dineway 0.1.3 → 0.1.5

package/src/astro/routes/api/media/upload-url.ts

@@ -0,0 +1,146 @@
+/**
+ * Media upload URL endpoint
+ *
+ * POST /_dineway/api/media/upload-url
+ *
+ * Returns a signed URL for direct upload to storage.
+ * Creates a pending media record that must be confirmed after upload.
+ */
+
+import * as path from "node:path";
+
+import type { APIRoute } from "astro";
+import { MediaRepository } from "dineway";
+import { ulid } from "ulidx";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, apiSuccess, handleError } from "#api/error.js";
+import { isParseError, parseBody } from "#api/parse.js";
+import { DEFAULT_MAX_UPLOAD_SIZE, mediaUploadUrlBody } from "#api/schemas.js";
+
+export const prerender = false;
+
+interface UploadUrlResponse {
+	uploadUrl: string;
+	method: "PUT";
+	headers: Record<string, string>;
+	mediaId: string;
+	storageKey: string;
+	expiresAt: string;
+}
+
+/** Response when content already exists (deduplication) */
+interface ExistingMediaResponse {
+	existing: true;
+	mediaId: string;
+	storageKey: string;
+	url: string;
+}
+
+/**
+ * Get a signed upload URL for direct-to-storage upload
+ */
+export const POST: APIRoute = async ({ request, locals }) => {
+	const { dineway, user } = locals;
+
+	const denied = requirePerm(user, "media:upload");
+	if (denied) return denied;
+
+	if (!dineway?.storage) {
+		return apiError(
+			"NO_STORAGE",
+			"Storage not configured. Signed URL uploads require S3-compatible storage.",
+			501,
+		);
+	}
+
+	if (!dineway?.db) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	try {
+		const maxUploadSize = dineway.config.maxUploadSize ?? DEFAULT_MAX_UPLOAD_SIZE;
+		if (!Number.isFinite(maxUploadSize) || maxUploadSize <= 0) {
+			return apiError(
+				"CONFIGURATION_ERROR",
+				"Invalid maxUploadSize configuration. Expected a positive finite number.",
+				500,
+			);
+		}
+
+		const body = await parseBody(request, mediaUploadUrlBody(maxUploadSize));
+		if (isParseError(body)) return body;
+
+		// Validate content type
+		const allowedTypes = ["image/", "video/", "audio/", "application/pdf"];
+		if (!allowedTypes.some((type) => body.contentType.startsWith(type))) {
+			return apiError("INVALID_TYPE", "File type not allowed", 400);
+		}
+
+		const repo = new MediaRepository(dineway.db);
+
+		// Check for existing content with same hash (deduplication)
+		if (body.contentHash) {
+			const existing = await repo.findByContentHash(body.contentHash);
+			if (existing) {
+				const response: ExistingMediaResponse = {
+					existing: true,
+					mediaId: existing.id,
+					storageKey: existing.storageKey,
+					url: `/_dineway/api/media/file/${existing.storageKey}`,
+				};
+				return apiSuccess(response);
+			}
+		}
+
+		// Generate unique storage key
+		const id = ulid();
+		const ext = path.extname(body.filename) || "";
+		const storageKey = `${id}${ext}`;
+
+		// Create pending media record with content hash
+		const mediaItem = await repo.createPending({
+			filename: body.filename,
+			mimeType: body.contentType,
+			size: body.size,
+			storageKey,
+			contentHash: body.contentHash,
+			authorId: user?.id,
+		});
+
+		// Get signed upload URL from storage
+		const signedUrl = await dineway.storage.getSignedUploadUrl({
+			key: storageKey,
+			contentType: body.contentType,
+			size: body.size,
+			expiresIn: 3600, // 1 hour
+		});
+
+		const response: UploadUrlResponse = {
+			uploadUrl: signedUrl.url,
+			method: signedUrl.method,
+			headers: signedUrl.headers,
+			mediaId: mediaItem.id,
+			storageKey,
+			expiresAt: signedUrl.expiresAt,
+		};
+
+		return apiSuccess(response);
+	} catch (error) {
+		// Check if storage doesn't support signed URLs (e.g., local storage)
+		if (
+			error instanceof Error &&
+			"code" in error &&
+			// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowing error to check custom code property after "code" in error guard
+			(error as { code: string }).code === "NOT_SUPPORTED"
+		) {
+			return apiError(
+				"NOT_SUPPORTED",
+				"Storage does not support signed upload URLs. Use direct upload.",
+				501,
+			);
+		}
+
+		return handleError(error, "Failed to generate upload URL", "UPLOAD_URL_ERROR");
+	}
+};

package/src/astro/routes/api/media.ts

@@ -0,0 +1,204 @@
+/**
+ * Media list and upload endpoint
+ *
+ * GET /_dineway/api/media - List all media
+ * POST /_dineway/api/media - Upload new media (via configured storage adapter)
+ */
+
+import * as path from "node:path";
+
+import type { APIRoute } from "astro";
+import { ulid } from "ulidx";
+
+import { requirePerm } from "#api/authorize.js";
+import { apiError, apiSuccess, handleError, unwrapResult } from "#api/error.js";
+import { isParseError, parseQuery } from "#api/parse.js";
+import { DEFAULT_MAX_UPLOAD_SIZE, formatFileSize, mediaListQuery } from "#api/schemas.js";
+import { MediaRepository } from "#db/repositories/media.js";
+import { generatePlaceholder } from "#media/placeholder.js";
+import { computeContentHash } from "#utils/hash.js";
+
+import type { MediaItem } from "../../types.js";
+
+export const prerender = false;
+
+/**
+ * Add URL to media items
+ * Uses relative URLs to ensure portability across deployments
+ */
+function addUrlToMedia(item: MediaItem): MediaItem & { url: string } {
+	return {
+		...item,
+		url: `/_dineway/api/media/file/${item.storageKey}`,
+	};
+}
+
+/**
+ * List media items
+ */
+export const GET: APIRoute = async ({ request, locals }) => {
+	const { dineway, user } = locals;
+
+	const denied = requirePerm(user, "media:read");
+	if (denied) return denied;
+
+	if (!dineway?.handleMediaList) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	const url = new URL(request.url);
+	const query = parseQuery(url, mediaListQuery);
+	if (isParseError(query)) return query;
+
+	const result = await dineway.handleMediaList({
+		cursor: query.cursor,
+		limit: query.limit,
+		mimeType: query.mimeType,
+	});
+
+	if (!result.success) {
+		return unwrapResult(result);
+	}
+
+	// Add URL to each media item (relative URLs for portability)
+	const itemsWithUrl = result.data.items.map((item) => addUrlToMedia(item));
+
+	return apiSuccess({ items: itemsWithUrl, nextCursor: result.data.nextCursor });
+};
+
+/**
+ * Upload media file
+ *
+ * Uses the configured storage adapter to store the file.
+ */
+export const POST: APIRoute = async ({ request, locals }) => {
+	const { dineway, user } = locals;
+
+	const denied = requirePerm(user, "media:upload");
+	if (denied) return denied;
+
+	if (!dineway?.handleMediaCreate) {
+		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	}
+
+	if (!dineway?.storage) {
+		return apiError("NO_STORAGE", "Storage not configured", 500);
+	}
+
+	try {
+		const maxUploadSize = dineway.config.maxUploadSize ?? DEFAULT_MAX_UPLOAD_SIZE;
+		if (!Number.isFinite(maxUploadSize) || maxUploadSize <= 0) {
+			return apiError("CONFIGURATION_ERROR", "Invalid maxUploadSize configuration", 500);
+		}
+
+		// Best-effort size check before buffering the full multipart body
+		const contentLength = request.headers.get("Content-Length");
+		if (contentLength && parseInt(contentLength, 10) > maxUploadSize) {
+			return apiError("PAYLOAD_TOO_LARGE", "Upload too large", 413);
+		}
+
+		const formData = await request.formData();
+		const fileEntry = formData.get("file");
+		const file = fileEntry instanceof File ? fileEntry : null;
+
+		if (!file) {
+			return apiError("NO_FILE", "No file provided", 400);
+		}
+
+		// Validate file type
+		const allowedTypes = ["image/", "video/", "audio/", "application/pdf"];
+		if (!allowedTypes.some((type) => file.type.startsWith(type))) {
+			return apiError("INVALID_TYPE", "File type not allowed", 400);
+		}
+
+		// Check file size before buffering
+		if (file.size > maxUploadSize) {
+			return apiError(
+				"PAYLOAD_TOO_LARGE",
+				`File exceeds maximum size of ${formatFileSize(maxUploadSize)}`,
+				413,
+			);
+		}
+
+		// Get file content and compute hash
+		const buffer = new Uint8Array(await file.arrayBuffer());
+		const contentHash = await computeContentHash(buffer);
+
+		// Check for existing media with same content hash (deduplication)
+		const repo = new MediaRepository(dineway.db);
+		const existing = await repo.findByContentHash(contentHash);
+		if (existing) {
+			// Same content already exists - return existing item
+			const itemWithUrl = addUrlToMedia(existing);
+			return apiSuccess({ item: itemWithUrl, deduplicated: true });
+		}
+
+		// Generate unique storage key
+		const id = ulid();
+		const ext = path.extname(file.name) || "";
+		const storageKey = `${id}${ext}`;
+
+		// Upload to storage using the configured adapter
+		await dineway.storage.upload({
+			key: storageKey,
+			body: buffer,
+			contentType: file.type,
+		});
+
+		// Get image dimensions from form data (sent by client)
+		const widthEntry = formData.get("width");
+		const widthStr = typeof widthEntry === "string" ? widthEntry : null;
+		const heightEntry = formData.get("height");
+		const heightStr = typeof heightEntry === "string" ? heightEntry : null;
+		const width = widthStr ? parseInt(widthStr, 10) : undefined;
+		const height = heightStr ? parseInt(heightStr, 10) : undefined;
+
+		// Generate placeholder data for images.
+		// If the client sent a thumbnail (small pre-resized image), use that
+		// instead of the full buffer to avoid OOM on memory-constrained runtimes.
+		const thumbnailEntry = formData.get("thumbnail");
+		const thumbnail = thumbnailEntry instanceof File ? thumbnailEntry : null;
+
+		let placeholder: Awaited<ReturnType<typeof generatePlaceholder>> = null;
+		if (file.type.startsWith("image/")) {
+			if (thumbnail) {
+				const thumbBuffer = new Uint8Array(await thumbnail.arrayBuffer());
+				placeholder = await generatePlaceholder(thumbBuffer, thumbnail.type);
+			} else {
+				const clientDims = width && height ? { width, height } : undefined;
+				placeholder = await generatePlaceholder(buffer, file.type, clientDims);
+			}
+		}
+
+		// Create media record
+		const result = await dineway.handleMediaCreate({
+			filename: file.name,
+			mimeType: file.type,
+			size: file.size,
+			width,
+			height,
+			storageKey,
+			contentHash,
+			blurhash: placeholder?.blurhash,
+			dominantColor: placeholder?.dominantColor,
+			authorId: user?.id,
+		});
+
+		if (!result.success) {
+			// Clean up the uploaded file on failure
+			try {
+				await dineway.storage.delete(storageKey);
+			} catch {
+				// Ignore cleanup errors
+			}
+			return unwrapResult(result);
+		}
+
+		// Add URL to the response (relative URL for portability)
+		const itemWithUrl = addUrlToMedia(result.data.item);
+
+		return apiSuccess({ item: itemWithUrl }, 201);
+	} catch (error) {
+		return handleError(error, "Upload failed", "UPLOAD_ERROR");
+	}
+};

package/src/astro/routes/api/menus/[name]/items.ts

@@ -0,0 +1,206 @@
+/**
+ * Menu items CRUD endpoints
+ *
+ * POST   /_dineway/api/menus/:name/items - Add item
+ * PUT    /_dineway/api/menus/:name/items/:id - Update item
+ * DELETE /_dineway/api/menus/:name/items/:id - Delete item
+ */
+
+import type { APIRoute } from "astro";
+import { z } from "zod";
+
+import { requirePerm } from "#api/authorize.js";
+import { handleError, unwrapResult } from "#api/error.js";
+import {
+	handleMenuItemCreate,
+	handleMenuItemDelete,
+	handleMenuItemUpdate,
+} from "#api/handlers/menus.js";
+import {
+	ensureWorkflowHitlRouteRequest,
+	hitlRequiredRouteError,
+	resolveHitlRouteActor,
+} from "#api/hitl-route-helpers.js";
+import { isParseError, parseBody, parseQuery } from "#api/parse.js";
+import {
+	createMenuItemBody,
+	menuItemDeleteQuery,
+	menuItemUpdateQuery,
+	updateMenuItemBody,
+} from "#api/schemas.js";
+import {
+	logMenuActivity,
+	menuApiRouteSource,
+	MenuHitlPayloadBuilder,
+	RiskPolicyEvaluator,
+} from "#site-context/index.js";
+
+export const prerender = false;
+
+const createMenuItemHitlBody = createMenuItemBody.extend({
+	hitlRequestId: z.string().min(1).optional(),
+});
+
+const updateMenuItemHitlBody = updateMenuItemBody.extend({
+	hitlRequestId: z.string().min(1).optional(),
+});
+
+const deleteMenuItemHitlQuery = menuItemDeleteQuery.extend({
+	hitlRequestId: z.string().min(1).optional(),
+});
+
+export const POST: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+	const name = params.name!;
+
+	const denied = requirePerm(user, "menus:manage");
+	if (denied) return denied;
+
+	try {
+		const body = await parseBody(request, createMenuItemHitlBody);
+		if (isParseError(body)) return body;
+
+		const { hitlRequestId, ...menuInput } = body;
+		const actor = resolveHitlRouteActor(locals);
+		const action = await new MenuHitlPayloadBuilder(dineway.db).buildCreateMenuItemRequest({
+			menuName: name,
+			...menuInput,
+		});
+		const decision = await new RiskPolicyEvaluator({
+			db: dineway.db,
+			handlers: dineway,
+		}).evaluateWorkflowHitl({
+			actor: actor.identity,
+			hitlRequestId,
+			action,
+		});
+		if (!decision.allowed) {
+			const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
+			return hitlRequiredRouteError(decision, ensured);
+		}
+
+		const result = await handleMenuItemCreate(dineway.db, name, menuInput);
+		if (!result.success) return unwrapResult(result, 201);
+
+		await logMenuActivity(dineway.db, locals, {
+			action: "item_created",
+			menuName: name,
+			itemId: result.data.id,
+			...menuApiRouteSource("item_created"),
+			summary: `Created menu item ${result.data.id} in ${name}`,
+			detail: {
+				label: result.data.label,
+				hitlRequestId: decision.required ? decision.hitlRequest.id : null,
+			},
+		});
+		return unwrapResult(result, 201);
+	} catch (error) {
+		return handleError(error, "Failed to create menu item", "MENU_ITEM_CREATE_ERROR");
+	}
+};
+
+export const PUT: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+	const name = params.name!;
+
+	const denied = requirePerm(user, "menus:manage");
+	if (denied) return denied;
+
+	const url = new URL(request.url);
+	const query = parseQuery(url, menuItemUpdateQuery);
+	if (isParseError(query)) return query;
+	const itemId = query.id;
+
+	try {
+		const body = await parseBody(request, updateMenuItemHitlBody);
+		if (isParseError(body)) return body;
+
+		const { hitlRequestId, ...menuInput } = body;
+		const actor = resolveHitlRouteActor(locals);
+		const action = await new MenuHitlPayloadBuilder(dineway.db).buildUpdateMenuItemRequest({
+			menuName: name,
+			itemId,
+			...menuInput,
+		});
+		const decision = await new RiskPolicyEvaluator({
+			db: dineway.db,
+			handlers: dineway,
+		}).evaluateWorkflowHitl({
+			actor: actor.identity,
+			hitlRequestId,
+			action,
+		});
+		if (!decision.allowed) {
+			const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
+			return hitlRequiredRouteError(decision, ensured);
+		}
+
+		const result = await handleMenuItemUpdate(dineway.db, name, itemId, menuInput);
+		if (!result.success) return unwrapResult(result);
+
+		await logMenuActivity(dineway.db, locals, {
+			action: "item_updated",
+			menuName: name,
+			itemId,
+			...menuApiRouteSource("item_updated"),
+			summary: `Updated menu item ${itemId} in ${name}`,
+			detail: {
+				label: result.data.label,
+				hitlRequestId: decision.required ? decision.hitlRequest.id : null,
+			},
+		});
+		return unwrapResult(result);
+	} catch (error) {
+		return handleError(error, "Failed to update menu item", "MENU_ITEM_UPDATE_ERROR");
+	}
+};
+
+export const DELETE: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+	const name = params.name!;
+
+	const denied = requirePerm(user, "menus:manage");
+	if (denied) return denied;
+
+	const url = new URL(request.url);
+	const query = parseQuery(url, deleteMenuItemHitlQuery);
+	if (isParseError(query)) return query;
+	const itemId = query.id;
+
+	try {
+		const actor = resolveHitlRouteActor(locals);
+		const action = await new MenuHitlPayloadBuilder(dineway.db).buildDeleteMenuItemRequest({
+			menuName: name,
+			itemId,
+		});
+		const decision = await new RiskPolicyEvaluator({
+			db: dineway.db,
+			handlers: dineway,
+		}).evaluateWorkflowHitl({
+			actor: actor.identity,
+			hitlRequestId: query.hitlRequestId,
+			action,
+		});
+		if (!decision.allowed) {
+			const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
+			return hitlRequiredRouteError(decision, ensured);
+		}
+
+		const result = await handleMenuItemDelete(dineway.db, name, itemId);
+		if (!result.success) return unwrapResult(result);
+
+		await logMenuActivity(dineway.db, locals, {
+			action: "item_deleted",
+			menuName: name,
+			itemId,
+			...menuApiRouteSource("item_deleted"),
+			summary: `Deleted menu item ${itemId} from ${name}`,
+			detail: {
+				hitlRequestId: decision.required ? decision.hitlRequest.id : null,
+			},
+		});
+		return unwrapResult(result);
+	} catch (error) {
+		return handleError(error, "Failed to delete menu item", "MENU_ITEM_DELETE_ERROR");
+	}
+};

package/src/astro/routes/api/menus/[name]/reorder.ts

@@ -0,0 +1,79 @@
+/**
+ * Menu items reorder endpoint
+ *
+ * POST /_dineway/api/menus/:name/reorder - Batch update positions
+ */
+
+import type { APIRoute } from "astro";
+import { z } from "zod";
+
+import { requirePerm } from "#api/authorize.js";
+import { handleError, unwrapResult } from "#api/error.js";
+import { handleMenuItemReorder } from "#api/handlers/menus.js";
+import {
+	ensureWorkflowHitlRouteRequest,
+	hitlRequiredRouteError,
+	resolveHitlRouteActor,
+} from "#api/hitl-route-helpers.js";
+import { isParseError, parseBody } from "#api/parse.js";
+import { reorderMenuItemsBody } from "#api/schemas.js";
+import {
+	logMenuActivity,
+	menuApiRouteSource,
+	MenuHitlPayloadBuilder,
+	RiskPolicyEvaluator,
+} from "#site-context/index.js";
+
+export const prerender = false;
+
+const reorderMenuItemsHitlBody = reorderMenuItemsBody.extend({
+	hitlRequestId: z.string().min(1).optional(),
+});
+
+export const POST: APIRoute = async ({ params, request, locals }) => {
+	const { dineway, user } = locals;
+	const name = params.name!;
+
+	const denied = requirePerm(user, "menus:manage");
+	if (denied) return denied;
+
+	try {
+		const body = await parseBody(request, reorderMenuItemsHitlBody);
+		if (isParseError(body)) return body;
+
+		const actor = resolveHitlRouteActor(locals);
+		const action = await new MenuHitlPayloadBuilder(dineway.db).buildReorderMenuItemsRequest({
+			menuName: name,
+			items: body.items,
+		});
+		const decision = await new RiskPolicyEvaluator({
+			db: dineway.db,
+			handlers: dineway,
+		}).evaluateWorkflowHitl({
+			actor: actor.identity,
+			hitlRequestId: body.hitlRequestId,
+			action,
+		});
+		if (!decision.allowed) {
+			const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
+			return hitlRequiredRouteError(decision, ensured);
+		}
+
+		const result = await handleMenuItemReorder(dineway.db, name, body.items);
+		if (!result.success) return unwrapResult(result);
+
+		await logMenuActivity(dineway.db, locals, {
+			action: "reordered",
+			menuName: name,
+			...menuApiRouteSource("reordered"),
+			summary: `Reordered menu ${name}`,
+			detail: {
+				itemCount: body.items.length,
+				hitlRequestId: decision.required ? decision.hitlRequest.id : null,
+			},
+		});
+		return unwrapResult(result);
+	} catch (error) {
+		return handleError(error, "Failed to reorder menu items", "MENU_REORDER_ERROR");
+	}
+};