dineway 0.1.9 → 0.1.11

package/src/astro/routes/api/admin/hitl-requests/[id]/resolve.ts

@@ -1,54 +0,0 @@
-/**
- * Admin HITL request resolution
- *
- * POST /_dineway/api/admin/hitl-requests/:id/resolve - Approve or reject a generic HITL request
- */
-
-import { Role } from "@dineway-ai/auth";
-import type { APIRoute } from "astro";
-
-import { apiError, handleError, requireDb, unwrapResult } from "#api/error.js";
-import { handleHitlRequestResolve } from "#api/handlers/hitl-requests.js";
-import { logHitlRouteActivity, resolveHitlRouteActor } from "#api/hitl-route-helpers.js";
-import { isParseError, parseBody } from "#api/parse.js";
-import { hitlRequestResolveBody } from "#api/schemas.js";
-
-export const prerender = false;
-
-export const POST: APIRoute = async ({ params, request, locals }) => {
-	const { dineway, user } = locals;
-	const { id } = params;
-
-	if (!id) {
-		return apiError("VALIDATION_ERROR", "HITL request ID required", 400);
-	}
-
-	const dbErr = requireDb(dineway?.db);
-	if (dbErr) return dbErr;
-
-	if (!user || user.role < Role.ADMIN) {
-		return apiError("FORBIDDEN", "Admin privileges required", 403);
-	}
-
-	try {
-		const body = await parseBody(request, hitlRequestResolveBody);
-		if (isParseError(body)) return body;
-
-		const actor = resolveHitlRouteActor(locals);
-		const result = await handleHitlRequestResolve(dineway.db, id, {
-			decision: body.decision,
-			reviewNote: body.reviewNote,
-			actor: actor.access,
-		});
-		if (!result.success) return unwrapResult(result);
-
-		await logHitlRouteActivity(dineway.db, locals, {
-			actionType: body.decision === "approved" ? "hitl.approved" : "hitl.rejected",
-			item: result.data.item,
-		});
-
-		return unwrapResult(result);
-	} catch (error) {
-		return handleError(error, "Failed to resolve HITL request", "WORKFLOW_HITL_RESOLVE_ERROR");
-	}
-};

package/src/astro/routes/api/admin/hitl-requests/index.ts

@@ -1,38 +0,0 @@
-/**
- * Admin HITL requests
- *
- * GET /_dineway/api/admin/hitl-requests - List generic HITL requests
- */
-
-import { Role } from "@dineway-ai/auth";
-import type { APIRoute } from "astro";
-
-import { apiError, handleError, requireDb, unwrapResult } from "#api/error.js";
-import { handleHitlRequestList } from "#api/handlers/hitl-requests.js";
-import { resolveHitlRouteActor } from "#api/hitl-route-helpers.js";
-import { isParseError, parseQuery } from "#api/parse.js";
-import { hitlRequestListQuery } from "#api/schemas.js";
-
-export const prerender = false;
-
-export const GET: APIRoute = async ({ url, locals }) => {
-	const { dineway, user } = locals;
-
-	const dbErr = requireDb(dineway?.db);
-	if (dbErr) return dbErr;
-
-	if (!user || user.role < Role.ADMIN) {
-		return apiError("FORBIDDEN", "Admin privileges required", 403);
-	}
-
-	try {
-		const query = parseQuery(url, hitlRequestListQuery);
-		if (isParseError(query)) return query;
-
-		const actor = resolveHitlRouteActor(locals);
-		const result = await handleHitlRequestList(dineway.db, actor.access, query);
-		return unwrapResult(result);
-	} catch (error) {
-		return handleError(error, "Failed to list HITL requests", "WORKFLOW_HITL_LIST_ERROR");
-	}
-};

package/src/astro/routes/api/admin/hooks/exclusive/[hookName].ts

@@ -1,132 +0,0 @@
-/**
- * Exclusive hook selection endpoint
- *
- * PUT /_dineway/api/admin/hooks/exclusive/:hookName
- *
- * Sets or clears the selected provider for an exclusive hook.
- * Body: { pluginId: string | null }
- * Requires settings:manage permission.
- */
-
-import type { APIRoute } from "astro";
-import { z } from "zod";
-
-import { requirePerm } from "#api/authorize.js";
-import { apiError, apiSuccess, handleError } from "#api/error.js";
-import {
-	ensureWorkflowHitlRouteRequest,
-	hitlRequiredRouteError,
-	resolveHitlRouteActor,
-} from "#api/hitl-route-helpers.js";
-import { isParseError, parseBody } from "#api/parse.js";
-import {
-	ExclusiveHookHitlPayloadBuilder,
-	exclusiveHookApiRouteSource,
-	logExclusiveHookActivity,
-	RiskPolicyEvaluator,
-} from "#site-context/index.js";
-
-export const prerender = false;
-
-/** Hook name format: namespace:action (e.g., "content:beforeSave") */
-const HOOK_NAME_RE = /^[a-z]+:[a-zA-Z]+$/;
-
-const setSelectionSchema = z.object({
-	pluginId: z.string().min(1).nullable(),
-	hitlRequestId: z.string().min(1).optional(),
-});
-
-export const PUT: APIRoute = async ({ params, request, locals }) => {
-	const { dineway, user } = locals;
-
-	if (!dineway?.db) {
-		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
-	}
-
-	const denied = requirePerm(user, "settings:manage");
-	if (denied) return denied;
-
-	const hookName = params.hookName;
-	if (!hookName) {
-		return apiError("VALIDATION_ERROR", "Hook name is required", 400);
-	}
-
-	// Validate hook name format: must be namespace:action (e.g., "content:beforeSave")
-	if (!HOOK_NAME_RE.test(hookName)) {
-		return apiError("VALIDATION_ERROR", "Invalid hook name format", 400);
-	}
-
-	try {
-		const pipeline = dineway.hooks;
-
-		// Verify this is actually an exclusive hook
-		if (!pipeline.isExclusiveHook(hookName)) {
-			return apiError("NOT_FOUND", `Hook '${hookName}' is not a registered exclusive hook`, 404);
-		}
-
-		const body = await parseBody(request, setSelectionSchema);
-		if (isParseError(body)) return body;
-		const providers = pipeline
-			.getExclusiveHookProviders(hookName)
-			.map((provider: { pluginId: string; pluginName?: string }) => ({
-				pluginId: provider.pluginId,
-				pluginName: provider.pluginName ?? provider.pluginId,
-			}));
-		if (body.pluginId !== null) {
-			const isValidProvider = providers.some((provider) => provider.pluginId === body.pluginId);
-			if (!isValidProvider) {
-				return apiError(
-					"VALIDATION_ERROR",
-					`Plugin '${body.pluginId}' is not a provider for hook '${hookName}'`,
-					400,
-				);
-			}
-		}
-
-		const previousPluginId = await pipeline.getExclusiveHookSelection(hookName);
-		const actor = resolveHitlRouteActor(locals);
-		const evaluator = new RiskPolicyEvaluator({
-			db: dineway.db,
-			handlers: dineway,
-		});
-		let approvedHitlRequestId: string | null = null;
-
-		if (evaluator.requiresWorkflowHitl(actor.identity)) {
-			const action = await new ExclusiveHookHitlPayloadBuilder().buildSetSelectionRequest({
-				hookName,
-				currentPluginId: previousPluginId,
-				requestedPluginId: body.pluginId,
-				providers,
-			});
-			const decision = await evaluator.evaluateWorkflowHitl({
-				actor: actor.identity,
-				hitlRequestId: body.hitlRequestId,
-				action,
-			});
-			if (!decision.allowed) {
-				const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
-				return hitlRequiredRouteError(decision, ensured);
-			}
-			approvedHitlRequestId = decision.hitlRequest.id;
-		}
-
-		await pipeline.setExclusiveHookSelection(hookName, body.pluginId);
-		await logExclusiveHookActivity(dineway.db, locals, {
-			action: "updated",
-			hookName,
-			previousPluginId,
-			selectedPluginId: body.pluginId,
-			...exclusiveHookApiRouteSource("updated"),
-			detail: {
-				hitlRequestId: approvedHitlRequestId,
-			},
-		});
-
-		return apiSuccess({
-			hookName,
-			selectedPluginId: body.pluginId,
-		});
-	} catch (error) {
-		return handleError(error, "Failed to set exclusive hook selection", "EXCLUSIVE_HOOK_SET_ERROR");
-	}
-};

package/src/astro/routes/api/admin/hooks/exclusive/index.ts

@@ -1,51 +0,0 @@
-/**
- * Exclusive hooks list endpoint
- *
- * GET /_dineway/api/admin/hooks/exclusive
- *
- * Lists all exclusive hooks with their providers and current selections.
- * Requires admin role.
- */
-
-import type { APIRoute } from "astro";
-
-import { requirePerm } from "#api/authorize.js";
-import { apiError, apiSuccess, handleError } from "#api/error.js";
-import { OptionsRepository } from "#db/repositories/options.js";
-
-export const prerender = false;
-
-export const GET: APIRoute = async ({ locals }) => {
-	const { dineway, user } = locals;
-
-	if (!dineway?.db) {
-		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
-	}
-
-	const denied = requirePerm(user, "settings:manage");
-	if (denied) return denied;
-
-	try {
-		const pipeline = dineway.hooks;
-		const exclusiveHookNames = pipeline.getRegisteredExclusiveHooks();
-		const optionsRepo = new OptionsRepository(dineway.db);
-
-		const hooks = [];
-		for (const hookName of exclusiveHookNames) {
-			const providers = pipeline.getExclusiveHookProviders(hookName);
-			const selection = await optionsRepo.get<string>(`dineway:exclusive_hook:${hookName}`);
-
-			hooks.push({
-				hookName,
-				providers: providers.map((provider: { pluginId: string }) => ({
-					pluginId: provider.pluginId,
-				})),
-				selectedPluginId: selection,
-			});
-		}
-
-		return apiSuccess({ items: hooks });
-	} catch (error) {
-		return handleError(error, "Failed to list exclusive hooks", "EXCLUSIVE_HOOKS_LIST_ERROR");
-	}
-};

package/src/astro/routes/api/admin/oauth-clients/[id].ts

@@ -1,137 +0,0 @@
-/**
- * Single OAuth client endpoints
- *
- * GET    /_dineway/api/admin/oauth-clients/:id — Get a client
- * PUT    /_dineway/api/admin/oauth-clients/:id — Update a client
- * DELETE /_dineway/api/admin/oauth-clients/:id — Delete a client
- */
-
-import { Role } from "@dineway-ai/auth";
-import type { APIRoute } from "astro";
-import { z } from "zod";
-
-import { rejectApiTokenAuthControlWrite } from "#api/auth-control-guard.js";
-import { apiError, handleError, unwrapResult } from "#api/error.js";
-import {
-	handleOAuthClientDelete,
-	handleOAuthClientGet,
-	handleOAuthClientUpdate,
-} from "#api/handlers/oauth-clients.js";
-import { isParseError, parseBody } from "#api/parse.js";
-import { ALL_VALID_SCOPES } from "#auth/api-tokens.js";
-import {
-	disabledExperimentalSiteContextWorkflowScopes,
-	getExperimentalSiteContextWorkflowScopesDisabledMessage,
-} from "#site-context/experimental-workflows.js";
-
-export const prerender = false;
-
-const updateClientSchema = z.object({
-	name: z.string().min(1).max(255).optional(),
-	redirectUris: z
-		.array(z.string().url("Each redirect URI must be a valid URL"))
-		.min(1, "At least one redirect URI is required")
-		.optional(),
-	scopes: z.array(z.enum(ALL_VALID_SCOPES)).nullable().optional(),
-});
-
-/**
- * Get a single OAuth client.
- */
-export const GET: APIRoute = async ({ params, locals }) => {
-	const { dineway, user } = locals;
-
-	if (!dineway?.db) {
-		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
-	}
-
-	if (!user || user.role < Role.ADMIN) {
-		return apiError("FORBIDDEN", "Admin privileges required", 403);
-	}
-
-	const credentialGuard = rejectApiTokenAuthControlWrite(locals, "oauth_clients");
-	if (credentialGuard) return credentialGuard;
-
-	const clientId = params.id;
-	if (!clientId) {
-		return apiError("VALIDATION_ERROR", "Client ID is required", 400);
-	}
-
-	const result = await handleOAuthClientGet(dineway.db, clientId);
-	return unwrapResult(result);
-};
-
-/**
- * Update an OAuth client.
- */
-export const PUT: APIRoute = async ({ params, request, locals }) => {
-	const { dineway, user } = locals;
-
-	if (!dineway?.db) {
-		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
-	}
-
-	if (!user || user.role < Role.ADMIN) {
-		return apiError("FORBIDDEN", "Admin privileges required", 403);
-	}
-
-	const credentialGuard = rejectApiTokenAuthControlWrite(locals, "oauth_clients");
-	if (credentialGuard) return credentialGuard;
-
-	const clientId = params.id;
-	if (!clientId) {
-		return apiError("VALIDATION_ERROR", "Client ID is required", 400);
-	}
-
-	try {
-		const body = await parseBody(request, updateClientSchema);
-		if (isParseError(body)) return body;
-		const requestedWorkflowScopes = disabledExperimentalSiteContextWorkflowScopes(
-			body.scopes ?? [],
-		);
-		if (requestedWorkflowScopes.length > 0) {
-			return apiError(
-				"NOT_IMPLEMENTED",
-				getExperimentalSiteContextWorkflowScopesDisabledMessage(),
-				501,
-				{
-					status: "workflow_oauth_client_scopes_disabled",
-					reason: "workflow_oauth_client_scopes_disabled",
-					scopes: requestedWorkflowScopes,
-				},
-			);
-		}
-
-		const result = await handleOAuthClientUpdate(dineway.db, clientId, body);
-		return unwrapResult(result);
-	} catch (error) {
-		return handleError(error, "Failed to update OAuth client", "CLIENT_UPDATE_ERROR");
-	}
-};
-
-/**
- * Delete an OAuth client.
- */
-export const DELETE: APIRoute = async ({ params, locals }) => {
-	const { dineway, user } = locals;
-
-	if (!dineway?.db) {
-		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
-	}
-
-	if (!user || user.role < Role.ADMIN) {
-		return apiError("FORBIDDEN", "Admin privileges required", 403);
-	}
-
-	const clientId = params.id;
-	if (!clientId) {
-		return apiError("VALIDATION_ERROR", "Client ID is required", 400);
-	}
-
-	try {
-		const result = await handleOAuthClientDelete(dineway.db, clientId);
-		return unwrapResult(result);
-	} catch (error) {
-		return handleError(error, "Failed to delete OAuth client", "CLIENT_DELETE_ERROR");
-	}
-};

package/src/astro/routes/api/admin/oauth-clients/index.ts

@@ -1,95 +0,0 @@
-/**
- * OAuth client management endpoints
- *
- * GET  /_dineway/api/admin/oauth-clients — List all registered OAuth clients
- * POST /_dineway/api/admin/oauth-clients — Register a new OAuth client
- */
-
-import { Role } from "@dineway-ai/auth";
-import type { APIRoute } from "astro";
-import { z } from "zod";
-
-import { rejectApiTokenAuthControlWrite } from "#api/auth-control-guard.js";
-import { apiError, handleError, unwrapResult } from "#api/error.js";
-import { handleOAuthClientCreate, handleOAuthClientList } from "#api/handlers/oauth-clients.js";
-import { isParseError, parseBody } from "#api/parse.js";
-import { ALL_VALID_SCOPES } from "#auth/api-tokens.js";
-import {
-	disabledExperimentalSiteContextWorkflowScopes,
-	getExperimentalSiteContextWorkflowScopesDisabledMessage,
-} from "#site-context/experimental-workflows.js";
-
-export const prerender = false;
-
-const createClientSchema = z.object({
-	id: z
-		.string()
-		.min(1, "Client ID is required")
-		.max(255, "Client ID must be at most 255 characters"),
-	name: z.string().min(1, "Name is required").max(255, "Name must be at most 255 characters"),
-	redirectUris: z
-		.array(z.string().url("Each redirect URI must be a valid URL"))
-		.min(1, "At least one redirect URI is required"),
-	scopes: z.array(z.enum(ALL_VALID_SCOPES)).optional(),
-});
-
-/**
- * List all registered OAuth clients.
- */
-export const GET: APIRoute = async ({ locals }) => {
-	const { dineway, user } = locals;
-
-	if (!dineway?.db) {
-		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
-	}
-
-	if (!user || user.role < Role.ADMIN) {
-		return apiError("FORBIDDEN", "Admin privileges required", 403);
-	}
-
-	const result = await handleOAuthClientList(dineway.db);
-	return unwrapResult(result);
-};
-
-/**
- * Register a new OAuth client.
- */
-export const POST: APIRoute = async ({ request, locals }) => {
-	const { dineway, user } = locals;
-
-	if (!dineway?.db) {
-		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
-	}
-
-	if (!user || user.role < Role.ADMIN) {
-		return apiError("FORBIDDEN", "Admin privileges required", 403);
-	}
-
-	const credentialGuard = rejectApiTokenAuthControlWrite(locals, "oauth_clients");
-	if (credentialGuard) return credentialGuard;
-
-	try {
-		const body = await parseBody(request, createClientSchema);
-		if (isParseError(body)) return body;
-		const requestedWorkflowScopes = disabledExperimentalSiteContextWorkflowScopes(
-			body.scopes ?? [],
-		);
-		if (requestedWorkflowScopes.length > 0) {
-			return apiError(
-				"NOT_IMPLEMENTED",
-				getExperimentalSiteContextWorkflowScopesDisabledMessage(),
-				501,
-				{
-					status: "workflow_oauth_client_scopes_disabled",
-					reason: "workflow_oauth_client_scopes_disabled",
-					scopes: requestedWorkflowScopes,
-				},
-			);
-		}
-
-		const result = await handleOAuthClientCreate(dineway.db, body);
-		return unwrapResult(result, 201);
-	} catch (error) {
-		return handleError(error, "Failed to create OAuth client", "CLIENT_CREATE_ERROR");
-	}
-};

package/src/astro/routes/api/admin/plugins/[id]/disable.ts

@@ -1,91 +0,0 @@
-/**
- * Plugin disable endpoint
- *
- * POST /_dineway/api/admin/plugins/:id/disable - Disable a plugin
- */
-
-import type { APIRoute } from "astro";
-import { z } from "zod";
-
-import { requirePerm } from "#api/authorize.js";
-import { apiError, unwrapResult } from "#api/error.js";
-import {
-	ensureWorkflowHitlRouteRequest,
-	hitlRequiredRouteError,
-	resolveHitlRouteActor,
-} from "#api/hitl-route-helpers.js";
-import { handlePluginDisable, handlePluginGet } from "#api/index.js";
-import { isParseError, parseOptionalBody } from "#api/parse.js";
-import { setCronTasksEnabled } from "#plugins/cron.js";
-import {
-	logPluginActivity,
-	pluginApiRouteSource,
-	PluginHitlPayloadBuilder,
-	RiskPolicyEvaluator,
-} from "#site-context/index.js";
-
-export const prerender = false;
-
-const hitlBodySchema = z.object({
-	hitlRequestId: z.string().min(1).optional(),
-});
-
-export const POST: APIRoute = async ({ params, request, locals }) => {
-	const { dineway, user } = locals;
-	const { id } = params;
-
-	if (!dineway?.db) {
-		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
-	}
-
-	const denied = requirePerm(user, "plugins:manage");
-	if (denied) return denied;
-
-	if (!id) {
-		return apiError("INVALID_REQUEST", "Plugin ID required", 400);
-	}
-
-	const body = await parseOptionalBody(request, hitlBodySchema, {});
-	if (isParseError(body)) return body;
-
-	const current = await handlePluginGet(
-		dineway.db,
-		dineway.configuredPlugins,
-		id,
-		dineway.config.marketplace,
-	);
-	if (!current.success) return unwrapResult(current);
-
-	const actor = resolveHitlRouteActor(locals);
-	const action = await new PluginHitlPayloadBuilder().buildDisableRequest(current.data.item);
-	const decision = await new RiskPolicyEvaluator({
-		db: dineway.db,
-		handlers: dineway,
-	}).evaluateWorkflowHitl({
-		actor: actor.identity,
-		hitlRequestId: body.hitlRequestId,
-		action,
-	});
-	if (!decision.allowed) {
-		const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
-		return hitlRequiredRouteError(decision, ensured);
-	}
-
-	const result = await handlePluginDisable(dineway.db, dineway.configuredPlugins, id);
-
-	if (!result.success) return unwrapResult(result);
-
-	await dineway.setPluginStatus(id, "inactive");
-	await setCronTasksEnabled(dineway.db, id, false);
-	await logPluginActivity(dineway.db, locals, {
-		action: "disabled",
-		pluginId: id,
-		...pluginApiRouteSource("disabled"),
-		summary: `Disabled plugin ${id}`,
-		detail: {
-			hitlRequestId: decision.required ? decision.hitlRequest.id : null,
-		},
-	});
-
-	return unwrapResult(result);
-};

package/src/astro/routes/api/admin/plugins/[id]/enable.ts

@@ -1,91 +0,0 @@
-/**
- * Plugin enable endpoint
- *
- * POST /_dineway/api/admin/plugins/:id/enable - Enable a plugin
- */
-
-import type { APIRoute } from "astro";
-import { z } from "zod";
-
-import { requirePerm } from "#api/authorize.js";
-import { apiError, unwrapResult } from "#api/error.js";
-import {
-	ensureWorkflowHitlRouteRequest,
-	hitlRequiredRouteError,
-	resolveHitlRouteActor,
-} from "#api/hitl-route-helpers.js";
-import { handlePluginEnable, handlePluginGet } from "#api/index.js";
-import { isParseError, parseOptionalBody } from "#api/parse.js";
-import { setCronTasksEnabled } from "#plugins/cron.js";
-import {
-	logPluginActivity,
-	pluginApiRouteSource,
-	PluginHitlPayloadBuilder,
-	RiskPolicyEvaluator,
-} from "#site-context/index.js";
-
-export const prerender = false;
-
-const hitlBodySchema = z.object({
-	hitlRequestId: z.string().min(1).optional(),
-});
-
-export const POST: APIRoute = async ({ params, request, locals }) => {
-	const { dineway, user } = locals;
-	const { id } = params;
-
-	if (!dineway?.db) {
-		return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
-	}
-
-	const denied = requirePerm(user, "plugins:manage");
-	if (denied) return denied;
-
-	if (!id) {
-		return apiError("INVALID_REQUEST", "Plugin ID required", 400);
-	}
-
-	const body = await parseOptionalBody(request, hitlBodySchema, {});
-	if (isParseError(body)) return body;
-
-	const current = await handlePluginGet(
-		dineway.db,
-		dineway.configuredPlugins,
-		id,
-		dineway.config.marketplace,
-	);
-	if (!current.success) return unwrapResult(current);
-
-	const actor = resolveHitlRouteActor(locals);
-	const action = await new PluginHitlPayloadBuilder().buildEnableRequest(current.data.item);
-	const decision = await new RiskPolicyEvaluator({
-		db: dineway.db,
-		handlers: dineway,
-	}).evaluateWorkflowHitl({
-		actor: actor.identity,
-		hitlRequestId: body.hitlRequestId,
-		action,
-	});
-	if (!decision.allowed) {
-		const ensured = await ensureWorkflowHitlRouteRequest(dineway.db, locals, decision.action);
-		return hitlRequiredRouteError(decision, ensured);
-	}
-
-	const result = await handlePluginEnable(dineway.db, dineway.configuredPlugins, id);
-
-	if (!result.success) return unwrapResult(result);
-
-	await dineway.setPluginStatus(id, "active");
-	await setCronTasksEnabled(dineway.db, id, true);
-	await logPluginActivity(dineway.db, locals, {
-		action: "enabled",
-		pluginId: id,
-		...pluginApiRouteSource("enabled"),
-		summary: `Enabled plugin ${id}`,
-		detail: {
-			hitlRequestId: decision.required ? decision.hitlRequest.id : null,
-		},
-	});
-
-	return unwrapResult(result);
-};