insforge 1.2.10 → 1.3.0

package/backend/src/api/routes/database/advance.routes.ts

@@ -15,6 +15,7 @@ import logger from '@/utils/logger.js';
 import { SocketManager } from '@/infra/socket/socket.manager.js';
 import { DataUpdateResourceType, ServerEvents } from '@/types/socket.js';
 import { successResponse } from '@/utils/response.js';
+import { analyzeQuery, DatabaseResourceUpdate } from '@/utils/sql-parser.js';
 
 const router = Router();
 const dbAdvanceService = DatabaseAdvanceService.getInstance();
@@ -64,10 +65,17 @@ router.post(
         ip_address: req.ip,
       });
 
-      const socket = SocketManager.getInstance();
-      socket.broadcastToRoom('role:project_admin', ServerEvents.DATA_UPDATE, {
-        resource: DataUpdateResourceType.DATABASE,
-      });
+      // Broadcast changes if any modifying statements detected
+      const changes = analyzeQuery(query);
+      if (changes.length > 0) {
+        const socket = SocketManager.getInstance();
+        socket.broadcastToRoom(
+          'role:project_admin',
+          ServerEvents.DATA_UPDATE,
+          { resource: DataUpdateResourceType.DATABASE, data: { changes } },
+          'system'
+        );
+      }
 
       successResponse(res, response);
     } catch (error: unknown) {
@@ -115,10 +123,17 @@ router.post('/rawsql', verifyAdmin, async (req: AuthRequest, res: Response, next
       ip_address: req.ip,
     });
 
-    const socket = SocketManager.getInstance();
-    socket.broadcastToRoom('role:project_admin', ServerEvents.DATA_UPDATE, {
-      resource: DataUpdateResourceType.DATABASE,
-    });
+    // Broadcast changes if any modifying statements detected
+    const changes = analyzeQuery(query);
+    if (changes.length > 0) {
+      const socket = SocketManager.getInstance();
+      socket.broadcastToRoom(
+        'role:project_admin',
+        ServerEvents.DATA_UPDATE,
+        { resource: DataUpdateResourceType.DATABASE, data: { changes } },
+        'system'
+      );
+    }
 
     successResponse(res, response);
   } catch (error: unknown) {
@@ -235,12 +250,15 @@ router.post(
       });
 
       const socket = SocketManager.getInstance();
-      socket.broadcastToRoom('role:project_admin', ServerEvents.DATA_UPDATE, {
-        resource: DataUpdateResourceType.RECORDS,
-        data: {
-          tableName: table,
+      socket.broadcastToRoom(
+        'role:project_admin',
+        ServerEvents.DATA_UPDATE,
+        {
+          resource: DataUpdateResourceType.DATABASE,
+          data: { changes: [{ type: 'records', name: table }] as DatabaseResourceUpdate[] },
         },
-      });
+        'system'
+      );
 
       successResponse(res, response);
     } catch (error: unknown) {
@@ -302,9 +320,12 @@ router.post(
       });
 
       const socket = SocketManager.getInstance();
-      socket.broadcastToRoom('role:project_admin', ServerEvents.DATA_UPDATE, {
-        resource: DataUpdateResourceType.DATABASE,
-      });
+      socket.broadcastToRoom(
+        'role:project_admin',
+        ServerEvents.DATA_UPDATE,
+        { resource: DataUpdateResourceType.DATABASE },
+        'system'
+      );
 
       successResponse(res, response);
     } catch (error: unknown) {

package/backend/src/api/routes/database/index.routes.ts

@@ -1,13 +1,90 @@
-import { Router } from 'express';
+import { Router, Response, NextFunction } from 'express';
 import { databaseTablesRouter } from './tables.routes.js';
 import { databaseRecordsRouter } from './records.routes.js';
 import databaseAdvanceRouter from './advance.routes.js';
+import { DatabaseService } from '@/services/database/database.service.js';
+import { verifyAdmin, AuthRequest } from '@/api/middlewares/auth.js';
+import { successResponse } from '@/utils/response.js';
+import logger from '@/utils/logger.js';
 
 const router = Router();
+const databaseService = DatabaseService.getInstance();
 
 // Mount database sub-routes
 router.use('/tables', databaseTablesRouter);
 router.use('/records', databaseRecordsRouter);
 router.use('/advance', databaseAdvanceRouter);
 
+/**
+ * Get all database functions
+ * GET /api/database/functions
+ */
+router.get(
+  '/functions',
+  verifyAdmin,
+  async (_req: AuthRequest, res: Response, next: NextFunction) => {
+    try {
+      const response = await databaseService.getFunctions();
+      successResponse(res, response);
+    } catch (error: unknown) {
+      logger.warn('Get functions error:', error);
+      next(error);
+    }
+  }
+);
+
+/**
+ * Get all database indexes
+ * GET /api/database/indexes
+ */
+router.get(
+  '/indexes',
+  verifyAdmin,
+  async (_req: AuthRequest, res: Response, next: NextFunction) => {
+    try {
+      const response = await databaseService.getIndexes();
+      successResponse(res, response);
+    } catch (error: unknown) {
+      logger.warn('Get indexes error:', error);
+      next(error);
+    }
+  }
+);
+
+/**
+ * Get all RLS policies
+ * GET /api/database/policies
+ */
+router.get(
+  '/policies',
+  verifyAdmin,
+  async (_req: AuthRequest, res: Response, next: NextFunction) => {
+    try {
+      const response = await databaseService.getPolicies();
+      successResponse(res, response);
+    } catch (error: unknown) {
+      logger.warn('Get policies error:', error);
+      next(error);
+    }
+  }
+);
+
+/**
+ * Get all database triggers
+ * GET /api/database/triggers
+ */
+router.get(
+  '/triggers',
+  verifyAdmin,
+  async (_req: AuthRequest, res: Response, next: NextFunction) => {
+    try {
+      const response = await databaseService.getTriggers();
+      successResponse(res, response);
+    } catch (error: unknown) {
+      logger.warn('Get triggers error:', error);
+      next(error);
+    }
+  }
+);
+
 export default router;

package/backend/src/api/routes/database/records.routes.ts

@@ -14,6 +14,7 @@ import logger from '@/utils/logger.js';
 import { SecretService } from '@/services/secrets/secret.service.js';
 import { SocketManager } from '@/infra/socket/socket.manager.js';
 import { DataUpdateResourceType, ServerEvents } from '@/types/socket.js';
+import { DatabaseResourceUpdate } from '@/utils/sql-parser.js';
 
 const router = Router();
 const secretService = SecretService.getInstance();
@@ -53,11 +54,7 @@ const postgrestAxios = axios.create({
 // Generate admin token once and reuse
 // If user request with api key, this token should be added automatically.
 const tokenManager = TokenManager.getInstance();
-const adminToken = tokenManager.generateToken({
-  sub: 'project-admin-with-api-key',
-  email: 'project-admin@email.com',
-  role: 'project_admin',
-});
+const adminToken = tokenManager.generateAdminToken();
 
 // anonymous users can access the database, postgREST does not require authentication, however we seed to unwrap session token for better auth, thus
 // we need to verify user token below.
@@ -209,12 +206,15 @@ const forwardToPostgrest = async (req: AuthRequest, res: Response, next: NextFun
     const mutationMethods = ['POST', 'DELETE'];
     if (mutationMethods.includes(req.method.toUpperCase())) {
       const socket = SocketManager.getInstance();
-      socket.broadcastToRoom('role:project_admin', ServerEvents.DATA_UPDATE, {
-        resource: DataUpdateResourceType.RECORDS,
-        data: {
-          tableName: tableName,
+      socket.broadcastToRoom(
+        'role:project_admin',
+        ServerEvents.DATA_UPDATE,
+        {
+          resource: DataUpdateResourceType.DATABASE,
+          data: { changes: [{ type: 'records', name: tableName }] as DatabaseResourceUpdate[] },
         },
-      });
+        'system'
+      );
     }
 
     successResponse(res, responseData, response.status);

package/backend/src/api/routes/database/tables.routes.ts

@@ -59,20 +59,6 @@ router.post('/', verifyAdmin, async (req: AuthRequest, res: Response, next: Next
   }
 });
 
-// Get all table schemas
-router.get(
-  '/schemas',
-  verifyAdmin,
-  async (_req: AuthRequest, res: Response, next: NextFunction) => {
-    try {
-      const schemas = await tableService.getAllTableSchemas();
-      successResponse(res, schemas);
-    } catch (error) {
-      next(error);
-    }
-  }
-);
-
 // Get table schema
 router.get(
   '/:tableName/schema',

package/backend/src/api/routes/docs/index.routes.ts

@@ -1,76 +1,75 @@
-import { Router, Request, Response, NextFunction } from 'express';
-import { readFile } from 'fs/promises';
-import path from 'path';
-import { fileURLToPath } from 'url';
-import { successResponse } from '@/utils/response.js';
-import { ERROR_CODES } from '@/types/error-constants.js';
-import { AppError } from '@/api/middlewares/error.js';
-
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = path.dirname(__filename);
-
-const router = Router();
-
-// Define available documentation files
-const DOCS_MAP: Record<string, string> = {
-  instructions: 'insforge-instructions-sdk.md',
-  'db-sdk': 'core-concepts/database/sdk.mdx',
-  'auth-sdk': 'core-concepts/authentication/sdk.mdx',
-  // UI Components - Framework-specific
-  'auth-components-react': 'core-concepts/authentication/ui-components/react.mdx',
-  'auth-components-nextjs': 'core-concepts/authentication/ui-components/nextjs.mdx',
-  'auth-components-react-router': 'core-concepts/authentication/ui-components/react-router.mdx',
-  'storage-sdk': 'core-concepts/storage/sdk.mdx',
-  'functions-sdk': 'core-concepts/functions/sdk.mdx',
-  'ai-integration-sdk': 'core-concepts/ai/sdk.mdx',
-};
-
-// GET /api/docs/:docType - Get specific documentation
-router.get('/:docType', async (req: Request, res: Response, next: NextFunction) => {
-  try {
-    const { docType } = req.params;
-
-    // Validate doc type
-    const docFileName = DOCS_MAP[docType];
-    if (!docFileName) {
-      throw new AppError('Documentation not found', 404, ERROR_CODES.NOT_FOUND);
-    }
-
-    // Read the documentation file
-    // PROJECT_ROOT is set in the docker-compose.yml file to point to the InsForge directory
-    const projectRoot = process.env.PROJECT_ROOT || path.resolve(__dirname, '../../../..');
-    const filePath = path.join(projectRoot, 'docs', docFileName);
-    const content = await readFile(filePath, 'utf-8');
-
-    // Traditional REST: return documentation directly
-    return successResponse(res, {
-      type: docType,
-      content,
-    });
-  } catch (error) {
-    // If file doesn't exist or other error
-    if (error instanceof Error && 'code' in error && error.code === 'ENOENT') {
-      next(new AppError('Documentation file not found', 404, ERROR_CODES.NOT_FOUND));
-    } else {
-      next(error);
-    }
-  }
-});
-
-// GET /api/docs - List available documentation
-router.get('/', (_req: Request, res: Response, next: NextFunction) => {
-  try {
-    const available = Object.keys(DOCS_MAP).map((key) => ({
-      type: key,
-      filename: DOCS_MAP[key],
-      endpoint: `/api/docs/${key}`,
-    }));
-
-    // Traditional REST: return list directly
-    return successResponse(res, available);
-  } catch (error) {
-    next(error);
-  }
-});
-
-export { router as docsRouter };
+import { Router, Request, Response, NextFunction } from 'express';
+import { readFile } from 'fs/promises';
+import path from 'path';
+import { fileURLToPath } from 'url';
+import { successResponse } from '@/utils/response.js';
+import { ERROR_CODES } from '@/types/error-constants.js';
+import { AppError } from '@/api/middlewares/error.js';
+import { DocTypeSchema, docTypeSchema } from '@insforge/shared-schemas';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
+const router = Router();
+
+// Define available documentation files
+const DOCS_MAP: Record<DocTypeSchema, string> = {
+  instructions: 'insforge-instructions-sdk.md',
+  'db-sdk': 'core-concepts/database/sdk.mdx',
+  // 'auth-sdk': 'core-concepts/authentication/sdk.mdx',
+  // UI Components - Framework-specific
+  'auth-components-react': 'core-concepts/authentication/ui-components/react.mdx',
+  // 'auth-components-nextjs': 'core-concepts/authentication/ui-components/nextjs.mdx',
+  // 'auth-components-react-router': 'core-concepts/authentication/ui-components/react-router.mdx',
+  'storage-sdk': 'core-concepts/storage/sdk.mdx',
+  'functions-sdk': 'core-concepts/functions/sdk.mdx',
+  'ai-integration-sdk': 'core-concepts/ai/sdk.mdx',
+  'real-time': 'agent-docs/real-time.md',
+};
+
+// GET /api/docs/:docType - Get specific documentation
+router.get('/:docType', async (req: Request, res: Response, next: NextFunction) => {
+  try {
+    const { docType } = req.params;
+
+    // Validate doc type using Zod enum
+    const parsed = docTypeSchema.safeParse(docType);
+    if (!parsed.success) {
+      throw new AppError('Documentation not found', 404, ERROR_CODES.NOT_FOUND);
+    }
+
+    const docFileName = DOCS_MAP[parsed.data];
+
+    // Read the documentation file
+    // PROJECT_ROOT is set in the docker-compose.yml file to point to the InsForge directory
+    const projectRoot = process.env.PROJECT_ROOT || path.resolve(__dirname, '../../../..');
+    const filePath = path.join(projectRoot, 'docs', docFileName);
+    const content = await readFile(filePath, 'utf-8');
+
+    // Traditional REST: return documentation directly
+    return successResponse(res, {
+      type: docType,
+      content,
+    });
+  } catch (error) {
+    next(error);
+  }
+});
+
+// GET /api/docs - List available documentation
+router.get('/', (_req: Request, res: Response, next: NextFunction) => {
+  try {
+    const available = (Object.keys(DOCS_MAP) as DocTypeSchema[]).map((key) => ({
+      type: key,
+      filename: DOCS_MAP[key],
+      endpoint: `/api/docs/${key}`,
+    }));
+
+    // Traditional REST: return list directly
+    return successResponse(res, available);
+  } catch (error) {
+    next(error);
+  }
+});
+
+export { router as docsRouter };

package/backend/src/api/routes/email/index.routes.ts

@@ -0,0 +1,35 @@
+import { Router, Response, NextFunction } from 'express';
+import { AuthRequest, verifyUser } from '@/api/middlewares/auth.js';
+import { EmailService } from '@/services/email/email.service.js';
+import { AppError } from '@/api/middlewares/error.js';
+import { ERROR_CODES } from '@/types/error-constants.js';
+import { sendRawEmailRequestSchema } from '@insforge/shared-schemas';
+import { successResponse } from '@/utils/response.js';
+
+const router = Router();
+const emailService = EmailService.getInstance();
+
+/**
+ * POST /api/email/send-raw
+ * Send a raw/custom email with explicit to, subject, and body
+ */
+router.post(
+  '/send-raw',
+  verifyUser,
+  async (req: AuthRequest, res: Response, next: NextFunction) => {
+    try {
+      const validation = sendRawEmailRequestSchema.safeParse(req.body);
+      if (!validation.success) {
+        throw new AppError(JSON.stringify(validation.error.issues), 400, ERROR_CODES.INVALID_INPUT);
+      }
+
+      await emailService.sendRaw(validation.data);
+
+      successResponse(res, {});
+    } catch (error) {
+      next(error);
+    }
+  }
+);
+
+export const emailRouter = router;

package/backend/src/api/routes/functions/index.routes.ts

@@ -76,9 +76,12 @@ router.post('/', verifyAdmin, async (req: AuthRequest, res: Response, next: Next
     });
 
     const socket = SocketManager.getInstance();
-    socket.broadcastToRoom('role:project_admin', ServerEvents.DATA_UPDATE, {
-      resource: DataUpdateResourceType.FUNCTIONS,
-    });
+    socket.broadcastToRoom(
+      'role:project_admin',
+      ServerEvents.DATA_UPDATE,
+      { resource: DataUpdateResourceType.FUNCTIONS },
+      'system'
+    );
 
     successResponse(
       res,
@@ -126,12 +129,12 @@ router.put('/:slug', verifyAdmin, async (req: AuthRequest, res: Response, next:
     });
 
     const socket = SocketManager.getInstance();
-    socket.broadcastToRoom('role:project_admin', ServerEvents.DATA_UPDATE, {
-      resource: DataUpdateResourceType.FUNCTIONS,
-      data: {
-        slug,
-      },
-    });
+    socket.broadcastToRoom(
+      'role:project_admin',
+      ServerEvents.DATA_UPDATE,
+      { resource: DataUpdateResourceType.FUNCTIONS, data: { slug } },
+      'system'
+    );
 
     successResponse(res, {
       success: true,
@@ -171,9 +174,12 @@ router.delete(
       });
 
       const socket = SocketManager.getInstance();
-      socket.broadcastToRoom('role:project_admin', ServerEvents.DATA_UPDATE, {
-        resource: DataUpdateResourceType.FUNCTIONS,
-      });
+      socket.broadcastToRoom(
+        'role:project_admin',
+        ServerEvents.DATA_UPDATE,
+        { resource: DataUpdateResourceType.FUNCTIONS },
+        'system'
+      );
 
       successResponse(res, {
         success: true,

package/backend/src/api/routes/metadata/index.routes.ts

@@ -4,6 +4,7 @@ import { AuthService } from '@/services/auth/auth.service.js';
 import { StorageService } from '@/services/storage/storage.service.js';
 import { AIConfigService } from '@/services/ai/ai-config.service.js';
 import { FunctionService } from '@/services/functions/function.service.js';
+import { RealtimeChannelService } from '@/services/realtime/realtime-channel.service.js';
 import { verifyAdmin, AuthRequest } from '@/api/middlewares/auth.js';
 import { successResponse } from '@/utils/response.js';
 import { ERROR_CODES } from '@/types/error-constants.js';
@@ -16,6 +17,7 @@ const router = Router();
 const authService = AuthService.getInstance();
 const storageService = StorageService.getInstance();
 const functionService = FunctionService.getInstance();
+const realtimeChannelService = RealtimeChannelService.getInstance();
 const dbManager = DatabaseManager.getInstance();
 const dbAdvanceService = DatabaseAdvanceService.getInstance();
 const aiConfigService = AIConfigService.getInstance();
@@ -104,6 +106,16 @@ router.get('/functions', async (_req: AuthRequest, res: Response, next: NextFunc
   }
 });
 
+// Get realtime metadata
+router.get('/realtime', async (_req: AuthRequest, res: Response, next: NextFunction) => {
+  try {
+    const realtimeMetadata = await realtimeChannelService.getMetadata();
+    successResponse(res, realtimeMetadata);
+  } catch (error) {
+    next(error);
+  }
+});
+
 // Get API key (admin only)
 router.get('/api-key', async (req: AuthRequest, res: Response, next: NextFunction) => {
   try {

package/backend/src/api/routes/realtime/channels.routes.ts

@@ -0,0 +1,81 @@
+import { Router, Response, NextFunction } from 'express';
+import { verifyAdmin, AuthRequest } from '@/api/middlewares/auth.js';
+import { RealtimeChannelService } from '@/services/realtime/realtime-channel.service.js';
+import { successResponse } from '@/utils/response.js';
+import { AppError } from '@/api/middlewares/error.js';
+import { ERROR_CODES } from '@/types/error-constants.js';
+import { createChannelRequestSchema, updateChannelRequestSchema } from '@insforge/shared-schemas';
+
+const router = Router();
+const channelService = RealtimeChannelService.getInstance();
+
+// List all channels
+router.get('/', verifyAdmin, async (_req: AuthRequest, res: Response, next: NextFunction) => {
+  try {
+    const channels = await channelService.list();
+    successResponse(res, channels);
+  } catch (error) {
+    next(error);
+  }
+});
+
+// Get channel by ID
+router.get('/:id', verifyAdmin, async (req: AuthRequest, res: Response, next: NextFunction) => {
+  try {
+    const channel = await channelService.getById(req.params.id);
+    if (!channel) {
+      throw new AppError('Channel not found', 404, ERROR_CODES.NOT_FOUND);
+    }
+    successResponse(res, channel);
+  } catch (error) {
+    next(error);
+  }
+});
+
+// Create a channel
+router.post('/', verifyAdmin, async (req: AuthRequest, res: Response, next: NextFunction) => {
+  try {
+    const validation = createChannelRequestSchema.safeParse(req.body);
+    if (!validation.success) {
+      throw new AppError(
+        validation.error.issues.map((e) => `${e.path.join('.')}: ${e.message}`).join(', '),
+        400,
+        ERROR_CODES.INVALID_INPUT
+      );
+    }
+    const channel = await channelService.create(validation.data);
+    successResponse(res, channel, 201);
+  } catch (error) {
+    next(error);
+  }
+});
+
+// Update a channel
+router.put('/:id', verifyAdmin, async (req: AuthRequest, res: Response, next: NextFunction) => {
+  try {
+    const validation = updateChannelRequestSchema.safeParse(req.body);
+    if (!validation.success) {
+      throw new AppError(
+        validation.error.issues.map((e) => `${e.path.join('.')}: ${e.message}`).join(', '),
+        400,
+        ERROR_CODES.INVALID_INPUT
+      );
+    }
+    const channel = await channelService.update(req.params.id, validation.data);
+    successResponse(res, channel);
+  } catch (error) {
+    next(error);
+  }
+});
+
+// Delete a channel
+router.delete('/:id', verifyAdmin, async (req: AuthRequest, res: Response, next: NextFunction) => {
+  try {
+    await channelService.delete(req.params.id);
+    successResponse(res, { message: 'Channel deleted' });
+  } catch (error) {
+    next(error);
+  }
+});
+
+export { router as channelsRouter };

package/backend/src/api/routes/realtime/index.routes.ts

@@ -0,0 +1,12 @@
+import { Router } from 'express';
+import { channelsRouter } from './channels.routes.js';
+import { messagesRouter } from './messages.routes.js';
+import { permissionsRouter } from './permissions.routes.js';
+
+const router = Router();
+
+router.use('/channels', channelsRouter);
+router.use('/messages', messagesRouter);
+router.use('/permissions', permissionsRouter);
+
+export { router as realtimeRouter };

package/backend/src/api/routes/realtime/messages.routes.ts

@@ -0,0 +1,48 @@
+import { Router, Response, NextFunction } from 'express';
+import { verifyAdmin, AuthRequest } from '@/api/middlewares/auth.js';
+import { RealtimeMessageService } from '@/services/realtime/realtime-message.service.js';
+import { successResponse } from '@/utils/response.js';
+import { AppError } from '@/api/middlewares/error.js';
+import { ERROR_CODES } from '@/types/error-constants.js';
+import { listMessagesRequestSchema, messageStatsRequestSchema } from '@insforge/shared-schemas';
+
+const router = Router();
+const messageService = RealtimeMessageService.getInstance();
+
+// List messages
+router.get('/', verifyAdmin, async (req: AuthRequest, res: Response, next: NextFunction) => {
+  try {
+    const validation = listMessagesRequestSchema.safeParse(req.query);
+    if (!validation.success) {
+      throw new AppError(
+        validation.error.issues.map((e) => `${e.path.join('.')}: ${e.message}`).join(', '),
+        400,
+        ERROR_CODES.INVALID_INPUT
+      );
+    }
+    const messages = await messageService.list(validation.data);
+    successResponse(res, messages);
+  } catch (error) {
+    next(error);
+  }
+});
+
+// Get message statistics
+router.get('/stats', verifyAdmin, async (req: AuthRequest, res: Response, next: NextFunction) => {
+  try {
+    const validation = messageStatsRequestSchema.safeParse(req.query);
+    if (!validation.success) {
+      throw new AppError(
+        validation.error.issues.map((e) => `${e.path.join('.')}: ${e.message}`).join(', '),
+        400,
+        ERROR_CODES.INVALID_INPUT
+      );
+    }
+    const stats = await messageService.getStats(validation.data);
+    successResponse(res, stats);
+  } catch (error) {
+    next(error);
+  }
+});
+
+export { router as messagesRouter };