diff --git a/backend/src/lib/auth.ts b/backend/src/lib/auth.ts index c6b5acd..b0161ed 100644 --- a/backend/src/lib/auth.ts +++ b/backend/src/lib/auth.ts @@ -20,7 +20,7 @@ export { extractAuth, requireRole }; * Convenience: require the caller to have at least 'editor' or 'admin' role. * Use on write routes (POST/PATCH/DELETE) that need role enforcement. */ -export async function requireWriter(req: unknown) { +export async function requireWriter(req: { headers: { authorization?: string } }) { const payload = await extractAuth(req); const role = (payload as { role?: string }).role; if (role !== 'editor' && role !== 'admin' && role !== 'owner') { diff --git a/backend/src/modules/note-artifacts/routes.test.ts b/backend/src/modules/note-artifacts/routes.test.ts index 5c7e6c0..9664d4c 100644 --- a/backend/src/modules/note-artifacts/routes.test.ts +++ b/backend/src/modules/note-artifacts/routes.test.ts @@ -24,6 +24,7 @@ describe('noteArtifactRoutes', () => { get: vi.fn(), post: vi.fn(), patch: vi.fn(), + delete: vi.fn(), }; await noteArtifactRoutes(app as never); @@ -31,5 +32,6 @@ describe('noteArtifactRoutes', () => { expect(app.get).toHaveBeenCalledTimes(1); expect(app.post).toHaveBeenCalledTimes(1); expect(app.patch).toHaveBeenCalledTimes(1); + expect(app.delete).toHaveBeenCalledTimes(1); }); }); diff --git a/backend/src/modules/note-relationships/routes.test.ts b/backend/src/modules/note-relationships/routes.test.ts index ad62ac9..9e9a6e3 100644 --- a/backend/src/modules/note-relationships/routes.test.ts +++ b/backend/src/modules/note-relationships/routes.test.ts @@ -21,11 +21,13 @@ describe('noteRelationshipRoutes', () => { const app = { get: vi.fn(), post: vi.fn(), + delete: vi.fn(), }; await noteRelationshipRoutes(app as never); expect(app.get).toHaveBeenCalledTimes(1); expect(app.post).toHaveBeenCalledTimes(1); + expect(app.delete).toHaveBeenCalledTimes(1); }); }); diff --git a/backend/src/modules/note-tasks/routes.test.ts b/backend/src/modules/note-tasks/routes.test.ts index bd7251d..9b4dcdd 100644 --- a/backend/src/modules/note-tasks/routes.test.ts +++ b/backend/src/modules/note-tasks/routes.test.ts @@ -24,6 +24,7 @@ describe('noteTaskRoutes', () => { get: vi.fn(), post: vi.fn(), patch: vi.fn(), + delete: vi.fn(), }; await noteTaskRoutes(app as never); @@ -31,5 +32,6 @@ describe('noteTaskRoutes', () => { expect(app.get).toHaveBeenCalledTimes(1); expect(app.post).toHaveBeenCalledTimes(1); expect(app.patch).toHaveBeenCalledTimes(1); + expect(app.delete).toHaveBeenCalledTimes(1); }); }); diff --git a/backend/src/modules/notes/routes.test.ts b/backend/src/modules/notes/routes.test.ts index dab4826..44f0203 100644 --- a/backend/src/modules/notes/routes.test.ts +++ b/backend/src/modules/notes/routes.test.ts @@ -36,6 +36,7 @@ describe('noteRoutes', () => { get: vi.fn(), post: vi.fn(), patch: vi.fn(), + delete: vi.fn(), }; await noteRoutes(app as never); @@ -43,5 +44,6 @@ describe('noteRoutes', () => { expect(app.get).toHaveBeenCalledTimes(4); expect(app.post).toHaveBeenCalledTimes(4); expect(app.patch).toHaveBeenCalledTimes(1); + expect(app.delete).toHaveBeenCalledTimes(1); }); }); diff --git a/backend/src/modules/notes/routes.ts b/backend/src/modules/notes/routes.ts index 055ee55..ff7907f 100644 --- a/backend/src/modules/notes/routes.ts +++ b/backend/src/modules/notes/routes.ts @@ -89,7 +89,7 @@ export async function noteRoutes(app: RouteApp) { }; const created = await repo.createNote(doc); - trackEvent({ event: 'note.created', userId: auth.sub, properties: { noteId: created.id, workspaceId: created.workspaceId } }); + trackEvent('note.created', auth.sub, { noteId: created.id, workspaceId: created.workspaceId }); reply.code(201); return created; }); @@ -125,7 +125,7 @@ export async function noteRoutes(app: RouteApp) { throw new NotFoundError('Note not found'); } - trackEvent({ event: 'note.updated', userId: auth.sub, properties: { noteId: id, workspaceId } }); + trackEvent('note.updated', auth.sub, { noteId: id, workspaceId }); return updated; }); @@ -180,7 +180,7 @@ export async function noteRoutes(app: RouteApp) { throw new NotFoundError('Note not found'); } - trackEvent({ event: 'note.archived', userId: auth.sub, properties: { noteId: id, workspaceId } }); + trackEvent('note.archived', auth.sub, { noteId: id, workspaceId }); return updated; }); diff --git a/backend/src/modules/workspaces/routes.test.ts b/backend/src/modules/workspaces/routes.test.ts index 154b69e..67d80bd 100644 --- a/backend/src/modules/workspaces/routes.test.ts +++ b/backend/src/modules/workspaces/routes.test.ts @@ -27,6 +27,7 @@ describe('workspaceRoutes', () => { get: vi.fn(), post: vi.fn(), patch: vi.fn(), + delete: vi.fn(), }; await workspaceRoutes(app as never); @@ -34,5 +35,6 @@ describe('workspaceRoutes', () => { expect(app.get).toHaveBeenCalledTimes(3); expect(app.post).toHaveBeenCalledTimes(1); expect(app.patch).toHaveBeenCalledTimes(1); + expect(app.delete).toHaveBeenCalledTimes(1); }); }); diff --git a/backend/src/modules/workspaces/routes.ts b/backend/src/modules/workspaces/routes.ts index 0fd5219..29ff7f1 100644 --- a/backend/src/modules/workspaces/routes.ts +++ b/backend/src/modules/workspaces/routes.ts @@ -73,7 +73,7 @@ export async function workspaceRoutes(app: FastifyInstance) { }; const created = await repo.createWorkspace(doc); - trackEvent({ event: 'workspace.created', userId: auth.sub, properties: { workspaceId: created.id } }); + trackEvent('workspace.created', auth.sub, { workspaceId: created.id }); reply.code(201); return created; });