dineway 0.1.3 → 0.1.4

package/src/astro/routes/api/admin/plugins/[id]/enable.ts

@@ -0,0 +1,39 @@
+/**
+ * Plugin enable endpoint
+ *
+ * POST /_dineway/api/admin/plugins/:id/enable - Enable a plugin
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import { handlePluginEnable } from "#api/index.js";
+import { setCronTasksEnabled } from "#plugins/cron.js";
+
+export const prerender = false;
+
+export const POST: APIRoute = async ({ params, locals }) => {
+	const { dineway, user } = locals;
+	const { id } = params;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:manage");
+	if (denied) return denied;
+
+	if (!id) {
+		return apiError("INVALID_REQUEST", "Plugin ID required", 400);
+	}
+
+	const result = await handlePluginEnable(dineway.db, dineway.configuredPlugins, id);
+
+	if (!result.success) return unwrapResult(result);
+
+	await dineway.setPluginStatus(id, "active");
+	await setCronTasksEnabled(dineway.db, id, true);
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/admin/plugins/[id]/index.ts

@@ -0,0 +1,38 @@
+/**
+ * Plugin management single plugin endpoint
+ *
+ * GET /_dineway/api/admin/plugins/:id - Get plugin details
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import { handlePluginGet } from "#api/index.js";
+
+export const prerender = false;
+
+export const GET: APIRoute = async ({ params, locals }) => {
+	const { dineway, user } = locals;
+	const { id } = params;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:read");
+	if (denied) return denied;
+
+	if (!id) {
+		return apiError("INVALID_REQUEST", "Plugin ID required", 400);
+	}
+
+	const result = await handlePluginGet(
+		dineway.db,
+		dineway.configuredPlugins,
+		id,
+		dineway.config.marketplace,
+	);
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/admin/plugins/[id]/uninstall.ts

@@ -0,0 +1,48 @@
+/**
+ * Marketplace plugin uninstall endpoint
+ *
+ * POST /_dineway/api/admin/plugins/:id/uninstall - Uninstall a marketplace plugin
+ */
+
+import type { APIRoute } from "astro";
+import { z } from "zod";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import { handleMarketplaceUninstall } from "#api/index.js";
+import { isParseError, parseOptionalBody } from "#api/parse.js";
+
+export const prerender = false;
+
+const uninstallBodySchema = z.object({
+	deleteData: z.boolean().optional(),
+});
+
+export const POST: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+	const { id } = params;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:manage");
+	if (denied) return denied;
+
+	if (!id) {
+		return apiError("INVALID_REQUEST", "Plugin ID required", 400);
+	}
+
+	const body = await parseOptionalBody(request, uninstallBodySchema, {});
+	if (isParseError(body)) return body;
+
+	const result = await handleMarketplaceUninstall(dineway.db, dineway.storage, id, {
+		deleteData: body.deleteData ?? false,
+	});
+
+	if (!result.success) return unwrapResult(result);
+
+	await dineway.syncMarketplacePlugins();
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/admin/plugins/[id]/update.ts

@@ -0,0 +1,59 @@
+/**
+ * Marketplace plugin update endpoint
+ *
+ * POST /_dineway/api/admin/plugins/:id/update - Update a marketplace plugin
+ */
+
+import type { APIRoute } from "astro";
+import { z } from "zod";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import { handleMarketplaceUpdate } from "#api/index.js";
+import { isParseError, parseOptionalBody } from "#api/parse.js";
+
+export const prerender = false;
+
+const updateBodySchema = z.object({
+	version: z.string().min(1).optional(),
+	confirmCapabilityChanges: z.boolean().optional(),
+	confirmRouteVisibilityChanges: z.boolean().optional(),
+});
+
+export const POST: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+	const { id } = params;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:manage");
+	if (denied) return denied;
+
+	if (!id) {
+		return apiError("INVALID_REQUEST", "Plugin ID required", 400);
+	}
+
+	const body = await parseOptionalBody(request, updateBodySchema, {});
+	if (isParseError(body)) return body;
+
+	const result = await handleMarketplaceUpdate(
+		dineway.db,
+		dineway.storage,
+		dineway.getSandboxRunner(),
+		dineway.config.marketplace,
+		id,
+		{
+			version: body.version,
+			confirmCapabilityChanges: body.confirmCapabilityChanges,
+			confirmRouteVisibilityChanges: body.confirmRouteVisibilityChanges,
+		},
+	);
+
+	if (!result.success) return unwrapResult(result);
+
+	await dineway.syncMarketplacePlugins();
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/admin/plugins/index.ts

@@ -0,0 +1,32 @@
+/**
+ * Plugin management list endpoint
+ *
+ * GET /_dineway/api/admin/plugins - List all configured plugins with state
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import { handlePluginList } from "#api/index.js";
+
+export const prerender = false;
+
+export const GET: APIRoute = async ({ locals }) => {
+	const { dineway, user } = locals;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:read");
+	if (denied) return denied;
+
+	const result = await handlePluginList(
+		dineway.db,
+		dineway.configuredPlugins,
+		dineway.config.marketplace,
+	);
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/admin/plugins/marketplace/[id]/icon.ts

@@ -0,0 +1,62 @@
+/**
+ * Marketplace plugin icon proxy
+ *
+ * GET /_dineway/api/admin/plugins/marketplace/:id/icon - Proxy icon from marketplace
+ *
+ * Avoids CORS/auth issues when the marketplace service is behind
+ * external auth or on a different origin.
+ * The admin UI uses this instead of linking directly.
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError } from "#api/error.js";
+
+export const prerender = false;
+
+export const GET: APIRoute = async ({ params, url, locals }) => {
+	const { dineway, user } = locals;
+	const { id } = params;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:read");
+	if (denied) return denied;
+
+	const marketplaceUrl = dineway.config.marketplace;
+	if (!marketplaceUrl || !id) {
+		return apiError("NOT_CONFIGURED", "Marketplace not configured", 400);
+	}
+
+	const width = url.searchParams.get("w");
+	const target = new URL(`/api/v1/plugins/${encodeURIComponent(id)}/icon`, marketplaceUrl);
+	if (width) target.searchParams.set("w", width);
+
+	try {
+		const resp = await fetch(target.href);
+		if (!resp.ok) {
+			// Allowlist: only forward Content-Type from upstream.
+			// Never copy all upstream headers (denylist approach leaks
+			// headers we haven't anticipated).
+			return new Response(resp.body, {
+				status: resp.status,
+				headers: {
+					"Content-Type": resp.headers.get("Content-Type") ?? "application/octet-stream",
+					"Cache-Control": "private, no-store",
+				},
+			});
+		}
+
+		return new Response(resp.body, {
+			headers: {
+				"Content-Type": resp.headers.get("Content-Type") ?? "image/png",
+				"Cache-Control": "private, no-store",
+			},
+		});
+	} catch {
+		return apiError("PROXY_ERROR", "Failed to fetch icon", 502);
+	}
+};

package/src/astro/routes/api/admin/plugins/marketplace/[id]/index.ts

@@ -0,0 +1,33 @@
+/**
+ * Marketplace plugin detail proxy endpoint
+ *
+ * GET /_dineway/api/admin/plugins/marketplace/:id - Get plugin details
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import { handleMarketplaceGetPlugin } from "#api/index.js";
+
+export const prerender = false;
+
+export const GET: APIRoute = async ({ params, locals }) => {
+	const { dineway, user } = locals;
+	const { id } = params;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:read");
+	if (denied) return denied;
+
+	if (!id) {
+		return apiError("INVALID_REQUEST", "Plugin ID required", 400);
+	}
+
+	const result = await handleMarketplaceGetPlugin(dineway.config.marketplace, id);
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/admin/plugins/marketplace/[id]/install.ts

@@ -0,0 +1,64 @@
+/**
+ * Marketplace plugin install endpoint
+ *
+ * POST /_dineway/api/admin/plugins/marketplace/:id/install - Install a marketplace plugin
+ */
+
+import type { APIRoute } from "astro";
+import { z } from "zod";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, handleError, unwrapResult } from "#api/error.js";
+import { handleMarketplaceInstall } from "#api/index.js";
+import { isParseError, parseOptionalBody } from "#api/parse.js";
+
+export const prerender = false;
+
+const installBodySchema = z.object({
+	version: z.string().min(1).optional(),
+});
+
+export const POST: APIRoute = async ({ params, request, locals }) => {
+	try {
+		const { dineway, user } = locals;
+		const { id } = params;
+
+		if (!dineway?.db) {
+			return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+		}
+
+		const denied = requirePerm(user, "plugins:manage");
+		if (denied) return denied;
+
+		if (!id) {
+			return apiError("INVALID_REQUEST", "Plugin ID required", 400);
+		}
+
+		const body = await parseOptionalBody(request, installBodySchema, {});
+		if (isParseError(body)) return body;
+
+		const configuredPluginIds = new Set<string>(
+			dineway.configuredPlugins.map((p: { id: string }) => p.id),
+		);
+
+		const siteOrigin = new URL(request.url).origin;
+
+		const result = await handleMarketplaceInstall(
+			dineway.db,
+			dineway.storage,
+			dineway.getSandboxRunner(),
+			dineway.config.marketplace,
+			id,
+			{ version: body.version, configuredPluginIds, siteOrigin },
+		);
+
+		if (!result.success) return unwrapResult(result);
+
+		await dineway.syncMarketplacePlugins();
+
+		return unwrapResult(result, 201);
+	} catch (error) {
+		console.error("[marketplace-install] Unhandled error:", error);
+		return handleError(error, "Failed to install plugin from marketplace", "INSTALL_FAILED");
+	}
+};

package/src/astro/routes/api/admin/plugins/marketplace/index.ts

@@ -0,0 +1,38 @@
+/**
+ * Marketplace search proxy endpoint
+ *
+ * GET /_dineway/api/admin/plugins/marketplace - Search marketplace plugins
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import { handleMarketplaceSearch } from "#api/index.js";
+
+export const prerender = false;
+
+export const GET: APIRoute = async ({ url, locals }) => {
+	const { dineway, user } = locals;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:read");
+	if (denied) return denied;
+
+	const query = url.searchParams.get("q") ?? undefined;
+	const category = url.searchParams.get("category") ?? undefined;
+	const cursor = url.searchParams.get("cursor") ?? undefined;
+	const limitParam = url.searchParams.get("limit");
+	const limit = limitParam ? Math.min(Math.max(1, parseInt(limitParam, 10) || 50), 100) : undefined;
+
+	const result = await handleMarketplaceSearch(dineway.config.marketplace, query, {
+		category,
+		cursor,
+		limit,
+	});
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/admin/plugins/updates.ts

@@ -0,0 +1,28 @@
+/**
+ * Marketplace update check endpoint
+ *
+ * GET /_dineway/api/admin/plugins/updates - Check for marketplace plugin updates
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import { handleMarketplaceUpdateCheck } from "#api/index.js";
+
+export const prerender = false;
+
+export const GET: APIRoute = async ({ locals }) => {
+	const { dineway, user } = locals;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:read");
+	if (denied) return denied;
+
+	const result = await handleMarketplaceUpdateCheck(dineway.db, dineway.config.marketplace);
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/admin/themes/marketplace/[id]/index.ts

@@ -0,0 +1,33 @@
+/**
+ * Theme marketplace detail proxy endpoint
+ *
+ * GET /_dineway/api/admin/themes/marketplace/:id - Get theme details
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import { handleThemeGetDetail } from "#api/index.js";
+
+export const prerender = false;
+
+export const GET: APIRoute = async ({ params, locals }) => {
+	const { dineway, user } = locals;
+	const { id } = params;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:read");
+	if (denied) return denied;
+
+	if (!id) {
+		return apiError("INVALID_REQUEST", "Theme ID required", 400);
+	}
+
+	const result = await handleThemeGetDetail(dineway.config.marketplace, id);
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/admin/themes/marketplace/[id]/thumbnail.ts

@@ -0,0 +1,62 @@
+/**
+ * Theme marketplace thumbnail proxy
+ *
+ * GET /_dineway/api/admin/themes/marketplace/:id/thumbnail - Proxy thumbnail from marketplace
+ *
+ * Avoids CORS/auth issues when the marketplace service is behind
+ * external auth or on a different origin.
+ * The admin UI uses this instead of linking directly.
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError } from "#api/error.js";
+
+export const prerender = false;
+
+export const GET: APIRoute = async ({ params, url, locals }) => {
+	const { dineway, user } = locals;
+	const { id } = params;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:read");
+	if (denied) return denied;
+
+	const marketplaceUrl = dineway.config.marketplace;
+	if (!marketplaceUrl || !id) {
+		return apiError("NOT_CONFIGURED", "Marketplace not configured", 400);
+	}
+
+	const width = url.searchParams.get("w");
+	const target = new URL(`/api/v1/themes/${encodeURIComponent(id)}/thumbnail`, marketplaceUrl);
+	if (width) target.searchParams.set("w", width);
+
+	try {
+		const resp = await fetch(target.href);
+		if (!resp.ok) {
+			// Allowlist: only forward Content-Type from upstream.
+			// Never copy all upstream headers (denylist approach leaks
+			// headers we haven't anticipated).
+			return new Response(resp.body, {
+				status: resp.status,
+				headers: {
+					"Content-Type": resp.headers.get("Content-Type") ?? "application/octet-stream",
+					"Cache-Control": "private, no-store",
+				},
+			});
+		}
+
+		return new Response(resp.body, {
+			headers: {
+				"Content-Type": resp.headers.get("Content-Type") ?? "image/png",
+				"Cache-Control": "private, no-store",
+			},
+		});
+	} catch {
+		return apiError("PROXY_ERROR", "Failed to fetch thumbnail", 502);
+	}
+};

package/src/astro/routes/api/admin/themes/marketplace/index.ts

@@ -0,0 +1,45 @@
+/**
+ * Theme marketplace search proxy endpoint
+ *
+ * GET /_dineway/api/admin/themes/marketplace - Search marketplace themes
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import { handleThemeSearch } from "#api/index.js";
+
+export const prerender = false;
+
+export const GET: APIRoute = async ({ url, locals }) => {
+	const { dineway, user } = locals;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const denied = requirePerm(user, "plugins:read");
+	if (denied) return denied;
+
+	const query = url.searchParams.get("q") ?? undefined;
+	const keyword = url.searchParams.get("keyword") ?? undefined;
+	const sortParam = url.searchParams.get("sort");
+	const validSorts = new Set(["name", "created", "updated"]);
+	let sort: "name" | "created" | "updated" | undefined;
+	if (sortParam && validSorts.has(sortParam)) {
+		sort = sortParam as "name" | "created" | "updated"; // eslint-disable-line typescript-eslint(no-unsafe-type-assertion) -- validated by Set.has()
+	}
+	const cursor = url.searchParams.get("cursor") ?? undefined;
+	const limitParam = url.searchParams.get("limit");
+	const limit = limitParam ? Math.min(Math.max(1, parseInt(limitParam, 10) || 50), 100) : undefined;
+
+	const result = await handleThemeSearch(dineway.config.marketplace, query, {
+		keyword,
+		sort,
+		cursor,
+		limit,
+	});
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/admin/users/[id]/disable.ts

@@ -0,0 +1,69 @@
+/**
+ * User disable endpoint
+ *
+ * POST /_dineway/api/admin/users/:id/disable - Soft-disable a user
+ */
+
+import { Role } from "@dineway-ai/auth";
+import { createKyselyAdapter } from "@dineway-ai/auth/adapters/kysely";
+import type { APIRoute } from "astro";
+
+import { apiError, apiSuccess, handleError } from "#api/error.js";
+
+export const prerender = false;
+
+export const POST: APIRoute = async ({ params, locals }) => {
+	const { dineway, user: currentUser } = locals;
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Database not configured", 500);
+	}
+
+	if (!currentUser || currentUser.role < Role.ADMIN) {
+		return apiError("FORBIDDEN", "Admin privileges required", 403);
+	}
+
+	const adapter = createKyselyAdapter(dineway.db);
+
+	const { id } = params;
+
+	if (!id) {
+		return apiError("VALIDATION_ERROR", "User ID required", 400);
+	}
+
+	// Prevent disabling self
+	if (id === currentUser.id) {
+		return apiError("VALIDATION_ERROR", "Cannot disable your own account", 400);
+	}
+
+	try {
+		// Get target user
+		const targetUser = await adapter.getUserById(id);
+		if (!targetUser) {
+			return apiError("NOT_FOUND", "User not found", 404);
+		}
+
+		// Check if this would leave no active admins
+		if (targetUser.role === Role.ADMIN) {
+			const adminCount = await adapter.countAdmins();
+			if (adminCount <= 1) {
+				return apiError(
+					"VALIDATION_ERROR",
+					"Cannot disable the last admin. Promote another user first.",
+					400,
+				);
+			}
+		}
+
+		// Disable user
+		await adapter.updateUser(id, { disabled: true });
+
+		// SEC-43: Revoke all OAuth tokens for the disabled user.
+		// Without this, existing refresh tokens remain valid for up to 90 days.
+		await dineway.db.deleteFrom("_dineway_oauth_tokens").where("user_id", "=", id).execute();
+
+		return apiSuccess({ success: true });
+	} catch (error) {
+		return handleError(error, "Failed to disable user", "USER_DISABLE_ERROR");
+	}
+};