chore(cleanup): Phase 1 — gap closure across audit, alerts, soft-delete, perms
Multi-area cleanup pass closing partial-implementation gaps surfaced by the
post-i18n audit. No behavior changes for happy-path users; closes real
correctness/security holes.
PR1a Public yacht-interest endpoint i18n. /api/public/interests now accepts
phoneE164/phoneCountry, nationalityIso, address.{countryIso, subdivisionIso},
and company.{incorporationCountryIso, incorporationSubdivisionIso}.
Server-side parsePhone() fallback for legacy raw phone strings.
PR1b Alert rule registry trim. Two rule slots ('document.expiring_soon',
'audit.suspicious_login') were registered but evaluators returned [].
Both required schema/instrumentation that hadn't landed. Removed from
the registry; comments record the dependencies needed to revive them.
Effective rule count: 8 active.
PR1c vi.mock hoist + flake fix. Hoisted vi.mock calls to top-level in 5
integration test files; webhook-delivery uses vi.hoisted for the
queue-add ref. Vitest no longer warns about non-top-level mocks.
Deflaked the 'short value' assertion in security-encryption.test.ts
by switching plaintext from 'ab' to 'XY' (non-hex chars). 5/5 runs green.
PR1d Soft-delete reference audit. listClientOptions and listYachtsForOwner
now filter by isNull(archivedAt). Berths use status (no archivedAt).
PR1e Permission-matrix audit script + report. scripts/audit-permissions.ts
walks every src/app/api/v1/**/route.ts and reports handlers without a
withPermission() wrapper. Initial run found 33 violations.
- Allow-listed 17 with explicit reasons (self-data, admin, alerts,
search, currency, ai, custom-fields — some marked TODO).
- Wrapped 7 routes with concrete permissions: clients/options
(clients:view), berths/options (berths:view), dashboard/*
(reports:view_dashboard), analytics (reports:view_analytics).
Audit report at docs/runbooks/permission-audit.md. Script exits
non-zero on any unallow-listed violation so it can become a CI gate.
Vitest: 741 -> 741 (no new tests; existing suite covers the changes).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-28 18:48:22 +02:00
|
|
|
import { and, eq, ilike, inArray, isNull, or, sql } from 'drizzle-orm';
|
2026-04-23 23:40:56 +02:00
|
|
|
import { db } from '@/lib/db';
|
feat(platform): residential module + admin UI + reliability fixes
Residential platform
- New schema: residentialClients, residentialInterests (separate from
marina/yacht clients) with migration 0010
- Service layer with CRUD + audit + sockets + per-port portal toggle
- v1 + public API routes (/api/v1/residential/*, /api/public/residential-inquiries)
- List + detail pages with inline editing for clients and interests
- Per-user residentialAccess toggle on userPortRoles (migration 0011)
- Permission keys: residential_clients, residential_interests
- Sidebar nav + role form integration
- Smoke spec covering page loads, UI create flow, public endpoint
Admin & shared UI
- Admin → Forms (form templates CRUD) with validators + service
- Notification preferences page (in-app + email per type)
- Email composition + accounts list + threads view
- Branded auth shell shared across CRM + portal auth surfaces
- Inline editing extended to yacht/company/interest detail pages
- InlineTagEditor + per-entity tags endpoints (yachts, companies)
- Notes service polymorphic across clients/interests/yachts/companies
- Client list columns: yachtCount + companyCount badges
- Reservation file-download via presigned URL (replaces stale <a href>)
Route handler refactor
- Extracted yachts/companies/berths reservation handlers to sibling
handlers.ts files (Next.js 15 route.ts only allows specific exports)
Reliability fixes
- apiFetch double-stringify bug fixed across 13 components
(apiFetch already JSON.stringifies its body; passing a stringified
body produced double-encoded JSON which failed zod validation)
- SocketProvider gated behind useSyncExternalStore-based mount check
to avoid useSession() SSR crashes under React 19 + Next 15
- apiFetch falls back to URL-pathname → port-id resolution when the
Zustand store hasn't hydrated yet (fresh contexts, e2e tests)
- CRM invite flow (schema, service, route, email, dev script)
- Dashboard route → [portSlug]/dashboard/page.tsx + redirect
- Document the dev-server restart-after-migration gotcha in CLAUDE.md
Tests
- 5-case residential smoke spec
- Integration test updates for new service signatures
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 21:54:32 +02:00
|
|
|
import { yachts, yachtOwnershipHistory, yachtTags, clients } from '@/lib/db/schema';
|
feat(yachts): list + owner-scoped list + autocomplete
Adds `listYachts`, `listYachtsForOwner`, and `autocomplete` to the
yacht service so UIs can page/filter yachts per port, look up all
yachts tied to a given client/company, and power search-as-you-type.
`listYachts` delegates to the shared port-scoped `buildListQuery`,
supporting search over name/hullNumber/registration plus ownerType,
ownerId and status filters; `autocomplete` caps at 10 results and is
tenant-scoped; `listYachtsForOwner` returns all yachts whose current
owner matches, newest first. Extends `makeYacht` factory to accept
flat `name`, `status`, `hullNumber`, `registration` overrides.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-24 00:03:36 +02:00
|
|
|
import type { Yacht } from '@/lib/db/schema/yachts';
|
2026-04-23 23:40:56 +02:00
|
|
|
import { companies } from '@/lib/db/schema/companies';
|
2026-04-29 01:58:42 +02:00
|
|
|
import { createAuditLog, type AuditMeta } from '@/lib/audit';
|
2026-04-23 23:40:56 +02:00
|
|
|
import { NotFoundError, ValidationError } from '@/lib/errors';
|
|
|
|
|
import { emitToRoom } from '@/lib/socket/server';
|
2026-04-29 01:58:42 +02:00
|
|
|
import { setEntityTags } from '@/lib/services/entity-tags.helper';
|
2026-04-23 23:52:24 +02:00
|
|
|
import { diffEntity } from '@/lib/entity-diff';
|
feat(yachts): list + owner-scoped list + autocomplete
Adds `listYachts`, `listYachtsForOwner`, and `autocomplete` to the
yacht service so UIs can page/filter yachts per port, look up all
yachts tied to a given client/company, and power search-as-you-type.
`listYachts` delegates to the shared port-scoped `buildListQuery`,
supporting search over name/hullNumber/registration plus ownerType,
ownerId and status filters; `autocomplete` caps at 10 results and is
tenant-scoped; `listYachtsForOwner` returns all yachts whose current
owner matches, newest first. Extends `makeYacht` factory to accept
flat `name`, `status`, `hullNumber`, `registration` overrides.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-24 00:03:36 +02:00
|
|
|
import { buildListQuery } from '@/lib/db/query-builder';
|
2026-04-23 23:47:12 +02:00
|
|
|
import { withTransaction } from '@/lib/db/utils';
|
2026-04-23 23:40:56 +02:00
|
|
|
import type { z } from 'zod';
|
2026-04-23 23:58:20 +02:00
|
|
|
import type {
|
|
|
|
|
createYachtSchema,
|
|
|
|
|
UpdateYachtInput,
|
|
|
|
|
TransferOwnershipInput,
|
feat(yachts): list + owner-scoped list + autocomplete
Adds `listYachts`, `listYachtsForOwner`, and `autocomplete` to the
yacht service so UIs can page/filter yachts per port, look up all
yachts tied to a given client/company, and power search-as-you-type.
`listYachts` delegates to the shared port-scoped `buildListQuery`,
supporting search over name/hullNumber/registration plus ownerType,
ownerId and status filters; `autocomplete` caps at 10 results and is
tenant-scoped; `listYachtsForOwner` returns all yachts whose current
owner matches, newest first. Extends `makeYacht` factory to accept
flat `name`, `status`, `hullNumber`, `registration` overrides.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-24 00:03:36 +02:00
|
|
|
ListYachtsInput,
|
2026-04-23 23:58:20 +02:00
|
|
|
} from '@/lib/validators/yachts';
|
2026-04-23 23:40:56 +02:00
|
|
|
|
|
|
|
|
type CreateYachtInput = z.input<typeof createYachtSchema>;
|
|
|
|
|
|
|
|
|
|
async function assertOwnerExists(
|
|
|
|
|
portId: string,
|
|
|
|
|
owner: { type: 'client' | 'company'; id: string },
|
2026-04-23 23:46:03 +02:00
|
|
|
tx: typeof db,
|
2026-04-23 23:40:56 +02:00
|
|
|
): Promise<void> {
|
|
|
|
|
if (owner.type === 'client') {
|
2026-04-23 23:46:03 +02:00
|
|
|
const client = await tx.query.clients.findFirst({
|
2026-04-23 23:40:56 +02:00
|
|
|
where: and(eq(clients.id, owner.id), eq(clients.portId, portId)),
|
|
|
|
|
});
|
|
|
|
|
if (!client) throw new ValidationError('owner not found');
|
|
|
|
|
} else {
|
2026-04-23 23:46:03 +02:00
|
|
|
const company = await tx.query.companies.findFirst({
|
2026-04-23 23:40:56 +02:00
|
|
|
where: and(eq(companies.id, owner.id), eq(companies.portId, portId)),
|
|
|
|
|
});
|
|
|
|
|
if (!company) throw new ValidationError('owner not found');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function createYacht(portId: string, data: CreateYachtInput, meta: AuditMeta) {
|
2026-04-23 23:47:12 +02:00
|
|
|
return await withTransaction(async (tx) => {
|
|
|
|
|
await assertOwnerExists(portId, data.owner, tx);
|
2026-04-23 23:40:56 +02:00
|
|
|
|
|
|
|
|
const [yacht] = await tx
|
|
|
|
|
.insert(yachts)
|
|
|
|
|
.values({
|
|
|
|
|
portId,
|
|
|
|
|
name: data.name,
|
|
|
|
|
hullNumber: data.hullNumber ?? null,
|
|
|
|
|
registration: data.registration ?? null,
|
|
|
|
|
flag: data.flag ?? null,
|
|
|
|
|
yearBuilt: data.yearBuilt ?? null,
|
|
|
|
|
builder: data.builder ?? null,
|
|
|
|
|
model: data.model ?? null,
|
|
|
|
|
hullMaterial: data.hullMaterial ?? null,
|
|
|
|
|
lengthFt: data.lengthFt ?? null,
|
|
|
|
|
widthFt: data.widthFt ?? null,
|
|
|
|
|
draftFt: data.draftFt ?? null,
|
|
|
|
|
lengthM: data.lengthM ?? null,
|
|
|
|
|
widthM: data.widthM ?? null,
|
|
|
|
|
draftM: data.draftM ?? null,
|
|
|
|
|
currentOwnerType: data.owner.type,
|
|
|
|
|
currentOwnerId: data.owner.id,
|
|
|
|
|
status: data.status ?? 'active',
|
|
|
|
|
notes: data.notes ?? null,
|
|
|
|
|
})
|
|
|
|
|
.returning();
|
|
|
|
|
|
|
|
|
|
await tx.insert(yachtOwnershipHistory).values({
|
|
|
|
|
yachtId: yacht!.id,
|
|
|
|
|
ownerType: data.owner.type,
|
|
|
|
|
ownerId: data.owner.id,
|
|
|
|
|
startDate: new Date(),
|
|
|
|
|
endDate: null,
|
|
|
|
|
createdBy: meta.userId,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
void createAuditLog({
|
|
|
|
|
userId: meta.userId,
|
|
|
|
|
portId,
|
|
|
|
|
action: 'create',
|
|
|
|
|
entityType: 'yacht',
|
|
|
|
|
entityId: yacht!.id,
|
|
|
|
|
newValue: { name: yacht!.name, owner: data.owner },
|
|
|
|
|
ipAddress: meta.ipAddress,
|
|
|
|
|
userAgent: meta.userAgent,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
emitToRoom(`port:${portId}`, 'yacht:created', { yachtId: yacht!.id });
|
|
|
|
|
|
|
|
|
|
return yacht!;
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function getYachtById(id: string, portId: string) {
|
|
|
|
|
const yacht = await db.query.yachts.findFirst({
|
|
|
|
|
where: and(eq(yachts.id, id), eq(yachts.portId, portId)),
|
feat(platform): residential module + admin UI + reliability fixes
Residential platform
- New schema: residentialClients, residentialInterests (separate from
marina/yacht clients) with migration 0010
- Service layer with CRUD + audit + sockets + per-port portal toggle
- v1 + public API routes (/api/v1/residential/*, /api/public/residential-inquiries)
- List + detail pages with inline editing for clients and interests
- Per-user residentialAccess toggle on userPortRoles (migration 0011)
- Permission keys: residential_clients, residential_interests
- Sidebar nav + role form integration
- Smoke spec covering page loads, UI create flow, public endpoint
Admin & shared UI
- Admin → Forms (form templates CRUD) with validators + service
- Notification preferences page (in-app + email per type)
- Email composition + accounts list + threads view
- Branded auth shell shared across CRM + portal auth surfaces
- Inline editing extended to yacht/company/interest detail pages
- InlineTagEditor + per-entity tags endpoints (yachts, companies)
- Notes service polymorphic across clients/interests/yachts/companies
- Client list columns: yachtCount + companyCount badges
- Reservation file-download via presigned URL (replaces stale <a href>)
Route handler refactor
- Extracted yachts/companies/berths reservation handlers to sibling
handlers.ts files (Next.js 15 route.ts only allows specific exports)
Reliability fixes
- apiFetch double-stringify bug fixed across 13 components
(apiFetch already JSON.stringifies its body; passing a stringified
body produced double-encoded JSON which failed zod validation)
- SocketProvider gated behind useSyncExternalStore-based mount check
to avoid useSession() SSR crashes under React 19 + Next 15
- apiFetch falls back to URL-pathname → port-id resolution when the
Zustand store hasn't hydrated yet (fresh contexts, e2e tests)
- CRM invite flow (schema, service, route, email, dev script)
- Dashboard route → [portSlug]/dashboard/page.tsx + redirect
- Document the dev-server restart-after-migration gotcha in CLAUDE.md
Tests
- 5-case residential smoke spec
- Integration test updates for new service signatures
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 21:54:32 +02:00
|
|
|
with: {
|
|
|
|
|
tags: { with: { tag: true } },
|
|
|
|
|
},
|
2026-04-23 23:40:56 +02:00
|
|
|
});
|
|
|
|
|
if (!yacht) throw new NotFoundError('Yacht');
|
feat(platform): residential module + admin UI + reliability fixes
Residential platform
- New schema: residentialClients, residentialInterests (separate from
marina/yacht clients) with migration 0010
- Service layer with CRUD + audit + sockets + per-port portal toggle
- v1 + public API routes (/api/v1/residential/*, /api/public/residential-inquiries)
- List + detail pages with inline editing for clients and interests
- Per-user residentialAccess toggle on userPortRoles (migration 0011)
- Permission keys: residential_clients, residential_interests
- Sidebar nav + role form integration
- Smoke spec covering page loads, UI create flow, public endpoint
Admin & shared UI
- Admin → Forms (form templates CRUD) with validators + service
- Notification preferences page (in-app + email per type)
- Email composition + accounts list + threads view
- Branded auth shell shared across CRM + portal auth surfaces
- Inline editing extended to yacht/company/interest detail pages
- InlineTagEditor + per-entity tags endpoints (yachts, companies)
- Notes service polymorphic across clients/interests/yachts/companies
- Client list columns: yachtCount + companyCount badges
- Reservation file-download via presigned URL (replaces stale <a href>)
Route handler refactor
- Extracted yachts/companies/berths reservation handlers to sibling
handlers.ts files (Next.js 15 route.ts only allows specific exports)
Reliability fixes
- apiFetch double-stringify bug fixed across 13 components
(apiFetch already JSON.stringifies its body; passing a stringified
body produced double-encoded JSON which failed zod validation)
- SocketProvider gated behind useSyncExternalStore-based mount check
to avoid useSession() SSR crashes under React 19 + Next 15
- apiFetch falls back to URL-pathname → port-id resolution when the
Zustand store hasn't hydrated yet (fresh contexts, e2e tests)
- CRM invite flow (schema, service, route, email, dev script)
- Dashboard route → [portSlug]/dashboard/page.tsx + redirect
- Document the dev-server restart-after-migration gotcha in CLAUDE.md
Tests
- 5-case residential smoke spec
- Integration test updates for new service signatures
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 21:54:32 +02:00
|
|
|
const { tags: tagJoins, ...rest } = yacht as typeof yacht & {
|
|
|
|
|
tags: Array<{ tag: { id: string; name: string; color: string } }>;
|
|
|
|
|
};
|
|
|
|
|
return {
|
|
|
|
|
...rest,
|
|
|
|
|
tags: tagJoins.map((t) => t.tag),
|
|
|
|
|
};
|
2026-04-23 23:40:56 +02:00
|
|
|
}
|
2026-04-23 23:52:24 +02:00
|
|
|
|
|
|
|
|
export async function updateYacht(
|
|
|
|
|
id: string,
|
|
|
|
|
portId: string,
|
|
|
|
|
data: UpdateYachtInput,
|
|
|
|
|
meta: AuditMeta,
|
|
|
|
|
) {
|
|
|
|
|
// Defense-in-depth: owner changes must go through /transfer, not PATCH.
|
|
|
|
|
const dataRecord = data as Record<string, unknown>;
|
|
|
|
|
if (
|
|
|
|
|
Object.prototype.hasOwnProperty.call(dataRecord, 'currentOwnerType') ||
|
|
|
|
|
Object.prototype.hasOwnProperty.call(dataRecord, 'currentOwnerId')
|
|
|
|
|
) {
|
|
|
|
|
throw new ValidationError('use /transfer to change ownership');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const existing = await db.query.yachts.findFirst({
|
|
|
|
|
where: eq(yachts.id, id),
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (!existing || existing.portId !== portId) {
|
|
|
|
|
throw new NotFoundError('Yacht');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const { diff } = diffEntity(
|
|
|
|
|
existing as unknown as Record<string, unknown>,
|
|
|
|
|
data as Record<string, unknown>,
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
const [updated] = await db
|
|
|
|
|
.update(yachts)
|
|
|
|
|
.set({ ...data, updatedAt: new Date() })
|
|
|
|
|
.where(and(eq(yachts.id, id), eq(yachts.portId, portId)))
|
|
|
|
|
.returning();
|
|
|
|
|
|
|
|
|
|
void createAuditLog({
|
|
|
|
|
userId: meta.userId,
|
|
|
|
|
portId,
|
|
|
|
|
action: 'update',
|
|
|
|
|
entityType: 'yacht',
|
|
|
|
|
entityId: id,
|
|
|
|
|
oldValue: diff as Record<string, unknown>,
|
|
|
|
|
newValue: data as Record<string, unknown>,
|
|
|
|
|
ipAddress: meta.ipAddress,
|
|
|
|
|
userAgent: meta.userAgent,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
emitToRoom(`port:${portId}`, 'yacht:updated', {
|
|
|
|
|
yachtId: id,
|
|
|
|
|
changedFields: Object.keys(diff),
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return updated!;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function archiveYacht(id: string, portId: string, meta: AuditMeta) {
|
|
|
|
|
const existing = await db.query.yachts.findFirst({
|
|
|
|
|
where: eq(yachts.id, id),
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (!existing || existing.portId !== portId) {
|
|
|
|
|
throw new NotFoundError('Yacht');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NOTE: bypassing the shared `softDelete(...)` util: it sets the raw
|
|
|
|
|
// column key `archived_at`, which Drizzle does not recognise (the JS
|
|
|
|
|
// key is `archivedAt`) and therefore emits an empty SET clause. Until
|
|
|
|
|
// the utility is fixed, do the update inline.
|
|
|
|
|
await db
|
|
|
|
|
.update(yachts)
|
|
|
|
|
.set({ archivedAt: new Date() })
|
|
|
|
|
.where(and(eq(yachts.id, id), eq(yachts.portId, portId)));
|
|
|
|
|
|
|
|
|
|
void createAuditLog({
|
|
|
|
|
userId: meta.userId,
|
|
|
|
|
portId,
|
|
|
|
|
action: 'archive',
|
|
|
|
|
entityType: 'yacht',
|
|
|
|
|
entityId: id,
|
|
|
|
|
ipAddress: meta.ipAddress,
|
|
|
|
|
userAgent: meta.userAgent,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
emitToRoom(`port:${portId}`, 'yacht:archived', { yachtId: id });
|
|
|
|
|
}
|
2026-04-23 23:58:20 +02:00
|
|
|
|
|
|
|
|
export async function transferOwnership(
|
|
|
|
|
yachtId: string,
|
|
|
|
|
portId: string,
|
|
|
|
|
data: TransferOwnershipInput,
|
|
|
|
|
meta: AuditMeta,
|
|
|
|
|
) {
|
|
|
|
|
return await withTransaction(async (tx) => {
|
|
|
|
|
const yacht = await tx.query.yachts.findFirst({
|
|
|
|
|
where: and(eq(yachts.id, yachtId), eq(yachts.portId, portId)),
|
|
|
|
|
});
|
|
|
|
|
if (!yacht) throw new NotFoundError('Yacht');
|
|
|
|
|
|
|
|
|
|
if (
|
|
|
|
|
yacht.currentOwnerType === data.newOwner.type &&
|
|
|
|
|
yacht.currentOwnerId === data.newOwner.id
|
|
|
|
|
) {
|
|
|
|
|
throw new ValidationError('same owner — nothing to transfer');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
await assertOwnerExists(portId, data.newOwner, tx);
|
|
|
|
|
|
|
|
|
|
// Close the currently-active history row
|
|
|
|
|
await tx
|
|
|
|
|
.update(yachtOwnershipHistory)
|
|
|
|
|
.set({ endDate: data.effectiveDate })
|
|
|
|
|
.where(
|
|
|
|
|
and(
|
|
|
|
|
eq(yachtOwnershipHistory.yachtId, yachtId),
|
|
|
|
|
sql`${yachtOwnershipHistory.endDate} IS NULL`,
|
|
|
|
|
),
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
// Open new row
|
|
|
|
|
await tx.insert(yachtOwnershipHistory).values({
|
|
|
|
|
yachtId,
|
|
|
|
|
ownerType: data.newOwner.type,
|
|
|
|
|
ownerId: data.newOwner.id,
|
|
|
|
|
startDate: data.effectiveDate,
|
|
|
|
|
endDate: null,
|
|
|
|
|
transferReason: data.transferReason ?? null,
|
|
|
|
|
transferNotes: data.transferNotes ?? null,
|
|
|
|
|
createdBy: meta.userId,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Update denormalized current-owner columns
|
|
|
|
|
const [updated] = await tx
|
|
|
|
|
.update(yachts)
|
|
|
|
|
.set({
|
|
|
|
|
currentOwnerType: data.newOwner.type,
|
|
|
|
|
currentOwnerId: data.newOwner.id,
|
|
|
|
|
updatedAt: new Date(),
|
|
|
|
|
})
|
|
|
|
|
.where(eq(yachts.id, yachtId))
|
|
|
|
|
.returning();
|
|
|
|
|
|
|
|
|
|
void createAuditLog({
|
|
|
|
|
userId: meta.userId,
|
|
|
|
|
portId,
|
|
|
|
|
action: 'update',
|
|
|
|
|
entityType: 'yacht',
|
|
|
|
|
entityId: yachtId,
|
|
|
|
|
newValue: { ownerTransferTo: data.newOwner, reason: data.transferReason },
|
|
|
|
|
ipAddress: meta.ipAddress,
|
|
|
|
|
userAgent: meta.userAgent,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
emitToRoom(`port:${portId}`, 'yacht:ownership_transferred', {
|
|
|
|
|
yachtId,
|
|
|
|
|
newOwner: data.newOwner,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return updated!;
|
|
|
|
|
});
|
|
|
|
|
}
|
feat(yachts): list + owner-scoped list + autocomplete
Adds `listYachts`, `listYachtsForOwner`, and `autocomplete` to the
yacht service so UIs can page/filter yachts per port, look up all
yachts tied to a given client/company, and power search-as-you-type.
`listYachts` delegates to the shared port-scoped `buildListQuery`,
supporting search over name/hullNumber/registration plus ownerType,
ownerId and status filters; `autocomplete` caps at 10 results and is
tenant-scoped; `listYachtsForOwner` returns all yachts whose current
owner matches, newest first. Extends `makeYacht` factory to accept
flat `name`, `status`, `hullNumber`, `registration` overrides.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-24 00:03:36 +02:00
|
|
|
|
|
|
|
|
// ─── List ─────────────────────────────────────────────────────────────────────
|
|
|
|
|
|
|
|
|
|
export async function listYachts(portId: string, query: ListYachtsInput) {
|
|
|
|
|
const { page, limit, sort, order, search, includeArchived, ownerType, ownerId, status } = query;
|
|
|
|
|
|
|
|
|
|
const filters = [];
|
|
|
|
|
if (ownerType) filters.push(eq(yachts.currentOwnerType, ownerType));
|
|
|
|
|
if (ownerId) filters.push(eq(yachts.currentOwnerId, ownerId));
|
|
|
|
|
if (status) filters.push(eq(yachts.status, status));
|
|
|
|
|
|
|
|
|
|
let sortColumn: typeof yachts.name | typeof yachts.createdAt | typeof yachts.updatedAt =
|
|
|
|
|
yachts.updatedAt;
|
|
|
|
|
if (sort === 'name') sortColumn = yachts.name;
|
|
|
|
|
else if (sort === 'createdAt') sortColumn = yachts.createdAt;
|
|
|
|
|
|
|
|
|
|
const result = await buildListQuery<Yacht>({
|
|
|
|
|
table: yachts,
|
|
|
|
|
portIdColumn: yachts.portId,
|
|
|
|
|
portId,
|
|
|
|
|
idColumn: yachts.id,
|
|
|
|
|
updatedAtColumn: yachts.updatedAt,
|
|
|
|
|
searchColumns: [yachts.name, yachts.hullNumber, yachts.registration],
|
|
|
|
|
searchTerm: search,
|
|
|
|
|
filters,
|
|
|
|
|
sort: sort ? { column: sortColumn, direction: order } : undefined,
|
|
|
|
|
page,
|
|
|
|
|
pageSize: limit,
|
|
|
|
|
includeArchived,
|
|
|
|
|
archivedAtColumn: yachts.archivedAt,
|
|
|
|
|
});
|
|
|
|
|
|
2026-04-27 23:54:04 +02:00
|
|
|
if (result.data.length === 0) return result;
|
|
|
|
|
|
|
|
|
|
// Resolve current owner names in two parallel batched queries instead of
|
|
|
|
|
// an N+1 fetch from the client (was 1 round-trip per row from yacht-columns).
|
|
|
|
|
const clientIds = result.data
|
|
|
|
|
.filter((y) => y.currentOwnerType === 'client')
|
|
|
|
|
.map((y) => y.currentOwnerId);
|
|
|
|
|
const companyIds = result.data
|
|
|
|
|
.filter((y) => y.currentOwnerType === 'company')
|
|
|
|
|
.map((y) => y.currentOwnerId);
|
|
|
|
|
|
|
|
|
|
const [clientRows, companyRows] = await Promise.all([
|
|
|
|
|
clientIds.length > 0
|
|
|
|
|
? db
|
|
|
|
|
.select({ id: clients.id, fullName: clients.fullName })
|
|
|
|
|
.from(clients)
|
|
|
|
|
.where(inArray(clients.id, clientIds))
|
|
|
|
|
: Promise.resolve([] as { id: string; fullName: string }[]),
|
|
|
|
|
companyIds.length > 0
|
|
|
|
|
? db
|
|
|
|
|
.select({ id: companies.id, name: companies.name })
|
|
|
|
|
.from(companies)
|
|
|
|
|
.where(inArray(companies.id, companyIds))
|
|
|
|
|
: Promise.resolve([] as { id: string; name: string }[]),
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
const clientNames = new Map(clientRows.map((r) => [r.id, r.fullName]));
|
|
|
|
|
const companyNames = new Map(companyRows.map((r) => [r.id, r.name]));
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
...result,
|
|
|
|
|
data: result.data.map((y) => ({
|
|
|
|
|
...y,
|
|
|
|
|
currentOwnerName:
|
|
|
|
|
y.currentOwnerType === 'client'
|
|
|
|
|
? (clientNames.get(y.currentOwnerId) ?? null)
|
|
|
|
|
: (companyNames.get(y.currentOwnerId) ?? null),
|
|
|
|
|
})),
|
|
|
|
|
};
|
feat(yachts): list + owner-scoped list + autocomplete
Adds `listYachts`, `listYachtsForOwner`, and `autocomplete` to the
yacht service so UIs can page/filter yachts per port, look up all
yachts tied to a given client/company, and power search-as-you-type.
`listYachts` delegates to the shared port-scoped `buildListQuery`,
supporting search over name/hullNumber/registration plus ownerType,
ownerId and status filters; `autocomplete` caps at 10 results and is
tenant-scoped; `listYachtsForOwner` returns all yachts whose current
owner matches, newest first. Extends `makeYacht` factory to accept
flat `name`, `status`, `hullNumber`, `registration` overrides.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-24 00:03:36 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ─── List for owner ───────────────────────────────────────────────────────────
|
|
|
|
|
|
|
|
|
|
export async function listYachtsForOwner(
|
|
|
|
|
portId: string,
|
|
|
|
|
ownerType: 'client' | 'company',
|
|
|
|
|
ownerId: string,
|
|
|
|
|
) {
|
chore(cleanup): Phase 1 — gap closure across audit, alerts, soft-delete, perms
Multi-area cleanup pass closing partial-implementation gaps surfaced by the
post-i18n audit. No behavior changes for happy-path users; closes real
correctness/security holes.
PR1a Public yacht-interest endpoint i18n. /api/public/interests now accepts
phoneE164/phoneCountry, nationalityIso, address.{countryIso, subdivisionIso},
and company.{incorporationCountryIso, incorporationSubdivisionIso}.
Server-side parsePhone() fallback for legacy raw phone strings.
PR1b Alert rule registry trim. Two rule slots ('document.expiring_soon',
'audit.suspicious_login') were registered but evaluators returned [].
Both required schema/instrumentation that hadn't landed. Removed from
the registry; comments record the dependencies needed to revive them.
Effective rule count: 8 active.
PR1c vi.mock hoist + flake fix. Hoisted vi.mock calls to top-level in 5
integration test files; webhook-delivery uses vi.hoisted for the
queue-add ref. Vitest no longer warns about non-top-level mocks.
Deflaked the 'short value' assertion in security-encryption.test.ts
by switching plaintext from 'ab' to 'XY' (non-hex chars). 5/5 runs green.
PR1d Soft-delete reference audit. listClientOptions and listYachtsForOwner
now filter by isNull(archivedAt). Berths use status (no archivedAt).
PR1e Permission-matrix audit script + report. scripts/audit-permissions.ts
walks every src/app/api/v1/**/route.ts and reports handlers without a
withPermission() wrapper. Initial run found 33 violations.
- Allow-listed 17 with explicit reasons (self-data, admin, alerts,
search, currency, ai, custom-fields — some marked TODO).
- Wrapped 7 routes with concrete permissions: clients/options
(clients:view), berths/options (berths:view), dashboard/*
(reports:view_dashboard), analytics (reports:view_analytics).
Audit report at docs/runbooks/permission-audit.md. Script exits
non-zero on any unallow-listed violation so it can become a CI gate.
Vitest: 741 -> 741 (no new tests; existing suite covers the changes).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-28 18:48:22 +02:00
|
|
|
// Owner-detail tabs only surface active yachts. Archived ones live in the
|
|
|
|
|
// ownership history view and are reachable by id, not via this lister.
|
feat(yachts): list + owner-scoped list + autocomplete
Adds `listYachts`, `listYachtsForOwner`, and `autocomplete` to the
yacht service so UIs can page/filter yachts per port, look up all
yachts tied to a given client/company, and power search-as-you-type.
`listYachts` delegates to the shared port-scoped `buildListQuery`,
supporting search over name/hullNumber/registration plus ownerType,
ownerId and status filters; `autocomplete` caps at 10 results and is
tenant-scoped; `listYachtsForOwner` returns all yachts whose current
owner matches, newest first. Extends `makeYacht` factory to accept
flat `name`, `status`, `hullNumber`, `registration` overrides.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-24 00:03:36 +02:00
|
|
|
return await db.query.yachts.findMany({
|
|
|
|
|
where: and(
|
|
|
|
|
eq(yachts.portId, portId),
|
|
|
|
|
eq(yachts.currentOwnerType, ownerType),
|
|
|
|
|
eq(yachts.currentOwnerId, ownerId),
|
chore(cleanup): Phase 1 — gap closure across audit, alerts, soft-delete, perms
Multi-area cleanup pass closing partial-implementation gaps surfaced by the
post-i18n audit. No behavior changes for happy-path users; closes real
correctness/security holes.
PR1a Public yacht-interest endpoint i18n. /api/public/interests now accepts
phoneE164/phoneCountry, nationalityIso, address.{countryIso, subdivisionIso},
and company.{incorporationCountryIso, incorporationSubdivisionIso}.
Server-side parsePhone() fallback for legacy raw phone strings.
PR1b Alert rule registry trim. Two rule slots ('document.expiring_soon',
'audit.suspicious_login') were registered but evaluators returned [].
Both required schema/instrumentation that hadn't landed. Removed from
the registry; comments record the dependencies needed to revive them.
Effective rule count: 8 active.
PR1c vi.mock hoist + flake fix. Hoisted vi.mock calls to top-level in 5
integration test files; webhook-delivery uses vi.hoisted for the
queue-add ref. Vitest no longer warns about non-top-level mocks.
Deflaked the 'short value' assertion in security-encryption.test.ts
by switching plaintext from 'ab' to 'XY' (non-hex chars). 5/5 runs green.
PR1d Soft-delete reference audit. listClientOptions and listYachtsForOwner
now filter by isNull(archivedAt). Berths use status (no archivedAt).
PR1e Permission-matrix audit script + report. scripts/audit-permissions.ts
walks every src/app/api/v1/**/route.ts and reports handlers without a
withPermission() wrapper. Initial run found 33 violations.
- Allow-listed 17 with explicit reasons (self-data, admin, alerts,
search, currency, ai, custom-fields — some marked TODO).
- Wrapped 7 routes with concrete permissions: clients/options
(clients:view), berths/options (berths:view), dashboard/*
(reports:view_dashboard), analytics (reports:view_analytics).
Audit report at docs/runbooks/permission-audit.md. Script exits
non-zero on any unallow-listed violation so it can become a CI gate.
Vitest: 741 -> 741 (no new tests; existing suite covers the changes).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-28 18:48:22 +02:00
|
|
|
isNull(yachts.archivedAt),
|
feat(yachts): list + owner-scoped list + autocomplete
Adds `listYachts`, `listYachtsForOwner`, and `autocomplete` to the
yacht service so UIs can page/filter yachts per port, look up all
yachts tied to a given client/company, and power search-as-you-type.
`listYachts` delegates to the shared port-scoped `buildListQuery`,
supporting search over name/hullNumber/registration plus ownerType,
ownerId and status filters; `autocomplete` caps at 10 results and is
tenant-scoped; `listYachtsForOwner` returns all yachts whose current
owner matches, newest first. Extends `makeYacht` factory to accept
flat `name`, `status`, `hullNumber`, `registration` overrides.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-24 00:03:36 +02:00
|
|
|
),
|
|
|
|
|
orderBy: (t, { desc }) => [desc(t.updatedAt)],
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-24 12:40:51 +02:00
|
|
|
// ─── Ownership history ────────────────────────────────────────────────────────
|
|
|
|
|
|
|
|
|
|
export async function listOwnershipHistory(yachtId: string, portId: string) {
|
|
|
|
|
// First scope-check the yacht (throws NotFoundError if cross-tenant)
|
|
|
|
|
await getYachtById(yachtId, portId);
|
|
|
|
|
return await db.query.yachtOwnershipHistory.findMany({
|
|
|
|
|
where: eq(yachtOwnershipHistory.yachtId, yachtId),
|
|
|
|
|
orderBy: (t, { desc }) => [desc(t.startDate)],
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
feat(yachts): list + owner-scoped list + autocomplete
Adds `listYachts`, `listYachtsForOwner`, and `autocomplete` to the
yacht service so UIs can page/filter yachts per port, look up all
yachts tied to a given client/company, and power search-as-you-type.
`listYachts` delegates to the shared port-scoped `buildListQuery`,
supporting search over name/hullNumber/registration plus ownerType,
ownerId and status filters; `autocomplete` caps at 10 results and is
tenant-scoped; `listYachtsForOwner` returns all yachts whose current
owner matches, newest first. Extends `makeYacht` factory to accept
flat `name`, `status`, `hullNumber`, `registration` overrides.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-24 00:03:36 +02:00
|
|
|
// ─── Autocomplete ─────────────────────────────────────────────────────────────
|
|
|
|
|
|
|
|
|
|
export async function autocomplete(portId: string, q: string) {
|
|
|
|
|
const pattern = `%${q}%`;
|
|
|
|
|
return await db
|
|
|
|
|
.select()
|
|
|
|
|
.from(yachts)
|
|
|
|
|
.where(
|
|
|
|
|
and(
|
|
|
|
|
eq(yachts.portId, portId),
|
|
|
|
|
or(
|
|
|
|
|
ilike(yachts.name, pattern),
|
|
|
|
|
ilike(yachts.hullNumber, pattern),
|
|
|
|
|
ilike(yachts.registration, pattern),
|
|
|
|
|
),
|
|
|
|
|
),
|
|
|
|
|
)
|
|
|
|
|
.limit(10);
|
|
|
|
|
}
|
feat(platform): residential module + admin UI + reliability fixes
Residential platform
- New schema: residentialClients, residentialInterests (separate from
marina/yacht clients) with migration 0010
- Service layer with CRUD + audit + sockets + per-port portal toggle
- v1 + public API routes (/api/v1/residential/*, /api/public/residential-inquiries)
- List + detail pages with inline editing for clients and interests
- Per-user residentialAccess toggle on userPortRoles (migration 0011)
- Permission keys: residential_clients, residential_interests
- Sidebar nav + role form integration
- Smoke spec covering page loads, UI create flow, public endpoint
Admin & shared UI
- Admin → Forms (form templates CRUD) with validators + service
- Notification preferences page (in-app + email per type)
- Email composition + accounts list + threads view
- Branded auth shell shared across CRM + portal auth surfaces
- Inline editing extended to yacht/company/interest detail pages
- InlineTagEditor + per-entity tags endpoints (yachts, companies)
- Notes service polymorphic across clients/interests/yachts/companies
- Client list columns: yachtCount + companyCount badges
- Reservation file-download via presigned URL (replaces stale <a href>)
Route handler refactor
- Extracted yachts/companies/berths reservation handlers to sibling
handlers.ts files (Next.js 15 route.ts only allows specific exports)
Reliability fixes
- apiFetch double-stringify bug fixed across 13 components
(apiFetch already JSON.stringifies its body; passing a stringified
body produced double-encoded JSON which failed zod validation)
- SocketProvider gated behind useSyncExternalStore-based mount check
to avoid useSession() SSR crashes under React 19 + Next 15
- apiFetch falls back to URL-pathname → port-id resolution when the
Zustand store hasn't hydrated yet (fresh contexts, e2e tests)
- CRM invite flow (schema, service, route, email, dev script)
- Dashboard route → [portSlug]/dashboard/page.tsx + redirect
- Document the dev-server restart-after-migration gotcha in CLAUDE.md
Tests
- 5-case residential smoke spec
- Integration test updates for new service signatures
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 21:54:32 +02:00
|
|
|
|
|
|
|
|
export async function setYachtTags(
|
|
|
|
|
yachtId: string,
|
|
|
|
|
portId: string,
|
|
|
|
|
tagIds: string[],
|
|
|
|
|
meta: AuditMeta,
|
|
|
|
|
) {
|
|
|
|
|
const yacht = await db.query.yachts.findFirst({ where: eq(yachts.id, yachtId) });
|
|
|
|
|
if (!yacht || yacht.portId !== portId) throw new NotFoundError('Yacht');
|
|
|
|
|
|
2026-04-29 01:58:42 +02:00
|
|
|
await setEntityTags({
|
|
|
|
|
joinTable: yachtTags,
|
|
|
|
|
entityColumn: yachtTags.yachtId,
|
|
|
|
|
tagColumn: yachtTags.tagId,
|
|
|
|
|
entityId: yachtId,
|
feat(platform): residential module + admin UI + reliability fixes
Residential platform
- New schema: residentialClients, residentialInterests (separate from
marina/yacht clients) with migration 0010
- Service layer with CRUD + audit + sockets + per-port portal toggle
- v1 + public API routes (/api/v1/residential/*, /api/public/residential-inquiries)
- List + detail pages with inline editing for clients and interests
- Per-user residentialAccess toggle on userPortRoles (migration 0011)
- Permission keys: residential_clients, residential_interests
- Sidebar nav + role form integration
- Smoke spec covering page loads, UI create flow, public endpoint
Admin & shared UI
- Admin → Forms (form templates CRUD) with validators + service
- Notification preferences page (in-app + email per type)
- Email composition + accounts list + threads view
- Branded auth shell shared across CRM + portal auth surfaces
- Inline editing extended to yacht/company/interest detail pages
- InlineTagEditor + per-entity tags endpoints (yachts, companies)
- Notes service polymorphic across clients/interests/yachts/companies
- Client list columns: yachtCount + companyCount badges
- Reservation file-download via presigned URL (replaces stale <a href>)
Route handler refactor
- Extracted yachts/companies/berths reservation handlers to sibling
handlers.ts files (Next.js 15 route.ts only allows specific exports)
Reliability fixes
- apiFetch double-stringify bug fixed across 13 components
(apiFetch already JSON.stringifies its body; passing a stringified
body produced double-encoded JSON which failed zod validation)
- SocketProvider gated behind useSyncExternalStore-based mount check
to avoid useSession() SSR crashes under React 19 + Next 15
- apiFetch falls back to URL-pathname → port-id resolution when the
Zustand store hasn't hydrated yet (fresh contexts, e2e tests)
- CRM invite flow (schema, service, route, email, dev script)
- Dashboard route → [portSlug]/dashboard/page.tsx + redirect
- Document the dev-server restart-after-migration gotcha in CLAUDE.md
Tests
- 5-case residential smoke spec
- Integration test updates for new service signatures
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 21:54:32 +02:00
|
|
|
portId,
|
2026-04-29 01:58:42 +02:00
|
|
|
tagIds,
|
|
|
|
|
meta,
|
feat(platform): residential module + admin UI + reliability fixes
Residential platform
- New schema: residentialClients, residentialInterests (separate from
marina/yacht clients) with migration 0010
- Service layer with CRUD + audit + sockets + per-port portal toggle
- v1 + public API routes (/api/v1/residential/*, /api/public/residential-inquiries)
- List + detail pages with inline editing for clients and interests
- Per-user residentialAccess toggle on userPortRoles (migration 0011)
- Permission keys: residential_clients, residential_interests
- Sidebar nav + role form integration
- Smoke spec covering page loads, UI create flow, public endpoint
Admin & shared UI
- Admin → Forms (form templates CRUD) with validators + service
- Notification preferences page (in-app + email per type)
- Email composition + accounts list + threads view
- Branded auth shell shared across CRM + portal auth surfaces
- Inline editing extended to yacht/company/interest detail pages
- InlineTagEditor + per-entity tags endpoints (yachts, companies)
- Notes service polymorphic across clients/interests/yachts/companies
- Client list columns: yachtCount + companyCount badges
- Reservation file-download via presigned URL (replaces stale <a href>)
Route handler refactor
- Extracted yachts/companies/berths reservation handlers to sibling
handlers.ts files (Next.js 15 route.ts only allows specific exports)
Reliability fixes
- apiFetch double-stringify bug fixed across 13 components
(apiFetch already JSON.stringifies its body; passing a stringified
body produced double-encoded JSON which failed zod validation)
- SocketProvider gated behind useSyncExternalStore-based mount check
to avoid useSession() SSR crashes under React 19 + Next 15
- apiFetch falls back to URL-pathname → port-id resolution when the
Zustand store hasn't hydrated yet (fresh contexts, e2e tests)
- CRM invite flow (schema, service, route, email, dev script)
- Dashboard route → [portSlug]/dashboard/page.tsx + redirect
- Document the dev-server restart-after-migration gotcha in CLAUDE.md
Tests
- 5-case residential smoke spec
- Integration test updates for new service signatures
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 21:54:32 +02:00
|
|
|
entityType: 'yacht',
|
|
|
|
|
});
|
|
|
|
|
}
|