npm - realtimex-crm - Versions diffs - 0.17.1 → 0.19.0 - Mend

realtimex-crm 0.17.1 → 0.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "realtimex-crm",
-  "version": "0.17.1",
+  "version": "0.19.0",
   "description": "RealTimeX CRM - A full-featured CRM built with React, shadcn-admin-kit, and Supabase. Fork of Atomic CRM with RealTimeX App SDK integration.",
   "type": "module",
   "main": "./dist/index.js",

package/supabase/functions/api-v1-activities/index.ts CHANGED Viewed

@@ -73,65 +73,52 @@ async function createActivity(apiKey: any, req: Request) {
   const body = await req.json();
   const { type, ...activityData } = body;
-  // Activities can be notes or tasks
-  if (type === "note" || type === "contact_note") {
-    const { data, error } = await supabaseAdmin
-      .from("contactNotes")
-      .insert({
-        ...activityData,
-        sales_id: apiKey.sales_id,
-      })
-      .select()
-      .single();
+  // Map note type to table and validate
+  // Note: Tasks are now handled by /api-v1-tasks endpoint
+  let tableName: string;
+  let responseType: string;
-    if (error) {
-      return createErrorResponse(400, error.message);
-    }
-    return new Response(JSON.stringify({ data, type: "note" }), {
-      status: 201,
-      headers: { "Content-Type": "application/json", ...corsHeaders },
-    });
-  } else if (type === "task") {
-    const { data, error } = await supabaseAdmin
-      .from("tasks")
-      .insert({
-        ...activityData,
-        sales_id: apiKey.sales_id,
-      })
-      .select()
-      .single();
-    if (error) {
-      return createErrorResponse(400, error.message);
-    }
-    return new Response(JSON.stringify({ data, type: "task" }), {
-      status: 201,
-      headers: { "Content-Type": "application/json", ...corsHeaders },
-    });
-  } else if (type === "deal_note") {
-    const { data, error } = await supabaseAdmin
-      .from("dealNotes")
-      .insert({
-        ...activityData,
-        sales_id: apiKey.sales_id,
-      })
-      .select()
-      .single();
+  switch (type) {
+    case "note":
+    case "contact_note":
+      tableName = "contactNotes";
+      responseType = "contact_note";
+      break;
+    case "company_note":
+      tableName = "companyNotes";
+      responseType = "company_note";
+      break;
+    case "deal_note":
+      tableName = "dealNotes";
+      responseType = "deal_note";
+      break;
+    case "task_note":
+      tableName = "taskNotes";
+      responseType = "task_note";
+      break;
+    default:
+      return createErrorResponse(
+        400,
+        "Invalid note type. Must be 'contact_note', 'company_note', 'deal_note', or 'task_note'. For tasks, use /api-v1-tasks endpoint."
+      );
+  }
-    if (error) {
-      return createErrorResponse(400, error.message);
-    }
+  // Insert note
+  const { data, error } = await supabaseAdmin
+    .from(tableName)
+    .insert({
+      ...activityData,
+      sales_id: apiKey.sales_id,
+    })
+    .select()
+    .single();
-    return new Response(JSON.stringify({ data, type: "deal_note" }), {
-      status: 201,
-      headers: { "Content-Type": "application/json", ...corsHeaders },
-    });
-  } else {
-    return createErrorResponse(
-      400,
-      "Invalid activity type. Must be 'note', 'contact_note', 'task', or 'deal_note'"
-    );
+  if (error) {
+    return createErrorResponse(400, error.message);
   }
+  return new Response(JSON.stringify({ data, type: responseType }), {
+    status: 201,
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
 }

package/supabase/functions/api-v1-tasks/index.ts ADDED Viewed

@@ -0,0 +1,217 @@
+import "jsr:@supabase/functions-js/edge-runtime.d.ts";
+import { supabaseAdmin } from "../_shared/supabaseAdmin.ts";
+import { corsHeaders, createErrorResponse } from "../_shared/utils.ts";
+import {
+  validateApiKey,
+  checkRateLimit,
+  hasScope,
+  logApiRequest,
+} from "../_shared/apiKeyAuth.ts";
+Deno.serve(async (req: Request) => {
+  const startTime = Date.now();
+  // Handle CORS
+  if (req.method === "OPTIONS") {
+    return new Response(null, { status: 204, headers: corsHeaders });
+  }
+  // Validate API key
+  const authResult = await validateApiKey(req);
+  if ("status" in authResult) {
+    return authResult; // Error response
+  }
+  const { apiKey } = authResult;
+  // Check rate limit
+  const rateLimitError = checkRateLimit(apiKey.id);
+  if (rateLimitError) {
+    await logApiRequest(
+      apiKey.id,
+      "/v1/tasks",
+      req.method,
+      429,
+      Date.now() - startTime,
+      req
+    );
+    return rateLimitError;
+  }
+  try {
+    const url = new URL(req.url);
+    const pathParts = url.pathname.split("/").filter(Boolean);
+    // pathParts: ["api-v1-tasks", "{id}"]
+    const taskId = pathParts[1];
+    let response: Response;
+    if (req.method === "GET") {
+      if (taskId) {
+        response = await getTask(apiKey, taskId);
+      } else {
+        response = await listTasks(apiKey, req);
+      }
+    } else if (req.method === "POST") {
+      response = await createTask(apiKey, req);
+    } else if (req.method === "PATCH" && taskId) {
+      response = await updateTask(apiKey, taskId, req);
+    } else if (req.method === "DELETE" && taskId) {
+      response = await deleteTask(apiKey, taskId);
+    } else {
+      response = createErrorResponse(404, "Not found");
+    }
+    const responseTime = Date.now() - startTime;
+    await logApiRequest(
+      apiKey.id,
+      url.pathname,
+      req.method,
+      response.status,
+      responseTime,
+      req
+    );
+    return response;
+  } catch (error) {
+    const responseTime = Date.now() - startTime;
+    await logApiRequest(
+      apiKey.id,
+      new URL(req.url).pathname,
+      req.method,
+      500,
+      responseTime,
+      req,
+      error.message
+    );
+    return createErrorResponse(500, "Internal server error");
+  }
+});
+async function listTasks(apiKey: any, req: Request) {
+  if (!hasScope(apiKey, "tasks:read")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const url = new URL(req.url);
+  const contactId = url.searchParams.get("contact_id");
+  const companyId = url.searchParams.get("company_id");
+  const dealId = url.searchParams.get("deal_id");
+  const status = url.searchParams.get("status");
+  let query = supabaseAdmin.from("tasks").select("*");
+  if (contactId) {
+    query = query.eq("contact_id", parseInt(contactId, 10));
+  }
+  if (companyId) {
+    query = query.eq("company_id", parseInt(companyId, 10));
+  }
+  if (dealId) {
+    query = query.eq("deal_id", parseInt(dealId, 10));
+  }
+  if (status) {
+    query = query.eq("status", status);
+  }
+  // If no filters, limit to 50 for safety
+  if (!contactId && !companyId && !dealId && !status) {
+    query = query.limit(50);
+  }
+  const { data, error } = await query;
+  if (error) {
+    return createErrorResponse(500, error.message);
+  }
+  return new Response(JSON.stringify({ data }), {
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function getTask(apiKey: any, taskId: string) {
+  if (!hasScope(apiKey, "tasks:read")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const id = parseInt(taskId, 10);
+  const { data, error } = await supabaseAdmin
+    .from("tasks")
+    .select("*")
+    .eq("id", id)
+    .single();
+  if (error || !data) {
+    return createErrorResponse(404, "Task not found");
+  }
+  return new Response(JSON.stringify({ data }), {
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function createTask(apiKey: any, req: Request) {
+  if (!hasScope(apiKey, "tasks:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const body = await req.json();
+  const { data, error } = await supabaseAdmin
+    .from("tasks")
+    .insert({
+      ...body,
+      sales_id: apiKey.sales_id, // Associate with API key owner
+    })
+    .select()
+    .single();
+  if (error) {
+    return createErrorResponse(400, error.message);
+  }
+  return new Response(JSON.stringify({ data }), {
+    status: 201,
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function updateTask(apiKey: any, taskId: string, req: Request) {
+  if (!hasScope(apiKey, "tasks:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const body = await req.json();
+  const { data, error } = await supabaseAdmin
+    .from("tasks")
+    .update(body)
+    .eq("id", parseInt(taskId, 10))
+    .select()
+    .single();
+  if (error || !data) {
+    return createErrorResponse(404, "Task not found");
+  }
+  return new Response(JSON.stringify({ data }), {
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function deleteTask(apiKey: any, taskId: string) {
+  if (!hasScope(apiKey, "tasks:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const { error } = await supabaseAdmin
+    .from("tasks")
+    .delete()
+    .eq("id", parseInt(taskId, 10));
+  if (error) {
+    return createErrorResponse(404, "Task not found");
+  }
+  return new Response(null, { status: 204, headers: corsHeaders });
+}