Skip to content

Chore/cleanup api#77

Open
CropWatchDevelopment wants to merge 11 commits into
developfrom
chore/cleanup-api
Open

Chore/cleanup api#77
CropWatchDevelopment wants to merge 11 commits into
developfrom
chore/cleanup-api

Conversation

@CropWatchDevelopment

Copy link
Copy Markdown
Owner

No description provided.

CropWatchDevelopment and others added 11 commits July 2, 2026 11:50
- provide the ConfigService mock AuthService now requires
- regenerate the v1 input-contract snapshot for the new
  /v1/auth/preferences endpoints (additions only)

Restores a green suite: 135/135.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Auto-fixes only — no behavior changes. lint:check runs eslint without
--fix so CI can gate on it without mutating the tree.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
- remove @nestjs/websockets, @nestjs/platform-socket.io, swagger-ui-dist,
  source-map-support (zero references; @nestjs/swagger bundles its own UI)
- rename npm-publish.yml -> ci.yml (it never published; it is the CI gate),
  add a lint step so the posted 'api: lint' status actually lints, and run
  on develop pushes + PRs too
- drop duplicated entries in .qlty/qlty.toml

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
- delete the power module: it was a live nest scaffold whose GET /v1/power/:id
  returned 'This action returns a #1 power' in production (Swagger documented it)
- delete empty alerts/ scaffold dirs and 9 scaffold-only spec files
  (single 'should be defined' tests against stubs)
- remove remaining 'This action ...' stub methods from traffic, gateway,
  and soil services plus their commented-out CRUD routes and the orphaned
  create/update DTOs and entities they referenced
- remove dead relay confirmation-wait path: waitForRelayConfirmation was
  never called (call site commented out); parseRelayConfirmation and
  readRelayRowTimestamp stay (live webhook path)
- drop unused doubleCsrf import and the now-unused csrf-csrf dependency
- rename 2 PascalCase DTO filenames to kebab-case
- replace console.log('hit') / console.error with the injected Logger

Route contract snapshot diff = /v1/power/{id} removed, nothing else.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
…gy mapping

SupabaseStrategy.validate now maps verified JWT claims to a typed
AuthenticatedUser { sub, email, isStaff } instead of returning the raw
payload, and validates sub once at the boundary. isStaff is computed via
the single isStaffEmail helper. Removes the no-op authenticate() override.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Replace the raw jwtPayload: any + authHeader plumbing (~90 sites) with the
typed AuthenticatedUser from the passport strategy:

- controllers take @currentuser() user instead of @Req() req and no longer
  forward req.headers.authorization; raw req.query reads became typed
  @query params (now visible in Swagger)
- services take user: AuthenticatedUser; getUserId(jwtPayload) -> user.sub,
  isCropwatchStaff(jwtPayload) -> user.isStaff, jwtPayload.email -> user.email
- SupabaseService.getClient() loses its always-ignored accessToken param
- supabase-token.helper.ts deleted (getUserId/getAccessToken/isCropwatchStaff
  all replaced); auth.service keeps one private readBearerToken() for the
  GoTrue email-change call, the single place a raw bearer is still needed
- @UseGuards(JwtAuthGuard) hoisted to class level on the 10 controllers
  where every route is guarded (auth/payments/relay keep per-method guards
  for their public login/webhook routes)
- dead jwtPayload.id fallback in air annotations removed (Supabase JWTs
  carry sub, never id); dead skip/take parsing in devices status route removed
- mcp tools typed and their misleading 'RLS-scoped' comments corrected —
  the client is service-role; authorization happens in the services

Contract snapshot diff: additions only (query params + auth header now
documented); no route or arg semantics changed.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Full strict on (noImplicitAny, strictBindCallApply, noFallthroughCasesInSwitch
included); strictPropertyInitialization stays off — DTOs are hydrated by
class-transformer/ValidationPipe, not constructors. Adds @types/passport-jwt,
fails fast when PRIVATE_SUPABASE_JWT_SECRET is missing, and types the MCP
tool params and the Polar webhook rawBody request.

tsc --noEmit clean; 121/121 tests green.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
… now error

Burn down the ~430 no-unsafe-* lint errors by typing every Supabase query
result against the generated Database types (TableRow<...> aliases, cast
once at the awaited result — the relay.service idiom, now applied across
devices, dashboard, locations, gateway, air, auth, payments, relay, rules,
reports, traffic, main.ts, and the supabase module providers, which now
create SupabaseClient<Database>).

Notable co-fixes:
- devices/dashboard scope helpers are now generic over the query builder
  instead of any (this alone had been poisoning ~35 downstream sites)
- devices.controller replace() awaited (its !insertResult check was testing
  an unawaited promise — dead branch); create() keeps its dev_eui swagger
  param via an underscore placeholder
- gateway findAll return type corrected to the 6-field summary it actually
  returns; air findAllNotes returns typed annotation rows
- eslint: no-explicit-any and no-floating-promises are errors now (any
  allowed in *.spec.ts/test-helpers for mocks); argsIgnorePattern ^_

lint:check: 0 errors / 6 warnings (was 772 problems); tsc strict clean;
121/121 tests green.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
…ed template helpers

Hard cutover: routes are now /v1/rules and /v1/reports (frontend switched in
the same window; PUBLIC_*_ENDPOINT env overrides remain the rollback lever).
Classes and files renamed to match (RulesService, ReportsService, ...).

Dedup between the two near-parallel modules:
- common/managed-devices.helper.ts — shared ManagedDevice + listManagedDevices
  (was duplicated verbatim in both services)
- common/collection.helpers.ts — uniqueValues, groupBy, and a generic
  matchesSearch over the shared searchable-template shape

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
- common/timeseries-range.helper.ts replaces the byte-identical 13-line
  start/end parsing block in the air, soil, water, and traffic controllers
  (behavior preserved exactly — same defaults, same error messages)
- AllExceptionsFilter logs every 5xx and every non-HttpException with its
  underlying cause before responding; previously unhandled errors surfaced
  as opaque 500s with no server-side trace

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@vercel

vercel Bot commented Jul 2, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
api Ready Ready Preview, Comment Jul 2, 2026 2:51pm

Request Review

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant