letsbe/pn-new-crm
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
be261f3f90c7675cd9565aa408ecfc7116ecbdb6
pn-new-crm/src/lib/services/notification-digest.service.ts

208 lines
6.7 KiB
TypeScript
Raw Normal View History

feat(notifications): wire the notification-digest scheduler (R2-H16) The 'notification-digest' cron entry in scheduler.ts was registered but had no handler — admins configured a daily digest time/timezone at /admin/reminders and got fire-as-they-hit notifications instead. New runNotificationDigest() service: - Loads per-port reminder config; skips ports with digestEnabled=false - Compares the current hour in the port's configured timezone to the configured digest time; only fires when the hour matches (cron is hourly, so this gate ensures exactly one digest per port per day). - For every user with a port-role on that port, batches their unread notifications from the last 24h (capped at 20 inline + "and N more" link to the inbox) into a single digest email. - Marks the included rows as email_sent so tomorrow's digest doesn't resend them. New email template at notification-digest.ts renders the per-row type/title/description with deep-link to the in-app inbox. Email worker now routes case 'notification-digest' to the dispatcher. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-06 23:51:51 +02:00
/**
* Notification digest dispatcher.
*
* Cron `notification-digest` fires hourly via the email worker. For
* every port with `reminder_digest_enabled === true`, we check whether
* the configured `reminder_digest_time` (HH:MM in
* `reminder_digest_timezone`) matches the current hour. If yes, we
* batch each user's unread notifications from the last 24h into a
* single digest email and mark those notifications as `email_sent` so
* they don't appear in tomorrow's digest.
*
* Per-user respect:
* - The digest is skipped for users with no unread notifications.
* - Notification preferences (per-user opt-out) are honored via the
* existing `userNotificationPreferences` table where present.
*/
import { and, desc, eq, gte, inArray, isNull } from 'drizzle-orm';
import { db } from '@/lib/db';
import { ports } from '@/lib/db/schema/ports';
import { notifications } from '@/lib/db/schema/operations';
import { user as authUser } from '@/lib/db/schema/users';
import { userPortRoles } from '@/lib/db/schema/users';
import { sendEmail } from '@/lib/email';
import { notificationDigestEmail } from '@/lib/email/templates/notification-digest';
import { getPortReminderConfig } from '@/lib/services/port-config';
import { env } from '@/lib/env';
import { logger } from '@/lib/logger';
import { resolveSubject } from '@/lib/email/resolve-subject';
feat(branding): wire per-port branding through every transactional email + auth shell (R2-H15) Multi-tenant branding admin (/admin/branding) was saving 5 settings that no code read — every port's emails shipped Port Nimara's logo and color regardless. Now wired end-to-end: New shared infrastructure: - src/lib/email/shell.ts — renderShell() + brandingPrimaryColor() helpers; takes BrandingShell { logoUrl, primaryColor, emailHeaderHtml, emailFooterHtml }, falls back to Port Nimara defaults when null. - src/lib/email/branding-resolver.ts — getBrandingShell(portId) thin wrapper over getPortBrandingConfig() that returns null on error / missing portId so senders never break on misconfig. All 6 transactional templates refactored to use renderShell + the shared accent color; portName now flows through every template (crm-invite, portal activation/reset, both inquiries, both residential templates, notification digest). All 6 senders pass branding via getBrandingShell: - portal-auth.service.ts (activation + reset) - crm-invite.service.ts (resend path; create-invite has no portId yet so falls through to defaults) - email worker (inquiry confirmation + sales notification) - residential-inquiries route (client confirmation + sales alert) - notification-digest.service.ts (digest) BrandedAuthShell takes an optional `branding` prop with logoUrl + appName (parent page server-fetches via getPortBrandingConfig). Defaults to Port Nimara if omitted, so single-tenant deployments are unaffected. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 00:00:45 +02:00
import { getBrandingShell } from '@/lib/email/branding-resolver';
feat(notifications): wire the notification-digest scheduler (R2-H16) The 'notification-digest' cron entry in scheduler.ts was registered but had no handler — admins configured a daily digest time/timezone at /admin/reminders and got fire-as-they-hit notifications instead. New runNotificationDigest() service: - Loads per-port reminder config; skips ports with digestEnabled=false - Compares the current hour in the port's configured timezone to the configured digest time; only fires when the hour matches (cron is hourly, so this gate ensures exactly one digest per port per day). - For every user with a port-role on that port, batches their unread notifications from the last 24h (capped at 20 inline + "and N more" link to the inbox) into a single digest email. - Marks the included rows as email_sent so tomorrow's digest doesn't resend them. New email template at notification-digest.ts renders the per-row type/title/description with deep-link to the in-app inbox. Email worker now routes case 'notification-digest' to the dispatcher. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-06 23:51:51 +02:00
const DIGEST_LOOKBACK_MS = 24 * 60 * 60 * 1000;
const MAX_ITEMS_PER_USER = 20;
/**
* Returns the local hour (0-23) for `at` in IANA `timezone`. Falls
* back to UTC if the timezone is unparseable so a misconfigured port
* still gets exactly one digest fire per day instead of zero.
*/
function localHourFor(at: Date, timezone: string): number {
try {
const fmt = new Intl.DateTimeFormat('en-US', {
timeZone: timezone,
hour: 'numeric',
hour12: false,
});
const parts = fmt.formatToParts(at);
const hourPart = parts.find((p) => p.type === 'hour')?.value;
if (hourPart === undefined) return at.getUTCHours();
const n = Number.parseInt(hourPart, 10);
return Number.isFinite(n) ? n % 24 : at.getUTCHours();
} catch {
return at.getUTCHours();
}
}
export interface DigestRunResult {
portsConsidered: number;
portsFired: number;
digestsSent: number;
errors: number;
}
export async function runNotificationDigest(now: Date = new Date()): Promise<DigestRunResult> {
const allPorts = await db.select({ id: ports.id, name: ports.name }).from(ports);
let portsFired = 0;
let digestsSent = 0;
let errors = 0;
for (const port of allPorts) {
let cfg;
try {
cfg = await getPortReminderConfig(port.id);
} catch (err) {
logger.warn({ err, portId: port.id }, 'digest: failed to load port reminder config');
errors += 1;
continue;
}
if (!cfg.digestEnabled) continue;
// Only fire when the current local hour in the port's TZ matches
// the configured digest time. The cron pattern is hourly so this
// gate ensures we send exactly once per day per port.
const targetHour = Number.parseInt(cfg.digestTime.split(':')[0] ?? '9', 10);
const localHour = localHourFor(now, cfg.digestTimezone);
if (localHour !== targetHour) continue;
portsFired += 1;
// Find all users with a port-role on this port — that's the
// recipient set. Future iteration could honor per-user opt-out
// flags from userNotificationPreferences.
const portUsers = await db
.select({
userId: userPortRoles.userId,
email: authUser.email,
name: authUser.name,
})
.from(userPortRoles)
.innerJoin(authUser, eq(userPortRoles.userId, authUser.id))
.where(eq(userPortRoles.portId, port.id));
if (portUsers.length === 0) continue;
feat(branding): wire per-port branding through every transactional email + auth shell (R2-H15) Multi-tenant branding admin (/admin/branding) was saving 5 settings that no code read — every port's emails shipped Port Nimara's logo and color regardless. Now wired end-to-end: New shared infrastructure: - src/lib/email/shell.ts — renderShell() + brandingPrimaryColor() helpers; takes BrandingShell { logoUrl, primaryColor, emailHeaderHtml, emailFooterHtml }, falls back to Port Nimara defaults when null. - src/lib/email/branding-resolver.ts — getBrandingShell(portId) thin wrapper over getPortBrandingConfig() that returns null on error / missing portId so senders never break on misconfig. All 6 transactional templates refactored to use renderShell + the shared accent color; portName now flows through every template (crm-invite, portal activation/reset, both inquiries, both residential templates, notification digest). All 6 senders pass branding via getBrandingShell: - portal-auth.service.ts (activation + reset) - crm-invite.service.ts (resend path; create-invite has no portId yet so falls through to defaults) - email worker (inquiry confirmation + sales notification) - residential-inquiries route (client confirmation + sales alert) - notification-digest.service.ts (digest) BrandedAuthShell takes an optional `branding` prop with logoUrl + appName (parent page server-fetches via getPortBrandingConfig). Defaults to Port Nimara if omitted, so single-tenant deployments are unaffected. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 00:00:45 +02:00
// Resolve branding once per port — every user on this port gets
// the same shell.
const branding = await getBrandingShell(port.id);
feat(notifications): wire the notification-digest scheduler (R2-H16) The 'notification-digest' cron entry in scheduler.ts was registered but had no handler — admins configured a daily digest time/timezone at /admin/reminders and got fire-as-they-hit notifications instead. New runNotificationDigest() service: - Loads per-port reminder config; skips ports with digestEnabled=false - Compares the current hour in the port's configured timezone to the configured digest time; only fires when the hour matches (cron is hourly, so this gate ensures exactly one digest per port per day). - For every user with a port-role on that port, batches their unread notifications from the last 24h (capped at 20 inline + "and N more" link to the inbox) into a single digest email. - Marks the included rows as email_sent so tomorrow's digest doesn't resend them. New email template at notification-digest.ts renders the per-row type/title/description with deep-link to the in-app inbox. Email worker now routes case 'notification-digest' to the dispatcher. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-06 23:51:51 +02:00
const since = new Date(now.getTime() - DIGEST_LOOKBACK_MS);
for (const u of portUsers) {
try {
const rows = await db
.select({
id: notifications.id,
type: notifications.type,
title: notifications.title,
description: notifications.description,
link: notifications.link,
createdAt: notifications.createdAt,
})
.from(notifications)
.where(
and(
eq(notifications.portId, port.id),
eq(notifications.userId, u.userId),
eq(notifications.isRead, false),
eq(notifications.emailSent, false),
gte(notifications.createdAt, since),
),
)
.orderBy(desc(notifications.createdAt))
.limit(100);
if (rows.length === 0) continue;
const visible = rows.slice(0, MAX_ITEMS_PER_USER);
const inboxLink = `${env.APP_URL}/notifications`;
feat(email): port remaining 7 templates to react-email Phase 2 (single commit) — applies the portal-auth.tsx pattern to every hand-strung transactional email template. JSX components rendered via @react-email/components' render() replace inline-style string templates + hand-rolled escapeHtml(). Ported (.ts → .tsx, public function signatures become async): crm-invite.tsx — admin/super-admin CRM invite admin-email-change.tsx — sign-in email changed notification inquiry-client-confirmation.tsx — public berth inquiry receipt inquiry-sales-notification.tsx — internal sales alert for inquiries residential-inquiry.tsx — pair: client confirmation + sales alert notification-digest.tsx — daily/hourly unread-notification digest document-signing.tsx — triplet: invitation + completed + reminder Each template now defines its body as a typed React component, drops escapeHtml() entirely (react-email auto-escapes string interpolation in JSX text + attributes), and passes the rendered HTML to the existing renderShell() for shell wrapping. The shell + branding flow is unchanged. Caller migration (all sync → async): src/app/api/public/residential-inquiries/route.ts src/lib/queue/workers/email.ts src/lib/services/notification-digest.service.ts src/lib/services/users.service.ts src/lib/services/document-signing-emails.service.ts src/lib/services/crm-invite.service.ts All call sites already lived inside async functions; only the await was needed. No public API shape changes other than return type (now Promise). The pattern now applies uniformly across all 8 email templates (portal- auth.tsx + the 7 in this commit). Email template directory is fully react-email-based. 1298/1298 vitest green. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-12 21:19:52 +02:00
const result = await notificationDigestEmail(
feat(branding): wire per-port branding through every transactional email + auth shell (R2-H15) Multi-tenant branding admin (/admin/branding) was saving 5 settings that no code read — every port's emails shipped Port Nimara's logo and color regardless. Now wired end-to-end: New shared infrastructure: - src/lib/email/shell.ts — renderShell() + brandingPrimaryColor() helpers; takes BrandingShell { logoUrl, primaryColor, emailHeaderHtml, emailFooterHtml }, falls back to Port Nimara defaults when null. - src/lib/email/branding-resolver.ts — getBrandingShell(portId) thin wrapper over getPortBrandingConfig() that returns null on error / missing portId so senders never break on misconfig. All 6 transactional templates refactored to use renderShell + the shared accent color; portName now flows through every template (crm-invite, portal activation/reset, both inquiries, both residential templates, notification digest). All 6 senders pass branding via getBrandingShell: - portal-auth.service.ts (activation + reset) - crm-invite.service.ts (resend path; create-invite has no portId yet so falls through to defaults) - email worker (inquiry confirmation + sales notification) - residential-inquiries route (client confirmation + sales alert) - notification-digest.service.ts (digest) BrandedAuthShell takes an optional `branding` prop with logoUrl + appName (parent page server-fetches via getPortBrandingConfig). Defaults to Port Nimara if omitted, so single-tenant deployments are unaffected. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 00:00:45 +02:00
{
portName: port.name,
recipientName: u.name ?? '',
items: visible.map((r) => ({
type: r.type,
title: r.title,
description: r.description,
link: r.link ? `${env.APP_URL}${r.link}` : null,
createdAt: r.createdAt,
})),
totalUnread: rows.length,
inboxLink,
},
{ branding },
);
feat(notifications): wire the notification-digest scheduler (R2-H16) The 'notification-digest' cron entry in scheduler.ts was registered but had no handler — admins configured a daily digest time/timezone at /admin/reminders and got fire-as-they-hit notifications instead. New runNotificationDigest() service: - Loads per-port reminder config; skips ports with digestEnabled=false - Compares the current hour in the port's configured timezone to the configured digest time; only fires when the hour matches (cron is hourly, so this gate ensures exactly one digest per port per day). - For every user with a port-role on that port, batches their unread notifications from the last 24h (capped at 20 inline + "and N more" link to the inbox) into a single digest email. - Marks the included rows as email_sent so tomorrow's digest doesn't resend them. New email template at notification-digest.ts renders the per-row type/title/description with deep-link to the in-app inbox. Email worker now routes case 'notification-digest' to the dispatcher. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-06 23:51:51 +02:00
fix(audit): comprehensive 2026-05-15 audit fix wave + Documenso v2 polish Bundles the prior session's 50-task fix sweep (Documenso v2 + EOI/signing- progress redesign + env-to-admin migration + dev-mode banner) with the 2026-05-18 audit fix wave (3 CRITICAL, 14 HIGH, 28 MEDIUM, 6 LOW). CRITICAL (3): - C-01 interest-berths INNER JOIN -> LEFT JOIN so hard-deleted berths no longer silently drop interest links - C-02 /setup added to PUBLIC_PATHS; fresh-deploy bootstrap loop fixed - C-03 generic PATCH /interests/[id] no longer accepts pipelineStage — callers must go through /stage with the override-guard chain HIGH (14/15): - H-01 explicit ON DELETE on previously-implicit NO ACTION FKs across interests/documents/reservations/reminders/invoices (migration 0070) - H-02 login page reads ?redirect= param with same-origin guard - H-03 CRM invite token moves to URL fragment so it never lands in nginx access logs / Referer headers - H-04 Retry-After header on sign-in-by-identifier 429 (RFC 6585 §4) - H-05 toggleAccount writes an audit row - H-06 upsertSetting masks any value whose key ends with _encrypted - H-07 archiveClient cascade fires per-interest audit rows - H-08 createSalesTransporter applies SMTP_TIMEOUTS - H-09 AppShell stable children — viewport flip across breakpoint no longer destroys in-progress form drafts - H-10 portal documents page swaps Unicode glyph status icons for Lucide CheckCircle2/XCircle/Circle + aria-labels - H-12 list components swap alert(...) for toast.warning(...) - H-13 5 icon-only buttons gain aria-label - H-14 parseBody treats empty bodies as {} - H-15 admin layout renders a 403 panel instead of silent bounce - H-11 not applicable — mobile-search-overlay IS a mobile bottom-sheet MEDIUM (28+): - M-MT01-05 defense-in-depth port_id/parent-id filters on UPDATE/DELETE WHEREs across custom-fields, notes (all 6 entity types x update + delete), client-contacts, yacht ownerClient lookup, webhook reads - M-D01 documents-hub realtime event-name typo (file:created -> uploaded) - M-EM01 portal-auth emails thread through portId - M-EM02 sendEmail accepts cc/bcc params - M-EM04 notification_digest catalog key - M-IN01 portal presigned download URLs use 4h TTL - M-IN02 OpenAI client lazy-instantiated - M-IN04 stale pdfme refs updated to pdf-lib AcroForm - M-IN05 umami.testConnection returns tagged union - M-L01 reservations tenure_type unified with berths - M-L02 report-generators canonicalize stage values - M-AU01 audit log placeholder copy fixed - M-AU04 outcome_set / outcome_cleared distinct audit verbs - M-NEW-2 activity feed entity name+type separator - M-R01 portal allowlist narrowed + portal_session backstop in proxy - M-SC02 companies archived partial index - M-SC04 audit_logs.searchText documented as DB-managed - M-S01 storage_s3_access_key_encrypted admin field - M-U01 audit log empty state uses <EmptyState> - M-U09 invoice delete dialog -> <AlertDialog> - M-U10 toast.success on ClientForm + InterestForm create/edit - M-U11 settings-form-card logo preview alt text - M-U14 mobile topbar title on clients/yachts/interests/berths - M-U15 Invoices in mobile More-sheet LOW (6/8): - L-AU01 severity defaults for security-relevant verbs - L-AU02 +13 missing actions in admin audit filter - L-AU03 +7 missing entity types in admin audit filter - L-AU04 dead listAuditLogs stubbed - L-D02 CLAUDE.md Owner-wins chain tightened Bonus — Document detail polish (#67 partial, 3/6 deliverables): - state-aware action button per signer - watcher Add UI with display-name resolution - cleanSignerName cleanup Prior session work bundled in: - Documenso v2 webhook + envelope-ID normalization + sequential signing - SigningProgress UI redesign (avatars, per-signer state, timestamps) - env->admin settings registry + RegistryDrivenForm + encrypted creds - Embedded-signing card + Test connection + setup help - Dev-mode EMAIL_REDIRECT_TO banner - Pipeline rules admin page - Sales email config card - Audit log details Sheet - EOI tab: Finalising badge, absolute timestamps, sequential indicator - Notes pipeline_stage_at_creation (migration 0069) - Documenso numeric ID dual-key webhook (migration 0068) - Dimensions criterion copy (migration 0067) Tests: 1374/1374 vitest pass. tsc clean. lint clean. See docs/AUDIT-FIX-WAVE-2026-05-18.md for the full progress report and the user-input items still pending. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-18 13:28:50 +02:00
// M-EM04: dedicated catalog key — admins can override the
// digest subject from /admin/email without an unsafe cast and
// the digest's setting key now namespaces cleanly.
feat(notifications): wire the notification-digest scheduler (R2-H16) The 'notification-digest' cron entry in scheduler.ts was registered but had no handler — admins configured a daily digest time/timezone at /admin/reminders and got fire-as-they-hit notifications instead. New runNotificationDigest() service: - Loads per-port reminder config; skips ports with digestEnabled=false - Compares the current hour in the port's configured timezone to the configured digest time; only fires when the hour matches (cron is hourly, so this gate ensures exactly one digest per port per day). - For every user with a port-role on that port, batches their unread notifications from the last 24h (capped at 20 inline + "and N more" link to the inbox) into a single digest email. - Marks the included rows as email_sent so tomorrow's digest doesn't resend them. New email template at notification-digest.ts renders the per-row type/title/description with deep-link to the in-app inbox. Email worker now routes case 'notification-digest' to the dispatcher. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-06 23:51:51 +02:00
const subject = await resolveSubject({
fix(audit): comprehensive 2026-05-15 audit fix wave + Documenso v2 polish Bundles the prior session's 50-task fix sweep (Documenso v2 + EOI/signing- progress redesign + env-to-admin migration + dev-mode banner) with the 2026-05-18 audit fix wave (3 CRITICAL, 14 HIGH, 28 MEDIUM, 6 LOW). CRITICAL (3): - C-01 interest-berths INNER JOIN -> LEFT JOIN so hard-deleted berths no longer silently drop interest links - C-02 /setup added to PUBLIC_PATHS; fresh-deploy bootstrap loop fixed - C-03 generic PATCH /interests/[id] no longer accepts pipelineStage — callers must go through /stage with the override-guard chain HIGH (14/15): - H-01 explicit ON DELETE on previously-implicit NO ACTION FKs across interests/documents/reservations/reminders/invoices (migration 0070) - H-02 login page reads ?redirect= param with same-origin guard - H-03 CRM invite token moves to URL fragment so it never lands in nginx access logs / Referer headers - H-04 Retry-After header on sign-in-by-identifier 429 (RFC 6585 §4) - H-05 toggleAccount writes an audit row - H-06 upsertSetting masks any value whose key ends with _encrypted - H-07 archiveClient cascade fires per-interest audit rows - H-08 createSalesTransporter applies SMTP_TIMEOUTS - H-09 AppShell stable children — viewport flip across breakpoint no longer destroys in-progress form drafts - H-10 portal documents page swaps Unicode glyph status icons for Lucide CheckCircle2/XCircle/Circle + aria-labels - H-12 list components swap alert(...) for toast.warning(...) - H-13 5 icon-only buttons gain aria-label - H-14 parseBody treats empty bodies as {} - H-15 admin layout renders a 403 panel instead of silent bounce - H-11 not applicable — mobile-search-overlay IS a mobile bottom-sheet MEDIUM (28+): - M-MT01-05 defense-in-depth port_id/parent-id filters on UPDATE/DELETE WHEREs across custom-fields, notes (all 6 entity types x update + delete), client-contacts, yacht ownerClient lookup, webhook reads - M-D01 documents-hub realtime event-name typo (file:created -> uploaded) - M-EM01 portal-auth emails thread through portId - M-EM02 sendEmail accepts cc/bcc params - M-EM04 notification_digest catalog key - M-IN01 portal presigned download URLs use 4h TTL - M-IN02 OpenAI client lazy-instantiated - M-IN04 stale pdfme refs updated to pdf-lib AcroForm - M-IN05 umami.testConnection returns tagged union - M-L01 reservations tenure_type unified with berths - M-L02 report-generators canonicalize stage values - M-AU01 audit log placeholder copy fixed - M-AU04 outcome_set / outcome_cleared distinct audit verbs - M-NEW-2 activity feed entity name+type separator - M-R01 portal allowlist narrowed + portal_session backstop in proxy - M-SC02 companies archived partial index - M-SC04 audit_logs.searchText documented as DB-managed - M-S01 storage_s3_access_key_encrypted admin field - M-U01 audit log empty state uses <EmptyState> - M-U09 invoice delete dialog -> <AlertDialog> - M-U10 toast.success on ClientForm + InterestForm create/edit - M-U11 settings-form-card logo preview alt text - M-U14 mobile topbar title on clients/yachts/interests/berths - M-U15 Invoices in mobile More-sheet LOW (6/8): - L-AU01 severity defaults for security-relevant verbs - L-AU02 +13 missing actions in admin audit filter - L-AU03 +7 missing entity types in admin audit filter - L-AU04 dead listAuditLogs stubbed - L-D02 CLAUDE.md Owner-wins chain tightened Bonus — Document detail polish (#67 partial, 3/6 deliverables): - state-aware action button per signer - watcher Add UI with display-name resolution - cleanSignerName cleanup Prior session work bundled in: - Documenso v2 webhook + envelope-ID normalization + sequential signing - SigningProgress UI redesign (avatars, per-signer state, timestamps) - env->admin settings registry + RegistryDrivenForm + encrypted creds - Embedded-signing card + Test connection + setup help - Dev-mode EMAIL_REDIRECT_TO banner - Pipeline rules admin page - Sales email config card - Audit log details Sheet - EOI tab: Finalising badge, absolute timestamps, sequential indicator - Notes pipeline_stage_at_creation (migration 0069) - Documenso numeric ID dual-key webhook (migration 0068) - Dimensions criterion copy (migration 0067) Tests: 1374/1374 vitest pass. tsc clean. lint clean. See docs/AUDIT-FIX-WAVE-2026-05-18.md for the full progress report and the user-input items still pending. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-18 13:28:50 +02:00
key: 'notification_digest',
feat(notifications): wire the notification-digest scheduler (R2-H16) The 'notification-digest' cron entry in scheduler.ts was registered but had no handler — admins configured a daily digest time/timezone at /admin/reminders and got fire-as-they-hit notifications instead. New runNotificationDigest() service: - Loads per-port reminder config; skips ports with digestEnabled=false - Compares the current hour in the port's configured timezone to the configured digest time; only fires when the hour matches (cron is hourly, so this gate ensures exactly one digest per port per day). - For every user with a port-role on that port, batches their unread notifications from the last 24h (capped at 20 inline + "and N more" link to the inbox) into a single digest email. - Marks the included rows as email_sent so tomorrow's digest doesn't resend them. New email template at notification-digest.ts renders the per-row type/title/description with deep-link to the in-app inbox. Email worker now routes case 'notification-digest' to the dispatcher. 1175/1175 vitest passing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-06 23:51:51 +02:00
portId: port.id,
fallback: result.subject,
tokens: { portName: port.name },
});
await sendEmail(u.email, subject, result.html, undefined, result.text, port.id);
await db
.update(notifications)
.set({ emailSent: true })
.where(
and(
eq(notifications.portId, port.id),
eq(notifications.userId, u.userId),
inArray(
notifications.id,
rows.map((r) => r.id),
),
isNull(notifications.isRead) || eq(notifications.isRead, false),
),
);
digestsSent += 1;
} catch (err) {
logger.error(
{ err, portId: port.id, userId: u.userId },
'digest: per-user dispatch failed',
);
errors += 1;
}
}
}
logger.info(
{ portsConsidered: allPorts.length, portsFired, digestsSent, errors },
'notification-digest run complete',
);
return {
portsConsidered: allPorts.length,
portsFired,
digestsSent,
errors,
};
}
Reference in New Issue Copy Permalink