fix(api): harden optional audit and session fields

packages/api/src/__tests__/role-router-planning-counts.test.ts

@@ -1,6 +1,49 @@
 import { AllocationStatus, PermissionKey, SystemRole } from "@capakraken/shared";
 import { TRPCError } from "@trpc/server";
 import { describe, expect, it, vi } from "vitest";
+
+vi.mock("@capakraken/application", () => ({
+  countPlanningEntries: vi.fn(async (
+    db: {
+      demandRequirement: { findMany: (args?: { where?: { projectId?: { in: string[] }; roleId?: { in: string[] } } }) => Promise<Array<{ projectId: string; roleId: string | null }>> };
+      assignment: { findMany: (args?: { where?: { projectId?: { in: string[] }; roleId?: { in: string[] } } }) => Promise<Array<{ projectId: string; roleId: string | null }>> };
+    },
+    input: { projectIds?: string[]; roleIds?: string[] } = {},
+  ) => {
+    const where = {
+      ...(input.projectIds?.length ? { projectId: { in: input.projectIds } } : {}),
+      ...(input.roleIds?.length ? { roleId: { in: input.roleIds } } : {}),
+    };
+    const [demandRequirements, assignments] = await Promise.all([
+      db.demandRequirement.findMany({ where }),
+      db.assignment.findMany({ where }),
+    ]);
+
+    const countsByProjectId = new Map<string, number>();
+    const countsByRoleId = new Map<string, number>();
+
+    for (const entry of [...demandRequirements, ...assignments]) {
+      countsByProjectId.set(
+        entry.projectId,
+        (countsByProjectId.get(entry.projectId) ?? 0) + 1,
+      );
+
+      if (entry.roleId) {
+        countsByRoleId.set(
+          entry.roleId,
+          (countsByRoleId.get(entry.roleId) ?? 0) + 1,
+        );
+      }
+    }
+
+    return {
+      countsByProjectId,
+      countsByRoleId,
+      totalCount: demandRequirements.length + assignments.length,
+    };
+  }),
+}));
+
 import { roleRouter } from "../router/role.js";
 import { createCallerFactory } from "../trpc.js";