Hartmut/CapaKraken
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
3ceba38ac805f54c0776c1e3b70166e7cf138624
CapaKraken/packages/api/src/router/blueprint.ts
T
Hartmut 66878f18f4 feat: Activity History system — full audit coverage, UI, AI tools 
Infrastructure (Phase 1):
- AuditLog schema: add source, entityName, summary fields + index
- createAuditEntry() helper: auto-diff, auto-summary, fire-and-forget
- auditLog query router: list, getByEntity, getTimeline, getActivitySummary

Audit Coverage (Phase 2 — 14 routers, 50+ mutations):
- vacation: create, approve, reject, cancel, batch ops (8 mutations)
- user: create, updateRole, setPermissions, resetPermissions (5 mutations)
- entitlement: set, bulkSet (3 mutations)
- client: create, update, delete, batchUpdateSortOrder
- org-unit: create, update, deactivate
- country: create, update, createCity, updateCity, deleteCity
- management-level: createGroup, updateGroup, createLevel, updateLevel, deleteLevel
- settings: updateSystemSettings (sensitive fields sanitized), testSmtp
- blueprint: create, update, updateRolePresets, delete, batchDelete, setGlobal
- rate-card: create, update, deactivate, addLine, updateLine, deleteLine, replaceLines
- calculation-rules: create, update, delete
- effort-rule: create, update, delete
- experience-multiplier: create, update, delete
- utilization-category: create, update

Admin UI (Phase 3):
- /admin/activity-log page with global searchable timeline
- Filters: entity type, action, user, date range, text search
- Expandable before/after diff view per entry
- Summary cards showing top entity types by change count
- EntityHistory reusable component for entity detail pages
- Sidebar nav link with clock icon

AI Assistant (Phase 4):
- query_change_history tool: "Who changed project X?"
- get_entity_timeline tool: "What happened to resource Y?"

Regression: 283 engine + 37 staffing tests pass. TypeScript clean.

Co-Authored-By: claude-flow <ruv@ruv.net>
2026-03-22 22:39:30 +01:00

213 lines
7.1 KiB
TypeScript
Raw Blame History

import { BlueprintTarget, CreateBlueprintSchema, UpdateBlueprintSchema, type BlueprintFieldDefinition } from "@planarchy/shared";
import { TRPCError } from "@trpc/server";
import { z } from "zod";
import { findUniqueOrThrow } from "../db/helpers.js";
import { adminProcedure, createTRPCRouter, protectedProcedure } from "../trpc.js";
import { createAuditEntry } from "../lib/audit.js";
export const blueprintRouter = createTRPCRouter({
list: protectedProcedure
.input(
z.object({
target: z.nativeEnum(BlueprintTarget).optional(),
isActive: z.boolean().optional().default(true),
}),
)
.query(async ({ ctx, input }) => {
return ctx.db.blueprint.findMany({
where: {
...(input.target ? { target: input.target } : {}),
isActive: input.isActive,
},
orderBy: { name: "asc" },
});
}),
getById: protectedProcedure
.input(z.object({ id: z.string() }))
.query(async ({ ctx, input }) => {
const blueprint = await findUniqueOrThrow(
ctx.db.blueprint.findUnique({ where: { id: input.id } }),
"Blueprint",
);
return blueprint;
}),
create: adminProcedure
.input(CreateBlueprintSchema)
.mutation(async ({ ctx, input }) => {
const blueprint = await ctx.db.blueprint.create({
data: {
name: input.name,
target: input.target,
description: input.description,
fieldDefs: input.fieldDefs as unknown as import("@planarchy/db").Prisma.InputJsonValue,
defaults: input.defaults as unknown as import("@planarchy/db").Prisma.InputJsonValue,
validationRules: input.validationRules as unknown as import("@planarchy/db").Prisma.InputJsonValue,
} as unknown as Parameters<typeof ctx.db.blueprint.create>[0]["data"],
});
void createAuditEntry({
db: ctx.db,
entityType: "Blueprint",
entityId: blueprint.id,
entityName: blueprint.name,
action: "CREATE",
userId: ctx.dbUser?.id,
after: { name: input.name, target: input.target, description: input.description },
source: "ui",
});
return blueprint;
}),
update: adminProcedure
.input(z.object({ id: z.string(), data: UpdateBlueprintSchema }))
.mutation(async ({ ctx, input }) => {
const before = await findUniqueOrThrow(
ctx.db.blueprint.findUnique({ where: { id: input.id } }),
"Blueprint",
);
const updated = await ctx.db.blueprint.update({
where: { id: input.id },
data: {
...(input.data.name !== undefined ? { name: input.data.name } : {}),
...(input.data.description !== undefined ? { description: input.data.description } : {}),
...(input.data.fieldDefs !== undefined ? { fieldDefs: input.data.fieldDefs as unknown as import("@planarchy/db").Prisma.InputJsonValue } : {}),
...(input.data.defaults !== undefined ? { defaults: input.data.defaults as unknown as import("@planarchy/db").Prisma.InputJsonValue } : {}),
...(input.data.validationRules !== undefined ? { validationRules: input.data.validationRules as unknown as import("@planarchy/db").Prisma.InputJsonValue } : {}),
} as unknown as Parameters<typeof ctx.db.blueprint.update>[0]["data"],
});
void createAuditEntry({
db: ctx.db,
entityType: "Blueprint",
entityId: input.id,
entityName: updated.name,
action: "UPDATE",
userId: ctx.dbUser?.id,
before: before as unknown as Record<string, unknown>,
after: updated as unknown as Record<string, unknown>,
source: "ui",
});
return updated;
}),
/** Dedicated mutation for saving role presets — separate from field defs to avoid Zod depth issues */
updateRolePresets: adminProcedure
.input(z.object({ id: z.string(), rolePresets: z.array(z.unknown()) }))
.mutation(async ({ ctx, input }) => {
const before = await findUniqueOrThrow(
ctx.db.blueprint.findUnique({ where: { id: input.id } }),
"Blueprint",
);
const updated = await ctx.db.blueprint.update({
where: { id: input.id },
data: { rolePresets: input.rolePresets as unknown as import("@planarchy/db").Prisma.InputJsonValue },
});
void createAuditEntry({
db: ctx.db,
entityType: "Blueprint",
entityId: input.id,
entityName: updated.name,
action: "UPDATE",
userId: ctx.dbUser?.id,
before: { rolePresets: before.rolePresets },
after: { rolePresets: input.rolePresets },
source: "ui",
summary: "Updated role presets",
});
return updated;
}),
delete: adminProcedure
.input(z.object({ id: z.string() }))
.mutation(async ({ ctx, input }) => {
// Soft delete — mark as inactive
const deleted = await ctx.db.blueprint.update({
where: { id: input.id },
data: { isActive: false },
});
void createAuditEntry({
db: ctx.db,
entityType: "Blueprint",
entityId: input.id,
entityName: deleted.name,
action: "DELETE",
userId: ctx.dbUser?.id,
source: "ui",
});
return deleted;
}),
batchDelete: adminProcedure
.input(z.object({ ids: z.array(z.string()).min(1).max(100) }))
.mutation(async ({ ctx, input }) => {
// Soft delete
const updated = await ctx.db.$transaction(
input.ids.map((id) =>
ctx.db.blueprint.update({ where: { id }, data: { isActive: false } }),
),
);
for (const bp of updated) {
void createAuditEntry({
db: ctx.db,
entityType: "Blueprint",
entityId: bp.id,
entityName: bp.name,
action: "DELETE",
userId: ctx.dbUser?.id,
source: "ui",
});
}
return { count: updated.length };
}),
getGlobalFieldDefs: protectedProcedure
.input(z.object({ target: z.nativeEnum(BlueprintTarget) }))
.query(async ({ ctx, input }) => {
const blueprints = await ctx.db.blueprint.findMany({
where: { target: input.target, isGlobal: true, isActive: true },
select: { id: true, name: true, fieldDefs: true },
});
return blueprints.flatMap((b) =>
(b.fieldDefs as unknown as BlueprintFieldDefinition[]).map((f) => ({
...f,
blueprintId: b.id,
blueprintName: b.name,
})),
);
}),
setGlobal: adminProcedure
.input(z.object({ id: z.string(), isGlobal: z.boolean() }))
.mutation(async ({ ctx, input }) => {
const updated = await ctx.db.blueprint.update({
where: { id: input.id },
data: { isGlobal: input.isGlobal },
});
void createAuditEntry({
db: ctx.db,
entityType: "Blueprint",
entityId: input.id,
entityName: updated.name,
action: "UPDATE",
userId: ctx.dbUser?.id,
after: { isGlobal: input.isGlobal },
source: "ui",
summary: input.isGlobal ? "Set blueprint as global" : "Removed global flag from blueprint",
});
return updated;
}),
});
Reference in New Issue View Git Blame Copy Permalink