fix(admin-web): GDPR export routes — create exports proxy + fix page paths

- Create /api/exports/[...path] proxy route for platform-service exports module - Fix gdpr-export page: /api/maintenance/gdpr-exports → /api/exports/list|create - Old path routed to settings/maintenance which has no export endpoints
2026-03-21 20:18:37 -07:00 · 2026-03-21 20:18:37 -07:00 · dba594d4eb
commit dba594d4eb
parent 7b6aa53d68
2 changed files with 45 additions and 8 deletions
--- a/dashboards/admin-web/src/app/(dashboard)/gdpr-export/page.tsx
+++ b/dashboards/admin-web/src/app/(dashboard)/gdpr-export/page.tsx
@ -39,12 +39,9 @@ export default function GdprExportPage() {
    if (!userId.trim()) return;
    setLoading(true);
    try {
-      const res = await fetch(
-        `/api/maintenance/gdpr-exports?userId=${encodeURIComponent(userId)}`,
-        {
-          headers: { 'Content-Type': 'application/json' },
-        }
-      );
+      const res = await fetch(`/api/exports/list?userId=${encodeURIComponent(userId)}`, {
+        headers: { 'Content-Type': 'application/json' },
+      });
      const data = await res.json();
      setJobs(Array.isArray(data?.exports) ? data.exports : Array.isArray(data) ? data : []);
    } catch {
@ -58,10 +55,10 @@ export default function GdprExportPage() {
    setExporting(true);
    setExportResult(null);
    try {
-      const res = await fetch('/api/maintenance/gdpr-exports', {
+      const res = await fetch('/api/exports/create', {
        method: 'POST',
        headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({ userId: userId.trim(), format: 'json' }),
+        body: JSON.stringify({ userId: userId.trim(), entityTypes: ['all'], format: 'json' }),
      });
      const data = await res.json();
      if (res.ok) {
--- a/dashboards/admin-web/src/app/api/exports/[...path]/route.ts
+++ b/dashboards/admin-web/src/app/api/exports/[...path]/route.ts
@ -0,0 +1,40 @@
+/**
+ * Exports API proxy — forwards requests to platform-service.
+ */
+
+import { NextRequest, NextResponse } from 'next/server';
+import { getCurrentUser } from '@/lib/auth-server';
+import { logError } from '@/lib/logger';
+
+const PLATFORM_URL = process.env.PLATFORM_SERVICE_URL || 'http://localhost:4003';
+
+async function proxy(req: NextRequest, { params }: { params: Promise<{ path: string[] }> }) {
+  try {
+    const caller = await getCurrentUser(req.headers.get('authorization'));
+    if (!caller) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+    const { path } = await params;
+    const targetPath = `/api/exports/${path.join('/')}`;
+    const qs = new URL(req.url).search;
+    const headers: Record<string, string> = {
+      'Content-Type': 'application/json',
+      'x-request-id': req.headers.get('x-request-id') || crypto.randomUUID(),
+      'x-user-id': caller.id,
+      'x-product-id': req.headers.get('x-product-id') || process.env.PRODUCT_ID || 'lysnrai',
+    };
+    const fetchOptions: RequestInit = { method: req.method, headers };
+    if (req.method !== 'GET' && req.method !== 'HEAD') fetchOptions.body = await req.text();
+    const res = await fetch(`${PLATFORM_URL}${targetPath}${qs}`, fetchOptions);
+    const data = await res.json().catch(() => null);
+    return NextResponse.json(data ?? { error: res.statusText }, { status: res.status });
+  } catch (error) {
+    logError('Exports proxy error', error);
+    return NextResponse.json({ error: 'Service unavailable' }, { status: 502 });
+  }
+}
+
+export async function GET(req: NextRequest, ctx: { params: Promise<{ path: string[] }> }) {
+  return proxy(req, ctx);
+}
+export async function POST(req: NextRequest, ctx: { params: Promise<{ path: string[] }> }) {
+  return proxy(req, ctx);
+}