diff --git a/src/app/api/v1/berths/bulk-add/route.ts b/src/app/api/v1/berths/bulk-add/route.ts
index 3d9b8339..e021b984 100644
--- a/src/app/api/v1/berths/bulk-add/route.ts
+++ b/src/app/api/v1/berths/bulk-add/route.ts
@@ -15,7 +15,10 @@ import { bulkAddBerthsSchema } from '@/lib/validators/berths';
* /[portSlug]/admin/berths/bulk-add.
*/
export const POST = withAuth(
- withPermission('berths', 'create', async (req, ctx) => {
+ // F13: aligned with the seed-permissions scope (`berths.import`).
+ // The previous `berths.create` was a phantom key — not in the role
+ // matrix, so non-super-admins silently failed permission resolution.
+ withPermission('berths', 'import', async (req, ctx) => {
try {
const input = await parseBody(req, bulkAddBerthsSchema);
const result = await bulkAddBerths(ctx.portId, input.berths, {
diff --git a/src/app/api/v1/interests/[id]/recommend-berths/route.ts b/src/app/api/v1/interests/[id]/recommend-berths/route.ts
index 71d23974..c942c1d8 100644
--- a/src/app/api/v1/interests/[id]/recommend-berths/route.ts
+++ b/src/app/api/v1/interests/[id]/recommend-berths/route.ts
@@ -11,20 +11,29 @@ import { recommendBerths } from '@/lib/services/berth-recommender.service';
* param) and `portId` (resolved from the auth context — never trust a
* client-supplied port, plan §14.10).
*/
-const recommendBerthsSchema = z.object({
- topN: z.number().int().min(1).max(999).optional(),
- maxOversizePct: z.number().min(0).max(1000).optional(),
- showLateStage: z.boolean().optional(),
- amenityFilters: z
- .object({
- minPowerCapacityKw: z.number().min(0).optional(),
- requiredVoltage: z.number().int().min(0).optional(),
- requiredAccess: z.string().min(1).optional(),
- requiredMooringType: z.string().min(1).optional(),
- requiredCleatCapacity: z.string().min(1).optional(),
- })
- .optional(),
-});
+const recommendBerthsSchema = z
+ .object({
+ topN: z.number().int().min(1).max(999).optional(),
+ // F18: accept `limit` as a friendlier alias for `topN`. The audit
+ // sent `{limit: 3}` and was silently ignored; conventional API users
+ // expect the limit name. Both resolve to the same internal value.
+ limit: z.number().int().min(1).max(999).optional(),
+ maxOversizePct: z.number().min(0).max(1000).optional(),
+ showLateStage: z.boolean().optional(),
+ amenityFilters: z
+ .object({
+ minPowerCapacityKw: z.number().min(0).optional(),
+ requiredVoltage: z.number().int().min(0).optional(),
+ requiredAccess: z.string().min(1).optional(),
+ requiredMooringType: z.string().min(1).optional(),
+ requiredCleatCapacity: z.string().min(1).optional(),
+ })
+ .optional(),
+ })
+ .transform(({ limit, topN, ...rest }) => ({
+ ...rest,
+ topN: topN ?? limit,
+ }));
// POST /api/v1/interests/[id]/recommend-berths
export const POST = withAuth(
diff --git a/src/components/berths/berth-list.tsx b/src/components/berths/berth-list.tsx
index 5fbef5e8..994983a7 100644
--- a/src/components/berths/berth-list.tsx
+++ b/src/components/berths/berth-list.tsx
@@ -1,16 +1,19 @@
'use client';
+import Link from 'next/link';
import { useRouter, useParams } from 'next/navigation';
-import { Anchor } from 'lucide-react';
+import { Anchor, Plus } from 'lucide-react';
import { DataTable } from '@/components/shared/data-table';
import { FilterBar } from '@/components/shared/filter-bar';
import { PageHeader } from '@/components/shared/page-header';
import { SavedViewsDropdown } from '@/components/shared/saved-views-dropdown';
import { ColumnPicker } from '@/components/shared/column-picker';
+import { Button } from '@/components/ui/button';
import { Input } from '@/components/ui/input';
import { EmptyState } from '@/components/shared/empty-state';
import { usePaginatedQuery } from '@/hooks/use-paginated-query';
+import { usePermissions } from '@/hooks/use-permissions';
import { useRealtimeInvalidation } from '@/hooks/use-realtime-invalidation';
import { useTablePreferences } from '@/hooks/use-table-preferences';
import { BerthCard } from './berth-card';
@@ -26,6 +29,11 @@ import { mooringLetterTone } from './mooring-letter-tone';
export function BerthList() {
const router = useRouter();
const params = useParams<{ portSlug: string }>();
+ // F13: bulk-add wizard had no UI entry point. Gate the CTA on
+ // `berths.import` (the existing permission used for adding berths)
+ // so non-admins don't see a button that 403s on click.
+ const { can } = usePermissions();
+ const canBulkAdd = can('berths', 'import');
const {
data,
@@ -97,6 +105,14 @@ export function BerthList() {
}}
/>
+ {canBulkAdd && (
+
+ )}
diff --git a/src/components/interests/interest-outcome-dialog.tsx b/src/components/interests/interest-outcome-dialog.tsx
index 6a198735..0d5eed61 100644
--- a/src/components/interests/interest-outcome-dialog.tsx
+++ b/src/components/interests/interest-outcome-dialog.tsx
@@ -126,8 +126,17 @@ export function InterestOutcomeDialog({ interestId, open, onOpenChange, mode }:
- This will move the interest to Completed and stamp the outcome. You can
- reopen it later.
+ {mode === 'won' ? (
+ <>
+ This will mark the interest as Won. The pipeline stage stays where
+ it is; the outcome flag is set. You can clear the outcome later to reopen.
+
+ ) : (
+ <>
+ This will close the interest with a Lost outcome. The pipeline
+ stage stays where it is. You can clear the outcome later to reopen.
+
+ )}