realtimex-crm 0.8.1 → 0.9.1

package/supabase/functions/api-v1-deals/index.ts

@@ -0,0 +1,166 @@
+import "jsr:@supabase/functions-js/edge-runtime.d.ts";
+import { supabaseAdmin } from "../_shared/supabaseAdmin.ts";
+import { corsHeaders, createErrorResponse } from "../_shared/utils.ts";
+import {
+  validateApiKey,
+  checkRateLimit,
+  hasScope,
+  logApiRequest,
+} from "../_shared/apiKeyAuth.ts";
+
+Deno.serve(async (req: Request) => {
+  const startTime = Date.now();
+
+  if (req.method === "OPTIONS") {
+    return new Response(null, { status: 204, headers: corsHeaders });
+  }
+
+  const authResult = await validateApiKey(req);
+  if ("status" in authResult) {
+    return authResult;
+  }
+  const { apiKey } = authResult;
+
+  const rateLimitError = checkRateLimit(apiKey.id);
+  if (rateLimitError) {
+    await logApiRequest(
+      apiKey.id,
+      "/v1/deals",
+      req.method,
+      429,
+      Date.now() - startTime,
+      req
+    );
+    return rateLimitError;
+  }
+
+  try {
+    const url = new URL(req.url);
+    const pathParts = url.pathname.split("/").filter(Boolean);
+    const dealId = pathParts[1];
+
+    let response: Response;
+
+    if (req.method === "GET" && dealId) {
+      response = await getDeal(apiKey, dealId);
+    } else if (req.method === "POST") {
+      response = await createDeal(apiKey, req);
+    } else if (req.method === "PATCH" && dealId) {
+      response = await updateDeal(apiKey, dealId, req);
+    } else if (req.method === "DELETE" && dealId) {
+      response = await deleteDeal(apiKey, dealId);
+    } else {
+      response = createErrorResponse(404, "Not found");
+    }
+
+    const responseTime = Date.now() - startTime;
+    await logApiRequest(
+      apiKey.id,
+      url.pathname,
+      req.method,
+      response.status,
+      responseTime,
+      req
+    );
+
+    return response;
+  } catch (error) {
+    const responseTime = Date.now() - startTime;
+    await logApiRequest(
+      apiKey.id,
+      new URL(req.url).pathname,
+      req.method,
+      500,
+      responseTime,
+      req,
+      error.message
+    );
+    return createErrorResponse(500, "Internal server error");
+  }
+});
+
+async function getDeal(apiKey: any, dealId: string) {
+  if (!hasScope(apiKey, "deals:read")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+
+  const { data, error } = await supabaseAdmin
+    .from("deals")
+    .select("*")
+    .eq("id", dealId)
+    .single();
+
+  if (error || !data) {
+    return createErrorResponse(404, "Deal not found");
+  }
+
+  return new Response(JSON.stringify({ data }), {
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+
+async function createDeal(apiKey: any, req: Request) {
+  if (!hasScope(apiKey, "deals:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+
+  const body = await req.json();
+
+  const { data, error } = await supabaseAdmin
+    .from("deals")
+    .insert({
+      ...body,
+      sales_id: apiKey.sales_id,
+    })
+    .select()
+    .single();
+
+  if (error) {
+    return createErrorResponse(400, error.message);
+  }
+
+  return new Response(JSON.stringify({ data }), {
+    status: 201,
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+
+async function updateDeal(apiKey: any, dealId: string, req: Request) {
+  if (!hasScope(apiKey, "deals:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+
+  const body = await req.json();
+
+  const { data, error } = await supabaseAdmin
+    .from("deals")
+    .update(body)
+    .eq("id", dealId)
+    .select()
+    .single();
+
+  if (error || !data) {
+    return createErrorResponse(404, "Deal not found");
+  }
+
+  return new Response(JSON.stringify({ data }), {
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+
+async function deleteDeal(apiKey: any, dealId: string) {
+  if (!hasScope(apiKey, "deals:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+
+  const { error } = await supabaseAdmin
+    .from("deals")
+    .delete()
+    .eq("id", dealId);
+
+  if (error) {
+    return createErrorResponse(404, "Deal not found");
+  }
+
+  return new Response(null, { status: 204, headers: corsHeaders });
+}

package/supabase/functions/webhook-dispatcher/index.ts

@@ -0,0 +1,133 @@
+import "jsr:@supabase/functions-js/edge-runtime.d.ts";
+import { supabaseAdmin } from "../_shared/supabaseAdmin.ts";
+import { generateWebhookSignature } from "../_shared/webhookSignature.ts";
+
+Deno.serve(async () => {
+  console.log("Webhook dispatcher running...");
+
+  // Get pending webhook deliveries
+  const { data: queueItems } = await supabaseAdmin
+    .from("webhook_queue")
+    .select("*, webhooks(*)")
+    .eq("status", "pending")
+    .lte("next_retry_at", new Date().toISOString())
+    .limit(50);
+
+  if (!queueItems || queueItems.length === 0) {
+    return new Response(JSON.stringify({ processed: 0 }), {
+      headers: { "Content-Type": "application/json" },
+    });
+  }
+
+  console.log(`Processing ${queueItems.length} webhook deliveries`);
+
+  const results = await Promise.allSettled(
+    queueItems.map((item) => deliverWebhook(item))
+  );
+
+  const successful = results.filter((r) => r.status === "fulfilled").length;
+  const failed = results.filter((r) => r.status === "rejected").length;
+
+  return new Response(
+    JSON.stringify({ processed: queueItems.length, successful, failed }),
+    { headers: { "Content-Type": "application/json" } }
+  );
+});
+
+async function deliverWebhook(queueItem: any) {
+  const webhook = queueItem.webhooks;
+
+  // Mark as processing
+  await supabaseAdmin
+    .from("webhook_queue")
+    .update({ status: "processing" })
+    .eq("id", queueItem.id);
+
+  try {
+    const payloadString = JSON.stringify(queueItem.payload);
+    const signature = await generateWebhookSignature(
+      webhook.secret,
+      payloadString
+    );
+
+    const headers: Record<string, string> = {
+      "Content-Type": "application/json",
+      "X-Webhook-Signature": signature,
+      "X-Webhook-Event": queueItem.event_type,
+      "User-Agent": "AtomicCRM-Webhooks/1.0",
+    };
+
+    // Add custom headers from webhook config
+    if (webhook.headers) {
+      Object.assign(headers, webhook.headers);
+    }
+
+    const response = await fetch(webhook.url, {
+      method: "POST",
+      headers,
+      body: payloadString,
+      signal: AbortSignal.timeout(30000), // 30 second timeout
+    });
+
+    if (response.ok) {
+      // Success
+      await supabaseAdmin
+        .from("webhook_queue")
+        .update({
+          status: "delivered",
+          delivered_at: new Date().toISOString(),
+        })
+        .eq("id", queueItem.id);
+
+      await supabaseAdmin
+        .from("webhooks")
+        .update({
+          last_triggered_at: new Date().toISOString(),
+          failure_count: 0,
+        })
+        .eq("id", webhook.id);
+
+      console.log(`Webhook ${queueItem.id} delivered successfully`);
+    } else {
+      throw new Error(`HTTP ${response.status}: ${await response.text()}`);
+    }
+  } catch (error) {
+    console.error(`Webhook ${queueItem.id} delivery failed:`, error);
+
+    const newAttempts = queueItem.attempts + 1;
+    const shouldRetry = newAttempts < queueItem.max_attempts;
+
+    if (shouldRetry) {
+      // Exponential backoff: 1min, 5min, 15min
+      const retryDelays = [60, 300, 900];
+      const delaySeconds = retryDelays[newAttempts - 1] || 900;
+      const nextRetry = new Date(Date.now() + delaySeconds * 1000)
+        .toISOString();
+
+      await supabaseAdmin
+        .from("webhook_queue")
+        .update({
+          status: "pending",
+          attempts: newAttempts,
+          next_retry_at: nextRetry,
+          error_message: error.message,
+        })
+        .eq("id", queueItem.id);
+    } else {
+      // Max attempts reached
+      await supabaseAdmin
+        .from("webhook_queue")
+        .update({
+          status: "failed",
+          attempts: newAttempts,
+          error_message: error.message,
+        })
+        .eq("id", queueItem.id);
+
+      await supabaseAdmin
+        .from("webhooks")
+        .update({ failure_count: webhook.failure_count + 1 })
+        .eq("id", webhook.id);
+    }
+  }
+}

package/supabase/migrations/20251219120000_api_integrations.sql

@@ -0,0 +1,133 @@
+-- API Keys table
+create table "public"."api_keys" (
+    "id" bigint generated by default as identity not null,
+    "created_at" timestamp with time zone not null default now(),
+    "sales_id" bigint not null,
+    "name" text not null,
+    "key_hash" text not null,
+    "key_prefix" text not null,
+    "scopes" text[] not null default '{}',
+    "is_active" boolean not null default true,
+    "expires_at" timestamp with time zone,
+    "last_used_at" timestamp with time zone,
+    "created_by_sales_id" bigint not null
+);
+
+alter table "public"."api_keys" enable row level security;
+
+CREATE UNIQUE INDEX api_keys_pkey ON public.api_keys USING btree (id);
+CREATE UNIQUE INDEX api_keys_key_hash_unique ON public.api_keys USING btree (key_hash);
+CREATE INDEX api_keys_sales_id_idx ON public.api_keys USING btree (sales_id);
+
+alter table "public"."api_keys" add constraint "api_keys_pkey" PRIMARY KEY using index "api_keys_pkey";
+alter table "public"."api_keys" add constraint "api_keys_sales_id_fkey"
+    FOREIGN KEY (sales_id) REFERENCES sales(id) ON UPDATE CASCADE ON DELETE CASCADE not valid;
+alter table "public"."api_keys" validate constraint "api_keys_sales_id_fkey";
+alter table "public"."api_keys" add constraint "api_keys_created_by_sales_id_fkey"
+    FOREIGN KEY (created_by_sales_id) REFERENCES sales(id) ON UPDATE CASCADE ON DELETE CASCADE not valid;
+alter table "public"."api_keys" validate constraint "api_keys_created_by_sales_id_fkey";
+
+-- Webhooks table
+create table "public"."webhooks" (
+    "id" bigint generated by default as identity not null,
+    "created_at" timestamp with time zone not null default now(),
+    "sales_id" bigint not null,
+    "name" text not null,
+    "url" text not null,
+    "events" text[] not null default '{}',
+    "headers" jsonb,
+    "is_active" boolean not null default true,
+    "secret" text not null,
+    "last_triggered_at" timestamp with time zone,
+    "failure_count" int not null default 0,
+    "created_by_sales_id" bigint not null
+);
+
+alter table "public"."webhooks" enable row level security;
+
+CREATE UNIQUE INDEX webhooks_pkey ON public.webhooks USING btree (id);
+CREATE INDEX webhooks_sales_id_idx ON public.webhooks USING btree (sales_id);
+CREATE INDEX webhooks_events_idx ON public.webhooks USING gin (events);
+
+alter table "public"."webhooks" add constraint "webhooks_pkey" PRIMARY KEY using index "webhooks_pkey";
+alter table "public"."webhooks" add constraint "webhooks_sales_id_fkey"
+    FOREIGN KEY (sales_id) REFERENCES sales(id) ON UPDATE CASCADE ON DELETE CASCADE not valid;
+alter table "public"."webhooks" validate constraint "webhooks_sales_id_fkey";
+alter table "public"."webhooks" add constraint "webhooks_created_by_sales_id_fkey"
+    FOREIGN KEY (created_by_sales_id) REFERENCES sales(id) ON UPDATE CASCADE ON DELETE CASCADE not valid;
+alter table "public"."webhooks" validate constraint "webhooks_created_by_sales_id_fkey";
+
+-- API Request Logs table
+create table "public"."api_logs" (
+    "id" bigint generated by default as identity not null,
+    "created_at" timestamp with time zone not null default now(),
+    "api_key_id" bigint not null,
+    "endpoint" text not null,
+    "method" text not null,
+    "status_code" int not null,
+    "response_time_ms" int,
+    "ip_address" text,
+    "user_agent" text,
+    "error_message" text
+);
+
+alter table "public"."api_logs" enable row level security;
+
+CREATE UNIQUE INDEX api_logs_pkey ON public.api_logs USING btree (id);
+CREATE INDEX api_logs_api_key_id_idx ON public.api_logs USING btree (api_key_id);
+CREATE INDEX api_logs_created_at_idx ON public.api_logs USING btree (created_at DESC);
+
+alter table "public"."api_logs" add constraint "api_logs_pkey" PRIMARY KEY using index "api_logs_pkey";
+alter table "public"."api_logs" add constraint "api_logs_api_key_id_fkey"
+    FOREIGN KEY (api_key_id) REFERENCES api_keys(id) ON UPDATE CASCADE ON DELETE CASCADE not valid;
+alter table "public"."api_logs" validate constraint "api_logs_api_key_id_fkey";
+
+-- Webhook Queue table (for async delivery)
+create table "public"."webhook_queue" (
+    "id" bigint generated by default as identity not null,
+    "created_at" timestamp with time zone not null default now(),
+    "webhook_id" bigint not null,
+    "event_type" text not null,
+    "payload" jsonb not null,
+    "status" text not null default 'pending',
+    "attempts" int not null default 0,
+    "max_attempts" int not null default 3,
+    "next_retry_at" timestamp with time zone,
+    "delivered_at" timestamp with time zone,
+    "error_message" text
+);
+
+alter table "public"."webhook_queue" enable row level security;
+
+CREATE UNIQUE INDEX webhook_queue_pkey ON public.webhook_queue USING btree (id);
+CREATE INDEX webhook_queue_status_idx ON public.webhook_queue USING btree (status, next_retry_at);
+CREATE INDEX webhook_queue_webhook_id_idx ON public.webhook_queue USING btree (webhook_id);
+
+alter table "public"."webhook_queue" add constraint "webhook_queue_pkey" PRIMARY KEY using index "webhook_queue_pkey";
+alter table "public"."webhook_queue" add constraint "webhook_queue_webhook_id_fkey"
+    FOREIGN KEY (webhook_id) REFERENCES webhooks(id) ON UPDATE CASCADE ON DELETE CASCADE not valid;
+alter table "public"."webhook_queue" validate constraint "webhook_queue_webhook_id_fkey";
+
+-- Grant permissions
+grant select, insert, update, delete on table "public"."api_keys" to "authenticated";
+grant select, insert, update, delete on table "public"."webhooks" to "authenticated";
+grant select on table "public"."api_logs" to "authenticated";
+grant select on table "public"."webhook_queue" to "authenticated";
+
+grant all on table "public"."api_keys" to "service_role";
+grant all on table "public"."webhooks" to "service_role";
+grant all on table "public"."api_logs" to "service_role";
+grant all on table "public"."webhook_queue" to "service_role";
+
+-- RLS Policies (permissive for authenticated users)
+create policy "Enable all for authenticated users" on "public"."api_keys"
+    for all to authenticated using (true) with check (true);
+
+create policy "Enable all for authenticated users" on "public"."webhooks"
+    for all to authenticated using (true) with check (true);
+
+create policy "Enable read for authenticated users" on "public"."api_logs"
+    for select to authenticated using (true);
+
+create policy "Enable read for authenticated users" on "public"."webhook_queue"
+    for select to authenticated using (true);

package/supabase/migrations/20251219120100_webhook_triggers.sql

@@ -0,0 +1,171 @@
+-- Function to enqueue webhook events
+create or replace function enqueue_webhook_event(
+    p_event_type text,
+    p_payload jsonb
+) returns void
+language plpgsql
+security definer
+set search_path = ''
+as $$
+begin
+    -- Find all active webhooks that listen to this event
+    insert into public.webhook_queue (webhook_id, event_type, payload, next_retry_at)
+    select
+        id,
+        p_event_type,
+        p_payload,
+        now()
+    from public.webhooks
+    where is_active = true
+        and p_event_type = any(events);
+end;
+$$;
+
+-- Trigger function for contact CRUD events
+create or replace function trigger_contact_webhooks()
+returns trigger
+language plpgsql
+security definer
+set search_path = ''
+as $$
+declare
+    event_type text;
+    payload jsonb;
+begin
+    if (TG_OP = 'INSERT') then
+        event_type := 'contact.created';
+        payload := to_jsonb(NEW);
+    elsif (TG_OP = 'UPDATE') then
+        event_type := 'contact.updated';
+        payload := jsonb_build_object('old', to_jsonb(OLD), 'new', to_jsonb(NEW));
+    elsif (TG_OP = 'DELETE') then
+        event_type := 'contact.deleted';
+        payload := to_jsonb(OLD);
+    end if;
+
+    perform enqueue_webhook_event(event_type, payload);
+
+    if (TG_OP = 'DELETE') then
+        return OLD;
+    else
+        return NEW;
+    end if;
+end;
+$$;
+
+-- Trigger function for company CRUD events
+create or replace function trigger_company_webhooks()
+returns trigger
+language plpgsql
+security definer
+set search_path = ''
+as $$
+declare
+    event_type text;
+    payload jsonb;
+begin
+    if (TG_OP = 'INSERT') then
+        event_type := 'company.created';
+        payload := to_jsonb(NEW);
+    elsif (TG_OP = 'UPDATE') then
+        event_type := 'company.updated';
+        payload := jsonb_build_object('old', to_jsonb(OLD), 'new', to_jsonb(NEW));
+    elsif (TG_OP = 'DELETE') then
+        event_type := 'company.deleted';
+        payload := to_jsonb(OLD);
+    end if;
+
+    perform enqueue_webhook_event(event_type, payload);
+
+    if (TG_OP = 'DELETE') then
+        return OLD;
+    else
+        return NEW;
+    end if;
+end;
+$$;
+
+-- Trigger function for deal CRUD and stage change events
+create or replace function trigger_deal_webhooks()
+returns trigger
+language plpgsql
+security definer
+set search_path = ''
+as $$
+declare
+    event_type text;
+    payload jsonb;
+begin
+    if (TG_OP = 'INSERT') then
+        event_type := 'deal.created';
+        payload := to_jsonb(NEW);
+        perform enqueue_webhook_event(event_type, payload);
+    elsif (TG_OP = 'UPDATE') then
+        -- Check for stage changes
+        if (OLD.stage <> NEW.stage) then
+            event_type := 'deal.stage_changed';
+            payload := jsonb_build_object(
+                'deal_id', NEW.id,
+                'old_stage', OLD.stage,
+                'new_stage', NEW.stage,
+                'deal', to_jsonb(NEW)
+            );
+            perform enqueue_webhook_event(event_type, payload);
+
+            -- Check for won/lost
+            if (NEW.stage = 'won') then
+                perform enqueue_webhook_event('deal.won', to_jsonb(NEW));
+            elsif (NEW.stage = 'lost') then
+                perform enqueue_webhook_event('deal.lost', to_jsonb(NEW));
+            end if;
+        end if;
+
+        event_type := 'deal.updated';
+        payload := jsonb_build_object('old', to_jsonb(OLD), 'new', to_jsonb(NEW));
+        perform enqueue_webhook_event(event_type, payload);
+    elsif (TG_OP = 'DELETE') then
+        event_type := 'deal.deleted';
+        payload := to_jsonb(OLD);
+        perform enqueue_webhook_event(event_type, payload);
+    end if;
+
+    if (TG_OP = 'DELETE') then
+        return OLD;
+    else
+        return NEW;
+    end if;
+end;
+$$;
+
+-- Trigger function for task completion
+create or replace function trigger_task_webhooks()
+returns trigger
+language plpgsql
+security definer
+set search_path = ''
+as $$
+begin
+    if (TG_OP = 'UPDATE' and OLD.done_date is null and NEW.done_date is not null) then
+        perform enqueue_webhook_event('task.completed', to_jsonb(NEW));
+    end if;
+
+    return NEW;
+end;
+$$;
+
+-- Create triggers
+create trigger contact_webhook_trigger
+    after insert or update or delete on public.contacts
+    for each row execute function trigger_contact_webhooks();
+
+create trigger company_webhook_trigger
+    after insert or update or delete on public.companies
+    for each row execute function trigger_company_webhooks();
+
+create trigger deal_webhook_trigger
+    after insert or update or delete on public.deals
+    for each row execute function trigger_deal_webhooks();
+
+create trigger task_webhook_trigger
+    after update on public.tasks
+    for each row execute function trigger_task_webhooks();

package/supabase/migrations/20251219120200_webhook_cron.sql

@@ -0,0 +1,26 @@
+-- Enable pg_cron extension if not already enabled
+create extension if not exists pg_cron with schema extensions;
+
+-- Schedule webhook dispatcher to run every minute
+-- Note: This uses Supabase's http extension to call the Edge Function
+select cron.schedule(
+    'webhook-dispatcher',
+    '* * * * *', -- Every minute
+    $$
+    select
+      net.http_post(
+          url:='https://' || current_setting('app.settings.supabase_url', true) || '/functions/v1/webhook-dispatcher',
+          headers:=jsonb_build_object(
+              'Content-Type','application/json',
+              'Authorization', 'Bearer ' || current_setting('app.settings.service_role_key', true)
+          ),
+          body:='{}'::jsonb
+      ) as request_id;
+    $$
+);
+
+-- Note: To configure this cron job properly, you need to set the following settings in your Supabase project:
+-- ALTER DATABASE postgres SET app.settings.supabase_url = 'your-project-ref.supabase.co';
+-- ALTER DATABASE postgres SET app.settings.service_role_key = 'your-service-role-key';
+--
+-- Alternatively, the webhook dispatcher can be called manually or via a separate cron service like GitHub Actions or a cloud scheduler.