forked from farhoodlabs/paperclip
Forgotten
abadd469bc
New routes: companies, approvals, costs, dashboard, authz. New services: companies, approvals, costs, dashboard, heartbeat, activity-log. Add auth middleware and structured error handling. Expand existing agent and issue routes with richer CRUD operations. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
48 lines
1.5 KiB
TypeScript
48 lines
1.5 KiB
TypeScript
import { Router } from "express";
|
|
import { z } from "zod";
|
|
import type { Db } from "@paperclip/db";
|
|
import { validate } from "../middleware/validate.js";
|
|
import { activityService } from "../services/activity.js";
|
|
import { assertBoard, assertCompanyAccess } from "./authz.js";
|
|
|
|
const createActivitySchema = z.object({
|
|
actorType: z.enum(["agent", "user", "system"]).optional().default("system"),
|
|
actorId: z.string().min(1),
|
|
action: z.string().min(1),
|
|
entityType: z.string().min(1),
|
|
entityId: z.string().min(1),
|
|
agentId: z.string().uuid().optional().nullable(),
|
|
details: z.record(z.unknown()).optional().nullable(),
|
|
});
|
|
|
|
export function activityRoutes(db: Db) {
|
|
const router = Router();
|
|
const svc = activityService(db);
|
|
|
|
router.get("/companies/:companyId/activity", async (req, res) => {
|
|
const companyId = req.params.companyId as string;
|
|
assertCompanyAccess(req, companyId);
|
|
|
|
const filters = {
|
|
companyId,
|
|
agentId: req.query.agentId as string | undefined,
|
|
entityType: req.query.entityType as string | undefined,
|
|
entityId: req.query.entityId as string | undefined,
|
|
};
|
|
const result = await svc.list(filters);
|
|
res.json(result);
|
|
});
|
|
|
|
router.post("/companies/:companyId/activity", validate(createActivitySchema), async (req, res) => {
|
|
assertBoard(req);
|
|
const companyId = req.params.companyId as string;
|
|
const event = await svc.create({
|
|
companyId,
|
|
...req.body,
|
|
});
|
|
res.status(201).json(event);
|
|
});
|
|
|
|
return router;
|
|
}
|