Hartmut/CapaKraken
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
66878f18f4f78c42ba3266f2544d83bd39aeb55f
CapaKraken/packages/api/src/router/management-level.ts
T
Hartmut 66878f18f4 feat: Activity History system — full audit coverage, UI, AI tools 
Infrastructure (Phase 1):
- AuditLog schema: add source, entityName, summary fields + index
- createAuditEntry() helper: auto-diff, auto-summary, fire-and-forget
- auditLog query router: list, getByEntity, getTimeline, getActivitySummary

Audit Coverage (Phase 2 — 14 routers, 50+ mutations):
- vacation: create, approve, reject, cancel, batch ops (8 mutations)
- user: create, updateRole, setPermissions, resetPermissions (5 mutations)
- entitlement: set, bulkSet (3 mutations)
- client: create, update, delete, batchUpdateSortOrder
- org-unit: create, update, deactivate
- country: create, update, createCity, updateCity, deleteCity
- management-level: createGroup, updateGroup, createLevel, updateLevel, deleteLevel
- settings: updateSystemSettings (sensitive fields sanitized), testSmtp
- blueprint: create, update, updateRolePresets, delete, batchDelete, setGlobal
- rate-card: create, update, deactivate, addLine, updateLine, deleteLine, replaceLines
- calculation-rules: create, update, delete
- effort-rule: create, update, delete
- experience-multiplier: create, update, delete
- utilization-category: create, update

Admin UI (Phase 3):
- /admin/activity-log page with global searchable timeline
- Filters: entity type, action, user, date range, text search
- Expandable before/after diff view per entry
- Summary cards showing top entity types by change count
- EntityHistory reusable component for entity detail pages
- Sidebar nav link with clock icon

AI Assistant (Phase 4):
- query_change_history tool: "Who changed project X?"
- get_entity_timeline tool: "What happened to resource Y?"

Regression: 283 engine + 37 staffing tests pass. TypeScript clean.

Co-Authored-By: claude-flow <ruv@ruv.net>
2026-03-22 22:39:30 +01:00

216 lines
7.0 KiB
TypeScript
Raw Blame History

import {
CreateManagementLevelGroupSchema,
CreateManagementLevelSchema,
UpdateManagementLevelGroupSchema,
UpdateManagementLevelSchema,
} from "@planarchy/shared";
import { TRPCError } from "@trpc/server";
import { z } from "zod";
import { findUniqueOrThrow } from "../db/helpers.js";
import { createAuditEntry } from "../lib/audit.js";
import { adminProcedure, createTRPCRouter, protectedProcedure } from "../trpc.js";
export const managementLevelRouter = createTRPCRouter({
// ─── Groups ─────────────────────────────────────────────
listGroups: protectedProcedure.query(async ({ ctx }) => {
return ctx.db.managementLevelGroup.findMany({
include: { levels: { orderBy: { name: "asc" } } },
orderBy: { sortOrder: "asc" },
});
}),
getGroupById: protectedProcedure
.input(z.object({ id: z.string() }))
.query(async ({ ctx, input }) => {
const group = await findUniqueOrThrow(
ctx.db.managementLevelGroup.findUnique({
where: { id: input.id },
include: {
levels: { orderBy: { name: "asc" } },
_count: { select: { resources: true } },
},
}),
"Management level group",
);
return group;
}),
createGroup: adminProcedure
.input(CreateManagementLevelGroupSchema)
.mutation(async ({ ctx, input }) => {
const existing = await ctx.db.managementLevelGroup.findUnique({ where: { name: input.name } });
if (existing) {
throw new TRPCError({ code: "CONFLICT", message: `Group "${input.name}" already exists` });
}
const created = await ctx.db.managementLevelGroup.create({
data: {
name: input.name,
targetPercentage: input.targetPercentage,
sortOrder: input.sortOrder,
},
include: { levels: true },
});
void createAuditEntry({
db: ctx.db,
entityType: "ManagementLevelGroup",
entityId: created.id,
entityName: created.name,
action: "CREATE",
userId: ctx.dbUser?.id,
after: created as unknown as Record<string, unknown>,
source: "ui",
});
return created;
}),
updateGroup: adminProcedure
.input(z.object({ id: z.string(), data: UpdateManagementLevelGroupSchema }))
.mutation(async ({ ctx, input }) => {
const existing = await findUniqueOrThrow(
ctx.db.managementLevelGroup.findUnique({ where: { id: input.id } }),
"Group",
);
if (input.data.name && input.data.name !== existing.name) {
const conflict = await ctx.db.managementLevelGroup.findUnique({ where: { name: input.data.name } });
if (conflict) {
throw new TRPCError({ code: "CONFLICT", message: `Group "${input.data.name}" already exists` });
}
}
const before = existing as unknown as Record<string, unknown>;
const updated = await ctx.db.managementLevelGroup.update({
where: { id: input.id },
data: {
...(input.data.name !== undefined ? { name: input.data.name } : {}),
...(input.data.targetPercentage !== undefined ? { targetPercentage: input.data.targetPercentage } : {}),
...(input.data.sortOrder !== undefined ? { sortOrder: input.data.sortOrder } : {}),
},
include: { levels: true },
});
void createAuditEntry({
db: ctx.db,
entityType: "ManagementLevelGroup",
entityId: updated.id,
entityName: updated.name,
action: "UPDATE",
userId: ctx.dbUser?.id,
before,
after: updated as unknown as Record<string, unknown>,
source: "ui",
});
return updated;
}),
// ─── Levels ─────────────────────────────────────────────
createLevel: adminProcedure
.input(CreateManagementLevelSchema)
.mutation(async ({ ctx, input }) => {
await findUniqueOrThrow(
ctx.db.managementLevelGroup.findUnique({ where: { id: input.groupId } }),
"Group",
);
const existing = await ctx.db.managementLevel.findUnique({ where: { name: input.name } });
if (existing) {
throw new TRPCError({ code: "CONFLICT", message: `Level "${input.name}" already exists` });
}
const created = await ctx.db.managementLevel.create({
data: { name: input.name, groupId: input.groupId },
});
void createAuditEntry({
db: ctx.db,
entityType: "ManagementLevel",
entityId: created.id,
entityName: created.name,
action: "CREATE",
userId: ctx.dbUser?.id,
after: created as unknown as Record<string, unknown>,
source: "ui",
});
return created;
}),
updateLevel: adminProcedure
.input(z.object({ id: z.string(), data: UpdateManagementLevelSchema }))
.mutation(async ({ ctx, input }) => {
const existing = await findUniqueOrThrow(
ctx.db.managementLevel.findUnique({ where: { id: input.id } }),
"Level",
);
if (input.data.name && input.data.name !== existing.name) {
const conflict = await ctx.db.managementLevel.findUnique({ where: { name: input.data.name } });
if (conflict) {
throw new TRPCError({ code: "CONFLICT", message: `Level "${input.data.name}" already exists` });
}
}
const before = existing as unknown as Record<string, unknown>;
const updated = await ctx.db.managementLevel.update({
where: { id: input.id },
data: {
...(input.data.name !== undefined ? { name: input.data.name } : {}),
...(input.data.groupId !== undefined ? { groupId: input.data.groupId } : {}),
},
});
void createAuditEntry({
db: ctx.db,
entityType: "ManagementLevel",
entityId: updated.id,
entityName: updated.name,
action: "UPDATE",
userId: ctx.dbUser?.id,
before,
after: updated as unknown as Record<string, unknown>,
source: "ui",
});
return updated;
}),
deleteLevel: adminProcedure
.input(z.object({ id: z.string() }))
.mutation(async ({ ctx, input }) => {
const level = await findUniqueOrThrow(
ctx.db.managementLevel.findUnique({
where: { id: input.id },
include: { _count: { select: { resources: true } } },
}),
"Level",
);
if (level._count.resources > 0) {
throw new TRPCError({
code: "PRECONDITION_FAILED",
message: `Cannot delete level assigned to ${level._count.resources} resource(s)`,
});
}
await ctx.db.managementLevel.delete({ where: { id: input.id } });
void createAuditEntry({
db: ctx.db,
entityType: "ManagementLevel",
entityId: level.id,
entityName: level.name,
action: "DELETE",
userId: ctx.dbUser?.id,
before: level as unknown as Record<string, unknown>,
source: "ui",
});
return { success: true };
}),
});
Reference in New Issue View Git Blame Copy Permalink