Alert system

2026-01-15 21:03:41 +00:00
parent 9f1af71d15
commit 0f88207f3f
20 changed files with 1791 additions and 145 deletions
--- a/app/api/alerts/contacts/[id]/route.ts
+++ b/app/api/alerts/contacts/[id]/route.ts
@@ -0,0 +1,88 @@
+import { NextResponse } from "next/server";
+import { z } from "zod";
+import { Prisma } from "@prisma/client";
+import { prisma } from "@/lib/prisma";
+import { requireSession } from "@/lib/auth/requireSession";
+
+const roleScopeSchema = z.preprocess(
+  (value) => (typeof value === "string" ? value.trim().toUpperCase() : value),
+  z.enum(["MEMBER", "ADMIN", "OWNER", "CUSTOM"])
+);
+
+const contactPatchSchema = z.object({
+  name: z.string().trim().min(1).max(120).optional(),
+  roleScope: roleScopeSchema.optional(),
+  email: z.string().trim().email().optional().nullable(),
+  phone: z.string().trim().min(6).max(40).optional().nullable(),
+  userId: z.string().uuid().optional().nullable(),
+  eventTypes: z.array(z.string().trim().min(1)).optional().nullable(),
+  isActive: z.boolean().optional(),
+});
+
+function canManageAlerts(role?: string | null) {
+  return role === "OWNER";
+}
+
+export async function PATCH(req: Request, { params }: { params: Promise<{ id: string }> }) {
+  const session = await requireSession();
+  if (!session) return NextResponse.json({ ok: false, error: "Unauthorized" }, { status: 401 });
+
+  const membership = await prisma.orgUser.findUnique({
+    where: { orgId_userId: { orgId: session.orgId, userId: session.userId } },
+    select: { role: true },
+  });
+  if (!canManageAlerts(membership?.role)) {
+    return NextResponse.json({ ok: false, error: "Forbidden" }, { status: 403 });
+  }
+
+  const body = await req.json().catch(() => ({}));
+  const parsed = contactPatchSchema.safeParse(body);
+  if (!parsed.success) {
+    return NextResponse.json({ ok: false, error: "Invalid contact payload" }, { status: 400 });
+  }
+
+  const { id } = await params;
+  const existing = await prisma.alertContact.findFirst({
+    where: { id, orgId: session.orgId },
+  });
+  if (!existing) {
+    return NextResponse.json({ ok: false, error: "Not found" }, { status: 404 });
+  }
+
+  const { userId: _userId, eventTypes, ...updateData } = parsed.data;
+  const normalizedEventTypes =
+    eventTypes === null ? Prisma.DbNull : eventTypes ?? undefined;
+  const data = normalizedEventTypes === undefined
+    ? updateData
+    : { ...updateData, eventTypes: normalizedEventTypes };
+  const updated = await prisma.alertContact.update({
+    where: { id },
+    data,
+  });
+
+  return NextResponse.json({ ok: true, contact: updated });
+}
+
+export async function DELETE(_req: Request, { params }: { params: Promise<{ id: string }> }) {
+  const session = await requireSession();
+  if (!session) return NextResponse.json({ ok: false, error: "Unauthorized" }, { status: 401 });
+
+  const membership = await prisma.orgUser.findUnique({
+    where: { orgId_userId: { orgId: session.orgId, userId: session.userId } },
+    select: { role: true },
+  });
+  if (!canManageAlerts(membership?.role)) {
+    return NextResponse.json({ ok: false, error: "Forbidden" }, { status: 403 });
+  }
+
+  const { id } = await params;
+  const existing = await prisma.alertContact.findFirst({
+    where: { id, orgId: session.orgId },
+  });
+  if (!existing) {
+    return NextResponse.json({ ok: false, error: "Not found" }, { status: 404 });
+  }
+
+  await prisma.alertContact.delete({ where: { id } });
+  return NextResponse.json({ ok: true });
+}
--- a/app/api/alerts/contacts/route.ts
+++ b/app/api/alerts/contacts/route.ts
@@ -0,0 +1,77 @@
+import { NextResponse } from "next/server";
+import { z } from "zod";
+import { Prisma } from "@prisma/client";
+import { prisma } from "@/lib/prisma";
+import { requireSession } from "@/lib/auth/requireSession";
+
+const roleScopeSchema = z.preprocess(
+  (value) => (typeof value === "string" ? value.trim().toUpperCase() : value),
+  z.enum(["MEMBER", "ADMIN", "OWNER", "CUSTOM"])
+);
+
+const contactSchema = z.object({
+  name: z.string().trim().min(1).max(120),
+  roleScope: roleScopeSchema,
+  email: z.string().trim().email().optional().nullable(),
+  phone: z.string().trim().min(6).max(40).optional().nullable(),
+  userId: z.string().uuid().optional().nullable(),
+  eventTypes: z.array(z.string().trim().min(1)).optional().nullable(),
+});
+
+function canManageAlerts(role?: string | null) {
+  return role === "OWNER";
+}
+
+export async function GET() {
+  const session = await requireSession();
+  if (!session) return NextResponse.json({ ok: false, error: "Unauthorized" }, { status: 401 });
+
+  const contacts = await prisma.alertContact.findMany({
+    where: { orgId: session.orgId },
+    orderBy: { createdAt: "asc" },
+  });
+
+  return NextResponse.json({ ok: true, contacts });
+}
+
+export async function POST(req: Request) {
+  const session = await requireSession();
+  if (!session) return NextResponse.json({ ok: false, error: "Unauthorized" }, { status: 401 });
+
+  const membership = await prisma.orgUser.findUnique({
+    where: { orgId_userId: { orgId: session.orgId, userId: session.userId } },
+    select: { role: true },
+  });
+  if (!canManageAlerts(membership?.role)) {
+    return NextResponse.json({ ok: false, error: "Forbidden" }, { status: 403 });
+  }
+
+  const body = await req.json().catch(() => ({}));
+  const parsed = contactSchema.safeParse(body);
+  if (!parsed.success) {
+    return NextResponse.json({ ok: false, error: "Invalid contact payload" }, { status: 400 });
+  }
+
+  const data = parsed.data;
+  const hasChannel = !!(data.email || data.phone);
+  if (!data.userId && !hasChannel) {
+    return NextResponse.json({ ok: false, error: "email or phone required for external contact" }, { status: 400 });
+  }
+
+  const eventTypes =
+    data.eventTypes === null ? Prisma.DbNull : data.eventTypes ?? undefined;
+
+  const contact = await prisma.alertContact.create({
+    data: {
+      orgId: session.orgId,
+      userId: data.userId ?? null,
+      name: data.name,
+      roleScope: data.roleScope,
+      email: data.email ?? null,
+      phone: data.phone ?? null,
+      eventTypes,
+    },
+  });
+
+  return NextResponse.json({ ok: true, contact });
+}
--- a/app/api/alerts/notifications/route.ts
+++ b/app/api/alerts/notifications/route.ts
@@ -0,0 +1,23 @@
+import { NextResponse } from "next/server";
+import { prisma } from "@/lib/prisma";
+import { requireSession } from "@/lib/auth/requireSession";
+
+export async function GET(req: Request) {
+  const session = await requireSession();
+  if (!session) return NextResponse.json({ ok: false, error: "Unauthorized" }, { status: 401 });
+
+  const url = new URL(req.url);
+  const machineId = url.searchParams.get("machineId") || undefined;
+  const limit = Math.min(Number(url.searchParams.get("limit") ?? "50"), 200);
+
+  const notifications = await prisma.alertNotification.findMany({
+    where: {
+      orgId: session.orgId,
+      ...(machineId ? { machineId } : {}),
+    },
+    orderBy: { sentAt: "desc" },
+    take: Number.isFinite(limit) ? limit : 50,
+  });
+
+  return NextResponse.json({ ok: true, notifications });
+}
--- a/app/api/alerts/policy/route.ts
+++ b/app/api/alerts/policy/route.ts
@@ -0,0 +1,55 @@
+import { NextResponse } from "next/server";
+import { prisma } from "@/lib/prisma";
+import { requireSession } from "@/lib/auth/requireSession";
+import { AlertPolicySchema, DEFAULT_POLICY } from "@/lib/alerts/policy";
+
+function canManageAlerts(role?: string | null) {
+  return role === "OWNER";
+}
+
+export async function GET() {
+  const session = await requireSession();
+  if (!session) return NextResponse.json({ ok: false, error: "Unauthorized" }, { status: 401 });
+
+  let policy = await prisma.alertPolicy.findUnique({
+    where: { orgId: session.orgId },
+    select: { policyJson: true },
+  });
+
+  if (!policy) {
+    await prisma.alertPolicy.create({
+      data: { orgId: session.orgId, policyJson: DEFAULT_POLICY },
+    });
+    policy = { policyJson: DEFAULT_POLICY };
+  }
+
+  const parsed = AlertPolicySchema.safeParse(policy.policyJson);
+  return NextResponse.json({ ok: true, policy: parsed.success ? parsed.data : DEFAULT_POLICY });
+}
+
+export async function PUT(req: Request) {
+  const session = await requireSession();
+  if (!session) return NextResponse.json({ ok: false, error: "Unauthorized" }, { status: 401 });
+
+  const membership = await prisma.orgUser.findUnique({
+    where: { orgId_userId: { orgId: session.orgId, userId: session.userId } },
+    select: { role: true },
+  });
+  if (!canManageAlerts(membership?.role)) {
+    return NextResponse.json({ ok: false, error: "Forbidden" }, { status: 403 });
+  }
+
+  const body = await req.json().catch(() => ({}));
+  const parsed = AlertPolicySchema.safeParse(body?.policy ?? body);
+  if (!parsed.success) {
+    return NextResponse.json({ ok: false, error: "Invalid policy payload" }, { status: 400 });
+  }
+
+  await prisma.alertPolicy.upsert({
+    where: { orgId: session.orgId },
+    create: { orgId: session.orgId, policyJson: parsed.data, updatedBy: session.userId },
+    update: { policyJson: parsed.data, updatedBy: session.userId },
+  });
+
+  return NextResponse.json({ ok: true });
+}