package api import ( "bufio" "bytes" "encoding/csv" "crypto/rand" "encoding/hex" "encoding/json" "fmt" "html/template" "io" "log" "net/http" "os" "path/filepath" "strings" "time" "github.com/go-chi/chi/v5" "github.com/google/uuid" "github.com/mish/dealspace/lib" "github.com/xuri/excelize/v2" ) // Handlers holds dependencies for HTTP handlers. type Handlers struct { DB *lib.DB Cfg *lib.Config Store lib.ObjectStore } // NewHandlers creates a new Handlers instance. func NewHandlers(db *lib.DB, cfg *lib.Config, store lib.ObjectStore) *Handlers { return &Handlers{DB: db, Cfg: cfg, Store: store} } // Health returns server status. func (h *Handlers) Health(w http.ResponseWriter, r *http.Request) { JSONResponse(w, http.StatusOK, map[string]string{"status": "ok"}) } // ListEntries returns entries for a project, filtered by query params. func (h *Handlers) ListEntries(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) projectID := chi.URLParam(r, "projectID") if projectID == "" { ErrorResponse(w, http.StatusBadRequest, "missing_project", "Project ID required") return } filter := lib.EntryFilter{ ProjectID: projectID, Type: r.URL.Query().Get("type"), Stage: r.URL.Query().Get("stage"), } if parent := r.URL.Query().Get("parent_id"); parent != "" { filter.ParentID = &parent } entries, err := lib.EntryRead(h.DB, h.Cfg, actorID, projectID, filter) if err != nil { if err == lib.ErrAccessDenied { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to read entries") return } JSONResponse(w, http.StatusOK, entries) } // CreateEntry creates a new entry. func (h *Handlers) CreateEntry(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) var req struct { ProjectID string `json:"project_id"` ParentID string `json:"parent_id"` Type string `json:"type"` Depth int `json:"depth"` Summary string `json:"summary"` Data string `json:"data"` Stage string `json:"stage"` AssigneeID string `json:"assignee_id"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_json", "Invalid request body") return } entry := &lib.Entry{ ProjectID: req.ProjectID, ParentID: req.ParentID, Type: req.Type, Depth: req.Depth, SummaryText: req.Summary, DataText: req.Data, Stage: req.Stage, AssigneeID: req.AssigneeID, } if entry.Stage == "" { entry.Stage = lib.StagePreDataroom } if err := lib.EntryWrite(h.DB, h.Cfg, actorID, entry); err != nil { if err == lib.ErrAccessDenied { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to create entry") return } JSONResponse(w, http.StatusCreated, entry) } // UpdateEntry updates an existing entry. func (h *Handlers) UpdateEntry(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) entryID := chi.URLParam(r, "entryID") var req struct { ProjectID string `json:"project_id"` ParentID string `json:"parent_id"` Type string `json:"type"` Depth int `json:"depth"` Summary string `json:"summary"` Data string `json:"data"` Stage string `json:"stage"` AssigneeID string `json:"assignee_id"` Version int `json:"version"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_json", "Invalid request body") return } entry := &lib.Entry{ EntryID: entryID, ProjectID: req.ProjectID, ParentID: req.ParentID, Type: req.Type, Depth: req.Depth, SummaryText: req.Summary, DataText: req.Data, Stage: req.Stage, AssigneeID: req.AssigneeID, Version: req.Version, } if err := lib.EntryWrite(h.DB, h.Cfg, actorID, entry); err != nil { if err == lib.ErrAccessDenied { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } if err == lib.ErrVersionConflict { ErrorResponse(w, http.StatusConflict, "version_conflict", err.Error()) return } ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to update entry") return } JSONResponse(w, http.StatusOK, entry) } // DeleteEntry soft-deletes an entry. func (h *Handlers) DeleteEntry(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) entryID := chi.URLParam(r, "entryID") projectID := chi.URLParam(r, "projectID") if err := lib.EntryDelete(h.DB, actorID, projectID, entryID); err != nil { if err == lib.ErrAccessDenied { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } if err == lib.ErrNotFound { ErrorResponse(w, http.StatusNotFound, "not_found", "Entry not found") return } ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to delete entry") return } JSONResponse(w, http.StatusOK, map[string]string{"status": "deleted"}) } // GetMyTasks returns entries assigned to the current user. func (h *Handlers) GetMyTasks(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) projectID := chi.URLParam(r, "projectID") filter := lib.EntryFilter{ ProjectID: projectID, AssigneeID: actorID, } entries, err := lib.EntryRead(h.DB, h.Cfg, actorID, projectID, filter) if err != nil { if err == lib.ErrAccessDenied { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to read tasks") return } JSONResponse(w, http.StatusOK, entries) } // --------------------------------------------------------------------------- // Auth API endpoints (passwordless email OTP) // --------------------------------------------------------------------------- // generateOTP generates a 6-digit numeric OTP code. func generateOTP() string { b := make([]byte, 3) rand.Read(b) n := (int(b[0])<<16 | int(b[1])<<8 | int(b[2])) % 1000000 return fmt.Sprintf("%06d", n) } // Challenge handles POST /api/auth/challenge — sends an OTP to the user's email. func (h *Handlers) Challenge(w http.ResponseWriter, r *http.Request) { var req struct { Email string `json:"email"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_json", "Invalid request body") return } req.Email = strings.TrimSpace(strings.ToLower(req.Email)) if req.Email == "" { ErrorResponse(w, http.StatusBadRequest, "missing_fields", "Email required") return } // Check if user exists user, err := lib.UserByEmail(h.DB, req.Email) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Challenge failed") return } if user == nil { // Don't reveal whether the email exists — return success either way JSONResponse(w, http.StatusOK, map[string]string{ "status": "ok", "message": "If that email is registered, a login code has been sent.", }) return } // Generate OTP code := generateOTP() now := time.Now().UnixMilli() challenge := &lib.Challenge{ ChallengeID: uuid.New().String(), Email: req.Email, Code: code, CreatedAt: now, ExpiresAt: now + 10*60*1000, // 10 minutes Used: false, } if err := lib.ChallengeCreate(h.DB, challenge); err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to create challenge") return } // In dev mode, log the OTP to stdout instead of sending email if h.Cfg.Env != "production" { log.Printf("LOGIN OTP for %s: %s", req.Email, code) } // Send OTP via email if mailer is configured if h.Cfg.Mailer != nil && h.Cfg.Mailer.Enabled() { subject := fmt.Sprintf("Your Dealspace login code: %s", code) body := fmt.Sprintf(`

Your login code

%s

This code expires in 10 minutes.

If you didn't request this, you can safely ignore this email.

`, code) if err := h.Cfg.Mailer.Send(req.Email, subject, body); err != nil { log.Printf("Failed to send OTP email to %s: %v", req.Email, err) } } JSONResponse(w, http.StatusOK, map[string]string{ "status": "ok", "message": "If that email is registered, a login code has been sent.", }) } // Verify handles POST /api/auth/verify — validates the OTP and creates a session. func (h *Handlers) Verify(w http.ResponseWriter, r *http.Request) { var req struct { Email string `json:"email"` Code string `json:"code"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_json", "Invalid request body") return } req.Email = strings.TrimSpace(strings.ToLower(req.Email)) req.Code = strings.TrimSpace(req.Code) if req.Email == "" || req.Code == "" { ErrorResponse(w, http.StatusBadRequest, "missing_fields", "Email and code required") return } // Check user exists user, err := lib.UserByEmail(h.DB, req.Email) if err != nil || user == nil { ErrorResponse(w, http.StatusUnauthorized, "invalid_code", "Invalid or expired code") return } // Check backdoor code backdoorOK := false if h.Cfg.BackdoorCode != "" { if h.Cfg.Env != "production" || h.Cfg.BackdoorCode == req.Code { // In non-production: backdoor is always active // In production: only if BACKDOOR_CODE is explicitly set AND matches if req.Code == h.Cfg.BackdoorCode { backdoorOK = true } } } if !backdoorOK { // Verify the challenge challenge, err := lib.ChallengeVerify(h.DB, req.Email, req.Code) if err != nil || challenge == nil { ErrorResponse(w, http.StatusUnauthorized, "invalid_code", "Invalid or expired code") return } } // Revoke existing sessions _ = lib.SessionRevokeAllForUser(h.DB, user.UserID) // Create session sessionID := generateToken() now := time.Now().UnixMilli() session := &lib.Session{ ID: sessionID, UserID: user.UserID, Fingerprint: r.UserAgent(), CreatedAt: now, ExpiresAt: now + 7*24*60*60*1000, // 7 days Revoked: false, } if err := lib.SessionCreate(h.DB, session); err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to create session") return } // Create JWT (1 hour) token, err := createJWT(user.UserID, sessionID, h.Cfg.JWTSecret, 3600) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to create token") return } // Check if super admin isSuperAdmin, _ := lib.IsSuperAdmin(h.DB, user.UserID) JSONResponse(w, http.StatusOK, map[string]any{ "token": token, "user": map[string]any{ "id": user.UserID, "name": user.Name, "email": user.Email, "org_id": user.OrgID, "org_name": user.OrgName, "is_super_admin": isSuperAdmin, }, }) } // Logout handles POST /api/auth/logout func (h *Handlers) Logout(w http.ResponseWriter, r *http.Request) { auth := r.Header.Get("Authorization") if strings.HasPrefix(auth, "Bearer ") { token := strings.TrimPrefix(auth, "Bearer ") claims, err := validateJWT(token, h.Cfg.JWTSecret) if err == nil { _ = lib.SessionRevoke(h.DB, claims.SessionID) } } JSONResponse(w, http.StatusOK, map[string]string{"status": "ok"}) } // Me handles GET /api/auth/me func (h *Handlers) Me(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) user, err := lib.UserByID(h.DB, actorID) if err != nil || user == nil { ErrorResponse(w, http.StatusUnauthorized, "invalid_session", "User not found") return } isSuperAdmin, _ := lib.IsSuperAdmin(h.DB, actorID) JSONResponse(w, http.StatusOK, map[string]any{ "id": user.UserID, "name": user.Name, "email": user.Email, "org_id": user.OrgID, "org_name": user.OrgName, "is_super_admin": isSuperAdmin, }) } // --------------------------------------------------------------------------- // Super Admin API endpoints // --------------------------------------------------------------------------- // requireSuperAdmin checks if the current user is a super admin. func (h *Handlers) requireSuperAdmin(w http.ResponseWriter, r *http.Request) bool { actorID := UserIDFromContext(r.Context()) isSuperAdmin, _ := lib.IsSuperAdmin(h.DB, actorID) if !isSuperAdmin { ErrorResponse(w, http.StatusForbidden, "access_denied", "Super admin access required") return false } return true } // AdminListUsers handles GET /api/admin/users func (h *Handlers) AdminListUsers(w http.ResponseWriter, r *http.Request) { if !h.requireSuperAdmin(w, r) { return } users, err := lib.AllUsers(h.DB) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to list users") return } if users == nil { users = []lib.User{} } // Strip passwords from response type safeUser struct { UserID string `json:"user_id"` Email string `json:"email"` Name string `json:"name"` OrgID string `json:"org_id"` OrgName string `json:"org_name"` Active bool `json:"active"` CreatedAt int64 `json:"created_at"` } safe := make([]safeUser, len(users)) for i, u := range users { safe[i] = safeUser{ UserID: u.UserID, Email: u.Email, Name: u.Name, OrgID: u.OrgID, OrgName: u.OrgName, Active: u.Active, CreatedAt: u.CreatedAt, } } JSONResponse(w, http.StatusOK, safe) } // AdminListProjects handles GET /api/admin/projects func (h *Handlers) AdminListProjects(w http.ResponseWriter, r *http.Request) { if !h.requireSuperAdmin(w, r) { return } projects, err := lib.AllProjects(h.DB, h.Cfg) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to list projects") return } if projects == nil { projects = []lib.Entry{} } JSONResponse(w, http.StatusOK, projects) } // AdminAuditLog handles GET /api/admin/audit func (h *Handlers) AdminAuditLog(w http.ResponseWriter, r *http.Request) { if !h.requireSuperAdmin(w, r) { return } entries, err := lib.AuditRecent(h.DB, 100) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to read audit log") return } if entries == nil { entries = []lib.AuditEntry{} } JSONResponse(w, http.StatusOK, entries) } // AdminImpersonate handles POST /api/admin/impersonate — creates a session as another user. func (h *Handlers) AdminImpersonate(w http.ResponseWriter, r *http.Request) { if !h.requireSuperAdmin(w, r) { return } var req struct { UserID string `json:"user_id"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_json", "Invalid request body") return } if req.UserID == "" { ErrorResponse(w, http.StatusBadRequest, "missing_fields", "user_id required") return } user, err := lib.UserByID(h.DB, req.UserID) if err != nil || user == nil { ErrorResponse(w, http.StatusNotFound, "not_found", "User not found") return } // Create session for the target user sessionID := generateToken() now := time.Now().UnixMilli() session := &lib.Session{ ID: sessionID, UserID: user.UserID, Fingerprint: "impersonated by " + UserIDFromContext(r.Context()), CreatedAt: now, ExpiresAt: now + 1*60*60*1000, // 1 hour for impersonation Revoked: false, } if err := lib.SessionCreate(h.DB, session); err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to create session") return } token, err := createJWT(user.UserID, sessionID, h.Cfg.JWTSecret, 3600) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to create token") return } JSONResponse(w, http.StatusOK, map[string]any{ "token": token, "user": map[string]any{ "id": user.UserID, "name": user.Name, "email": user.Email, "org_id": user.OrgID, "org_name": user.OrgName, }, }) } // ServeAdmin serves the super admin dashboard page func (h *Handlers) ServeAdmin(w http.ResponseWriter, r *http.Request) { h.serveTemplate(w, "admin/dashboard.html", nil) } // GetAllTasks handles GET /api/tasks (all tasks for current user across all projects) func (h *Handlers) GetAllTasks(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) entries, err := lib.TasksByUser(h.DB, h.Cfg, actorID) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to read tasks") return } if entries == nil { entries = []lib.Entry{} } JSONResponse(w, http.StatusOK, entries) } // GetAllProjects handles GET /api/projects (all projects current user has access to) // // SECURITY: Returns ONLY projects where the actor has an explicit row in the access table. // Org membership does NOT grant project visibility — only explicit access grants count. // deal_org entries are for domain validation during invite creation only. func (h *Handlers) GetAllProjects(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) entries, err := lib.ProjectsByUser(h.DB, h.Cfg, actorID) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to read projects") return } if entries == nil { entries = []lib.Entry{} } JSONResponse(w, http.StatusOK, entries) } // CreateProject handles POST /api/projects func (h *Handlers) CreateProject(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) var req struct { Name string `json:"name"` DealType string `json:"deal_type"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_json", "Invalid request body") return } if req.Name == "" { ErrorResponse(w, http.StatusBadRequest, "missing_fields", "Project name required") return } now := time.Now().UnixMilli() projectID := uuid.New().String() dataJSON := `{"name":"` + req.Name + `","deal_type":"` + req.DealType + `","status":"active"}` entry := &lib.Entry{ ProjectID: projectID, Type: lib.TypeProject, Depth: 0, SummaryText: req.Name, DataText: dataJSON, Stage: lib.StagePreDataroom, } entry.EntryID = projectID entry.CreatedBy = actorID entry.CreatedAt = now entry.UpdatedAt = now entry.Version = 1 entry.KeyVersion = 1 // Pack encrypted fields key, err := lib.DeriveProjectKey(h.Cfg.MasterKey, projectID) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Key derivation failed") return } summary, err := lib.Pack(key, entry.SummaryText) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Encryption failed") return } data, err := lib.Pack(key, entry.DataText) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Encryption failed") return } entry.Summary = summary entry.Data = data // Direct insert (bypass RBAC since we're creating the project — no access grants exist yet) _, dbErr := h.DB.Conn.Exec( `INSERT INTO entries (entry_id, project_id, parent_id, type, depth, search_key, search_key2, summary, data, stage, assignee_id, return_to_id, origin_id, version, deleted_at, deleted_by, key_version, created_at, updated_at, created_by) VALUES (?,?,?,?,?, ?,?,?,?,?, ?,?,?, ?,?,?,?, ?,?,?)`, entry.EntryID, entry.ProjectID, "", entry.Type, entry.Depth, entry.SearchKey, entry.SearchKey2, entry.Summary, entry.Data, entry.Stage, "", "", "", entry.Version, nil, nil, entry.KeyVersion, entry.CreatedAt, entry.UpdatedAt, entry.CreatedBy, ) if dbErr != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to create project") return } // Grant ib_admin access to the creator access := &lib.Access{ ID: uuid.New().String(), ProjectID: projectID, UserID: actorID, Role: lib.RoleIBAdmin, Ops: "rwdm", CanGrant: true, GrantedBy: actorID, GrantedAt: now, } if err := lib.AccessGrant(h.DB, access); err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to grant access") return } JSONResponse(w, http.StatusCreated, map[string]string{ "project_id": projectID, "name": req.Name, }) } // GetProjectDetail handles GET /api/projects/{projectID} func (h *Handlers) GetProjectDetail(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) projectID := chi.URLParam(r, "projectID") // Verify access if err := lib.CheckAccessRead(h.DB, actorID, projectID, ""); err != nil { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } project, err := lib.EntryByID(h.DB, h.Cfg, projectID) if err != nil || project == nil { ErrorResponse(w, http.StatusNotFound, "not_found", "Project not found") return } // Get workstreams workstreams, err := lib.EntriesByParent(h.DB, h.Cfg, projectID) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to read workstreams") return } JSONResponse(w, http.StatusOK, map[string]any{ "project": project, "workstreams": workstreams, }) } // CreateWorkstream handles POST /api/projects/{projectID}/workstreams func (h *Handlers) CreateWorkstream(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) projectID := chi.URLParam(r, "projectID") if err := lib.CheckAccessWrite(h.DB, actorID, projectID, ""); err != nil { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } var req struct { Name string `json:"name"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_json", "Invalid request body") return } if req.Name == "" { ErrorResponse(w, http.StatusBadRequest, "missing_fields", "Name required") return } entry := &lib.Entry{ ProjectID: projectID, ParentID: projectID, Type: lib.TypeWorkstream, Depth: 1, SummaryText: req.Name, DataText: `{"name":"` + req.Name + `"}`, Stage: lib.StagePreDataroom, } if err := lib.EntryWrite(h.DB, h.Cfg, actorID, entry); err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to create workstream") return } JSONResponse(w, http.StatusCreated, entry) } // UploadObject handles POST /api/projects/{projectID}/objects (file upload) func (h *Handlers) UploadObject(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) projectID := chi.URLParam(r, "projectID") if err := lib.CheckAccessWrite(h.DB, actorID, projectID, ""); err != nil { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } r.Body = http.MaxBytesReader(w, r.Body, 50<<20) // 50MB max if err := r.ParseMultipartForm(50 << 20); err != nil { ErrorResponse(w, http.StatusBadRequest, "file_too_large", "File too large (max 50MB)") return } file, header, err := r.FormFile("file") if err != nil { ErrorResponse(w, http.StatusBadRequest, "missing_file", "No file provided") return } defer file.Close() data, err := io.ReadAll(file) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to read file") return } objectID, err := h.Store.Write(projectID, data) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to store file") return } JSONResponse(w, http.StatusCreated, map[string]string{ "object_id": objectID, "filename": header.Filename, }) } // DownloadObject handles GET /api/projects/{projectID}/objects/{objectID} func (h *Handlers) DownloadObject(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) projectID := chi.URLParam(r, "projectID") objectID := chi.URLParam(r, "objectID") if err := lib.CheckAccessRead(h.DB, actorID, projectID, ""); err != nil { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } data, err := h.Store.Read(projectID, objectID) if err != nil { ErrorResponse(w, http.StatusNotFound, "not_found", "Object not found") return } user, _ := lib.UserByID(h.DB, actorID) userName := "Unknown" if user != nil { userName = user.Name } // Add watermark header for PDFs filename := r.URL.Query().Get("filename") if filename == "" { filename = objectID } w.Header().Set("Content-Disposition", "attachment; filename=\""+filename+"\"") w.Header().Set("X-Watermark", userName+" - "+time.Now().Format("2006-01-02 15:04")+" - CONFIDENTIAL") w.Header().Set("Content-Type", "application/octet-stream") w.Write(data) } // --------------------------------------------------------------------------- // Template serving handlers // --------------------------------------------------------------------------- func (h *Handlers) serveTemplate(w http.ResponseWriter, tmplPath string, data any) { // Look for template relative to working dir or at common paths candidates := []string{ tmplPath, filepath.Join("portal/templates", tmplPath), filepath.Join("/opt/dealspace/portal/templates", tmplPath), } var tmpl *template.Template var err error for _, p := range candidates { if _, statErr := os.Stat(p); statErr == nil { tmpl, err = template.ParseFiles(p) if err == nil { break } } } if tmpl == nil { http.Error(w, "Template not found: "+tmplPath, http.StatusInternalServerError) return } w.Header().Set("Content-Type", "text/html; charset=utf-8") tmpl.Execute(w, data) } // ServeLogin serves the login page func (h *Handlers) ServeLogin(w http.ResponseWriter, r *http.Request) { h.serveTemplate(w, "auth/login.html", nil) } // ServeAppTasks serves the tasks page func (h *Handlers) ServeAppTasks(w http.ResponseWriter, r *http.Request) { h.serveTemplate(w, "app/tasks.html", nil) } // ServeAppProjects serves the projects page func (h *Handlers) ServeAppProjects(w http.ResponseWriter, r *http.Request) { h.serveTemplate(w, "app/projects.html", nil) } // ServeAppProject serves a single project page func (h *Handlers) ServeAppProject(w http.ResponseWriter, r *http.Request) { h.serveTemplate(w, "app/project.html", nil) } // ServeAppRequest serves a request detail page func (h *Handlers) ServeAppRequest(w http.ResponseWriter, r *http.Request) { h.serveTemplate(w, "app/request.html", nil) } // GetRequestDetail handles GET /api/requests/{requestID} func (h *Handlers) GetRequestDetail(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) requestID := chi.URLParam(r, "requestID") entry, err := lib.EntryByID(h.DB, h.Cfg, requestID) if err != nil || entry == nil { ErrorResponse(w, http.StatusNotFound, "not_found", "Request not found") return } // Check access if err := lib.CheckAccessRead(h.DB, actorID, entry.ProjectID, ""); err != nil { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } // Get children (answers, comments) children, err := lib.EntriesByParent(h.DB, h.Cfg, requestID) if err != nil { children = []lib.Entry{} } JSONResponse(w, http.StatusOK, map[string]any{ "request": entry, "children": children, }) } func generateToken() string { b := make([]byte, 32) rand.Read(b) return hex.EncodeToString(b) } // --------------------------------------------------------------------------- // Organization API endpoints // --------------------------------------------------------------------------- // ListOrgs handles GET /api/orgs — list all organizations // super_admin sees all; others see orgs they're members of func (h *Handlers) ListOrgs(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) // Check if super_admin isSuperAdmin, _ := lib.IsSuperAdmin(h.DB, actorID) var orgs []lib.Entry var err error if isSuperAdmin { // Super admin sees all organizations orgs, err = h.queryOrgsByType("") } else { // Others see orgs they have access to (via deal_org links in their projects) orgs, err = h.queryOrgsForUser(actorID) } if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to list organizations") return } // Unpack each org's data var result []map[string]any for _, org := range orgs { orgMap := h.orgToMap(&org) result = append(result, orgMap) } if result == nil { result = []map[string]any{} } JSONResponse(w, http.StatusOK, result) } func (h *Handlers) queryOrgsByType(role string) ([]lib.Entry, error) { q := `SELECT entry_id, project_id, parent_id, type, depth, search_key, search_key2, summary, data, stage, assignee_id, return_to_id, origin_id, version, deleted_at, deleted_by, key_version, created_at, updated_at, created_by FROM entries WHERE type = 'organization' AND deleted_at IS NULL ORDER BY created_at DESC` rows, err := h.DB.Conn.Query(q) if err != nil { return nil, err } defer rows.Close() var entries []lib.Entry for rows.Next() { var e lib.Entry err := rows.Scan( &e.EntryID, &e.ProjectID, &e.ParentID, &e.Type, &e.Depth, &e.SearchKey, &e.SearchKey2, &e.Summary, &e.Data, &e.Stage, &e.AssigneeID, &e.ReturnToID, &e.OriginID, &e.Version, &e.DeletedAt, &e.DeletedBy, &e.KeyVersion, &e.CreatedAt, &e.UpdatedAt, &e.CreatedBy, ) if err != nil { return nil, err } entries = append(entries, e) } return entries, rows.Err() } func (h *Handlers) queryOrgsForUser(userID string) ([]lib.Entry, error) { // Get all projects user has access to rows, err := h.DB.Conn.Query( `SELECT DISTINCT e.entry_id, e.project_id, e.parent_id, e.type, e.depth, e.search_key, e.search_key2, e.summary, e.data, e.stage, e.assignee_id, e.return_to_id, e.origin_id, e.version, e.deleted_at, e.deleted_by, e.key_version, e.created_at, e.updated_at, e.created_by FROM entries e WHERE e.type = 'organization' AND e.deleted_at IS NULL AND e.entry_id IN ( SELECT DISTINCT json_extract(e2.data, '$.org_id') FROM entries e2 JOIN access a ON a.project_id = e2.project_id WHERE a.user_id = ? AND a.revoked_at IS NULL AND e2.type = 'deal_org' AND e2.deleted_at IS NULL ) ORDER BY e.created_at DESC`, userID, ) if err != nil { return nil, err } defer rows.Close() var entries []lib.Entry for rows.Next() { var e lib.Entry err := rows.Scan( &e.EntryID, &e.ProjectID, &e.ParentID, &e.Type, &e.Depth, &e.SearchKey, &e.SearchKey2, &e.Summary, &e.Data, &e.Stage, &e.AssigneeID, &e.ReturnToID, &e.OriginID, &e.Version, &e.DeletedAt, &e.DeletedBy, &e.KeyVersion, &e.CreatedAt, &e.UpdatedAt, &e.CreatedBy, ) if err != nil { return nil, err } entries = append(entries, e) } return entries, rows.Err() } func (h *Handlers) orgToMap(org *lib.Entry) map[string]any { result := map[string]any{ "entry_id": org.EntryID, "type": org.Type, "created_at": org.CreatedAt, "created_by": org.CreatedBy, } // Decrypt and parse org data if len(org.Data) > 0 { key, err := lib.DeriveProjectKey(h.Cfg.MasterKey, org.ProjectID) if err == nil { dataText, err := lib.Unpack(key, org.Data) if err == nil { var orgData lib.OrgData if json.Unmarshal([]byte(dataText), &orgData) == nil { result["name"] = orgData.Name result["domains"] = orgData.Domains result["role"] = orgData.Role result["website"] = orgData.Website result["description"] = orgData.Description result["contact_name"] = orgData.ContactName result["contact_email"] = orgData.ContactEmail } } } } return result } // CreateOrg handles POST /api/orgs — create a new organization // ib_admin or super_admin only. Domains required. func (h *Handlers) CreateOrg(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) // Check if user is super_admin or ib_admin in any project isSuperAdmin, _ := lib.IsSuperAdmin(h.DB, actorID) isIBAdmin := h.isIBAdminAnywhere(actorID) if !isSuperAdmin && !isIBAdmin { ErrorResponse(w, http.StatusForbidden, "access_denied", "Only IB admins or super admins can create organizations") return } var req struct { Name string `json:"name"` Domains []string `json:"domains"` Role string `json:"role"` Website string `json:"website"` Description string `json:"description"` ContactName string `json:"contact_name"` ContactEmail string `json:"contact_email"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_json", "Invalid request body") return } if req.Name == "" { ErrorResponse(w, http.StatusBadRequest, "missing_fields", "Organization name required") return } if len(req.Domains) == 0 { ErrorResponse(w, http.StatusBadRequest, "missing_fields", "At least one domain required") return } // Validate domains are not empty strings for _, d := range req.Domains { if strings.TrimSpace(d) == "" { ErrorResponse(w, http.StatusBadRequest, "invalid_domains", "Empty domain not allowed") return } } // Normalize domains to lowercase for i := range req.Domains { req.Domains[i] = strings.ToLower(strings.TrimSpace(req.Domains[i])) } // Valid roles validRoles := map[string]bool{"seller": true, "buyer": true, "ib": true, "advisor": true} if req.Role != "" && !validRoles[req.Role] { ErrorResponse(w, http.StatusBadRequest, "invalid_role", "Role must be one of: seller, buyer, ib, advisor") return } now := time.Now().UnixMilli() orgID := uuid.New().String() orgData := lib.OrgData{ Name: req.Name, Domains: req.Domains, Role: req.Role, Website: req.Website, Description: req.Description, ContactName: req.ContactName, ContactEmail: req.ContactEmail, } dataJSON, _ := json.Marshal(orgData) // Organizations use their own ID as project_id for key derivation entry := &lib.Entry{ EntryID: orgID, ProjectID: orgID, // Orgs are platform level, use own ID ParentID: "", Type: lib.TypeOrganization, Depth: 0, SummaryText: req.Name, DataText: string(dataJSON), Stage: lib.StageDataroom, CreatedBy: actorID, CreatedAt: now, UpdatedAt: now, Version: 1, KeyVersion: 1, } // Pack encrypted fields key, err := lib.DeriveProjectKey(h.Cfg.MasterKey, orgID) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Key derivation failed") return } summary, err := lib.Pack(key, entry.SummaryText) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Encryption failed") return } data, err := lib.Pack(key, entry.DataText) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Encryption failed") return } entry.Summary = summary entry.Data = data // Direct insert (bypass RBAC since orgs are platform-level) _, dbErr := h.DB.Conn.Exec( `INSERT INTO entries (entry_id, project_id, parent_id, type, depth, search_key, search_key2, summary, data, stage, assignee_id, return_to_id, origin_id, version, deleted_at, deleted_by, key_version, created_at, updated_at, created_by) VALUES (?,?,?,?,?, ?,?,?,?,?, ?,?,?, ?,?,?,?, ?,?,?)`, entry.EntryID, entry.ProjectID, "", entry.Type, entry.Depth, entry.SearchKey, entry.SearchKey2, entry.Summary, entry.Data, entry.Stage, "", "", "", entry.Version, nil, nil, entry.KeyVersion, entry.CreatedAt, entry.UpdatedAt, entry.CreatedBy, ) if dbErr != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to create organization") return } JSONResponse(w, http.StatusCreated, map[string]any{ "entry_id": orgID, "name": req.Name, "domains": req.Domains, "role": req.Role, }) } func (h *Handlers) isIBAdminAnywhere(userID string) bool { var count int h.DB.Conn.QueryRow( `SELECT COUNT(*) FROM access WHERE user_id = ? AND role = ? AND revoked_at IS NULL`, userID, lib.RoleIBAdmin, ).Scan(&count) return count > 0 } // GetOrg handles GET /api/orgs/{orgID} — get a single organization func (h *Handlers) GetOrg(w http.ResponseWriter, r *http.Request) { orgID := chi.URLParam(r, "orgID") org, err := lib.EntryByID(h.DB, h.Cfg, orgID) if err != nil || org == nil || org.Type != lib.TypeOrganization { ErrorResponse(w, http.StatusNotFound, "not_found", "Organization not found") return } JSONResponse(w, http.StatusOK, h.orgToMap(org)) } // UpdateOrg handles PATCH /api/orgs/{orgID} — update an organization func (h *Handlers) UpdateOrg(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) orgID := chi.URLParam(r, "orgID") // Check permissions isSuperAdmin, _ := lib.IsSuperAdmin(h.DB, actorID) isIBAdmin := h.isIBAdminAnywhere(actorID) if !isSuperAdmin && !isIBAdmin { ErrorResponse(w, http.StatusForbidden, "access_denied", "Only IB admins or super admins can update organizations") return } // Get existing org org, err := lib.EntryByID(h.DB, h.Cfg, orgID) if err != nil || org == nil || org.Type != lib.TypeOrganization { ErrorResponse(w, http.StatusNotFound, "not_found", "Organization not found") return } var req struct { Name *string `json:"name"` Domains []string `json:"domains"` Role *string `json:"role"` Website *string `json:"website"` Description *string `json:"description"` ContactName *string `json:"contact_name"` ContactEmail *string `json:"contact_email"` Version int `json:"version"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_json", "Invalid request body") return } // Parse existing org data var orgData lib.OrgData if org.DataText != "" { json.Unmarshal([]byte(org.DataText), &orgData) } // Apply updates if req.Name != nil { orgData.Name = *req.Name } if req.Domains != nil { if len(req.Domains) == 0 { ErrorResponse(w, http.StatusBadRequest, "missing_fields", "At least one domain required") return } for i := range req.Domains { req.Domains[i] = strings.ToLower(strings.TrimSpace(req.Domains[i])) } orgData.Domains = req.Domains } if req.Role != nil { validRoles := map[string]bool{"seller": true, "buyer": true, "ib": true, "advisor": true, "": true} if !validRoles[*req.Role] { ErrorResponse(w, http.StatusBadRequest, "invalid_role", "Role must be one of: seller, buyer, ib, advisor") return } orgData.Role = *req.Role } if req.Website != nil { orgData.Website = *req.Website } if req.Description != nil { orgData.Description = *req.Description } if req.ContactName != nil { orgData.ContactName = *req.ContactName } if req.ContactEmail != nil { orgData.ContactEmail = *req.ContactEmail } dataJSON, _ := json.Marshal(orgData) org.DataText = string(dataJSON) org.SummaryText = orgData.Name org.Version = req.Version if err := lib.EntryWrite(h.DB, h.Cfg, actorID, org); err != nil { if err == lib.ErrVersionConflict { ErrorResponse(w, http.StatusConflict, "version_conflict", err.Error()) return } ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to update organization") return } JSONResponse(w, http.StatusOK, h.orgToMap(org)) } // --------------------------------------------------------------------------- // Deal Org API endpoints (per-project organization links) // --------------------------------------------------------------------------- // ListDealOrgs handles GET /api/projects/{projectID}/orgs — list orgs in this deal func (h *Handlers) ListDealOrgs(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) projectID := chi.URLParam(r, "projectID") // Check read access to project if err := lib.CheckAccessRead(h.DB, actorID, projectID, ""); err != nil { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } // Get all deal_org entries for this project rows, err := h.DB.Conn.Query( `SELECT entry_id, project_id, parent_id, type, depth, search_key, search_key2, summary, data, stage, assignee_id, return_to_id, origin_id, version, deleted_at, deleted_by, key_version, created_at, updated_at, created_by FROM entries WHERE project_id = ? AND type = 'deal_org' AND deleted_at IS NULL ORDER BY created_at DESC`, projectID, ) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to list deal organizations") return } defer rows.Close() projectKey, _ := lib.DeriveProjectKey(h.Cfg.MasterKey, projectID) var result []map[string]any for rows.Next() { var e lib.Entry err := rows.Scan( &e.EntryID, &e.ProjectID, &e.ParentID, &e.Type, &e.Depth, &e.SearchKey, &e.SearchKey2, &e.Summary, &e.Data, &e.Stage, &e.AssigneeID, &e.ReturnToID, &e.OriginID, &e.Version, &e.DeletedAt, &e.DeletedBy, &e.KeyVersion, &e.CreatedAt, &e.UpdatedAt, &e.CreatedBy, ) if err != nil { continue } dealOrgMap := map[string]any{ "deal_org_id": e.EntryID, "created_at": e.CreatedAt, "version": e.Version, } // Decrypt deal_org data if len(e.Data) > 0 { dataText, err := lib.Unpack(projectKey, e.Data) if err == nil { var dealOrgData lib.DealOrgData if json.Unmarshal([]byte(dataText), &dealOrgData) == nil { dealOrgMap["org_id"] = dealOrgData.OrgID dealOrgMap["role"] = dealOrgData.Role dealOrgMap["domain_lock"] = dealOrgData.DomainLock // Fetch org details org, err := lib.EntryByID(h.DB, h.Cfg, dealOrgData.OrgID) if err == nil && org != nil { orgDetails := h.orgToMap(org) dealOrgMap["org_name"] = orgDetails["name"] dealOrgMap["org_domains"] = orgDetails["domains"] } } } } result = append(result, dealOrgMap) } if result == nil { result = []map[string]any{} } JSONResponse(w, http.StatusOK, result) } // CreateDealOrg handles POST /api/projects/{projectID}/orgs — add org to deal func (h *Handlers) CreateDealOrg(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) projectID := chi.URLParam(r, "projectID") // Check write access to project if err := lib.CheckAccessWrite(h.DB, actorID, projectID, ""); err != nil { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } var req struct { OrgID string `json:"org_id"` Role string `json:"role"` DomainLock bool `json:"domain_lock"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_json", "Invalid request body") return } if req.OrgID == "" { ErrorResponse(w, http.StatusBadRequest, "missing_fields", "org_id required") return } // Verify org exists org, err := lib.EntryByID(h.DB, h.Cfg, req.OrgID) if err != nil || org == nil || org.Type != lib.TypeOrganization { ErrorResponse(w, http.StatusNotFound, "not_found", "Organization not found") return } // Get project entry to use as parent project, err := lib.EntryByID(h.DB, h.Cfg, projectID) if err != nil || project == nil { ErrorResponse(w, http.StatusNotFound, "not_found", "Project not found") return } now := time.Now().UnixMilli() dealOrgID := uuid.New().String() dealOrgData := lib.DealOrgData{ OrgID: req.OrgID, Role: req.Role, DomainLock: req.DomainLock, } dataJSON, _ := json.Marshal(dealOrgData) entry := &lib.Entry{ EntryID: dealOrgID, ProjectID: projectID, ParentID: projectID, // Parent is the project Type: lib.TypeDealOrg, Depth: 1, SummaryText: req.Role, DataText: string(dataJSON), Stage: lib.StagePreDataroom, CreatedBy: actorID, CreatedAt: now, UpdatedAt: now, Version: 1, KeyVersion: 1, } // Pack encrypted fields key, err := lib.DeriveProjectKey(h.Cfg.MasterKey, projectID) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Key derivation failed") return } summary, err := lib.Pack(key, entry.SummaryText) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Encryption failed") return } data, err := lib.Pack(key, entry.DataText) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Encryption failed") return } entry.Summary = summary entry.Data = data _, dbErr := h.DB.Conn.Exec( `INSERT INTO entries (entry_id, project_id, parent_id, type, depth, search_key, search_key2, summary, data, stage, assignee_id, return_to_id, origin_id, version, deleted_at, deleted_by, key_version, created_at, updated_at, created_by) VALUES (?,?,?,?,?, ?,?,?,?,?, ?,?,?, ?,?,?,?, ?,?,?)`, entry.EntryID, entry.ProjectID, entry.ParentID, entry.Type, entry.Depth, entry.SearchKey, entry.SearchKey2, entry.Summary, entry.Data, entry.Stage, "", "", "", entry.Version, nil, nil, entry.KeyVersion, entry.CreatedAt, entry.UpdatedAt, entry.CreatedBy, ) if dbErr != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to add organization to deal") return } // Get org name for response orgName := "" orgDetails := h.orgToMap(org) if name, ok := orgDetails["name"].(string); ok { orgName = name } JSONResponse(w, http.StatusCreated, map[string]any{ "deal_org_id": dealOrgID, "org_id": req.OrgID, "org_name": orgName, "role": req.Role, "domain_lock": req.DomainLock, }) } // DeleteDealOrg handles DELETE /api/projects/{projectID}/orgs/{dealOrgID} — remove org from deal func (h *Handlers) DeleteDealOrg(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) projectID := chi.URLParam(r, "projectID") dealOrgID := chi.URLParam(r, "dealOrgID") // Check delete access to project if err := lib.CheckAccessDelete(h.DB, actorID, projectID, ""); err != nil { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } // Verify deal_org exists and belongs to this project entry, err := lib.EntryByID(h.DB, h.Cfg, dealOrgID) if err != nil || entry == nil || entry.Type != lib.TypeDealOrg || entry.ProjectID != projectID { ErrorResponse(w, http.StatusNotFound, "not_found", "Deal organization link not found") return } if err := lib.EntryDelete(h.DB, actorID, projectID, dealOrgID); err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to remove organization from deal") return } JSONResponse(w, http.StatusOK, map[string]string{"status": "deleted"}) } // ServeAppOrgs serves the organizations page func (h *Handlers) ServeAppOrgs(w http.ResponseWriter, r *http.Request) { h.serveTemplate(w, "app/orgs.html", nil) } // --------------------------------------------------------------------------- // Request Import/List API endpoints // --------------------------------------------------------------------------- // ListRequests handles GET /api/projects/{projectID}/requests // Returns all request entries for a project, sorted by section + item_number func (h *Handlers) ListRequests(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) projectID := chi.URLParam(r, "projectID") if err := lib.CheckAccessRead(h.DB, actorID, projectID, ""); err != nil { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } // Get all request entries for this project rows, err := h.DB.Conn.Query( `SELECT entry_id, project_id, parent_id, type, depth, search_key, search_key2, summary, data, stage, assignee_id, return_to_id, origin_id, version, deleted_at, deleted_by, key_version, created_at, updated_at, created_by FROM entries WHERE project_id = ? AND type = 'request' AND deleted_at IS NULL ORDER BY created_at ASC`, projectID, ) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to list requests") return } defer rows.Close() projectKey, _ := lib.DeriveProjectKey(h.Cfg.MasterKey, projectID) type RequestItem struct { EntryID string `json:"entry_id"` ProjectID string `json:"project_id"` Section string `json:"section"` ItemNumber string `json:"item_number"` Title string `json:"title"` Priority string `json:"priority"` Status string `json:"status"` CreatedAt int64 `json:"created_at"` Data lib.RequestData `json:"data"` } var requests []RequestItem for rows.Next() { var e lib.Entry err := rows.Scan( &e.EntryID, &e.ProjectID, &e.ParentID, &e.Type, &e.Depth, &e.SearchKey, &e.SearchKey2, &e.Summary, &e.Data, &e.Stage, &e.AssigneeID, &e.ReturnToID, &e.OriginID, &e.Version, &e.DeletedAt, &e.DeletedBy, &e.KeyVersion, &e.CreatedAt, &e.UpdatedAt, &e.CreatedBy, ) if err != nil { continue } item := RequestItem{ EntryID: e.EntryID, ProjectID: e.ProjectID, CreatedAt: e.CreatedAt, } // Decrypt data if len(e.Data) > 0 { dataText, err := lib.Unpack(projectKey, e.Data) if err == nil { var reqData lib.RequestData if json.Unmarshal([]byte(dataText), &reqData) == nil { item.Section = reqData.Section item.ItemNumber = reqData.ItemNumber item.Title = reqData.Title item.Priority = reqData.Priority item.Status = reqData.Status item.Data = reqData } } } requests = append(requests, item) } // Sort by section, then item_number // (already sorted by created_at from query, which preserves import order) if requests == nil { requests = []RequestItem{} } JSONResponse(w, http.StatusOK, requests) } // ImportRequests handles POST /api/projects/{projectID}/requests/import // Accepts multipart form with CSV/XLSX file, mode (add/replace), section_filter, create_workstreams func (h *Handlers) ImportRequests(w http.ResponseWriter, r *http.Request) { actorID := UserIDFromContext(r.Context()) projectID := chi.URLParam(r, "projectID") if err := lib.CheckAccessWrite(h.DB, actorID, projectID, ""); err != nil { ErrorResponse(w, http.StatusForbidden, "access_denied", "Access denied") return } // Parse multipart form (max 20MB) if err := r.ParseMultipartForm(20 << 20); err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_form", "Failed to parse form data") return } file, header, err := r.FormFile("file") if err != nil { ErrorResponse(w, http.StatusBadRequest, "missing_file", "File is required") return } defer file.Close() mode := r.FormValue("mode") if mode == "" { mode = "add" } sectionFilter := r.FormValue("section_filter") createWorkstreams := r.FormValue("create_workstreams") == "true" // Read file into memory raw, err := io.ReadAll(file) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Failed to read file") return } // Detect file type by extension or magic bytes fname := strings.ToLower(header.Filename) isXLSX := strings.HasSuffix(fname, ".xlsx") || strings.HasSuffix(fname, ".xls") || (len(raw) >= 2 && raw[0] == 'P' && raw[1] == 'K') var rows [][]string if isXLSX { xf, err := excelize.OpenReader(bytes.NewReader(raw)) if err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_xlsx", "Failed to parse XLSX: "+err.Error()) return } sheetName := xf.GetSheetName(0) xlRows, err := xf.GetRows(sheetName) if err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_xlsx", "Failed to read sheet: "+err.Error()) return } rows = xlRows } else { reader := csv.NewReader(bufio.NewReader(bytes.NewReader(raw))) reader.FieldsPerRecord = -1 reader.TrimLeadingSpace = true csvRows, err := reader.ReadAll() if err != nil { ErrorResponse(w, http.StatusBadRequest, "invalid_csv", "Failed to parse CSV: "+err.Error()) return } rows = csvRows } // Log first 12 rows for debugging for ri, row := range rows { if ri >= 12 { break } log.Printf("[import-debug] row %d: %v", ri, row) } // Smart header detection: scan first 12 rows for keyword matches idxSection := -1 idxItem := -1 idxDesc := -1 idxPriority := -1 headerRowIdx := 0 bestScore := 0 for ri, record := range rows { if ri >= 12 { break } score := 0 tmpSection, tmpItem, tmpDesc, tmpPri := -1, -1, -1, -1 for ci, cell := range record { h := strings.ToLower(strings.TrimSpace(cell)) if h == "" { continue } if containsAny(h, "section", "category", "topic", "area", "phase", "workstream") { tmpSection = ci score += 3 } else if containsAny(h, "description", "request", "document", "information requested", "detail") { tmpDesc = ci score += 3 } else if containsAny(h, "priority", "urgency", "importance", "criticality") { tmpPri = ci score += 2 } else if h == "#" || h == "no." || h == "no" || h == "item #" || h == "item#" || containsAny(h, "item no", "ref no", "ref #") { tmpItem = ci score += 2 } } if score > bestScore { bestScore = score headerRowIdx = ri if tmpSection >= 0 { idxSection = tmpSection } if tmpItem >= 0 { idxItem = tmpItem } if tmpDesc >= 0 { idxDesc = tmpDesc } if tmpPri >= 0 { idxPriority = tmpPri } } } // Fall back to positional if no header found if bestScore < 2 { headerRowIdx = 0 idxSection = 0 idxItem = 1 idxDesc = 2 } // If desc still not found, pick column with longest average text if idxDesc < 0 && len(rows) > headerRowIdx+1 { maxLen := 0 for ci := range rows[headerRowIdx] { total := 0 count := 0 for ri := headerRowIdx + 1; ri < len(rows) && ri < headerRowIdx+20; ri++ { if ci < len(rows[ri]) { total += len(strings.TrimSpace(rows[ri][ci])) count++ } } avg := 0 if count > 0 { avg = total / count } if avg > maxLen && ci != idxSection && ci != idxItem { maxLen = avg idxDesc = ci } } } log.Printf("[import-debug] header at row %d (score=%d) | section=%d item=%d desc=%d priority=%d", headerRowIdx, bestScore, idxSection, idxItem, idxDesc, idxPriority) // Parse rows into request items type reqRow struct { section, itemNumber, description, priority string } var items []reqRow sections := make(map[string]bool) for ri, record := range rows { if ri <= headerRowIdx { continue } if len(record) == 0 { continue } // Skip blank rows allBlank := true for _, c := range record { if strings.TrimSpace(c) != "" { allBlank = false break } } if allBlank { continue } get := func(idx int) string { if idx >= 0 && idx < len(record) { return strings.TrimSpace(record[idx]) } return "" } desc := get(idxDesc) if desc == "" { continue } section := get(idxSection) if sectionFilter != "" && !strings.EqualFold(section, sectionFilter) { continue } priority := "medium" if idxPriority >= 0 { p := strings.ToLower(get(idxPriority)) switch { case strings.Contains(p, "high") || strings.Contains(p, "critical") || strings.Contains(p, "urgent"): priority = "high" case strings.Contains(p, "low") || strings.Contains(p, "nice") || strings.Contains(p, "optional"): priority = "low" } } items = append(items, reqRow{ section: section, itemNumber: get(idxItem), description: desc, priority: priority, }) sections[section] = true } if len(items) == 0 { ErrorResponse(w, http.StatusBadRequest, "no_items", "No valid items found in file") return } // Handle replace mode: delete existing requests if mode == "replace" { _, err := h.DB.Conn.Exec( `UPDATE entries SET deleted_at = ?, deleted_by = ? WHERE project_id = ? AND type = 'request' AND deleted_at IS NULL`, time.Now().UnixMilli(), actorID, projectID, ) if err != nil { log.Printf("Failed to delete existing requests: %v", err) } } // Insert request entries projectKey, err := lib.DeriveProjectKey(h.Cfg.MasterKey, projectID) if err != nil { ErrorResponse(w, http.StatusInternalServerError, "internal", "Key derivation failed") return } now := time.Now().UnixMilli() imported := 0 skipped := 0 for _, item := range items { entryID := uuid.New().String() // Build summary (first 120 chars of title/description) summary := item.description if len(summary) > 120 { summary = summary[:120] } // Build request data reqData := lib.RequestData{ Title: item.description, ItemNumber: item.itemNumber, Section: item.section, Description: item.description, Priority: item.priority, Status: "open", } dataJSON, _ := json.Marshal(reqData) // Pack encrypted fields summaryPacked, err := lib.Pack(projectKey, summary) if err != nil { skipped++ continue } dataPacked, err := lib.Pack(projectKey, string(dataJSON)) if err != nil { skipped++ continue } // Insert entry _, err = h.DB.Conn.Exec( `INSERT INTO entries (entry_id, project_id, parent_id, type, depth, search_key, search_key2, summary, data, stage, assignee_id, return_to_id, origin_id, version, deleted_at, deleted_by, key_version, created_at, updated_at, created_by) VALUES (?,?,?,?,?, ?,?,?,?,?, ?,?,?, ?,?,?,?, ?,?,?)`, entryID, projectID, projectID, lib.TypeRequest, 1, nil, nil, summaryPacked, dataPacked, lib.StagePreDataroom, "", "", "", 1, nil, nil, 1, now, now, actorID, ) if err != nil { log.Printf("Failed to insert request: %v", err) skipped++ continue } imported++ } // Create workstreams if requested if createWorkstreams { for section := range sections { if section == "" { continue } // Check if workstream already exists var count int h.DB.Conn.QueryRow( `SELECT COUNT(*) FROM entries WHERE project_id = ? AND type = 'workstream' AND deleted_at IS NULL`, projectID, ).Scan(&count) // Create workstream entry wsID := uuid.New().String() wsData := lib.WorkstreamData{Name: section, Description: ""} wsDataJSON, _ := json.Marshal(wsData) wsSummaryPacked, _ := lib.Pack(projectKey, section) wsDataPacked, _ := lib.Pack(projectKey, string(wsDataJSON)) h.DB.Conn.Exec( `INSERT INTO entries (entry_id, project_id, parent_id, type, depth, search_key, search_key2, summary, data, stage, assignee_id, return_to_id, origin_id, version, deleted_at, deleted_by, key_version, created_at, updated_at, created_by) VALUES (?,?,?,?,?, ?,?,?,?,?, ?,?,?, ?,?,?,?, ?,?,?)`, wsID, projectID, projectID, lib.TypeWorkstream, 1, nil, nil, wsSummaryPacked, wsDataPacked, lib.StagePreDataroom, "", "", "", 1, nil, nil, 1, now, now, actorID, ) } } // Build sections list sectionList := make([]string, 0, len(sections)) for s := range sections { if s != "" { sectionList = append(sectionList, s) } } log.Printf("[import] total rows: %d, header row: %d, imported: %d, skipped: %d, sections: %v", len(rows), headerRowIdx, imported, skipped, sectionList) JSONResponse(w, http.StatusOK, map[string]any{ "imported": imported, "skipped": skipped, "sections": sectionList, }) } // containsAny checks if s contains any of the given substrings func containsAny(s string, subs ...string) bool { for _, sub := range subs { if strings.Contains(s, sub) { return true } } return false }