matt
/
port-nimara-client-portal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
port-nimara-client-portal/server/api/eoi/delete-generated-document.ts

160 lines
5.9 KiB
TypeScript
Raw Normal View History

KEYCLOAK AUTH FIX: Phase 5 - Final Batch (COMPLETE) **UPDATED ENDPOINTS (7 final):** - test-eoi-cleanup.ts (updated old auth) - eoi/send-reminders.ts (updated old auth + fixed function calls) - eoi/delete-generated-document.ts (updated old auth) - eoi/delete-document.ts (updated old auth + fixed function calls) - email/test-minio-bucket.ts (updated old auth) - email/test-connection.ts (updated old auth) - email/process-sales-eois.ts (updated old auth) ** TASK COMPLETE - ALL 47 API ENDPOINTS UPDATED:** 38 endpoints now use unified auth (requireAuth function) 9 endpoints correctly remain public (auth/debug/health/test) Support dual auth: x-tag headers + Keycloak sessions Fixed 8 endpoints with NO authentication (critical security fix) Backward compatibility maintained for webhooks Dashboard users can now access all endpoints securely **SECURITY ACHIEVEMENT:** - Eliminated all old x-tag authentication patterns - Unified authentication system across entire API - Critical security vulnerabilities patched - Production-ready authentication implementation
2025-06-15 16:41:36 +02:00
import { requireAuth } from '~/server/utils/auth';
updates
2025-06-11 14:08:28 +02:00
import { getInterestById, updateInterest } from '~/server/utils/nocodb';
import { checkDocumentSignatureStatus } from '~/server/utils/documeso';
import type { InterestSalesProcessLevel, EOIStatus } from '~/utils/types';
export default defineEventHandler(async (event) => {
KEYCLOAK AUTH FIX: Phase 5 - Final Batch (COMPLETE) **UPDATED ENDPOINTS (7 final):** - test-eoi-cleanup.ts (updated old auth) - eoi/send-reminders.ts (updated old auth + fixed function calls) - eoi/delete-generated-document.ts (updated old auth) - eoi/delete-document.ts (updated old auth + fixed function calls) - email/test-minio-bucket.ts (updated old auth) - email/test-connection.ts (updated old auth) - email/process-sales-eois.ts (updated old auth) ** TASK COMPLETE - ALL 47 API ENDPOINTS UPDATED:** 38 endpoints now use unified auth (requireAuth function) 9 endpoints correctly remain public (auth/debug/health/test) Support dual auth: x-tag headers + Keycloak sessions Fixed 8 endpoints with NO authentication (critical security fix) Backward compatibility maintained for webhooks Dashboard users can now access all endpoints securely **SECURITY ACHIEVEMENT:** - Eliminated all old x-tag authentication patterns - Unified authentication system across entire API - Critical security vulnerabilities patched - Production-ready authentication implementation
2025-06-15 16:41:36 +02:00
// Check authentication (x-tag header OR Keycloak session)
await requireAuth(event);
updates
2025-06-11 14:08:28 +02:00
KEYCLOAK AUTH FIX: Phase 5 - Final Batch (COMPLETE) **UPDATED ENDPOINTS (7 final):** - test-eoi-cleanup.ts (updated old auth) - eoi/send-reminders.ts (updated old auth + fixed function calls) - eoi/delete-generated-document.ts (updated old auth) - eoi/delete-document.ts (updated old auth + fixed function calls) - email/test-minio-bucket.ts (updated old auth) - email/test-connection.ts (updated old auth) - email/process-sales-eois.ts (updated old auth) ** TASK COMPLETE - ALL 47 API ENDPOINTS UPDATED:** 38 endpoints now use unified auth (requireAuth function) 9 endpoints correctly remain public (auth/debug/health/test) Support dual auth: x-tag headers + Keycloak sessions Fixed 8 endpoints with NO authentication (critical security fix) Backward compatibility maintained for webhooks Dashboard users can now access all endpoints securely **SECURITY ACHIEVEMENT:** - Eliminated all old x-tag authentication patterns - Unified authentication system across entire API - Critical security vulnerabilities patched - Production-ready authentication implementation
2025-06-15 16:41:36 +02:00
console.log('[Delete Generated EOI] Request received');
updates
2025-06-11 14:08:28 +02:00
try {
const body = await readBody(event);
const { interestId } = body;
console.log('[Delete Generated EOI] Interest ID:', interestId);
if (!interestId) {
console.error('[Delete Generated EOI] No interest ID provided');
throw createError({
statusCode: 400,
statusMessage: 'Interest ID is required',
});
}
// Get current interest data
const interest = await getInterestById(interestId);
if (!interest) {
throw createError({
statusCode: 404,
statusMessage: 'Interest not found',
});
}
const documensoID = interest['documensoID'];
console.log('[Delete Generated EOI] Documenso ID:', documensoID);
if (!documensoID) {
throw createError({
statusCode: 400,
statusMessage: 'No generated document found to delete',
});
}
// Check if document is fully signed - prevent deletion if it is
try {
const signatureStatus = await checkDocumentSignatureStatus(parseInt(documensoID));
console.log('[Delete Generated EOI] Signature status:', signatureStatus);
if (signatureStatus.allSigned) {
throw createError({
statusCode: 400,
statusMessage: 'Cannot delete a fully signed document. All parties have already signed.',
});
}
} catch (error: any) {
console.error('[Delete Generated EOI] Failed to check signature status:', error);
FEAT: Correct spelling of 'Documenso' in API utility functions and add connectivity test for Documenso API
2025-06-17 15:17:19 +02:00
// If it's a 404 error, the document is already gone from Documenso, so we can proceed with cleanup
if (error.status === 404 || error.statusCode === 404 || error.message?.includes('404')) {
console.log('[Delete Generated EOI] Document not found in Documenso (404) - proceeding with database cleanup');
} else {
console.warn('[Delete Generated EOI] Proceeding with deletion despite signature status check failure');
}
updates
2025-06-11 14:08:28 +02:00
}
// Delete document from Documenso
const documensoApiKey = process.env.NUXT_DOCUMENSO_API_KEY;
const documensoBaseUrl = process.env.NUXT_DOCUMENSO_BASE_URL;
if (!documensoApiKey || !documensoBaseUrl) {
throw createError({
statusCode: 500,
statusMessage: "Documenso configuration missing. Please check NUXT_DOCUMENSO_API_KEY and NUXT_DOCUMENSO_BASE_URL environment variables."
});
}
console.log('[Delete Generated EOI] Deleting document from Documenso');
feat: Implement EOI document validation and orphaned data cleanup - Add new /api/eoi/validate-document endpoint to check document existence - Automatically clean up orphaned database records when documents don't exist in Documenso - Update EOISection component to validate documents on mount - Enhanced delete-generated-document endpoint to handle already-deleted documents - Updated check-signature-status endpoint with validation logic - Prevents EOI section from showing when document no longer exists - Self-healing system that fixes data inconsistencies automatically Key improvements: - Validates document existence before showing EOI management UI - Cleans up documensoID, signature links, and status fields when document is missing - Graceful handling of 404 errors from Documenso API - Background validation with user-friendly notifications - Prevents phantom EOI states that appear generated but don't exist
2025-06-12 17:04:45 +02:00
let documensoDeleteSuccessful = false;
updates
2025-06-11 14:08:28 +02:00
try {
const deleteResponse = await fetch(`${documensoBaseUrl}/api/v1/documents/${documensoID}`, {
method: 'DELETE',
headers: {
'Authorization': `Bearer ${documensoApiKey}`,
'Content-Type': 'application/json'
}
});
if (!deleteResponse.ok) {
const errorText = await deleteResponse.text();
console.error('[Delete Generated EOI] Documenso deletion failed:', errorText);
feat: Implement EOI document validation and orphaned data cleanup - Add new /api/eoi/validate-document endpoint to check document existence - Automatically clean up orphaned database records when documents don't exist in Documenso - Update EOISection component to validate documents on mount - Enhanced delete-generated-document endpoint to handle already-deleted documents - Updated check-signature-status endpoint with validation logic - Prevents EOI section from showing when document no longer exists - Self-healing system that fixes data inconsistencies automatically Key improvements: - Validates document existence before showing EOI management UI - Cleans up documensoID, signature links, and status fields when document is missing - Graceful handling of 404 errors from Documenso API - Background validation with user-friendly notifications - Prevents phantom EOI states that appear generated but don't exist
2025-06-12 17:04:45 +02:00
// If it's a 404, the document is already gone, which is what we want
if (deleteResponse.status === 404) {
console.log('[Delete Generated EOI] Document already deleted from Documenso (404) - proceeding with database cleanup');
documensoDeleteSuccessful = true;
} else {
throw new Error(`Failed to delete document from Documenso: ${deleteResponse.statusText}`);
}
} else {
console.log('[Delete Generated EOI] Successfully deleted document from Documenso');
documensoDeleteSuccessful = true;
updates
2025-06-11 14:08:28 +02:00
}
} catch (error: any) {
console.error('[Delete Generated EOI] Documenso deletion error:', error);
feat: Implement EOI document validation and orphaned data cleanup - Add new /api/eoi/validate-document endpoint to check document existence - Automatically clean up orphaned database records when documents don't exist in Documenso - Update EOISection component to validate documents on mount - Enhanced delete-generated-document endpoint to handle already-deleted documents - Updated check-signature-status endpoint with validation logic - Prevents EOI section from showing when document no longer exists - Self-healing system that fixes data inconsistencies automatically Key improvements: - Validates document existence before showing EOI management UI - Cleans up documensoID, signature links, and status fields when document is missing - Graceful handling of 404 errors from Documenso API - Background validation with user-friendly notifications - Prevents phantom EOI states that appear generated but don't exist
2025-06-12 17:04:45 +02:00
// Check if it's a network error or 404 - in those cases, proceed with cleanup
if (error.message?.includes('404') || error.status === 404) {
console.log('[Delete Generated EOI] Document not found in Documenso - proceeding with database cleanup');
documensoDeleteSuccessful = true;
} else {
throw createError({
statusCode: 500,
statusMessage: `Failed to delete document from Documenso: ${error.message}`,
});
}
}
if (!documensoDeleteSuccessful) {
updates
2025-06-11 14:08:28 +02:00
throw createError({
statusCode: 500,
feat: Implement EOI document validation and orphaned data cleanup - Add new /api/eoi/validate-document endpoint to check document existence - Automatically clean up orphaned database records when documents don't exist in Documenso - Update EOISection component to validate documents on mount - Enhanced delete-generated-document endpoint to handle already-deleted documents - Updated check-signature-status endpoint with validation logic - Prevents EOI section from showing when document no longer exists - Self-healing system that fixes data inconsistencies automatically Key improvements: - Validates document existence before showing EOI management UI - Cleans up documensoID, signature links, and status fields when document is missing - Graceful handling of 404 errors from Documenso API - Background validation with user-friendly notifications - Prevents phantom EOI states that appear generated but don't exist
2025-06-12 17:04:45 +02:00
statusMessage: 'Failed to delete document from Documenso',
updates
2025-06-11 14:08:28 +02:00
});
}
fixes
2025-06-12 16:26:10 +02:00
// Reset interest fields
updates
2025-06-11 14:08:28 +02:00
const updateData = {
'EOI Status': 'Awaiting Further Details' as EOIStatus,
'Sales Process Level': 'Specific Qualified Interest' as InterestSalesProcessLevel,
'EOI Time Sent': undefined,
'Signature Link Client': undefined,
'Signature Link CC': undefined,
'Signature Link Developer': undefined,
fix: Comprehensive EOI cleanup and mobile UI improvements Database Cleanup Enhancements: - Fixed missing embedded signature link cleanup in deletion endpoints - Both delete-generated-document and delete-document now properly clear: * EmbeddedSignatureLinkClient, EmbeddedSignatureLinkCC, EmbeddedSignatureLinkDeveloper * All legacy signature links and documensoID references - Enhanced validation endpoint to detect and clean orphaned records automatically EOI Section Reactivity Fixes: - Added local reactive state (documentValidated, documentExists) for immediate UI updates - EOI section now instantly shows Generate UI when documents are deleted/invalid - No more phantom signatory status displays after document deletion - Improved hasGeneratedEOI computed property with validation state override Mobile UI Improvements: - Implemented stacked badge layout for interest table on mobile - Contact info + status badges now stack vertically (60% width) - Eliminated horizontal scrolling issues on mobile devices - Enhanced email thread view with proper width constraints and text wrapping - Made email refresh button round with better mobile styling Technical Enhancements: - Comprehensive field cleanup using undefined instead of null for proper database reset - Enhanced error handling for document validation and deletion - Improved logging for debugging EOI state transitions - Better handling of edge cases where documensoID exists but document was deleted externally All EOI-related operations now properly maintain database consistency and provide immediate visual feedback to users.
2025-06-12 17:27:10 +02:00
'EmbeddedSignatureLinkClient': undefined,
'EmbeddedSignatureLinkCC': undefined,
'EmbeddedSignatureLinkDeveloper': undefined,
CRITICAL FIX: Resolve NocoDB field clearing issue for EOI cleanup Root Cause Resolution: - NocoDB API requires null values (not undefined) to clear database fields - Updated updateInterest utility to automatically convert undefined null - This ensures signature links and documensoID are properly cleared from database Database Cleanup Enhancements: - Fixed all EOI deletion endpoints to properly clear embedded signature links - Both delete-generated-document and delete-document now clear ALL fields: * EmbeddedSignatureLinkClient, EmbeddedSignatureLinkCC, EmbeddedSignatureLinkDeveloper * Signature Link Client, Signature Link CC, Signature Link Developer * documensoID and all related EOI metadata Added Debug Capabilities: - Created test-eoi-cleanup.ts endpoint for debugging cleanup operations - Enhanced logging in NocoDB utility for field conversion tracking - Better error handling and validation throughout cleanup process Technical Implementation: - NocoDB utility now automatically handles undefined null conversion - Comprehensive field clearing in allowedFields array - Proper TypeScript typing for all cleanup operations - Enhanced logging for troubleshooting database operations This resolves the persistent issue where signature links and document IDs remained in the database after EOI deletion, ensuring complete cleanup and proper state reset.
2025-06-12 17:36:27 +02:00
'documensoID': undefined
updates
2025-06-11 14:08:28 +02:00
};
console.log('[Delete Generated EOI] Resetting interest fields');
// Update the interest
await updateInterest(interestId, updateData);
console.log('[Delete Generated EOI] Delete completed successfully');
return {
success: true,
message: 'Generated EOI document deleted successfully',
};
} catch (error: any) {
console.error('[Delete Generated EOI] Failed to delete generated EOI document:', error);
console.error('[Delete Generated EOI] Error stack:', error.stack);
throw createError({
statusCode: error.statusCode || 500,
statusMessage: error.statusMessage || error.message || 'Failed to delete generated EOI document',
});
}
});