cognova 0.1.0

package/server/api/conversations/[id].delete.ts

@@ -0,0 +1,16 @@
+import { eq } from 'drizzle-orm'
+import { getDb } from '~~/server/db'
+import * as schema from '~~/server/db/schema'
+import { requireDb } from '~~/server/utils/db-guard'
+
+export default defineEventHandler(async (event) => {
+  requireDb(event)
+
+  const id = getRouterParam(event, 'id')!
+  const db = getDb()
+
+  await db.delete(schema.conversations)
+    .where(eq(schema.conversations.id, id))
+
+  return { data: { success: true } }
+})

package/server/api/conversations/[id].get.ts

@@ -0,0 +1,34 @@
+import { eq } from 'drizzle-orm'
+import { getDb } from '~~/server/db'
+import * as schema from '~~/server/db/schema'
+import { requireDb } from '~~/server/utils/db-guard'
+
+export default defineEventHandler(async (event) => {
+  requireDb(event)
+
+  const id = getRouterParam(event, 'id')!
+  const db = getDb()
+
+  const [conversation] = await db.select()
+    .from(schema.conversations)
+    .where(eq(schema.conversations.id, id))
+    .limit(1)
+
+  if (!conversation)
+    throw createError({ statusCode: 404, message: 'Conversation not found' })
+
+  const messages = await db.select()
+    .from(schema.conversationMessages)
+    .where(eq(schema.conversationMessages.conversationId, id))
+    .orderBy(schema.conversationMessages.createdAt)
+
+  return {
+    data: {
+      ...conversation,
+      messages: messages.map(m => ({
+        ...m,
+        content: typeof m.content === 'string' ? JSON.parse(m.content) : m.content
+      }))
+    }
+  }
+})

package/server/api/conversations/index.get.ts

@@ -0,0 +1,17 @@
+import { desc } from 'drizzle-orm'
+import { getDb } from '~~/server/db'
+import * as schema from '~~/server/db/schema'
+import { requireDb } from '~~/server/utils/db-guard'
+
+export default defineEventHandler(async (event) => {
+  requireDb(event)
+
+  const db = getDb()
+
+  const conversations = await db.select()
+    .from(schema.conversations)
+    .orderBy(desc(schema.conversations.startedAt))
+    .limit(50)
+
+  return { data: conversations }
+})

package/server/api/documents/[id]/index.delete.ts

@@ -0,0 +1,47 @@
+import { eq } from 'drizzle-orm'
+import { rm, stat } from 'fs/promises'
+import { getDb } from '~~/server/db'
+import * as schema from '~~/server/db/schema'
+import { requireDb } from '~~/server/utils/db-guard'
+import { validatePath } from '~~/server/utils/path-validator'
+
+export default defineEventHandler(async (event) => {
+  requireDb(event)
+
+  const id = getRouterParam(event, 'id')
+  if (!id)
+    throw createError({ statusCode: 400, message: 'Document ID is required' })
+
+  const db = getDb()
+  const userId = event.context.user?.id
+
+  const document = await db.query.documents.findFirst({
+    where: eq(schema.documents.id, id)
+  })
+
+  if (!document)
+    throw createError({ statusCode: 404, message: 'Document not found' })
+
+  const absolutePath = validatePath(document.path)
+
+  // Delete file from disk
+  try {
+    await stat(absolutePath)
+    await rm(absolutePath)
+  } catch (error: unknown) {
+    const err = error as NodeJS.ErrnoException
+    if (err.code !== 'ENOENT') {
+      console.error('Failed to delete file:', err)
+    }
+  }
+
+  // Soft delete in database
+  await db.update(schema.documents).set({
+    deletedAt: new Date(),
+    deletedBy: userId,
+    modifiedAt: new Date(),
+    modifiedBy: userId
+  }).where(eq(schema.documents.id, id))
+
+  return { data: { id, deleted: true } }
+})

package/server/api/documents/[id]/index.put.ts

@@ -0,0 +1,102 @@
+import { eq } from 'drizzle-orm'
+import { readFile, writeFile } from 'fs/promises'
+import { basename } from 'path'
+import { getDb } from '~~/server/db'
+import * as schema from '~~/server/db/schema'
+import { requireDb } from '~~/server/utils/db-guard'
+import { validatePath } from '~~/server/utils/path-validator'
+import { parseFrontmatter, stringifyFrontmatter, computeContentHash, extractTitle } from '~~/server/utils/frontmatter'
+
+export default defineEventHandler(async (event) => {
+  requireDb(event)
+
+  const id = getRouterParam(event, 'id')
+  if (!id)
+    throw createError({ statusCode: 400, message: 'Document ID is required' })
+
+  const body = await readBody(event)
+  const db = getDb()
+  const userId = event.context.user?.id
+
+  const document = await db.query.documents.findFirst({
+    where: eq(schema.documents.id, id)
+  })
+
+  if (!document)
+    throw createError({ statusCode: 404, message: 'Document not found' })
+
+  if (document.fileType === 'binary')
+    throw createError({ statusCode: 400, message: 'Cannot edit binary file metadata' })
+
+  const absolutePath = validatePath(document.path)
+
+  // Read current file
+  let fileContent: string
+  try {
+    fileContent = await readFile(absolutePath, 'utf-8')
+  } catch {
+    throw createError({ statusCode: 500, message: 'Failed to read file' })
+  }
+
+  const { metadata: currentMetadata, body: currentBody } = parseFrontmatter(fileContent)
+
+  // Build new metadata
+  const newMetadata: Record<string, unknown> = { ...currentMetadata }
+
+  if (body.title !== undefined) newMetadata.title = body.title
+  if (body.tags !== undefined) newMetadata.tags = body.tags
+  if (body.projectId !== undefined) newMetadata.project = body.projectId
+  if (body.shared !== undefined) newMetadata.shared = body.shared
+  if (body.shareType !== undefined) newMetadata.shareType = body.shareType
+
+  // Use new body if provided, otherwise keep current
+  const newBody = body.body !== undefined ? body.body : currentBody
+
+  // Reconstruct file content
+  const newFileContent = stringifyFrontmatter(newMetadata, newBody)
+  const newHash = computeContentHash(newFileContent)
+  const filename = basename(document.path)
+  const newTitle = extractTitle(newMetadata, newBody, filename)
+
+  // Write file
+  try {
+    await writeFile(absolutePath, newFileContent, 'utf-8')
+  } catch {
+    throw createError({ statusCode: 500, message: 'Failed to write file' })
+  }
+
+  // Update database
+  await db.update(schema.documents).set({
+    title: newTitle,
+    content: newBody,
+    contentHash: newHash,
+    tags: Array.isArray(newMetadata.tags) ? newMetadata.tags as string[] : document.tags,
+    projectId: body.projectId !== undefined ? body.projectId : document.projectId,
+    shared: body.shared !== undefined ? body.shared : document.shared,
+    shareType: body.shareType !== undefined ? body.shareType : document.shareType,
+    syncedAt: new Date(),
+    modifiedAt: new Date(),
+    modifiedBy: userId
+  }).where(eq(schema.documents.id, id))
+
+  // Return updated document
+  const updated = await db.query.documents.findFirst({
+    where: eq(schema.documents.id, id),
+    with: { project: true }
+  })
+
+  return {
+    data: {
+      document: updated,
+      metadata: {
+        title: updated!.title,
+        tags: updated!.tags || [],
+        projectId: updated!.projectId,
+        shared: updated!.shared,
+        shareType: updated!.shareType,
+        ...newMetadata
+      },
+      body: newBody
+    }
+  }
+})

package/server/api/documents/[id]/public.get.ts

@@ -0,0 +1,60 @@
+import { eq } from 'drizzle-orm'
+import { getDb } from '~~/server/db'
+import * as schema from '~~/server/db/schema'
+
+export default defineEventHandler(async (event) => {
+  const id = getRouterParam(event, 'id')
+  if (!id)
+    throw createError({ statusCode: 400, message: 'Document ID is required' })
+
+  // Validate UUID format
+  const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i
+  if (!uuidRegex.test(id))
+    throw createError({ statusCode: 400, message: 'Invalid document ID format' })
+
+  const db = getDb()
+  const user = event.context.user // May be null for unauthenticated requests
+
+  const document = await db.query.documents.findFirst({
+    where: eq(schema.documents.id, id),
+    with: {
+      creator: {
+        columns: { id: true, name: true }
+      }
+    }
+  })
+
+  // 404 if not found or deleted
+  if (!document || document.deletedAt)
+    throw createError({ statusCode: 404, message: 'Document not found' })
+
+  const isOwner = user?.id === document.createdBy
+
+  // Access control: owner always has access, otherwise check sharing settings
+  if (!isOwner) {
+    if (!document.shared)
+      throw createError({ statusCode: 403, message: 'This document is not shared' })
+
+    // shared=true with any shareType (public or private) allows access
+    // Having the UUID = having the link for private documents
+  }
+
+  return {
+    data: {
+      document: {
+        id: document.id,
+        title: document.title,
+        path: document.path,
+        fileType: document.fileType,
+        shared: document.shared,
+        shareType: document.shareType,
+        tags: document.tags || [],
+        createdAt: document.createdAt,
+        modifiedAt: document.modifiedAt,
+        creatorName: document.creator?.name || null
+      },
+      content: document.fileType !== 'binary' ? document.content : null,
+      isOwner
+    }
+  }
+})

package/server/api/documents/[id]/restore.post.ts

@@ -0,0 +1,65 @@
+import { eq } from 'drizzle-orm'
+import { writeFile, mkdir } from 'fs/promises'
+import { dirname } from 'path'
+import { getDb } from '~~/server/db'
+import * as schema from '~~/server/db/schema'
+import { requireDb } from '~~/server/utils/db-guard'
+import { validatePath } from '~~/server/utils/path-validator'
+import { stringifyFrontmatter } from '~~/server/utils/frontmatter'
+
+export default defineEventHandler(async (event) => {
+  requireDb(event)
+
+  const id = getRouterParam(event, 'id')
+  if (!id)
+    throw createError({ statusCode: 400, message: 'Document ID is required' })
+
+  const db = getDb()
+  const userId = event.context.user?.id
+
+  const document = await db.query.documents.findFirst({
+    where: eq(schema.documents.id, id)
+  })
+
+  if (!document)
+    throw createError({ statusCode: 404, message: 'Document not found' })
+
+  if (!document.deletedAt)
+    throw createError({ statusCode: 400, message: 'Document is not deleted' })
+
+  const absolutePath = validatePath(document.path)
+
+  // Recreate file if we have content
+  if (document.fileType === 'markdown' && document.content) {
+    const metadata: Record<string, unknown> = {}
+    if (document.title) metadata.title = document.title
+    if (document.tags?.length) metadata.tags = document.tags
+    if (document.projectId) metadata.project = document.projectId
+    if (document.shared) metadata.shared = document.shared
+    if (document.shareType) metadata.shareType = document.shareType
+
+    const fileContent = stringifyFrontmatter(metadata, document.content)
+
+    try {
+      await mkdir(dirname(absolutePath), { recursive: true })
+      await writeFile(absolutePath, fileContent, 'utf-8')
+    } catch {
+      throw createError({ statusCode: 500, message: 'Failed to restore file' })
+    }
+  }
+
+  // Clear soft delete
+  await db.update(schema.documents).set({
+    deletedAt: null,
+    deletedBy: null,
+    modifiedAt: new Date(),
+    modifiedBy: userId
+  }).where(eq(schema.documents.id, id))
+
+  const restored = await db.query.documents.findFirst({
+    where: eq(schema.documents.id, id),
+    with: { project: true }
+  })
+
+  return { data: restored }
+})

package/server/api/documents/by-path.post.ts

@@ -0,0 +1,168 @@
+import { eq } from 'drizzle-orm'
+import { readFile } from 'fs/promises'
+import { basename } from 'path'
+import { getDb } from '~~/server/db'
+import * as schema from '~~/server/db/schema'
+import { requireDb } from '~~/server/utils/db-guard'
+import { validatePath } from '~~/server/utils/path-validator'
+import { parseFrontmatter, extractTitle, computeContentHash, getFileType, getMimeType } from '~~/server/utils/frontmatter'
+
+export default defineEventHandler(async (event) => {
+  requireDb(event)
+
+  const body = await readBody(event)
+  const requestedPath = body.path
+
+  if (!requestedPath)
+    throw createError({ statusCode: 400, message: 'Path is required' })
+
+  const absolutePath = validatePath(requestedPath)
+  const db = getDb()
+  const filename = basename(requestedPath)
+
+  // Check if document exists in DB
+  let document = await db.query.documents.findFirst({
+    where: eq(schema.documents.path, requestedPath),
+    with: { project: true }
+  })
+
+  // Read file from disk
+  let fileContent: string
+  try {
+    fileContent = await readFile(absolutePath, 'utf-8')
+  } catch (error: unknown) {
+    const err = error as NodeJS.ErrnoException
+    if (err.code === 'ENOENT')
+      throw createError({ statusCode: 404, message: 'File not found' })
+    throw createError({ statusCode: 500, message: 'Failed to read file' })
+  }
+
+  const fileType = getFileType(filename)
+
+  // Handle binary files
+  if (fileType === 'binary') {
+    if (!document) {
+      const [newDoc] = await db.insert(schema.documents).values({
+        path: requestedPath,
+        title: filename,
+        fileType: 'binary',
+        mimeType: getMimeType(filename),
+        syncedAt: new Date(),
+        createdBy: event.context.user?.id
+      }).returning()
+
+      document = await db.query.documents.findFirst({
+        where: eq(schema.documents.id, newDoc!.id),
+        with: { project: true }
+      })
+    }
+
+    return {
+      data: {
+        document,
+        metadata: { title: document!.title, tags: [], shared: false },
+        body: ''
+      }
+    }
+  }
+
+  // Handle text files (non-markdown) - no frontmatter parsing
+  if (fileType === 'text') {
+    const contentHash = computeContentHash(fileContent)
+
+    if (!document) {
+      const [newDoc] = await db.insert(schema.documents).values({
+        path: requestedPath,
+        title: filename,
+        content: fileContent,
+        contentHash,
+        fileType: 'text',
+        syncedAt: new Date(),
+        createdBy: event.context.user?.id
+      }).returning()
+
+      document = await db.query.documents.findFirst({
+        where: eq(schema.documents.id, newDoc!.id),
+        with: { project: true }
+      })
+    } else if (document.contentHash !== contentHash) {
+      await db.update(schema.documents).set({
+        content: fileContent,
+        contentHash,
+        syncedAt: new Date(),
+        modifiedAt: new Date(),
+        modifiedBy: event.context.user?.id
+      }).where(eq(schema.documents.id, document.id))
+
+      document = await db.query.documents.findFirst({
+        where: eq(schema.documents.id, document.id),
+        with: { project: true }
+      })
+    }
+
+    return {
+      data: {
+        document,
+        metadata: { title: document!.title, tags: document!.tags || [], shared: document!.shared },
+        body: fileContent
+      }
+    }
+  }
+
+  // Handle markdown files - parse frontmatter
+  const { metadata, body: markdownBody } = parseFrontmatter(fileContent)
+  const contentHash = computeContentHash(fileContent)
+  const title = extractTitle(metadata, markdownBody, filename)
+
+  if (!document) {
+    const [newDoc] = await db.insert(schema.documents).values({
+      path: requestedPath,
+      title,
+      content: markdownBody,
+      contentHash,
+      tags: Array.isArray(metadata.tags) ? metadata.tags as string[] : [],
+      projectId: typeof metadata.project === 'string' ? metadata.project : null,
+      shared: !!metadata.shared,
+      shareType: metadata.shareType as 'public' | 'private' || null,
+      fileType: 'markdown',
+      syncedAt: new Date(),
+      createdBy: event.context.user?.id
+    }).returning()
+
+    document = await db.query.documents.findFirst({
+      where: eq(schema.documents.id, newDoc!.id),
+      with: { project: true }
+    })
+  } else if (document.contentHash !== contentHash) {
+    // File changed, update DB
+    await db.update(schema.documents).set({
+      title,
+      content: markdownBody,
+      contentHash,
+      tags: Array.isArray(metadata.tags) ? metadata.tags as string[] : document.tags,
+      syncedAt: new Date(),
+      modifiedAt: new Date(),
+      modifiedBy: event.context.user?.id
+    }).where(eq(schema.documents.id, document.id))
+
+    document = await db.query.documents.findFirst({
+      where: eq(schema.documents.id, document.id),
+      with: { project: true }
+    })
+  }
+
+  return {
+    data: {
+      document,
+      metadata: {
+        title: document!.title,
+        tags: document!.tags || [],
+        projectId: document!.projectId,
+        shared: document!.shared,
+        shareType: document!.shareType,
+        ...metadata
+      },
+      body: markdownBody
+    }
+  }
+})

package/server/api/documents/index.get.ts

@@ -0,0 +1,48 @@
+import { eq, isNull, ilike, and, or } from 'drizzle-orm'
+import { getDb } from '~~/server/db'
+import * as schema from '~~/server/db/schema'
+import { requireDb } from '~~/server/utils/db-guard'
+
+export default defineEventHandler(async (event) => {
+  requireDb(event)
+
+  const query = getQuery(event)
+  const includeDeleted = query.includeDeleted === 'true'
+  const projectId = query.projectId as string | undefined
+  const search = query.search as string | undefined
+  const fileType = query.fileType as string | undefined
+
+  const db = getDb()
+  const conditions = []
+
+  if (!includeDeleted)
+    conditions.push(isNull(schema.documents.deletedAt))
+
+  if (projectId)
+    conditions.push(eq(schema.documents.projectId, projectId))
+
+  if (fileType)
+    conditions.push(eq(schema.documents.fileType, fileType))
+
+  if (search) {
+    const pattern = `%${search}%`
+    conditions.push(
+      or(
+        ilike(schema.documents.title, pattern),
+        ilike(schema.documents.content, pattern),
+        ilike(schema.documents.path, pattern)
+      )
+    )
+  }
+
+  const documents = await db.query.documents.findMany({
+    where: conditions.length > 0 ? and(...conditions) : undefined,
+    with: { project: true },
+    orderBy: (docs, { desc }) => [desc(docs.modifiedAt)],
+    columns: {
+      content: false
+    }
+  })
+
+  return { data: documents }
+})

package/server/api/fs/delete.post.ts

@@ -0,0 +1,41 @@
+import { rm, stat } from 'fs/promises'
+
+export default defineEventHandler(async (event) => {
+  const body = await readBody(event)
+  const requestedPath = body.path
+
+  if (!requestedPath) {
+    throw createError({
+      statusCode: 400,
+      message: 'Path is required'
+    })
+  }
+
+  const absolutePath = validatePath(requestedPath)
+
+  // Check if path exists
+  try {
+    await stat(absolutePath)
+  } catch {
+    throw createError({
+      statusCode: 404,
+      message: 'Path not found'
+    })
+  }
+
+  try {
+    await rm(absolutePath, { recursive: true })
+
+    return {
+      data: {
+        path: requestedPath,
+        deleted: true
+      }
+    }
+  } catch {
+    throw createError({
+      statusCode: 500,
+      message: 'Failed to delete'
+    })
+  }
+})