fix(audit): non-Documenso backlog sweep — port-binding, NULLS NOT DISTINCT, custom merge tokens, company docs
Wave through the remaining audit-final-deferred items that aren't blocked
on the back-burnered Documenso work.
Multi-tenant isolation:
- Storage proxy ProxyTokenPayload gains optional `p` (port slug) claim;
verifier asserts `key.startsWith(${p}/)`. Defense-in-depth against a
buggy issuer in some future code path that mixes port scopes — every
storage key generated by generateStorageKey() already prefixes the
slug. document-sends opts in for 24h emailed download links; other
callers continue working unchanged via the optional field.
DB schema reconciliation:
- Migration 0047 rebuilds system_settings unique index with NULLS NOT
DISTINCT (Postgres 15+) so global settings (port_id IS NULL) are
uniquely keyed by `key` alone. Surfaced + dedupe'd 65 duplicate
(storage_backend, NULL) rows that had accumulated from race-prone
delete-then-insert patterns in ocr-config / settings / residential-
stages / ai-budget services. All four services converted to true
onConflictDoUpdate upserts so the race window is closed.
API uniformity:
- Response shape standardization: 16 routes converted from
`{ success: true }` to 204 No Content. CLAUDE.md documents the
convention (`{ data: <T> }` for content, 204 for empty mutations,
portal-auth retains `{ success: true }` for the frontend's auth chain).
- req.json() → parseBody() migration across 9 admin/CRM routes
(custom-fields, expenses/export ×3, currency convert,
search/recently-viewed, admin/duplicates, berths/pdf-{upload-url,
versions, parse-results}). Uniform 400 error shapes for
ZodError-flagged bodies.
Custom-fields merge tokens (shipped end-to-end):
- merge-fields.ts gains CUSTOM_MERGE_TOKEN_RE + helpers for the
`{{custom.<fieldName>}}` shape.
- document-templates validator accepts the dynamic shape alongside
the static catalog tokens.
- document-sends.service mergeCustomFieldValues resolver fetches
per-port custom_field_definitions for client/interest/berth contexts
and substitutes stored values keyed by `{{custom.fieldName}}`.
- custom-fields-manager amber banner updated to reflect that merge
tokens now expand (search index + entity-diff remain documented
design limitations).
/api/v1/files cross-entity filtering:
- Validator + listFiles + uploadFile accept companyId AND yachtId
alongside clientId. file-upload-zone propagates both.
- New CompanyFilesTab component mirrors ClientFilesTab; restored as a
visible Documents tab in company-tabs.tsx (was a hidden stub).
Inline TODOs:
- Reviewed remaining two TODOs (per-user reminder schedule, import
worker handlers). Both are placeholders for future feature surfaces,
not bugs — per-port digest works for every customer; nothing
currently enqueues import jobs (verified). Annotated in BACKLOG.
BACKLOG.md updated to reflect what landed and what's still pending
(Documenso-related items still bundled with the back-burnered phases).
Tests: 1185/1185 vitest, tsc clean.
This commit is contained in:
@@ -16,6 +16,8 @@ interface FileUploadZoneProps {
|
||||
entityType?: string;
|
||||
entityId?: string;
|
||||
clientId?: string;
|
||||
yachtId?: string;
|
||||
companyId?: string;
|
||||
onUploadComplete?: () => void;
|
||||
}
|
||||
|
||||
@@ -23,6 +25,8 @@ export function FileUploadZone({
|
||||
entityType,
|
||||
entityId,
|
||||
clientId,
|
||||
yachtId,
|
||||
companyId,
|
||||
onUploadComplete,
|
||||
}: FileUploadZoneProps) {
|
||||
const [isDragOver, setIsDragOver] = useState(false);
|
||||
@@ -46,6 +50,8 @@ export function FileUploadZone({
|
||||
formData.append('file', file);
|
||||
formData.append('filename', file.name);
|
||||
if (clientId) formData.append('clientId', clientId);
|
||||
if (yachtId) formData.append('yachtId', yachtId);
|
||||
if (companyId) formData.append('companyId', companyId);
|
||||
if (entityType) formData.append('entityType', entityType);
|
||||
if (entityId) formData.append('entityId', entityId);
|
||||
|
||||
@@ -54,8 +60,7 @@ export function FileUploadZone({
|
||||
);
|
||||
|
||||
// Use fetch directly for FormData (apiFetch JSON-encodes body)
|
||||
const portId = (await import('@/stores/ui-store'))
|
||||
.useUIStore.getState().currentPortId;
|
||||
const portId = (await import('@/stores/ui-store')).useUIStore.getState().currentPortId;
|
||||
const headers = new Headers();
|
||||
if (portId) headers.set('X-Port-Id', portId);
|
||||
const uploadRes = await fetch('/api/v1/files/upload', {
|
||||
@@ -73,9 +78,7 @@ export function FileUploadZone({
|
||||
);
|
||||
} catch {
|
||||
setUploading((prev) =>
|
||||
prev.map((u) =>
|
||||
u.id === uploadId ? { ...u, error: 'Upload failed' } : u,
|
||||
),
|
||||
prev.map((u) => (u.id === uploadId ? { ...u, error: 'Upload failed' } : u)),
|
||||
);
|
||||
}
|
||||
}),
|
||||
@@ -87,7 +90,7 @@ export function FileUploadZone({
|
||||
onUploadComplete?.();
|
||||
}, 1500);
|
||||
},
|
||||
[clientId, entityType, entityId, onUploadComplete],
|
||||
[clientId, yachtId, companyId, entityType, entityId, onUploadComplete],
|
||||
);
|
||||
|
||||
const handleDrop = useCallback(
|
||||
@@ -135,9 +138,7 @@ export function FileUploadZone({
|
||||
>
|
||||
<Upload className="h-8 w-8 text-muted-foreground mb-2" />
|
||||
<p className="text-sm font-medium">Drop files here or click to upload</p>
|
||||
<p className="text-xs text-muted-foreground mt-1">
|
||||
PDF, Word, Excel, images up to 50MB
|
||||
</p>
|
||||
<p className="text-xs text-muted-foreground mt-1">PDF, Word, Excel, images up to 50MB</p>
|
||||
<input
|
||||
ref={inputRef}
|
||||
type="file"
|
||||
@@ -169,9 +170,7 @@ export function FileUploadZone({
|
||||
{u.error && (
|
||||
<button
|
||||
type="button"
|
||||
onClick={() =>
|
||||
setUploading((prev) => prev.filter((x) => x.id !== u.id))
|
||||
}
|
||||
onClick={() => setUploading((prev) => prev.filter((x) => x.id !== u.id))}
|
||||
>
|
||||
<X className="h-3.5 w-3.5 text-muted-foreground" />
|
||||
</button>
|
||||
|
||||
Reference in New Issue
Block a user