dineway 0.1.4 → 0.1.5

package/src/astro/routes/api/content/[collection]/[id]/schedule.ts

@@ -11,6 +11,11 @@ import { requireOwnerPerm } from "#api/authorize.js";
 import { apiError, mapErrorStatus, unwrapResult } from "#api/error.js";
 import { parseBody, isParseError } from "#api/parse.js";
 import { contentScheduleBody } from "#api/schemas.js";
+import {
+	contentApiRouteSource,
+	extractActivityItemId,
+	logContentActivity,
+} from "#site-context/activity-events.js";
 
 export const prerender = false;
 
@@ -69,6 +74,17 @@ export const POST: APIRoute = async ({ params, request, locals, cache }) => {
 
 	if (cache.enabled) await cache.invalidate({ tags: [collection, resolvedId ?? id] });
 
+	await logContentActivity(dineway.db, locals, {
+		action: "scheduled",
+		collection,
+		entryId: extractActivityItemId(result.data, resolvedId ?? id),
+		...contentApiRouteSource("scheduled"),
+		summary: `Scheduled content in ${collection}`,
+		detail: {
+			scheduledAt: body.scheduledAt,
+		},
+	});
+
 	return unwrapResult(result);
 };
 
@@ -101,5 +117,13 @@ export const DELETE: APIRoute = async ({ params, locals, cache }) => {
 
 	if (cache.enabled) await cache.invalidate({ tags: [collection, resolvedId ?? id] });
 
+	await logContentActivity(dineway.db, locals, {
+		action: "unscheduled",
+		collection,
+		entryId: extractActivityItemId(result.data, resolvedId ?? id),
+		...contentApiRouteSource("unscheduled"),
+		summary: `Unscheduled content in ${collection}`,
+	});
+
 	return unwrapResult(result);
 };

package/src/astro/routes/api/content/[collection]/[id]/terms/[taxonomy].ts

@@ -12,6 +12,7 @@ import { apiError, apiSuccess, handleError, requireDb } from "#api/error.js";
 import { parseBody, isParseError } from "#api/parse.js";
 import { contentTermsBody } from "#api/schemas.js";
 import { TaxonomyRepository } from "#db/repositories/taxonomy.js";
+import { invalidateTermCache } from "#taxonomies/index.js";
 
 export const prerender = false;
 
@@ -122,6 +123,8 @@ export const POST: APIRoute = async ({ params, request, locals }) => {
 		// Set the terms (replaces existing)
 		await repo.setTermsForEntry(collection, id, taxonomy, termIds);
 
+		invalidateTermCache();
+
 		// Get the updated terms
 		const terms = await repo.getTermsForEntry(collection, id, taxonomy);
 

package/src/astro/routes/api/content/[collection]/[id]/translations.ts

@@ -6,6 +6,7 @@
  * Returns all locale variants linked to the same translation group.
  */
 
+import { hasPermission } from "@dineway-ai/auth";
 import type { APIRoute } from "astro";
 
 import { requirePerm } from "#api/authorize.js";
@@ -13,6 +14,12 @@ import { apiError, unwrapResult } from "#api/error.js";
 
 export const prerender = false;
 
+function isPublishedTranslation(value: unknown): boolean {
+	return (
+		typeof value === "object" && value !== null && "status" in value && value.status === "published"
+	);
+}
+
 export const GET: APIRoute = async ({ params, locals }) => {
 	const { dineway, user } = locals;
 	const denied = requirePerm(user, "content:read");
@@ -26,5 +33,18 @@ export const GET: APIRoute = async ({ params, locals }) => {
 
 	const result = await dineway.handleContentTranslations(collection, id);
 
+	if (result.success && !hasPermission(user, "content:read_drafts")) {
+		const data = result.data && typeof result.data === "object" ? result.data : {};
+		const translations =
+			"translations" in data && Array.isArray(data.translations) ? data.translations : [];
+		return unwrapResult({
+			success: true,
+			data: {
+				...data,
+				translations: translations.filter(isPublishedTranslation),
+			},
+		});
+	}
+
 	return unwrapResult(result);
 };

package/src/astro/routes/api/content/[collection]/[id]/unpublish.ts

@@ -8,6 +8,11 @@ import type { APIRoute } from "astro";
 
 import { requireOwnerPerm } from "#api/authorize.js";
 import { apiError, mapErrorStatus, unwrapResult } from "#api/error.js";
+import {
+	contentApiRouteSource,
+	extractActivityItemId,
+	logContentActivity,
+} from "#site-context/activity-events.js";
 
 export const prerender = false;
 
@@ -52,5 +57,13 @@ export const POST: APIRoute = async ({ params, locals, cache }) => {
 
 	if (cache.enabled) await cache.invalidate({ tags: [collection, resolvedId] });
 
+	await logContentActivity(dineway.db, locals, {
+		action: "unpublished",
+		collection,
+		entryId: extractActivityItemId(result.data, resolvedId),
+		...contentApiRouteSource("unpublished"),
+		summary: `Unpublished content in ${collection}`,
+	});
+
 	return unwrapResult(result);
 };

package/src/astro/routes/api/content/[collection]/[id].ts

@@ -13,6 +13,12 @@ import { requirePerm, requireOwnerPerm } from "#api/authorize.js";
 import { apiError, mapErrorStatus, unwrapResult } from "#api/error.js";
 import { parseBody, isParseError } from "#api/parse.js";
 import { contentUpdateBody } from "#api/schemas.js";
+import {
+	activityChangedKeys,
+	contentApiRouteSource,
+	extractActivityItemId,
+	logContentActivity,
+} from "#site-context/activity-events.js";
 
 export const prerender = false;
 
@@ -30,6 +36,14 @@ export const GET: APIRoute = async ({ params, url, locals }) => {
 
 	const result = await dineway.handleContentGet(collection, id, locale);
 
+	if (result.success && !hasPermission(user, "content:read_drafts")) {
+		const item = result.data?.item;
+		const status = item && typeof item === "object" && "status" in item ? item.status : undefined;
+		if (status !== "published") {
+			return apiError("NOT_FOUND", "Content not found", 404);
+		}
+	}
+
 	return unwrapResult(result);
 };
 
@@ -87,6 +101,20 @@ export const PUT: APIRoute = async ({ params, request, locals, cache }) => {
 
 	if (cache.enabled) await cache.invalidate({ tags: [collection, resolvedId] });
 
+	await logContentActivity(dineway.db, locals, {
+		action: "updated",
+		collection,
+		entryId: extractActivityItemId(result.data, resolvedId),
+		...contentApiRouteSource("updated"),
+		summary: `Updated content in ${collection}`,
+		detail: {
+			changedFields: activityChangedKeys(body.data),
+			status: body.status ?? null,
+			slugChanged: body.slug !== undefined,
+			authorChanged: canChangeAuthor,
+		},
+	});
+
 	return unwrapResult(result);
 };
 
@@ -133,5 +161,13 @@ export const DELETE: APIRoute = async ({ params, locals, cache }) => {
 
 	if (cache.enabled) await cache.invalidate({ tags: [collection, resolvedId] });
 
+	await logContentActivity(dineway.db, locals, {
+		action: "deleted",
+		collection,
+		entryId: resolvedId,
+		...contentApiRouteSource("deleted"),
+		summary: `Deleted content in ${collection}`,
+	});
+
 	return unwrapResult(result);
 };

package/src/astro/routes/api/content/[collection]/index.ts

@@ -5,12 +5,18 @@
  * POST /_dineway/api/content/{collection} - Create content
  */
 
+import { hasPermission } from "@dineway-ai/auth";
 import type { APIRoute } from "astro";
 
-import { requirePerm } from "#api/authorize.js";
-import { apiError, unwrapResult } from "#api/error.js";
+import { requirePerm, requireOwnerPerm } from "#api/authorize.js";
+import { apiError, mapErrorStatus, unwrapResult } from "#api/error.js";
 import { parseBody, parseQuery, isParseError } from "#api/parse.js";
 import { contentListQuery, contentCreateBody } from "#api/schemas.js";
+import {
+	contentApiRouteSource,
+	extractActivityItemId,
+	logContentActivity,
+} from "#site-context/activity-events.js";
 
 export const prerender = false;
 
@@ -26,7 +32,11 @@ export const GET: APIRoute = async ({ params, url, locals }) => {
 		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
 	}
 
-	const result = await dineway.handleContentList(collection, query);
+	const listQuery = hasPermission(user, "content:read_drafts")
+		? query
+		: { ...query, status: "published" };
+
+	const result = await dineway.handleContentList(collection, listQuery);
 
 	return unwrapResult(result);
 };
@@ -39,10 +49,31 @@ export const POST: APIRoute = async ({ params, request, locals, cache }) => {
 	const body = await parseBody(request, contentCreateBody);
 	if (isParseError(body)) return body;
 
-	if (!dineway?.handleContentCreate) {
+	if (!dineway?.handleContentCreate || (body.translationOf && !dineway?.handleContentGet)) {
 		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
 	}
 
+	if (body.translationOf && dineway.handleContentGet) {
+		const source = await dineway.handleContentGet(collection, body.translationOf);
+		if (!source.success) {
+			return apiError(
+				source.error?.code ?? "NOT_FOUND",
+				source.error?.message ?? "Translation source not found",
+				mapErrorStatus(source.error?.code),
+			);
+		}
+
+		const sourceAuthorId =
+			typeof source.data?.item.authorId === "string" ? source.data.item.authorId : "";
+		const translationDenied = requireOwnerPerm(
+			user,
+			sourceAuthorId,
+			"content:edit_own",
+			"content:edit_any",
+		);
+		if (translationDenied) return translationDenied;
+	}
+
 	// Auto-set authorId to current user when creating content
 	const result = await dineway.handleContentCreate(collection, {
 		...body,
@@ -55,5 +86,18 @@ export const POST: APIRoute = async ({ params, request, locals, cache }) => {
 
 	if (cache.enabled) await cache.invalidate({ tags: [collection] });
 
+	await logContentActivity(dineway.db, locals, {
+		action: "created",
+		collection,
+		entryId: extractActivityItemId(result.data),
+		...contentApiRouteSource("created"),
+		summary: `Created content in ${collection}`,
+		detail: {
+			status: body.status ?? "draft",
+			locale: body.locale ?? null,
+			translationOf: body.translationOf ?? null,
+		},
+	});
+
 	return unwrapResult(result, 201);
 };

package/src/astro/routes/api/content/[collection]/trash.ts

@@ -17,7 +17,7 @@ export const GET: APIRoute = async ({ params, url, locals }) => {
 	const { dineway, user } = locals;
 	const collection = params.collection!;
 
-	const denied = requirePerm(user, "content:read");
+	const denied = requirePerm(user, "content:read_drafts");
 	if (denied) return denied;
 
 	if (!dineway?.handleContentListTrashed) {

package/src/astro/routes/api/health.ts

@@ -0,0 +1,54 @@
+import type { APIRoute } from "astro";
+import { sql } from "kysely";
+
+import { VERSION } from "../../../version.js";
+
+export const prerender = false;
+
+interface HealthResponse {
+	status: "ok" | "error";
+	version: string;
+	database?: "connected" | "disconnected";
+}
+
+export const GET: APIRoute = async ({ locals, url }) => {
+	const check = url.searchParams.get("check");
+
+	if (check !== "ready") {
+		return Response.json({
+			status: "ok",
+			version: VERSION,
+		} satisfies HealthResponse);
+	}
+
+	try {
+		const { dineway } = locals;
+		if (!dineway?.db) {
+			return Response.json(
+				{
+					status: "error",
+					version: VERSION,
+					database: "disconnected",
+				} satisfies HealthResponse,
+				{ status: 503 },
+			);
+		}
+
+		await sql`select 1`.execute(dineway.db);
+
+		return Response.json({
+			status: "ok",
+			version: VERSION,
+			database: "connected",
+		} satisfies HealthResponse);
+	} catch {
+		return Response.json(
+			{
+				status: "error",
+				version: VERSION,
+				database: "disconnected",
+			} satisfies HealthResponse,
+			{ status: 503 },
+		);
+	}
+};

package/src/astro/routes/api/import/wordpress/analyze.ts

@@ -13,14 +13,12 @@ import mime from "mime/lite";
 
 import { requirePerm } from "#api/authorize.js";
 import { apiError, apiSuccess, handleError } from "#api/error.js";
-import { RESERVED_COLLECTION_SLUGS } from "#schema/types.js";
+import { sanitizeWordPressImportSlug } from "#import/wordpress-slugs.js";
 import type { DinewayHandlers } from "#types";
 
 export const prerender = false;
 
 const NUMERIC_PATTERN = /^-?\d+(\.\d+)?$/;
-const INVALID_SLUG_CHARS = /[^a-z0-9_]/g;
-const LEADING_NON_ALPHA = /^[^a-z]+/;
 
 /** Field compatibility status */
 export type FieldCompatibility =
@@ -457,13 +455,7 @@ function isInternalMetaKey(key: string): boolean {
 }
 
 function sanitizeSlug(slug: string): string {
-	const sanitized = slug
-		.toLowerCase()
-		.replace(INVALID_SLUG_CHARS, "_")
-		.replace(LEADING_NON_ALPHA, "");
-	if (!sanitized) return "imported";
-	if (RESERVED_COLLECTION_SLUGS.includes(sanitized)) return `wp_${sanitized}`;
-	return sanitized;
+	return sanitizeWordPressImportSlug(slug);
 }
 
 function mapPostTypeToCollection(postType: string): string {

package/src/astro/routes/api/import/wordpress/execute.ts

@@ -18,13 +18,18 @@ import {
 
 import { requirePerm } from "#api/authorize.js";
 import { apiError, apiSuccess, handleError } from "#api/error.js";
+import {
+	ensureWorkflowHitlRouteRequest,
+	hitlRequiredRouteError,
+	resolveHitlRouteActor,
+} from "#api/hitl-route-helpers.js";
 import { BylineRepository } from "#db/repositories/byline.js";
 import { resolveImportByline } from "#import/utils.js";
+import { sanitizeWordPressImportSlug } from "#import/wordpress-slugs.js";
+import { RiskPolicyEvaluator, WordPressImportHitlPayloadBuilder } from "#site-context/index.js";
 import type { DinewayHandlers, DinewayManifest } from "#types";
 import { slugify } from "#utils/slugify.js";
 
-import { sanitizeSlug } from "./analyze.js";
-
 export const prerender = false;
 
 export interface ImportConfig {
@@ -75,6 +80,11 @@ export const POST: APIRoute = async ({ request, locals }) => {
 		const file = fileEntry instanceof File ? fileEntry : null;
 		const configEntry = formData.get("config");
 		const configJson = typeof configEntry === "string" ? configEntry : null;
+		const hitlRequestEntry = formData.get("hitlRequestId");
+		const hitlRequestId =
+			typeof hitlRequestEntry === "string" && hitlRequestEntry.length > 0
+				? hitlRequestEntry
+				: undefined;
 
 		if (!file) {
 			return apiError("VALIDATION_ERROR", "No file provided", 400);
@@ -85,9 +95,33 @@ export const POST: APIRoute = async ({ request, locals }) => {
 		}
 
 		const config: ImportConfig = JSON.parse(configJson);
+		const actor = resolveHitlRouteActor(locals);
+		const evaluator = new RiskPolicyEvaluator({
+			db: dineway.db,
+			handlers: dineway,
+		});
+		let text: string;
+		if (evaluator.requiresWorkflowHitl(actor.identity)) {
+			const fileBuffer = await file.arrayBuffer();
+			const action = await new WordPressImportHitlPayloadBuilder().buildExecuteRequest({
+				fileName: file.name,
+				fileBuffer,
+				config,
+			});
+			const decision = await evaluator.evaluateWorkflowHitl({
+				actor: actor.identity,
+				hitlRequestId,
+				action,
+			});
+			if (!decision.allowed) {
+				const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
+				return hitlRequiredRouteError(decision, ensured);
+			}
+			text = new TextDecoder().decode(fileBuffer);
+		} else {
+			text = await file.text();
+		}
 
-		// Parse WXR
-		const text = await file.text();
 		const wxr = await parseWxrString(text);
 
 		// Build attachment ID -> URL map for featured images
@@ -170,7 +204,7 @@ async function importContent(
 
 		// Defensive: mapping.collection is already sanitized by prepare, but the user
 		// could manually edit the import config between prepare and execute.
-		const collection = sanitizeSlug(mapping.collection);
+		const collection = sanitizeWordPressImportSlug(mapping.collection);
 
 		// Check if collection exists in manifest
 		if (!manifest?.collections[collection]) {
@@ -271,7 +305,7 @@ async function importContent(
 			console.error(`Import error for "${post.title || "Untitled"}":`, error);
 			result.errors.push({
 				title: post.title || "Untitled",
-				error: "Failed to import item",
+				error: error instanceof Error && error.message ? error.message : "Failed to import item",
 			});
 		}
 	}

package/src/astro/routes/api/import/wordpress/prepare.ts

@@ -8,15 +8,23 @@
  */
 
 import type { APIRoute } from "astro";
+import { z } from "zod";
 
 import { requirePerm } from "#api/authorize.js";
 import { apiError, apiSuccess, handleError } from "#api/error.js";
+import {
+	ensureWorkflowHitlRouteRequest,
+	hitlRequiredRouteError,
+	resolveHitlRouteActor,
+} from "#api/hitl-route-helpers.js";
 import { isParseError, parseBody } from "#api/parse.js";
 import { wpPrepareBody } from "#api/schemas.js";
+import { sanitizeWordPressImportSlug } from "#import/wordpress-slugs.js";
 import { FIELD_TYPES, type FieldType } from "#schema/types.js";
+import { RiskPolicyEvaluator, WordPressImportHitlPayloadBuilder } from "#site-context/index.js";
 import type { DinewayHandlers } from "#types";
 
-import { capitalize, sanitizeSlug, singularize, type ImportFieldDef } from "./analyze.js";
+import { capitalize, singularize, type ImportFieldDef } from "./analyze.js";
 
 /** Validate that a string is a known FieldType, returning undefined if not */
 function asFieldType(value: string): FieldType | undefined {
@@ -26,6 +34,10 @@ function asFieldType(value: string): FieldType | undefined {
 
 export const prerender = false;
 
+const prepareBodySchema = wpPrepareBody.extend({
+	hitlRequestId: z.string().min(1).optional(),
+});
+
 interface PrepareRequest {
 	postTypes: Array<{
 		name: string;
@@ -52,11 +64,30 @@ export const POST: APIRoute = async ({ request, locals }) => {
 	if (denied) return denied;
 
 	try {
-		const body = await parseBody(request, wpPrepareBody);
+		const body = await parseBody(request, prepareBodySchema);
 		if (isParseError(body)) return body;
 
-		// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- Zod schema output narrowed to PrepareRequest
-		const result = await prepareImport(dineway.db, body as PrepareRequest);
+		const actor = resolveHitlRouteActor(locals);
+		const evaluator = new RiskPolicyEvaluator({
+			db: dineway.db,
+			handlers: dineway,
+		});
+		const action = await new WordPressImportHitlPayloadBuilder().buildPrepareRequest({
+			postTypes: body.postTypes,
+		});
+		const decision = await evaluator.evaluateWorkflowHitl({
+			actor: actor.identity,
+			hitlRequestId: body.hitlRequestId,
+			action,
+		});
+		if (!decision.allowed) {
+			const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
+			return hitlRequiredRouteError(decision, ensured);
+		}
+
+		const result = await prepareImport(dineway.db, {
+			postTypes: body.postTypes,
+		});
 
 		return apiSuccess(result, result.success ? 200 : 400);
 	} catch (error) {
@@ -79,7 +110,7 @@ async function prepareImport(
 	};
 
 	for (const postType of request.postTypes) {
-		const collectionSlug = sanitizeSlug(postType.collection);
+		const collectionSlug = sanitizeWordPressImportSlug(postType.collection);
 
 		try {
 			// Check if collection exists

package/src/astro/routes/api/import/wordpress/rewrite-urls.ts

@@ -12,17 +12,29 @@
 
 import type { APIRoute } from "astro";
 import { sql } from "kysely";
+import { z } from "zod";
 
 import { requirePerm } from "#api/authorize.js";
 import { apiError, apiSuccess, handleError } from "#api/error.js";
+import {
+	ensureWorkflowHitlRouteRequest,
+	hitlRequiredRouteError,
+	resolveHitlRouteActor,
+} from "#api/hitl-route-helpers.js";
 import { isParseError, parseBody } from "#api/parse.js";
 import { wpRewriteUrlsBody } from "#api/schemas.js";
+import { validateIdentifier } from "#db/validate.js";
 import { normalizeMediaValue } from "#media/normalize.js";
 import type { MediaProvider } from "#media/types.js";
+import { RiskPolicyEvaluator, WordPressImportHitlPayloadBuilder } from "#site-context/index.js";
 import type { DinewayHandlers } from "#types";
 
 export const prerender = false;
 
+const rewriteUrlsBodySchema = wpRewriteUrlsBody.extend({
+	hitlRequestId: z.string().min(1).optional(),
+});
+
 const REGEX_SPECIAL_CHARS = /[.*+?^${}()|[\]\\]/g;
 
 export interface RewriteUrlsResult {
@@ -47,7 +59,7 @@ export const POST: APIRoute = async ({ request, locals }) => {
 	if (denied) return denied;
 
 	try {
-		const body = await parseBody(request, wpRewriteUrlsBody);
+		const body = await parseBody(request, rewriteUrlsBodySchema);
 		if (isParseError(body)) return body;
 
 		const urlEntries = Object.entries(body.urlMap);
@@ -60,6 +72,25 @@ export const POST: APIRoute = async ({ request, locals }) => {
 			});
 		}
 
+		const actor = resolveHitlRouteActor(locals);
+		const evaluator = new RiskPolicyEvaluator({
+			db: dineway.db,
+			handlers: dineway,
+		});
+		const action = await new WordPressImportHitlPayloadBuilder().buildRewriteUrlsRequest({
+			urlMap: body.urlMap,
+			collections: body.collections,
+		});
+		const decision = await evaluator.evaluateWorkflowHitl({
+			actor: actor.identity,
+			hitlRequestId: body.hitlRequestId,
+			action,
+		});
+		if (!decision.allowed) {
+			const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
+			return hitlRequiredRouteError(decision, ensured);
+		}
+
 		const getProvider = (id: string) => dineway.getMediaProvider(id);
 		const result = await rewriteUrls(dineway.db, body.urlMap, getProvider, body.collections);
 
@@ -280,6 +311,7 @@ async function rewriteUrls(
 			continue;
 
 		// Get table name
+		validateIdentifier(collection.slug, "collection slug");
 		const tableName = `ec_${collection.slug}`;
 
 		try {

package/src/astro/routes/api/import/wordpress-plugin/analyze.ts

@@ -15,7 +15,7 @@ import { apiError, apiSuccess, handleError } from "#api/error.js";
 import { isParseError, parseBody } from "#api/parse.js";
 import { wpPluginAnalyzeBody } from "#api/schemas.js";
 import { getSource } from "#import/index.js";
-import { validateExternalUrl, SsrfError } from "#import/ssrf.js";
+import { resolveAndValidateExternalUrl, SsrfError } from "#import/ssrf.js";
 import type { ImportAnalysis } from "#import/types.js";
 import type { DinewayHandlers } from "#types";
 
@@ -37,9 +37,9 @@ export const POST: APIRoute = async ({ request, locals }) => {
 		const body = await parseBody(request, wpPluginAnalyzeBody);
 		if (isParseError(body)) return body;
 
-		// SSRF: reject internal/private network targets
+		// SSRF: reject internal/private network targets before import work starts.
 		try {
-			validateExternalUrl(body.url);
+			await resolveAndValidateExternalUrl(body.url);
 		} catch (e) {
 			const msg = e instanceof SsrfError ? e.message : "Invalid URL";
 			return apiError("SSRF_BLOCKED", msg, 400);