npm - realtimex-crm - Versions diffs - 0.8.1 → 0.9.2 - Mend

realtimex-crm 0.8.1 → 0.9.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

package/supabase/functions/api-v1-companies/index.ts ADDED Viewed

@@ -0,0 +1,166 @@
+import "jsr:@supabase/functions-js/edge-runtime.d.ts";
+import { supabaseAdmin } from "../_shared/supabaseAdmin.ts";
+import { corsHeaders, createErrorResponse } from "../_shared/utils.ts";
+import {
+  validateApiKey,
+  checkRateLimit,
+  hasScope,
+  logApiRequest,
+} from "../_shared/apiKeyAuth.ts";
+Deno.serve(async (req: Request) => {
+  const startTime = Date.now();
+  if (req.method === "OPTIONS") {
+    return new Response(null, { status: 204, headers: corsHeaders });
+  }
+  const authResult = await validateApiKey(req);
+  if ("status" in authResult) {
+    return authResult;
+  }
+  const { apiKey } = authResult;
+  const rateLimitError = checkRateLimit(apiKey.id);
+  if (rateLimitError) {
+    await logApiRequest(
+      apiKey.id,
+      "/v1/companies",
+      req.method,
+      429,
+      Date.now() - startTime,
+      req
+    );
+    return rateLimitError;
+  }
+  try {
+    const url = new URL(req.url);
+    const pathParts = url.pathname.split("/").filter(Boolean);
+    const companyId = pathParts[1];
+    let response: Response;
+    if (req.method === "GET" && companyId) {
+      response = await getCompany(apiKey, companyId);
+    } else if (req.method === "POST") {
+      response = await createCompany(apiKey, req);
+    } else if (req.method === "PATCH" && companyId) {
+      response = await updateCompany(apiKey, companyId, req);
+    } else if (req.method === "DELETE" && companyId) {
+      response = await deleteCompany(apiKey, companyId);
+    } else {
+      response = createErrorResponse(404, "Not found");
+    }
+    const responseTime = Date.now() - startTime;
+    await logApiRequest(
+      apiKey.id,
+      url.pathname,
+      req.method,
+      response.status,
+      responseTime,
+      req
+    );
+    return response;
+  } catch (error) {
+    const responseTime = Date.now() - startTime;
+    await logApiRequest(
+      apiKey.id,
+      new URL(req.url).pathname,
+      req.method,
+      500,
+      responseTime,
+      req,
+      error.message
+    );
+    return createErrorResponse(500, "Internal server error");
+  }
+});
+async function getCompany(apiKey: any, companyId: string) {
+  if (!hasScope(apiKey, "companies:read")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const { data, error } = await supabaseAdmin
+    .from("companies")
+    .select("*")
+    .eq("id", companyId)
+    .single();
+  if (error || !data) {
+    return createErrorResponse(404, "Company not found");
+  }
+  return new Response(JSON.stringify({ data }), {
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function createCompany(apiKey: any, req: Request) {
+  if (!hasScope(apiKey, "companies:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const body = await req.json();
+  const { data, error } = await supabaseAdmin
+    .from("companies")
+    .insert({
+      ...body,
+      sales_id: apiKey.sales_id,
+    })
+    .select()
+    .single();
+  if (error) {
+    return createErrorResponse(400, error.message);
+  }
+  return new Response(JSON.stringify({ data }), {
+    status: 201,
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function updateCompany(apiKey: any, companyId: string, req: Request) {
+  if (!hasScope(apiKey, "companies:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const body = await req.json();
+  const { data, error } = await supabaseAdmin
+    .from("companies")
+    .update(body)
+    .eq("id", companyId)
+    .select()
+    .single();
+  if (error || !data) {
+    return createErrorResponse(404, "Company not found");
+  }
+  return new Response(JSON.stringify({ data }), {
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function deleteCompany(apiKey: any, companyId: string) {
+  if (!hasScope(apiKey, "companies:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const { error } = await supabaseAdmin
+    .from("companies")
+    .delete()
+    .eq("id", companyId);
+  if (error) {
+    return createErrorResponse(404, "Company not found");
+  }
+  return new Response(null, { status: 204, headers: corsHeaders });
+}

package/supabase/functions/api-v1-contacts/index.ts ADDED Viewed

@@ -0,0 +1,171 @@
+import "jsr:@supabase/functions-js/edge-runtime.d.ts";
+import { supabaseAdmin } from "../_shared/supabaseAdmin.ts";
+import { corsHeaders, createErrorResponse } from "../_shared/utils.ts";
+import {
+  validateApiKey,
+  checkRateLimit,
+  hasScope,
+  logApiRequest,
+} from "../_shared/apiKeyAuth.ts";
+Deno.serve(async (req: Request) => {
+  const startTime = Date.now();
+  // Handle CORS
+  if (req.method === "OPTIONS") {
+    return new Response(null, { status: 204, headers: corsHeaders });
+  }
+  // Validate API key
+  const authResult = await validateApiKey(req);
+  if ("status" in authResult) {
+    return authResult; // Error response
+  }
+  const { apiKey } = authResult;
+  // Check rate limit
+  const rateLimitError = checkRateLimit(apiKey.id);
+  if (rateLimitError) {
+    await logApiRequest(
+      apiKey.id,
+      "/v1/contacts",
+      req.method,
+      429,
+      Date.now() - startTime,
+      req
+    );
+    return rateLimitError;
+  }
+  try {
+    const url = new URL(req.url);
+    const pathParts = url.pathname.split("/").filter(Boolean);
+    // pathParts: ["api-v1-contacts", "{id}"]
+    const contactId = pathParts[1];
+    let response: Response;
+    if (req.method === "GET" && contactId) {
+      response = await getContact(apiKey, contactId);
+    } else if (req.method === "POST") {
+      response = await createContact(apiKey, req);
+    } else if (req.method === "PATCH" && contactId) {
+      response = await updateContact(apiKey, contactId, req);
+    } else if (req.method === "DELETE" && contactId) {
+      response = await deleteContact(apiKey, contactId);
+    } else {
+      response = createErrorResponse(404, "Not found");
+    }
+    const responseTime = Date.now() - startTime;
+    await logApiRequest(
+      apiKey.id,
+      url.pathname,
+      req.method,
+      response.status,
+      responseTime,
+      req
+    );
+    return response;
+  } catch (error) {
+    const responseTime = Date.now() - startTime;
+    await logApiRequest(
+      apiKey.id,
+      new URL(req.url).pathname,
+      req.method,
+      500,
+      responseTime,
+      req,
+      error.message
+    );
+    return createErrorResponse(500, "Internal server error");
+  }
+});
+async function getContact(apiKey: any, contactId: string) {
+  if (!hasScope(apiKey, "contacts:read")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const id = parseInt(contactId, 10);
+  const { data, error } = await supabaseAdmin
+    .from("contacts")
+    .select("*")
+    .eq("id", id)
+    .single();
+  if (error || !data) {
+    return createErrorResponse(404, "Contact not found");
+  }
+  return new Response(JSON.stringify({ data }), {
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function createContact(apiKey: any, req: Request) {
+  if (!hasScope(apiKey, "contacts:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const body = await req.json();
+  const { data, error } = await supabaseAdmin
+    .from("contacts")
+    .insert({
+      ...body,
+      sales_id: apiKey.sales_id, // Associate with API key owner
+    })
+    .select()
+    .single();
+  if (error) {
+    return createErrorResponse(400, error.message);
+  }
+  return new Response(JSON.stringify({ data }), {
+    status: 201,
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function updateContact(apiKey: any, contactId: string, req: Request) {
+  if (!hasScope(apiKey, "contacts:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const body = await req.json();
+  const { data, error } = await supabaseAdmin
+    .from("contacts")
+    .update(body)
+    .eq("id", parseInt(contactId, 10))
+    .select()
+    .single();
+  if (error || !data) {
+    return createErrorResponse(404, "Contact not found");
+  }
+  return new Response(JSON.stringify({ data }), {
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function deleteContact(apiKey: any, contactId: string) {
+  if (!hasScope(apiKey, "contacts:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const { error } = await supabaseAdmin
+    .from("contacts")
+    .delete()
+    .eq("id", parseInt(contactId, 10));
+  if (error) {
+    return createErrorResponse(404, "Contact not found");
+  }
+  return new Response(null, { status: 204, headers: corsHeaders });
+}

package/supabase/functions/api-v1-deals/index.ts ADDED Viewed

@@ -0,0 +1,166 @@
+import "jsr:@supabase/functions-js/edge-runtime.d.ts";
+import { supabaseAdmin } from "../_shared/supabaseAdmin.ts";
+import { corsHeaders, createErrorResponse } from "../_shared/utils.ts";
+import {
+  validateApiKey,
+  checkRateLimit,
+  hasScope,
+  logApiRequest,
+} from "../_shared/apiKeyAuth.ts";
+Deno.serve(async (req: Request) => {
+  const startTime = Date.now();
+  if (req.method === "OPTIONS") {
+    return new Response(null, { status: 204, headers: corsHeaders });
+  }
+  const authResult = await validateApiKey(req);
+  if ("status" in authResult) {
+    return authResult;
+  }
+  const { apiKey } = authResult;
+  const rateLimitError = checkRateLimit(apiKey.id);
+  if (rateLimitError) {
+    await logApiRequest(
+      apiKey.id,
+      "/v1/deals",
+      req.method,
+      429,
+      Date.now() - startTime,
+      req
+    );
+    return rateLimitError;
+  }
+  try {
+    const url = new URL(req.url);
+    const pathParts = url.pathname.split("/").filter(Boolean);
+    const dealId = pathParts[1];
+    let response: Response;
+    if (req.method === "GET" && dealId) {
+      response = await getDeal(apiKey, dealId);
+    } else if (req.method === "POST") {
+      response = await createDeal(apiKey, req);
+    } else if (req.method === "PATCH" && dealId) {
+      response = await updateDeal(apiKey, dealId, req);
+    } else if (req.method === "DELETE" && dealId) {
+      response = await deleteDeal(apiKey, dealId);
+    } else {
+      response = createErrorResponse(404, "Not found");
+    }
+    const responseTime = Date.now() - startTime;
+    await logApiRequest(
+      apiKey.id,
+      url.pathname,
+      req.method,
+      response.status,
+      responseTime,
+      req
+    );
+    return response;
+  } catch (error) {
+    const responseTime = Date.now() - startTime;
+    await logApiRequest(
+      apiKey.id,
+      new URL(req.url).pathname,
+      req.method,
+      500,
+      responseTime,
+      req,
+      error.message
+    );
+    return createErrorResponse(500, "Internal server error");
+  }
+});
+async function getDeal(apiKey: any, dealId: string) {
+  if (!hasScope(apiKey, "deals:read")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const { data, error } = await supabaseAdmin
+    .from("deals")
+    .select("*")
+    .eq("id", dealId)
+    .single();
+  if (error || !data) {
+    return createErrorResponse(404, "Deal not found");
+  }
+  return new Response(JSON.stringify({ data }), {
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function createDeal(apiKey: any, req: Request) {
+  if (!hasScope(apiKey, "deals:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const body = await req.json();
+  const { data, error } = await supabaseAdmin
+    .from("deals")
+    .insert({
+      ...body,
+      sales_id: apiKey.sales_id,
+    })
+    .select()
+    .single();
+  if (error) {
+    return createErrorResponse(400, error.message);
+  }
+  return new Response(JSON.stringify({ data }), {
+    status: 201,
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function updateDeal(apiKey: any, dealId: string, req: Request) {
+  if (!hasScope(apiKey, "deals:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const body = await req.json();
+  const { data, error } = await supabaseAdmin
+    .from("deals")
+    .update(body)
+    .eq("id", dealId)
+    .select()
+    .single();
+  if (error || !data) {
+    return createErrorResponse(404, "Deal not found");
+  }
+  return new Response(JSON.stringify({ data }), {
+    headers: { "Content-Type": "application/json", ...corsHeaders },
+  });
+}
+async function deleteDeal(apiKey: any, dealId: string) {
+  if (!hasScope(apiKey, "deals:write")) {
+    return createErrorResponse(403, "Insufficient permissions");
+  }
+  const { error } = await supabaseAdmin
+    .from("deals")
+    .delete()
+    .eq("id", dealId);
+  if (error) {
+    return createErrorResponse(404, "Deal not found");
+  }
+  return new Response(null, { status: 204, headers: corsHeaders });
+}

package/supabase/functions/ingest-activity/.well-known/supabase/config.toml ADDED Viewed

@@ -0,0 +1,4 @@
+# Disable JWT verification for this function
+# Webhooks from Twilio, Postmark, etc. don't have Supabase JWTs
+# Security is handled via ingestion_key parameter and provider-specific signatures
+verify_jwt = false