dineway 0.1.3 → 0.1.5

package/src/astro/routes/api/comments/[collection]/[contentId]/index.ts

@@ -0,0 +1,310 @@
+/**
+ * Public comment endpoints
+ *
+ * GET  /_dineway/api/comments/:collection/:contentId - List approved comments
+ * POST /_dineway/api/comments/:collection/:contentId - Submit a comment
+ */
+
+import type { APIRoute } from "astro";
+
+import { apiError, apiSuccess, handleError, requireDb, unwrapResult } from "#api/error.js";
+import { handleCommentList, checkRateLimit, hashIp } from "#api/handlers/comments.js";
+import { isParseError, parseBody } from "#api/parse.js";
+import { createCommentBody } from "#api/schemas.js";
+import { getSiteBaseUrl } from "#api/site-url.js";
+import { sendCommentNotification } from "#comments/notifications.js";
+import { createComment, type CommentHookRunner } from "#comments/service.js";
+import { CommentRepository } from "#db/repositories/comment.js";
+import { validateIdentifier } from "#db/validate.js";
+import { extractRequestMeta } from "#plugins/request-meta.js";
+import type { CollectionCommentSettings, ModerationDecision } from "#plugins/types.js";
+
+export const prerender = false;
+
+/**
+ * List approved comments for a content item (public, no auth required)
+ */
+export const GET: APIRoute = async ({ params, url, locals }) => {
+	const { dineway } = locals;
+	const { collection, contentId } = params;
+
+	if (!collection || !contentId) {
+		return apiError("VALIDATION_ERROR", "Collection and content ID required", 400);
+	}
+
+	const dbErr = requireDb(dineway?.db);
+	if (dbErr) return dbErr;
+
+	try {
+		const limit = Math.min(Number(url.searchParams.get("limit") || 50), 100);
+		const cursor = url.searchParams.get("cursor") ?? undefined;
+		const threaded = url.searchParams.get("threaded") === "true";
+
+		// Check collection exists and has comments enabled
+		const collectionRow = await dineway.db
+			.selectFrom("_dineway_collections")
+			.select(["comments_enabled"])
+			.where("slug", "=", collection)
+			.executeTakeFirst();
+
+		if (!collectionRow) {
+			return apiError("NOT_FOUND", `Collection '${collection}' not found`, 404);
+		}
+
+		if (!collectionRow.comments_enabled) {
+			return apiError("COMMENTS_DISABLED", "Comments are not enabled for this collection", 403);
+		}
+
+		const result = await handleCommentList(dineway.db, collection, contentId, {
+			limit,
+			cursor,
+			threaded,
+		});
+
+		return unwrapResult(result);
+	} catch (error) {
+		return handleError(error, "Failed to list comments", "COMMENT_LIST_ERROR");
+	}
+};
+
+/**
+ * Submit a comment (public, gated by anti-spam checks)
+ */
+export const POST: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+	const { collection, contentId } = params;
+
+	if (!collection || !contentId) {
+		return apiError("VALIDATION_ERROR", "Collection and content ID required", 400);
+	}
+
+	const dbErr = requireDb(dineway?.db);
+	if (dbErr) return dbErr;
+
+	try {
+		// Parse and validate input
+		const body = await parseBody(request, createCommentBody);
+		if (isParseError(body)) return body;
+
+		// Check collection exists and has comments enabled
+		const collectionRow = await dineway.db
+			.selectFrom("_dineway_collections")
+			.select([
+				"comments_enabled",
+				"comments_moderation",
+				"comments_closed_after_days",
+				"comments_auto_approve_users",
+			])
+			.where("slug", "=", collection)
+			.executeTakeFirst();
+
+		if (!collectionRow) {
+			return apiError("NOT_FOUND", `Collection '${collection}' not found`, 404);
+		}
+
+		if (!collectionRow.comments_enabled) {
+			return apiError("COMMENTS_DISABLED", "Comments are not enabled for this collection", 403);
+		}
+
+		// Verify the content item exists, is published, and not soft-deleted
+		validateIdentifier(collection, "collection");
+		const contentRow = await dineway.db
+			.selectFrom(`ec_${collection}` as never)
+			.select(["id" as never, "slug" as never, "author_id" as never, "published_at" as never])
+			.where("id" as never, "=", contentId as never)
+			.where("status" as never, "=", "published" as never)
+			.where("deleted_at" as never, "is", null as never)
+			.executeTakeFirst();
+
+		if (!contentRow) {
+			return apiError("NOT_FOUND", "Content not found", 404);
+		}
+
+		// Check if comments are closed (published_at + closed_after_days)
+		if (collectionRow.comments_closed_after_days > 0) {
+			const publishedAt = (contentRow as { published_at: string | null }).published_at;
+			if (publishedAt) {
+				const closedDate = new Date(publishedAt);
+				closedDate.setDate(closedDate.getDate() + collectionRow.comments_closed_after_days);
+				if (new Date() > closedDate) {
+					return apiError("COMMENTS_CLOSED", "Comments are closed for this content", 403);
+				}
+			}
+		}
+
+		// Anti-spam: Honeypot — hidden field filled only by bots
+		if (body.website_url) {
+			// Silently accept — don't reveal the honeypot to bots
+			return apiSuccess({ status: "pending", message: "Comment submitted for review" });
+		}
+
+		// Anti-spam: Rate limiting
+		const meta = extractRequestMeta(request, dineway.config);
+		const ipSalt =
+			import.meta.env.DINEWAY_AUTH_SECRET || import.meta.env.AUTH_SECRET || "dineway-ip-salt";
+		let ipHash: string;
+		if (meta.ip) {
+			ipHash = await hashIp(meta.ip, ipSalt);
+		} else {
+			// Fail closed: all unidentifiable requests share one rate-limit bucket.
+			// Use a larger limit since this bucket is shared across all anonymous users.
+			ipHash = "unknown";
+		}
+		const unknownBucketLimit = ipHash === "unknown" ? 20 : undefined;
+		const rateLimited = await checkRateLimit(dineway.db, ipHash, unknownBucketLimit);
+		if (rateLimited) {
+			return apiError("RATE_LIMITED", "Too many comments. Please try again later.", 429);
+		}
+
+		// Build collection settings
+		const collectionSettings: CollectionCommentSettings = {
+			commentsEnabled: collectionRow.comments_enabled === 1,
+			commentsModeration:
+				collectionRow.comments_moderation as CollectionCommentSettings["commentsModeration"],
+			commentsClosedAfterDays: collectionRow.comments_closed_after_days,
+			commentsAutoApproveUsers: collectionRow.comments_auto_approve_users === 1,
+		};
+
+		// Determine author fields — authenticated user overrides form input
+		let authorName = body.authorName;
+		let authorEmail = body.authorEmail;
+		let authorUserId: string | null = null;
+
+		if (user) {
+			authorName = user.name || authorName;
+			authorEmail = user.email;
+			authorUserId = user.id;
+		}
+
+		// Validate parent exists and belongs to the same content.
+		// Enforce 1-level nesting: if the parent is itself a reply, attach to its root.
+		let resolvedParentId = body.parentId ?? null;
+		if (body.parentId) {
+			const repo = new CommentRepository(dineway.db);
+			const parent = await repo.findById(body.parentId);
+			if (!parent) {
+				return apiError("VALIDATION_ERROR", "Parent comment not found", 400);
+			}
+			if (parent.collection !== collection || parent.contentId !== contentId) {
+				return apiError("VALIDATION_ERROR", "Parent comment belongs to different content", 400);
+			}
+			// Flatten: if parent is a reply, use its parent (the root) instead
+			resolvedParentId = parent.parentId ?? parent.id;
+		}
+
+		// Wire the comment service to the real hook pipeline
+		const hookRunner: CommentHookRunner = {
+			async runBeforeCreate(event) {
+				return dineway.hooks.runCommentBeforeCreate(event);
+			},
+			async runModerate(event) {
+				const result = await dineway.hooks.invokeExclusiveHook("comment:moderate", event);
+				if (!result) return { status: "pending" as const, reason: "No moderator configured" };
+				if (result.error) {
+					console.error(`[comments] Moderation error (${result.pluginId}):`, result.error.message);
+					return { status: "pending" as const, reason: "Moderation error" };
+				}
+				return result.result as ModerationDecision;
+			},
+			fireAfterCreate(event) {
+				dineway.hooks
+					.runCommentAfterCreate(event)
+					.catch((err) =>
+						console.error(
+							"[comments] afterCreate error:",
+							err instanceof Error ? err.message : err,
+						),
+					);
+			},
+			fireAfterModerate(event) {
+				dineway.hooks
+					.runCommentAfterModerate(event)
+					.catch((err) =>
+						console.error(
+							"[comments] afterModerate error:",
+							err instanceof Error ? err.message : err,
+						),
+					);
+			},
+		};
+
+		// Build content info for afterCreate hooks (e.g. email notifications)
+		const typedContent = contentRow as {
+			id: string;
+			slug: string;
+			author_id: string | null;
+		};
+		let contentAuthor: { id: string; name: string | null; email: string } | undefined;
+		if (typedContent.author_id) {
+			const authorRow = await dineway.db
+				.selectFrom("users")
+				.select(["id", "name", "email", "email_verified"])
+				.where("id", "=", typedContent.author_id)
+				.executeTakeFirst();
+			if (authorRow && authorRow.email_verified) {
+				contentAuthor = {
+					id: authorRow.id,
+					name: authorRow.name,
+					email: authorRow.email,
+				};
+			}
+		}
+
+		const result = await createComment(
+			dineway.db,
+			{
+				collection,
+				contentId,
+				parentId: resolvedParentId,
+				authorName,
+				authorEmail,
+				authorUserId,
+				body: body.body,
+				ipHash,
+				userAgent: meta.userAgent,
+			},
+			collectionSettings,
+			hookRunner,
+			{
+				id: typedContent.id,
+				collection,
+				slug: typedContent.slug,
+				author: contentAuthor,
+			},
+		);
+
+		if (!result) {
+			return apiError("COMMENT_REJECTED", "Comment was rejected", 403);
+		}
+
+		// Send notification to content author and await completion before the
+		// response is sent so the delivery path does not outlive the request.
+		if (result.comment.status === "approved" && dineway.email && contentAuthor) {
+			try {
+				const adminBaseUrl = await getSiteBaseUrl(dineway.db, request);
+				await sendCommentNotification({
+					email: dineway.email,
+					comment: result.comment,
+					contentAuthor,
+					adminBaseUrl,
+				});
+			} catch (err) {
+				console.error("[comments] notification error:", err instanceof Error ? err.message : err);
+			}
+		}
+
+		return apiSuccess(
+			{
+				id: result.comment.id,
+				status: result.comment.status,
+				message:
+					result.comment.status === "approved"
+						? "Comment published"
+						: "Comment submitted for review",
+			},
+			201,
+		);
+	} catch (error) {
+		return handleError(error, "Failed to submit comment", "COMMENT_CREATE_ERROR");
+	}
+};

package/src/astro/routes/api/content/[collection]/[id]/compare.ts

@@ -0,0 +1,28 @@
+/**
+ * Compare live and draft revisions
+ *
+ * GET /_dineway/api/content/{collection}/{id}/compare
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+
+export const prerender = false;
+
+export const GET: APIRoute = async ({ params, locals }) => {
+	const { dineway, user } = locals;
+	const denied = requirePerm(user, "content:read_drafts");
+	if (denied) return denied;
+	const collection = params.collection!;
+	const id = params.id!;
+
+	if (!dineway?.handleContentCompare) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const result = await dineway.handleContentCompare(collection, id);
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/content/[collection]/[id]/discard-draft.ts

@@ -0,0 +1,68 @@
+/**
+ * Discard draft changes - reverts to live version
+ *
+ * POST /_dineway/api/content/{collection}/{id}/discard-draft
+ */
+
+import type { APIRoute } from "astro";
+
+import { requireOwnerPerm } from "#api/authorize.js";
+import { apiError, mapErrorStatus, unwrapResult } from "#api/error.js";
+import {
+	contentApiRouteSource,
+	extractActivityItemId,
+	logContentActivity,
+} from "#site-context/activity-events.js";
+
+export const prerender = false;
+
+export const POST: APIRoute = async ({ params, locals, cache }) => {
+	const { dineway, user } = locals;
+	const collection = params.collection!;
+	const id = params.id!;
+
+	if (!dineway?.handleContentDiscardDraft || !dineway?.handleContentGet) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	// Fetch item to check ownership
+	const existing = await dineway.handleContentGet(collection, id);
+	if (!existing.success) {
+		return apiError(
+			existing.error?.code ?? "UNKNOWN_ERROR",
+			existing.error?.message ?? "Unknown error",
+			mapErrorStatus(existing.error?.code),
+		);
+	}
+	const existingData =
+		existing.data && typeof existing.data === "object"
+			? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown data; narrowed by typeof check above
+				(existing.data as Record<string, unknown>)
+			: undefined;
+	// Handler returns { item, _rev } — extract the item for ownership check
+	const existingItem =
+		existingData?.item && typeof existingData.item === "object"
+			? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowed by typeof check above
+				(existingData.item as Record<string, unknown>)
+			: existingData;
+	const authorId = typeof existingItem?.authorId === "string" ? existingItem.authorId : "";
+	const denied = requireOwnerPerm(user, authorId, "content:edit_own", "content:edit_any");
+	if (denied) return denied;
+	const resolvedId = typeof existingItem?.id === "string" ? existingItem.id : id;
+
+	const result = await dineway.handleContentDiscardDraft(collection, resolvedId);
+
+	if (!result.success) return unwrapResult(result);
+
+	if (cache.enabled) await cache.invalidate({ tags: [collection, resolvedId] });
+
+	await logContentActivity(dineway.db, locals, {
+		action: "draft_discarded",
+		collection,
+		entryId: extractActivityItemId(result.data, resolvedId),
+		...contentApiRouteSource("draft_discarded"),
+		summary: `Discarded draft for content in ${collection}`,
+	});
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/content/[collection]/[id]/duplicate.ts

@@ -0,0 +1,77 @@
+/**
+ * Duplicate content endpoint - injected by Dineway integration
+ *
+ * POST /_dineway/api/content/{collection}/{id}/duplicate - Create a copy
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm, requireOwnerPerm } from "#api/authorize.js";
+import { apiError, mapErrorStatus, unwrapResult } from "#api/error.js";
+import {
+	contentApiRouteSource,
+	extractActivityItemId,
+	logContentActivity,
+} from "#site-context/activity-events.js";
+
+export const prerender = false;
+
+export const POST: APIRoute = async ({ params, locals, cache }) => {
+	const { dineway, user } = locals;
+	const collection = params.collection!;
+	const id = params.id!;
+
+	const denied = requirePerm(user, "content:create");
+	if (denied) return denied;
+
+	if (!dineway?.handleContentDuplicate || !dineway?.handleContentGet) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	// Fetch item to check ownership — duplicating requires read access to the source
+	const existing = await dineway.handleContentGet(collection, id);
+	if (!existing.success) {
+		return apiError(
+			existing.error?.code ?? "UNKNOWN_ERROR",
+			existing.error?.message ?? "Unknown error",
+			mapErrorStatus(existing.error?.code),
+		);
+	}
+
+	const existingData =
+		existing.data && typeof existing.data === "object"
+			? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown data; narrowed by typeof check above
+				(existing.data as Record<string, unknown>)
+			: undefined;
+	// Handler returns { item, _rev } — extract the item for ownership check
+	const existingItem =
+		existingData?.item && typeof existingData.item === "object"
+			? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowed by typeof check above
+				(existingData.item as Record<string, unknown>)
+			: existingData;
+	const authorId = typeof existingItem?.authorId === "string" ? existingItem.authorId : "";
+	// Duplicating requires read access to the source — check ownership-based edit permissions
+	// since content:read is flat (no own/any split). This ensures authors can only duplicate their own.
+	const readDenied = requireOwnerPerm(user, authorId, "content:edit_own", "content:edit_any");
+	if (readDenied) return readDenied;
+
+	const resolvedId = typeof existingItem?.id === "string" ? existingItem.id : id;
+	const result = await dineway.handleContentDuplicate(collection, resolvedId, user?.id);
+
+	if (!result.success) return unwrapResult(result);
+
+	if (cache.enabled) await cache.invalidate({ tags: [collection] });
+
+	await logContentActivity(dineway.db, locals, {
+		action: "duplicated",
+		collection,
+		entryId: extractActivityItemId(result.data),
+		...contentApiRouteSource("duplicated"),
+		summary: `Duplicated content in ${collection}`,
+		detail: {
+			sourceEntryId: resolvedId,
+		},
+	});
+
+	return unwrapResult(result, 201);
+};

package/src/astro/routes/api/content/[collection]/[id]/permanent.ts

@@ -0,0 +1,42 @@
+/**
+ * Permanent delete content endpoint - injected by Dineway integration
+ *
+ * DELETE /_dineway/api/content/{collection}/{id}/permanent - Permanently delete (no undo)
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, unwrapResult } from "#api/error.js";
+import { contentApiRouteSource, logContentActivity } from "#site-context/activity-events.js";
+
+export const prerender = false;
+
+export const DELETE: APIRoute = async ({ params, locals, cache }) => {
+	const { dineway, user } = locals;
+	const collection = params.collection!;
+	const id = params.id!;
+
+	const denied = requirePerm(user, "import:execute");
+	if (denied) return denied;
+
+	if (!dineway?.handleContentPermanentDelete) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const result = await dineway.handleContentPermanentDelete(collection, id);
+
+	if (!result.success) return unwrapResult(result);
+
+	if (cache.enabled) await cache.invalidate({ tags: [collection, id] });
+
+	await logContentActivity(dineway.db, locals, {
+		action: "permanently_deleted",
+		collection,
+		entryId: id,
+		...contentApiRouteSource("permanently_deleted"),
+		summary: `Permanently deleted content in ${collection}`,
+	});
+
+	return unwrapResult(result);
+};

package/src/astro/routes/api/content/[collection]/[id]/preview-url.ts

@@ -0,0 +1,107 @@
+/**
+ * Preview URL endpoint - generates a signed preview URL for content
+ *
+ * POST /_dineway/api/content/{collection}/{id}/preview-url
+ *
+ * Request body:
+ * {
+ *   expiresIn?: string | number;  // Default: "1h"
+ *   pathPattern?: string;         // Default: "/{collection}/{id}"
+ * }
+ *
+ * Response:
+ * {
+ *   url: string;      // The preview URL with token
+ *   expiresAt: number; // Unix timestamp when token expires
+ * }
+ */
+
+import type { APIRoute } from "astro";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, apiSuccess, handleError, unwrapResult } from "#api/error.js";
+import { parseOptionalBody, isParseError } from "#api/parse.js";
+import { contentPreviewUrlBody } from "#api/schemas.js";
+import { getPreviewUrl } from "#preview/index.js";
+
+export const prerender = false;
+
+const DURATION_PATTERN = /^(\d+)([smhdw])$/;
+
+export const POST: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+	const denied = requirePerm(user, "content:read_drafts");
+	if (denied) return denied;
+	const collection = params.collection!;
+	const id = params.id!;
+
+	// Get the preview secret from environment
+	const previewSecret = import.meta.env.DINEWAY_PREVIEW_SECRET || import.meta.env.PREVIEW_SECRET;
+
+	if (!previewSecret) {
+		return apiError(
+			"NOT_CONFIGURED",
+			"Preview not configured. Set DINEWAY_PREVIEW_SECRET environment variable.",
+			500,
+		);
+	}
+
+	// Verify the content exists (optional, but good for UX)
+	if (dineway?.handleContentGet) {
+		const result = await dineway.handleContentGet(collection, id);
+		if (!result.success) return unwrapResult(result);
+	}
+
+	// Parse request body
+	const body = await parseOptionalBody(request, contentPreviewUrlBody, {});
+	if (isParseError(body)) return body;
+
+	const expiresIn = body.expiresIn || "1h";
+	const pathPattern = body.pathPattern;
+
+	// Calculate expiry timestamp
+	const expiresInSeconds = typeof expiresIn === "number" ? expiresIn : parseExpiresIn(expiresIn);
+	const expiresAt = Math.floor(Date.now() / 1000) + expiresInSeconds;
+
+	try {
+		const url = await getPreviewUrl({
+			collection,
+			id,
+			secret: previewSecret,
+			expiresIn,
+			pathPattern,
+		});
+
+		return apiSuccess({ url, expiresAt });
+	} catch (error) {
+		return handleError(error, "Failed to generate preview URL", "TOKEN_ERROR");
+	}
+};
+
+/**
+ * Parse duration string to seconds
+ */
+function parseExpiresIn(duration: string): number {
+	const match = duration.match(DURATION_PATTERN);
+	if (!match) {
+		return 3600; // Default 1 hour
+	}
+
+	const value = parseInt(match[1], 10);
+	const unit = match[2];
+
+	switch (unit) {
+		case "s":
+			return value;
+		case "m":
+			return value * 60;
+		case "h":
+			return value * 60 * 60;
+		case "d":
+			return value * 60 * 60 * 24;
+		case "w":
+			return value * 60 * 60 * 24 * 7;
+		default:
+			return 3600;
+	}
+}