src/lib/services/form-templates.service.ts

import { and, desc, eq } from 'drizzle-orm';

import { db } from '@/lib/db';
import { formTemplates } from '@/lib/db/schema/documents';
import { createAuditLog } from '@/lib/audit';
import { CodedError, NotFoundError } from '@/lib/errors';
import type {
  CreateFormTemplateInput,
  UpdateFormTemplateInput,
} from '@/lib/validators/form-templates';

interface AuditMeta {
  userId: string;
  portId: string;
  ipAddress?: string;
  userAgent?: string;
}

export async function listFormTemplates(portId: string) {
  return db
    .select()
    .from(formTemplates)
    .where(eq(formTemplates.portId, portId))
    .orderBy(desc(formTemplates.updatedAt));
}

export async function getFormTemplateById(id: string, portId: string) {
  const tpl = await db.query.formTemplates.findFirst({
    where: and(eq(formTemplates.id, id), eq(formTemplates.portId, portId)),
  });
  if (!tpl) throw new NotFoundError('Form template');
  return tpl;
}

export async function createFormTemplate(
  portId: string,
  data: CreateFormTemplateInput,
  meta: AuditMeta,
) {
  const [tpl] = await db
    .insert(formTemplates)
    .values({
      portId,
      name: data.name,
      description: data.description ?? null,
      fields: data.fields,
      branding: data.branding ?? {},
      isActive: data.isActive ?? true,
      createdBy: meta.userId,
    })
    .returning();

  if (!tpl)
    throw new CodedError('INSERT_RETURNING_EMPTY', {
      internalMessage: 'Form template insert returned no row',
    });

  void createAuditLog({
    userId: meta.userId,
    portId,
    action: 'create',
    entityType: 'form_template',
    entityId: tpl.id,
    newValue: { name: data.name },
    ipAddress: meta.ipAddress ?? '',
    userAgent: meta.userAgent ?? '',
  });

  return tpl;
}

export async function updateFormTemplate(
  id: string,
  portId: string,
  data: UpdateFormTemplateInput,
  meta: AuditMeta,
) {
  const existing = await getFormTemplateById(id, portId);

  const [updated] = await db
    .update(formTemplates)
    .set({
      ...(data.name !== undefined && { name: data.name }),
      ...(data.description !== undefined && { description: data.description ?? null }),
      ...(data.fields !== undefined && { fields: data.fields }),
      ...(data.branding !== undefined && { branding: data.branding }),
      ...(data.isActive !== undefined && { isActive: data.isActive }),
      updatedAt: new Date(),
    })
    .where(eq(formTemplates.id, id))
    .returning();

  if (!updated) throw new NotFoundError('Form template');

  void createAuditLog({
    userId: meta.userId,
    portId,
    action: 'update',
    entityType: 'form_template',
    entityId: id,
    oldValue: { name: existing.name },
    newValue: data,
    ipAddress: meta.ipAddress ?? '',
    userAgent: meta.userAgent ?? '',
  });

  return updated;
}

export async function deleteFormTemplate(id: string, portId: string, meta: AuditMeta) {
  await getFormTemplateById(id, portId);

  await db.delete(formTemplates).where(eq(formTemplates.id, id));

  void createAuditLog({
    userId: meta.userId,
    portId,
    action: 'delete',
    entityType: 'form_template',
    entityId: id,
    ipAddress: meta.ipAddress ?? '',
    userAgent: meta.userAgent ?? '',
  });
}
feat(platform): residential module + admin UI + reliability fixes Residential platform - New schema: residentialClients, residentialInterests (separate from marina/yacht clients) with migration 0010 - Service layer with CRUD + audit + sockets + per-port portal toggle - v1 + public API routes (/api/v1/residential/*, /api/public/residential-inquiries) - List + detail pages with inline editing for clients and interests - Per-user residentialAccess toggle on userPortRoles (migration 0011) - Permission keys: residential_clients, residential_interests - Sidebar nav + role form integration - Smoke spec covering page loads, UI create flow, public endpoint Admin & shared UI - Admin → Forms (form templates CRUD) with validators + service - Notification preferences page (in-app + email per type) - Email composition + accounts list + threads view - Branded auth shell shared across CRM + portal auth surfaces - Inline editing extended to yacht/company/interest detail pages - InlineTagEditor + per-entity tags endpoints (yachts, companies) - Notes service polymorphic across clients/interests/yachts/companies - Client list columns: yachtCount + companyCount badges - Reservation file-download via presigned URL (replaces stale <a href>) Route handler refactor - Extracted yachts/companies/berths reservation handlers to sibling handlers.ts files (Next.js 15 route.ts only allows specific exports) Reliability fixes - apiFetch double-stringify bug fixed across 13 components (apiFetch already JSON.stringifies its body; passing a stringified body produced double-encoded JSON which failed zod validation) - SocketProvider gated behind useSyncExternalStore-based mount check to avoid useSession() SSR crashes under React 19 + Next 15 - apiFetch falls back to URL-pathname → port-id resolution when the Zustand store hasn't hydrated yet (fresh contexts, e2e tests) - CRM invite flow (schema, service, route, email, dev script) - Dashboard route → [portSlug]/dashboard/page.tsx + redirect - Document the dev-server restart-after-migration gotcha in CLAUDE.md Tests - 5-case residential smoke spec - Integration test updates for new service signatures Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-04-27 21:54:32 +02:00			`import { and, desc, eq } from 'drizzle-orm';`

			`import { db } from '@/lib/db';`
			`import { formTemplates } from '@/lib/db/schema/documents';`
			`import { createAuditLog } from '@/lib/audit';`
fix(audit-tier-2): error-surface hygiene — toastError + CodedError sweep Two mechanical sweeps closing the audit's HIGH §16 + MED §11 findings: * 38 client components / 56 toast.error sites converted to toastError(err) so the new admin error inspector becomes usable from user-reported issues — every failed inline-edit, save, send, archive, upload, etc. now carries the request-id + error-code (Copy ID action). * 26 service files / 62 bare-Error throws converted to CodedError or the existing AppError subclasses. Adds new error codes: DOCUMENSO_UPSTREAM_ERROR (502), DOCUMENSO_AUTH_FAILURE (502), DOCUMENSO_TIMEOUT (504), OCR_UPSTREAM_ERROR (502), IMAP_UPSTREAM_ERROR (502), UMAMI_UPSTREAM_ERROR (502), UMAMI_NOT_CONFIGURED (409), and INSERT_RETURNING_EMPTY (500) for post-insert returning-empty guards. * Five vitest assertions updated to match the new user-facing wording (client-merge "already been merged", expense/interest "couldn't find that …", documenso "signing service didn't respond"). Test status: 1168/1168 vitest, tsc clean. Refs: docs/audit-comprehensive-2026-05-05.md HIGH §16 (auditor-H Issue 1) + MED §11 (auditor-G Issue 1). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-05 20:18:05 +02:00			`import { CodedError, NotFoundError } from '@/lib/errors';`
feat(platform): residential module + admin UI + reliability fixes Residential platform - New schema: residentialClients, residentialInterests (separate from marina/yacht clients) with migration 0010 - Service layer with CRUD + audit + sockets + per-port portal toggle - v1 + public API routes (/api/v1/residential/*, /api/public/residential-inquiries) - List + detail pages with inline editing for clients and interests - Per-user residentialAccess toggle on userPortRoles (migration 0011) - Permission keys: residential_clients, residential_interests - Sidebar nav + role form integration - Smoke spec covering page loads, UI create flow, public endpoint Admin & shared UI - Admin → Forms (form templates CRUD) with validators + service - Notification preferences page (in-app + email per type) - Email composition + accounts list + threads view - Branded auth shell shared across CRM + portal auth surfaces - Inline editing extended to yacht/company/interest detail pages - InlineTagEditor + per-entity tags endpoints (yachts, companies) - Notes service polymorphic across clients/interests/yachts/companies - Client list columns: yachtCount + companyCount badges - Reservation file-download via presigned URL (replaces stale <a href>) Route handler refactor - Extracted yachts/companies/berths reservation handlers to sibling handlers.ts files (Next.js 15 route.ts only allows specific exports) Reliability fixes - apiFetch double-stringify bug fixed across 13 components (apiFetch already JSON.stringifies its body; passing a stringified body produced double-encoded JSON which failed zod validation) - SocketProvider gated behind useSyncExternalStore-based mount check to avoid useSession() SSR crashes under React 19 + Next 15 - apiFetch falls back to URL-pathname → port-id resolution when the Zustand store hasn't hydrated yet (fresh contexts, e2e tests) - CRM invite flow (schema, service, route, email, dev script) - Dashboard route → [portSlug]/dashboard/page.tsx + redirect - Document the dev-server restart-after-migration gotcha in CLAUDE.md Tests - 5-case residential smoke spec - Integration test updates for new service signatures Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-04-27 21:54:32 +02:00			`import type {`
			`CreateFormTemplateInput,`
			`UpdateFormTemplateInput,`
			`} from '@/lib/validators/form-templates';`

			`interface AuditMeta {`
			`userId: string;`
			`portId: string;`
			`ipAddress?: string;`
			`userAgent?: string;`
			`}`

			`export async function listFormTemplates(portId: string) {`
			`return db`
			`.select()`
			`.from(formTemplates)`
			`.where(eq(formTemplates.portId, portId))`
			`.orderBy(desc(formTemplates.updatedAt));`
			`}`

			`export async function getFormTemplateById(id: string, portId: string) {`
			`const tpl = await db.query.formTemplates.findFirst({`
			`where: and(eq(formTemplates.id, id), eq(formTemplates.portId, portId)),`
			`});`
			`if (!tpl) throw new NotFoundError('Form template');`
			`return tpl;`
			`}`

			`export async function createFormTemplate(`
			`portId: string,`
			`data: CreateFormTemplateInput,`
			`meta: AuditMeta,`
			`) {`
			`const [tpl] = await db`
			`.insert(formTemplates)`
			`.values({`
			`portId,`
			`name: data.name,`
			`description: data.description ?? null,`
			`fields: data.fields,`
			`branding: data.branding ?? {},`
			`isActive: data.isActive ?? true,`
			`createdBy: meta.userId,`
			`})`
			`.returning();`

fix(audit-tier-2): error-surface hygiene — toastError + CodedError sweep Two mechanical sweeps closing the audit's HIGH §16 + MED §11 findings: * 38 client components / 56 toast.error sites converted to toastError(err) so the new admin error inspector becomes usable from user-reported issues — every failed inline-edit, save, send, archive, upload, etc. now carries the request-id + error-code (Copy ID action). * 26 service files / 62 bare-Error throws converted to CodedError or the existing AppError subclasses. Adds new error codes: DOCUMENSO_UPSTREAM_ERROR (502), DOCUMENSO_AUTH_FAILURE (502), DOCUMENSO_TIMEOUT (504), OCR_UPSTREAM_ERROR (502), IMAP_UPSTREAM_ERROR (502), UMAMI_UPSTREAM_ERROR (502), UMAMI_NOT_CONFIGURED (409), and INSERT_RETURNING_EMPTY (500) for post-insert returning-empty guards. * Five vitest assertions updated to match the new user-facing wording (client-merge "already been merged", expense/interest "couldn't find that …", documenso "signing service didn't respond"). Test status: 1168/1168 vitest, tsc clean. Refs: docs/audit-comprehensive-2026-05-05.md HIGH §16 (auditor-H Issue 1) + MED §11 (auditor-G Issue 1). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-05 20:18:05 +02:00			`if (!tpl)`
			`throw new CodedError('INSERT_RETURNING_EMPTY', {`
			`internalMessage: 'Form template insert returned no row',`
			`});`
feat(platform): residential module + admin UI + reliability fixes Residential platform - New schema: residentialClients, residentialInterests (separate from marina/yacht clients) with migration 0010 - Service layer with CRUD + audit + sockets + per-port portal toggle - v1 + public API routes (/api/v1/residential/*, /api/public/residential-inquiries) - List + detail pages with inline editing for clients and interests - Per-user residentialAccess toggle on userPortRoles (migration 0011) - Permission keys: residential_clients, residential_interests - Sidebar nav + role form integration - Smoke spec covering page loads, UI create flow, public endpoint Admin & shared UI - Admin → Forms (form templates CRUD) with validators + service - Notification preferences page (in-app + email per type) - Email composition + accounts list + threads view - Branded auth shell shared across CRM + portal auth surfaces - Inline editing extended to yacht/company/interest detail pages - InlineTagEditor + per-entity tags endpoints (yachts, companies) - Notes service polymorphic across clients/interests/yachts/companies - Client list columns: yachtCount + companyCount badges - Reservation file-download via presigned URL (replaces stale <a href>) Route handler refactor - Extracted yachts/companies/berths reservation handlers to sibling handlers.ts files (Next.js 15 route.ts only allows specific exports) Reliability fixes - apiFetch double-stringify bug fixed across 13 components (apiFetch already JSON.stringifies its body; passing a stringified body produced double-encoded JSON which failed zod validation) - SocketProvider gated behind useSyncExternalStore-based mount check to avoid useSession() SSR crashes under React 19 + Next 15 - apiFetch falls back to URL-pathname → port-id resolution when the Zustand store hasn't hydrated yet (fresh contexts, e2e tests) - CRM invite flow (schema, service, route, email, dev script) - Dashboard route → [portSlug]/dashboard/page.tsx + redirect - Document the dev-server restart-after-migration gotcha in CLAUDE.md Tests - 5-case residential smoke spec - Integration test updates for new service signatures Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-04-27 21:54:32 +02:00
			`void createAuditLog({`
			`userId: meta.userId,`
			`portId,`
			`action: 'create',`
			`entityType: 'form_template',`
			`entityId: tpl.id,`
			`newValue: { name: data.name },`
			`ipAddress: meta.ipAddress ?? '',`
			`userAgent: meta.userAgent ?? '',`
			`});`

			`return tpl;`
			`}`

			`export async function updateFormTemplate(`
			`id: string,`
			`portId: string,`
			`data: UpdateFormTemplateInput,`
			`meta: AuditMeta,`
			`) {`
			`const existing = await getFormTemplateById(id, portId);`

			`const [updated] = await db`
			`.update(formTemplates)`
			`.set({`
			`...(data.name !== undefined && { name: data.name }),`
			`...(data.description !== undefined && { description: data.description ?? null }),`
			`...(data.fields !== undefined && { fields: data.fields }),`
			`...(data.branding !== undefined && { branding: data.branding }),`
			`...(data.isActive !== undefined && { isActive: data.isActive }),`
			`updatedAt: new Date(),`
			`})`
			`.where(eq(formTemplates.id, id))`
			`.returning();`

			`if (!updated) throw new NotFoundError('Form template');`

			`void createAuditLog({`
			`userId: meta.userId,`
			`portId,`
			`action: 'update',`
			`entityType: 'form_template',`
			`entityId: id,`
			`oldValue: { name: existing.name },`
			`newValue: data,`
			`ipAddress: meta.ipAddress ?? '',`
			`userAgent: meta.userAgent ?? '',`
			`});`

			`return updated;`
			`}`

			`export async function deleteFormTemplate(id: string, portId: string, meta: AuditMeta) {`
			`await getFormTemplateById(id, portId);`

			`await db.delete(formTemplates).where(eq(formTemplates.id, id));`

			`void createAuditLog({`
			`userId: meta.userId,`
			`portId,`
			`action: 'delete',`
			`entityType: 'form_template',`
			`entityId: id,`
			`ipAddress: meta.ipAddress ?? '',`
			`userAgent: meta.userAgent ?? '',`
			`});`
			`}`