insforge 0.3.1

package/backend/src/core/functions/functions.ts

@@ -0,0 +1,310 @@
+import { DatabaseManager } from '@/core/database/manager.js';
+import {
+  EdgeFunctionMetadataSchema,
+  FunctionUploadRequest,
+  FunctionUpdateRequest,
+} from '@insforge/shared-schemas';
+import logger from '@/utils/logger.js';
+import { DatabaseError } from 'pg';
+import fetch from 'node-fetch';
+import { AppError } from '@/api/middleware/error.js';
+import { ERROR_CODES } from '@/types/error-constants.js';
+
+export interface FunctionWithRuntime {
+  functions: Record<string, unknown>[];
+  runtime: {
+    status: 'running' | 'unavailable';
+  };
+}
+
+export class FunctionsService {
+  private static instance: FunctionsService;
+  private db;
+
+  private constructor() {
+    this.db = DatabaseManager.getInstance();
+  }
+
+  static getInstance(): FunctionsService {
+    if (!FunctionsService.instance) {
+      FunctionsService.instance = new FunctionsService();
+    }
+    return FunctionsService.instance;
+  }
+
+  /**
+   * List all functions with runtime health check
+   */
+  async listFunctions(): Promise<FunctionWithRuntime> {
+    try {
+      const functions = await this.db
+        .prepare(
+          `SELECT 
+            id, slug, name, description, status, 
+            created_at, updated_at, deployed_at
+          FROM _functions
+          ORDER BY created_at DESC`
+        )
+        .all();
+
+      // Check if Deno runtime is healthy
+      let runtimeHealthy = false;
+      try {
+        const denoUrl = process.env.DENO_RUNTIME_URL || 'http://localhost:7133';
+        const healthResponse = await fetch(`${denoUrl}/health`, {
+          method: 'GET',
+          signal: AbortSignal.timeout(2000), // 2 second timeout
+        });
+        runtimeHealthy = healthResponse.ok;
+      } catch (error) {
+        logger.debug('Deno runtime health check failed', {
+          error: error instanceof Error ? error.message : String(error),
+        });
+      }
+
+      return {
+        functions,
+        runtime: {
+          status: runtimeHealthy ? 'running' : 'unavailable',
+        },
+      };
+    } catch (error) {
+      logger.error('Failed to list functions', {
+        error: error instanceof Error ? error.message : String(error),
+        operation: 'listFunctions',
+      });
+      throw error;
+    }
+  }
+
+  /**
+   * Get a specific function by slug
+   */
+  async getFunction(slug: string): Promise<Record<string, unknown> | undefined> {
+    try {
+      const func = await this.db
+        .prepare(
+          `SELECT 
+            id, slug, name, description, code, status,
+            created_at, updated_at, deployed_at
+          FROM _functions
+          WHERE slug = ?`
+        )
+        .get(slug);
+
+      return func;
+    } catch (error) {
+      logger.error('Failed to get function', {
+        error: error instanceof Error ? error.message : String(error),
+        operation: 'getFunction',
+        slug,
+      });
+      throw error;
+    }
+  }
+
+  /**
+   * Create a new function
+   */
+  async createFunction(data: FunctionUploadRequest): Promise<Record<string, unknown>> {
+    try {
+      const { name, code, description, status } = data;
+      const slug = data.slug || name.toLowerCase().replace(/\s+/g, '-');
+
+      // Basic security validation
+      this.validateCode(code);
+
+      // Generate UUID
+      const id = crypto.randomUUID();
+
+      // Insert function
+      await this.db
+        .prepare(
+          `INSERT INTO _functions (id, slug, name, description, code, status)
+          VALUES (?, ?, ?, ?, ?, ?)`
+        )
+        .run(id, slug, name, description || null, code, status);
+
+      // If status is active, update deployed_at
+      if (status === 'active') {
+        await this.db
+          .prepare(`UPDATE _functions SET deployed_at = CURRENT_TIMESTAMP WHERE id = ?`)
+          .run(id);
+      }
+
+      // Fetch the created function
+      const created = await this.db
+        .prepare(
+          `SELECT id, slug, name, description, status, created_at
+          FROM _functions WHERE id = ?`
+        )
+        .get(id);
+
+      return created;
+    } catch (error) {
+      // Re-throw AppErrors as-is
+      if (error instanceof AppError) {
+        throw error;
+      }
+
+      logger.error('Failed to create function', {
+        error: error instanceof Error ? error.message : String(error),
+        operation: 'createFunction',
+      });
+
+      // Handle unique constraint error
+      if (error instanceof DatabaseError && error.code === '23505') {
+        throw new AppError(
+          'Function with this slug already exists',
+          409,
+          ERROR_CODES.ALREADY_EXISTS
+        );
+      }
+
+      throw error;
+    }
+  }
+
+  /**
+   * Update an existing function
+   */
+  async updateFunction(
+    slug: string,
+    updates: FunctionUpdateRequest
+  ): Promise<Record<string, unknown> | null> {
+    try {
+      // Check if function exists
+      const existing = await this.db.prepare('SELECT id FROM _functions WHERE slug = ?').get(slug);
+      if (!existing) {
+        return null;
+      }
+
+      // Validate code if provided
+      if (updates.code !== undefined) {
+        this.validateCode(updates.code);
+      }
+
+      // Update fields
+      if (updates.name !== undefined) {
+        await this.db
+          .prepare('UPDATE _functions SET name = ? WHERE slug = ?')
+          .run(updates.name, slug);
+      }
+
+      if (updates.description !== undefined) {
+        await this.db
+          .prepare('UPDATE _functions SET description = ? WHERE slug = ?')
+          .run(updates.description, slug);
+      }
+
+      if (updates.code !== undefined) {
+        await this.db
+          .prepare('UPDATE _functions SET code = ? WHERE slug = ?')
+          .run(updates.code, slug);
+      }
+
+      if (updates.status !== undefined) {
+        await this.db
+          .prepare('UPDATE _functions SET status = ? WHERE slug = ?')
+          .run(updates.status, slug);
+
+        // Update deployed_at if status changes to active
+        if (updates.status === 'active') {
+          await this.db
+            .prepare('UPDATE _functions SET deployed_at = CURRENT_TIMESTAMP WHERE slug = ?')
+            .run(slug);
+        }
+      }
+
+      // Update updated_at
+      await this.db
+        .prepare('UPDATE _functions SET updated_at = CURRENT_TIMESTAMP WHERE slug = ?')
+        .run(slug);
+
+      // Fetch updated function
+      const updated = await this.db
+        .prepare(
+          `SELECT id, slug, name, description, status, updated_at
+          FROM _functions WHERE slug = ?`
+        )
+        .get(slug);
+
+      return updated;
+    } catch (error) {
+      logger.error('Failed to update function', {
+        error: error instanceof Error ? error.message : String(error),
+        operation: 'updateFunction',
+        slug,
+      });
+      throw error;
+    }
+  }
+
+  /**
+   * Delete a function
+   */
+  async deleteFunction(slug: string): Promise<boolean> {
+    try {
+      const result = await this.db.prepare('DELETE FROM _functions WHERE slug = ?').run(slug);
+
+      if (result.changes === 0) {
+        return false;
+      }
+
+      return true;
+    } catch (error) {
+      logger.error('Failed to delete function', {
+        error: error instanceof Error ? error.message : String(error),
+        operation: 'deleteFunction',
+        slug,
+      });
+      throw error;
+    }
+  }
+
+  /**
+   * Get functions metadata (public method for non-admin users)
+   */
+  async getMetadata(): Promise<Array<EdgeFunctionMetadataSchema>> {
+    try {
+      const functions = await this.db
+        .prepare(
+          `SELECT slug, name, description, status
+          FROM _functions
+          ORDER BY created_at DESC`
+        )
+        .all();
+
+      return functions as Array<EdgeFunctionMetadataSchema>;
+    } catch (error) {
+      logger.error('Failed to get edge functions metadata', {
+        error: error instanceof Error ? error.message : String(error),
+      });
+      return [];
+    }
+  }
+
+  /**
+   * Validate function code for dangerous patterns
+   */
+  private validateCode(code: string): void {
+    const dangerousPatterns = [
+      /Deno\.run/i,
+      /Deno\.spawn/i,
+      /Deno\.Command/i,
+      /child_process/i,
+      /process\.exit/i,
+      /require\(['"]fs['"]\)/i,
+    ];
+
+    for (const pattern of dangerousPatterns) {
+      if (pattern.test(code)) {
+        throw new AppError(
+          `Code contains potentially dangerous pattern: ${pattern.toString()}`,
+          400,
+          ERROR_CODES.INVALID_INPUT
+        );
+      }
+    }
+  }
+}

package/backend/src/core/logs/analytics.ts

@@ -0,0 +1,76 @@
+import { LogSource, AnalyticsLogRecord, LogSourceStats } from '@/types/logs.js';
+import logger from '@/utils/logger.js';
+import { isCloudEnvironment } from '@/utils/environment.js';
+import { LocalDBProvider } from './providers/localdb.provider.js';
+import { CloudWatchProvider } from './providers/cloudwatch.provider.js';
+import { AnalyticsProvider } from './providers/base.provider.js';
+
+export class AnalyticsManager {
+  private static instance: AnalyticsManager;
+  private provider!: AnalyticsProvider;
+
+  private constructor() {}
+
+  static getInstance(): AnalyticsManager {
+    if (!AnalyticsManager.instance) {
+      AnalyticsManager.instance = new AnalyticsManager();
+    }
+    return AnalyticsManager.instance;
+  }
+
+  async initialize(): Promise<void> {
+    // Decide provider based on explicit override or cloud environment
+    const explicitProvider = (process.env.ANALYTICS_PROVIDER || '').toLowerCase();
+    const shouldUseCloudwatch =
+      explicitProvider === 'cloudwatch' ||
+      (!explicitProvider && isCloudEnvironment() && !!process.env.CLOUDWATCH_LOG_GROUP);
+
+    logger.info(
+      `Using analytics provider: ${shouldUseCloudwatch ? 'CloudWatch' : 'LocalDB/Postgres'}`
+    );
+
+    if (shouldUseCloudwatch) {
+      this.provider = new CloudWatchProvider();
+    } else {
+      this.provider = new LocalDBProvider();
+    }
+
+    await this.provider.initialize();
+  }
+
+  async getLogSources(): Promise<LogSource[]> {
+    return this.provider.getLogSources();
+  }
+
+  async getLogsBySource(
+    sourceName: string,
+    limit: number = 100,
+    beforeTimestamp?: string
+  ): Promise<{
+    logs: AnalyticsLogRecord[];
+    total: number;
+    tableName: string;
+  }> {
+    return this.provider.getLogsBySource(sourceName, limit, beforeTimestamp);
+  }
+
+  async getLogSourceStats(): Promise<LogSourceStats[]> {
+    return this.provider.getLogSourceStats();
+  }
+
+  async searchLogs(
+    query: string,
+    sourceName?: string,
+    limit: number = 100,
+    offset: number = 0
+  ): Promise<{
+    logs: (AnalyticsLogRecord & { source: string })[];
+    total: number;
+  }> {
+    return this.provider.searchLogs(query, sourceName, limit, offset);
+  }
+
+  async close(): Promise<void> {
+    await this.provider.close();
+  }
+}

package/backend/src/core/logs/audit.ts

@@ -0,0 +1,255 @@
+import { DatabaseManager } from '@/core/database/manager.js';
+import logger from '@/utils/logger.js';
+import { AppError } from '@/api/middleware/error.js';
+import { ERROR_CODES } from '@/types/error-constants.js';
+import type { AuditLogEntry, AuditLogQuery } from '@/types/logs.js';
+import { AuditLogSchema, GetAuditLogStatsResponse } from '@insforge/shared-schemas';
+
+export class AuditService {
+  private static instance: AuditService;
+  private db: ReturnType<DatabaseManager['getDb']>;
+
+  private constructor() {
+    const dbManager = DatabaseManager.getInstance();
+    this.db = dbManager.getDb();
+    logger.info('AuditService initialized');
+  }
+
+  public static getInstance(): AuditService {
+    if (!AuditService.instance) {
+      AuditService.instance = new AuditService();
+    }
+    return AuditService.instance;
+  }
+
+  /**
+   * Create a new audit log entry
+   */
+  async log(entry: AuditLogEntry): Promise<AuditLogSchema> {
+    try {
+      const result = await this.db
+        .prepare(
+          `INSERT INTO _audit_logs (actor, action, module, details, ip_address)
+           VALUES ($1, $2, $3, $4, $5)
+           RETURNING *`
+        )
+        .get(
+          entry.actor,
+          entry.action,
+          entry.module,
+          entry.details ? JSON.stringify(entry.details) : null,
+          entry.ip_address || null
+        );
+
+      logger.info('Audit log created', {
+        actor: entry.actor,
+        action: entry.action,
+        module: entry.module,
+      });
+
+      return {
+        id: result.id,
+        actor: result.actor,
+        action: result.action,
+        module: result.module,
+        details: result.details,
+        ipAddress: result.ip_address,
+        createdAt: result.created_at,
+        updatedAt: result.updated_at,
+      };
+    } catch (error) {
+      logger.error('Failed to create audit log', error);
+      throw new AppError('Failed to create audit log', 500, ERROR_CODES.INTERNAL_ERROR);
+    }
+  }
+
+  /**
+   * Query audit logs with filters and return both records and total count
+   */
+  async query(query: AuditLogQuery): Promise<{ records: AuditLogSchema[]; total: number }> {
+    try {
+      // Build base WHERE clause
+      let whereClause = 'WHERE 1=1';
+      const params: unknown[] = [];
+      let paramIndex = 1;
+
+      if (query.actor) {
+        whereClause += ` AND actor = $${paramIndex++}`;
+        params.push(query.actor);
+      }
+
+      if (query.action) {
+        whereClause += ` AND action = $${paramIndex++}`;
+        params.push(query.action);
+      }
+
+      if (query.module) {
+        whereClause += ` AND module = $${paramIndex++}`;
+        params.push(query.module);
+      }
+
+      if (query.start_date) {
+        whereClause += ` AND created_at >= $${paramIndex++}`;
+        params.push(query.start_date.toISOString());
+      }
+
+      if (query.end_date) {
+        whereClause += ` AND created_at <= $${paramIndex++}`;
+        params.push(query.end_date.toISOString());
+      }
+
+      // Get total count first
+      const countSql = `SELECT COUNT(*) as count FROM _audit_logs ${whereClause}`;
+      const countResult = (await this.db.prepare(countSql).get(...params)) as { count: number };
+      const total = countResult.count;
+
+      // Get paginated records
+      let dataSql = `SELECT * FROM _audit_logs ${whereClause} ORDER BY created_at DESC`;
+      const dataParams = [...params];
+
+      if (query.limit) {
+        dataSql += ` LIMIT $${paramIndex++}`;
+        dataParams.push(query.limit);
+      }
+
+      if (query.offset) {
+        dataSql += ` OFFSET $${paramIndex++}`;
+        dataParams.push(query.offset);
+      }
+
+      const records = await this.db.prepare(dataSql).all(...dataParams);
+
+      return {
+        records: records.map((record) => ({
+          id: record.id,
+          actor: record.actor,
+          action: record.action,
+          module: record.module,
+          details: record.details,
+          ipAddress: record.ip_address,
+          createdAt: record.created_at,
+          updatedAt: record.updated_at,
+        })),
+        total,
+      };
+    } catch (error) {
+      logger.error('Failed to query audit logs', error);
+      throw new AppError('Failed to query audit logs', 500, ERROR_CODES.INTERNAL_ERROR);
+    }
+  }
+
+  /**
+   * Get audit log by ID
+   */
+  async getById(id: string): Promise<AuditLogSchema | null> {
+    try {
+      const result = await this.db.prepare('SELECT * FROM _audit_logs WHERE id = $1').get(id);
+
+      return result
+        ? {
+            id: result.id,
+            actor: result.actor,
+            action: result.action,
+            module: result.module,
+            details: result.details,
+            ipAddress: result.ip_address,
+            createdAt: result.created_at,
+            updatedAt: result.updated_at,
+          }
+        : null;
+    } catch (error) {
+      logger.error('Failed to get audit log by ID', error);
+      throw new AppError('Failed to get audit log', 500, ERROR_CODES.INTERNAL_ERROR);
+    }
+  }
+
+  /**
+   * Get audit log statistics
+   */
+  async getStats(days: number = 7): Promise<GetAuditLogStatsResponse> {
+    try {
+      const startDate = new Date();
+      startDate.setDate(startDate.getDate() - days);
+
+      const [totalLogs] = await this.db
+        .prepare('SELECT COUNT(*) as count FROM _audit_logs WHERE created_at >= $1')
+        .get(startDate.toISOString());
+
+      const [uniqueActors] = await this.db
+        .prepare('SELECT COUNT(DISTINCT actor) as count FROM _audit_logs WHERE created_at >= $1')
+        .get(startDate.toISOString());
+
+      const [uniqueModules] = await this.db
+        .prepare('SELECT COUNT(DISTINCT module) as count FROM _audit_logs WHERE created_at >= $1')
+        .get(startDate.toISOString());
+
+      const actionsByModule = await this.db
+        .prepare(
+          `SELECT module, COUNT(*) as count
+           FROM _audit_logs
+           WHERE created_at >= $1
+           GROUP BY module`
+        )
+        .all(startDate.toISOString());
+
+      const recentActivity = await this.db
+        .prepare(
+          `SELECT * FROM _audit_logs
+           WHERE created_at >= $1
+           ORDER BY created_at DESC
+           LIMIT 10`
+        )
+        .all(startDate.toISOString());
+
+      const moduleStats: Record<string, number> = {};
+      actionsByModule.forEach((row: { module: string; count: string }) => {
+        moduleStats[row.module] = parseInt(row.count);
+      });
+
+      return {
+        totalLogs: parseInt(totalLogs?.count || 0),
+        uniqueActors: parseInt(uniqueActors?.count || 0),
+        uniqueModules: parseInt(uniqueModules?.count || 0),
+        actionsByModule: moduleStats,
+        recentActivity: recentActivity.map((record) => ({
+          id: record.id,
+          actor: record.actor,
+          action: record.action,
+          module: record.module,
+          details: record.details,
+          ipAddress: record.ip_address,
+          createdAt: record.created_at,
+          updatedAt: record.updated_at,
+        })),
+      };
+    } catch (error) {
+      logger.error('Failed to get audit log statistics', error);
+      throw new AppError('Failed to get audit statistics', 500, ERROR_CODES.INTERNAL_ERROR);
+    }
+  }
+
+  /**
+   * Clean up old audit logs
+   */
+  async cleanup(daysToKeep: number = 90): Promise<number> {
+    try {
+      const cutoffDate = new Date();
+      cutoffDate.setDate(cutoffDate.getDate() - daysToKeep);
+
+      const result = await this.db
+        .prepare('DELETE FROM _audit_logs WHERE created_at < $1 RETURNING id')
+        .all(cutoffDate.toISOString());
+
+      const deletedCount = result.length;
+
+      if (deletedCount > 0) {
+        logger.info(`Cleaned up ${deletedCount} audit logs older than ${daysToKeep} days`);
+      }
+
+      return deletedCount;
+    } catch (error) {
+      logger.error('Failed to cleanup audit logs', error);
+      throw new AppError('Failed to cleanup audit logs', 500, ERROR_CODES.INTERNAL_ERROR);
+    }
+  }
+}