collection('user_alerts').doc(req.targetUserId).collection('alerts').doc(req.params.id).delete();
+        res.json({ success: true });
+    } catch (e) { res.status(500).json({ error: e.message }); }
+});
+
+// POST /alerts/subscribe
+router.post('/subscribe', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const { watchlistId, piId, alertConfig } = req.body;
+        const result = await subscribeToWatchlistAlerts(db, req.targetUserId, watchlistId, piId, alertConfig);
+        res.json(result);
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// GET /alerts/types
+router.get('/types', async (req, res) => {
+    const data = await fetchAlertTypes();
+    res.json({ success: true, data });
+});
+
+// GET /alerts/dynamic-watchlist-computations - Get available computations for dynamic watchlists
+router.get('/dynamic-watchlist-computations', async (req, res) => {
+    try {
+        // Import getAllAlertTypes from alert system
+        const { getAllAlertTypes } = require('../../../../alert-system/helpers/alert_type_registry.js');
+        const alertTypes = getAllAlertTypes();
+        
+        // Extract unique computations from alert types
+        const computations = alertTypes.map(type => ({
+            computationName: type.computationName,
+            alertTypeName: type.name,
+            description: type.description,
+            severity: type.severity
+        }));
+        
+        res.json({
+            success: true,
+            computations
+        });
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// GET /alerts/subscriptions - Get all user subscriptions
+router.get('/subscriptions', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const subscriptions = await getUserSubscriptions(db, req.targetUserId);
+        res.json({ 
+            success: true, 
+            subscriptions, 
+            count: subscriptions.length 
+        });
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// PUT /alerts/subscriptions/:piCid - Update subscription settings
+router.put('/subscriptions/:piCid', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const { piCid } = req.params;
+        const { alertTypes, thresholds } = req.body;
+        
+        const updates = {};
+        if (alertTypes !== undefined) updates.alertTypes = alertTypes;
+        if (thresholds !== undefined) updates.thresholds = thresholds;
+        
+        if (Object.keys(updates).length === 0) {
+            return res.status(400).json({ error: "No updates provided" });
+        }
+        
+        const subscription = await updateSubscription(db, req.targetUserId, piCid, updates);
+        res.json({ success: true, subscription });
+    } catch (error) {
+        if (error.message === "Subscription not found") {
+            return res.status(404).json({ error: error.message });
+        }
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// DELETE /alerts/subscriptions/:piCid - Unsubscribe from a PI
+router.delete('/subscriptions/:piCid', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const { piCid } = req.params;
+        await unsubscribeFromAlerts(db, req.targetUserId, piCid);
+        res.json({ success: true, message: "Unsubscribed successfully" });
+    } catch (error) {
+        if (error.message === "Subscription not found") {
+            return res.status(404).json({ error: error.message });
+        }
+        res.status(500).json({ error: error.message });
+    }
+});
+
+module.exports = router;

package/functions/api-v2/routes/index.js

@@ -0,0 +1,35 @@
+const express = require('express');
+const { resolveUserIdentity } = require('../middleware/identity_middleware.js');
+
+const notificationRoutes = require('./notifications.js');
+const alertsRoutes = require('./alerts.js'); // <--- NEW
+const verificationRoutes = require('./verification.js');
+const profileRoutes = require('./profile.js');
+const piRoutes = require('./popular_investors.js');
+const watchlistRoutes = require('./watchlists.js');
+const syncRoutes = require('./sync.js');
+const settingsRoutes = require('./settings.js');
+const reviewsRoutes = require('./reviews.js');
+
+module.exports = (dependencies) => {
+    const router = express.Router();
+
+    router.use((req, res, next) => {
+        req.dependencies = dependencies;
+        next();
+    });
+
+    router.use(resolveUserIdentity);
+
+    router.use('/notifications', notificationRoutes);
+    router.use('/alerts', alertsRoutes); // <--- NEW
+    router.use('/verification', verificationRoutes);
+    router.use('/profile', profileRoutes);
+    router.use('/popular-investors', piRoutes);
+    router.use('/watchlists', watchlistRoutes);
+    router.use('/sync', syncRoutes);
+    router.use('/settings', settingsRoutes);
+    router.use('/reviews', reviewsRoutes);
+
+    return router;
+};

package/functions/api-v2/routes/notifications.js

@@ -0,0 +1,38 @@
+const express = require('express');
+// Note: You need to add fetchNotifications & markRead to your firestore.js helpers
+const { fetchNotifications, markNotificationRead } = require('../helpers/data-fetchers/firestore.js');
+
+const router = express.Router();
+
+// GET /notifications/history
+router.get('/history', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const { limit = 20, unreadOnly = false } = req.query;
+        
+        const notifications = await fetchNotifications(db, req.targetUserId, { 
+            limit: parseInt(limit), 
+            unreadOnly: unreadOnly === 'true' 
+        });
+        
+        res.json({ success: true, count: notifications.length, data: notifications });
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// POST /notifications/mark-read
+router.post('/mark-read', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const { notificationIds, markAll } = req.body; // Array of IDs or boolean flag
+        
+        await markNotificationRead(db, req.targetUserId, notificationIds, markAll);
+        
+        res.json({ success: true });
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+module.exports = router;

package/functions/api-v2/routes/popular_investors.js

@@ -0,0 +1,204 @@
+const express = require('express');
+const { 
+    fetchPopularInvestorMasterList, 
+    fetchTrendingPopularInvestors,
+    fetchPopularInvestorCategories,
+    searchPopularInvestors,
+    getComputationResults, 
+    requestPopularInvestorAddition,
+    trackPopularInvestorView,
+    pageCollection
+} = require('../helpers/data-fetchers/firestore.js');
+
+const router = express.Router();
+
+
+// GET /popular-investors/master-list
+router.get('/master-list', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const data = await fetchPopularInvestorMasterList(db);
+        res.json({ success: true, count: Object.keys(data).length, data });
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// GET /popular-investors/rankings
+router.get('/rankings', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const { date } = req.query;
+        // Using generic computation fetcher for rankings
+        const rankings = await getComputationResults(db, 'PopularInvestorRankings', date);
+        res.json({ success: true, data: rankings });
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// POST /popular-investors/request-addition
+router.post('/request-addition', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const { piId, piUsername } = req.body;
+        
+        const result = await requestPopularInvestorAddition(db, req.targetUserId, piId, piUsername);
+        res.json(result);
+    } catch (error) {
+        res.status(400).json({ error: error.message });
+    }
+});
+
+// POST /popular-investors/:piId/track-view
+router.post('/:piId/track-view', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const { piId } = req.params;
+        const { viewerType } = req.body; // e.g., 'anonymous', 'signed_in'
+        
+        // req.targetUserId comes from the identity middleware. 
+        // If the user is anonymous (no token), middleware might leave it null or we check viewerType.
+        // Assuming identity middleware populates it if available.
+        const viewerId = req.targetUserId || null; 
+
+        await trackPopularInvestorView(db, piId, viewerId, viewerType);
+        
+        res.json({ success: true });
+    } catch (error) {
+        // We generally don't want to break the client if stats fail, but we log it
+        console.error(`Tracking error: ${error.message}`);
+        res.status(200).json({ success: false, message: "Tracking failed silently" });
+    }
+});
+
+// GET /popular-investors/trending
+router.get('/trending', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const data = await fetchTrendingPopularInvestors(db);
+        res.json({ success: true, count: data.length, data });
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// GET /popular-investors/categories
+router.get('/categories', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const data = await fetchPopularInvestorCategories(db);
+        res.json({ success: true, data });
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+// GET /popular-investors/search
+router.get('/search', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const { query } = req.query;
+        if (!query || query.length < 2) return res.status(400).json({ error: "Query too short" });
+
+        const results = await searchPopularInvestors(db, query);
+        res.json({ success: true, count: results.length, data: results });
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+/**
+ * PUBLIC PROFILE PAGE - Popular Investor Profile (Visible to All Signed-in Users)
+ * 
+ * These routes return public profile data for any Popular Investor.
+ * - Uses PopularInvestorProfileMetrics computation
+ * - Access: Public (any signed-in user can view any PI's profile)
+ * 
+ * Note: "Public" means visible to all signed-in users, not anonymous users.
+ * All routes require authentication via identity middleware.
+ */
+
+// GET /popular-investors/:piId/profile - Public PI profile page
+router.get('/:piId/profile', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const { piId } = req.params;
+        const { date, lookback = 7 } = req.query;
+        
+        if (!piId) {
+            return res.status(400).json({ error: "PI ID is required" });
+        }
+
+        // Default to today if no date provided
+        const targetDate = date || new Date().toISOString().split('T')[0];
+
+        // Verify the PI exists in the master list
+        try {
+            await fetchPopularInvestorMasterList(db, piId);
+        } catch (e) {
+            return res.status(404).json({ 
+                error: "Popular Investor not found",
+                message: `PI with ID ${piId} is not in the master list`
+            });
+        }
+
+        // Fetch profile data from PopularInvestorProfileMetrics computation
+        const computationName = 'PopularInvestorProfileMetrics';
+        const profileData = await pageCollection(db, targetDate, computationName, piId, parseInt(lookback));
+        
+        res.json({ 
+            success: true, 
+            computation: computationName,
+            piId: piId,
+            data: profileData,
+            profileType: 'public' // Indicates this is a public PI profile
+        });
+    } catch (error) {
+        res.status(404).json({ error: error.message });
+    }
+});
+
+// GET /popular-investors/:piId/analytics - PI analytics summary
+router.get('/:piId/analytics', async (req, res) => {
+    try {
+        const { db } = req.dependencies;
+        const { piId } = req.params;
+        
+        if (!piId) {
+            return res.status(400).json({ error: "PI ID is required" });
+        }
+
+        // Verify the PI exists in the master list
+        try {
+            await fetchPopularInvestorMasterList(db, piId);
+        } catch (e) {
+            return res.status(404).json({ 
+                error: "Popular Investor not found",
+                message: `PI with ID ${piId} is not in the master list`
+            });
+        }
+
+        // Try to fetch from pi_analytics_summary collection (legacy)
+        // This is pre-computed analytics data
+        const analyticsDoc = await db.collection('pi_analytics_summary').doc(String(piId)).get();
+        
+        if (!analyticsDoc.exists) {
+            return res.status(404).json({ 
+                error: "Analytics not found",
+                message: `No analytics data available for PI ${piId}`
+            });
+        }
+
+        res.json({ 
+            success: true, 
+            piId: piId,
+            data: analyticsDoc.data()
+        });
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+
+
+module.exports = router;