Chore/cleanup api#77
Open
CropWatchDevelopment wants to merge 11 commits into
Open
Conversation
- provide the ConfigService mock AuthService now requires - regenerate the v1 input-contract snapshot for the new /v1/auth/preferences endpoints (additions only) Restores a green suite: 135/135. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Auto-fixes only — no behavior changes. lint:check runs eslint without --fix so CI can gate on it without mutating the tree. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
- remove @nestjs/websockets, @nestjs/platform-socket.io, swagger-ui-dist, source-map-support (zero references; @nestjs/swagger bundles its own UI) - rename npm-publish.yml -> ci.yml (it never published; it is the CI gate), add a lint step so the posted 'api: lint' status actually lints, and run on develop pushes + PRs too - drop duplicated entries in .qlty/qlty.toml Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
- delete the power module: it was a live nest scaffold whose GET /v1/power/:id returned 'This action returns a #1 power' in production (Swagger documented it) - delete empty alerts/ scaffold dirs and 9 scaffold-only spec files (single 'should be defined' tests against stubs) - remove remaining 'This action ...' stub methods from traffic, gateway, and soil services plus their commented-out CRUD routes and the orphaned create/update DTOs and entities they referenced - remove dead relay confirmation-wait path: waitForRelayConfirmation was never called (call site commented out); parseRelayConfirmation and readRelayRowTimestamp stay (live webhook path) - drop unused doubleCsrf import and the now-unused csrf-csrf dependency - rename 2 PascalCase DTO filenames to kebab-case - replace console.log('hit') / console.error with the injected Logger Route contract snapshot diff = /v1/power/{id} removed, nothing else. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
…gy mapping
SupabaseStrategy.validate now maps verified JWT claims to a typed
AuthenticatedUser { sub, email, isStaff } instead of returning the raw
payload, and validates sub once at the boundary. isStaff is computed via
the single isStaffEmail helper. Removes the no-op authenticate() override.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Replace the raw jwtPayload: any + authHeader plumbing (~90 sites) with the typed AuthenticatedUser from the passport strategy: - controllers take @currentuser() user instead of @Req() req and no longer forward req.headers.authorization; raw req.query reads became typed @query params (now visible in Swagger) - services take user: AuthenticatedUser; getUserId(jwtPayload) -> user.sub, isCropwatchStaff(jwtPayload) -> user.isStaff, jwtPayload.email -> user.email - SupabaseService.getClient() loses its always-ignored accessToken param - supabase-token.helper.ts deleted (getUserId/getAccessToken/isCropwatchStaff all replaced); auth.service keeps one private readBearerToken() for the GoTrue email-change call, the single place a raw bearer is still needed - @UseGuards(JwtAuthGuard) hoisted to class level on the 10 controllers where every route is guarded (auth/payments/relay keep per-method guards for their public login/webhook routes) - dead jwtPayload.id fallback in air annotations removed (Supabase JWTs carry sub, never id); dead skip/take parsing in devices status route removed - mcp tools typed and their misleading 'RLS-scoped' comments corrected — the client is service-role; authorization happens in the services Contract snapshot diff: additions only (query params + auth header now documented); no route or arg semantics changed. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Full strict on (noImplicitAny, strictBindCallApply, noFallthroughCasesInSwitch included); strictPropertyInitialization stays off — DTOs are hydrated by class-transformer/ValidationPipe, not constructors. Adds @types/passport-jwt, fails fast when PRIVATE_SUPABASE_JWT_SECRET is missing, and types the MCP tool params and the Polar webhook rawBody request. tsc --noEmit clean; 121/121 tests green. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
… now error Burn down the ~430 no-unsafe-* lint errors by typing every Supabase query result against the generated Database types (TableRow<...> aliases, cast once at the awaited result — the relay.service idiom, now applied across devices, dashboard, locations, gateway, air, auth, payments, relay, rules, reports, traffic, main.ts, and the supabase module providers, which now create SupabaseClient<Database>). Notable co-fixes: - devices/dashboard scope helpers are now generic over the query builder instead of any (this alone had been poisoning ~35 downstream sites) - devices.controller replace() awaited (its !insertResult check was testing an unawaited promise — dead branch); create() keeps its dev_eui swagger param via an underscore placeholder - gateway findAll return type corrected to the 6-field summary it actually returns; air findAllNotes returns typed annotation rows - eslint: no-explicit-any and no-floating-promises are errors now (any allowed in *.spec.ts/test-helpers for mocks); argsIgnorePattern ^_ lint:check: 0 errors / 6 warnings (was 772 problems); tsc strict clean; 121/121 tests green. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
…ed template helpers Hard cutover: routes are now /v1/rules and /v1/reports (frontend switched in the same window; PUBLIC_*_ENDPOINT env overrides remain the rollback lever). Classes and files renamed to match (RulesService, ReportsService, ...). Dedup between the two near-parallel modules: - common/managed-devices.helper.ts — shared ManagedDevice + listManagedDevices (was duplicated verbatim in both services) - common/collection.helpers.ts — uniqueValues, groupBy, and a generic matchesSearch over the shared searchable-template shape Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
- common/timeseries-range.helper.ts replaces the byte-identical 13-line start/end parsing block in the air, soil, water, and traffic controllers (behavior preserved exactly — same defaults, same error messages) - AllExceptionsFilter logs every 5xx and every non-HttpException with its underlying cause before responding; previously unhandled errors surfaced as opaque 500s with no server-side trace Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.