Add user settings, audit log, berth CRUD, and missing endpoints

- PATCH /api/v1/me: self-service profile update (name, phone, timezone) - User settings page with profile editor + notification preferences - Audit log API with filtering (entity, action, user, date range) - Audit log page with search, entity type, and action filters - Berth create/delete: POST /api/v1/berths + DELETE /api/v1/berths/[id] - Client duplicates endpoint: GET /api/v1/clients/duplicates?name= - Replace settings and audit stub pages with real implementations Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-08 19:45:56 -04:00
parent 4fdd9e3207
commit 8df8ded46c
12 changed files with 779 additions and 53 deletions
--- a/src/app/api/v1/admin/audit/route.ts
+++ b/src/app/api/v1/admin/audit/route.ts
@@ -0,0 +1,31 @@
+import { NextResponse } from 'next/server';
+import { z } from 'zod';
+
+import { withAuth, withPermission } from '@/lib/api/helpers';
+import { parseQuery } from '@/lib/api/route-helpers';
+import { listAuditLogs } from '@/lib/services/audit.service';
+import { errorResponse } from '@/lib/errors';
+
+const auditQuerySchema = z.object({
+  page: z.coerce.number().int().min(1).default(1),
+  limit: z.coerce.number().int().min(1).max(100).default(50),
+  entityType: z.string().optional(),
+  action: z.string().optional(),
+  userId: z.string().optional(),
+  entityId: z.string().optional(),
+  dateFrom: z.string().optional(),
+  dateTo: z.string().optional(),
+  search: z.string().optional(),
+});
+
+export const GET = withAuth(
+  withPermission('admin', 'view_audit_log', async (req, ctx) => {
+    try {
+      const query = parseQuery(req, auditQuerySchema);
+      const result = await listAuditLogs(ctx.portId, query);
+      return NextResponse.json(result);
+    } catch (error) {
+      return errorResponse(error);
+    }
+  }),
+);