7dbbf63523
Routes (additiv unter /api/v1/marketplace/*): - POST/GET /authors/me — eigenes Author-Profil anlegen/updaten/lesen - GET /authors/:slug — public Profile-Lookup (banned-reason gestrippt) - POST /decks — Deck-Init (Slug-Validation + Pflicht-Author-Profil + CHECK auf paid + Pro-License) - POST /decks/:slug/publish — Versions-Snapshot mit per-Karte cardContentHash aus @cards/domain, per-Version-Hash, AI-Mod-Stub-Log, atomarer latest_version_id-Bump in Drizzle-Transaction - PATCH /decks/:slug — Metadaten-Update (Owner-Only) - GET /decks/:slug — Public-Detail mit optional-auth-Middleware Geport aus cards-decommission-base:services/cards-server/, mit Greenfield-Anpassungen: - Hashing über @cards/domain.cardContentHash (gemeinsame SoT zwischen privatem cards.cards und marketplace.deck_cards), per- Version-Hash als SHA-256 über sortierte Karten-Hashes mit Ord-Prefix - AI-Moderation als R2-Stub (pass+rationale+model='stub'), echte mana-llm-Anbindung in späterer Welle - Auth-Middleware-Shape an Greenfield (userId/tier/authMode in c.get(...) statt user-Object), optional-auth als Schwester für anonymen Public-Read - Hono-typing: outer Marketplace-Decks-Router ist Partial<AuthVars> weil Public-GET kein JWT braucht; Auth-Subroute ist strict Lese-Referenz: - 3331 LOC altes cards-server-Code (routes, services, middleware, lib) unter docs/marketplace/archive/code/ archiviert. Read-only, nicht im Build-Path. Verifikation: - 16 neue Vitest-Tests (Slug + Version-Hash), 72 gesamt grün - type-check 0 errors - E2E-Smoke gegen lokale cards-api: Cardecky-Author + Deck r2-stoische-ethik mit 3 Karten v1.0.0 (basic + basic + cloze), per-Karten-Hashes geschrieben, ai_moderation_log-Row da, semver-409 + paid-422-Errors verifiziert. Smoke-Daten danach aufgeräumt. Verbleibend für R3+: Discovery (explore + search), Engagement (stars/ subscribe/fork), Smart-Merge mit FSRS-State-Erhalt; danach R4 PRs + Card-Discussions, R5 Frontend-Routes. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
99 lines
3 KiB
TypeScript
99 lines
3 KiB
TypeScript
import { Hono } from 'hono';
|
|
import { z } from 'zod';
|
|
import type { AuthUser } from '../middleware/jwt-auth';
|
|
import type { PullRequestService } from '../services/pull-requests';
|
|
import { BadRequestError, UnauthorizedError } from '../lib/errors';
|
|
|
|
function requireUser(user: AuthUser | undefined): AuthUser {
|
|
if (!user || !user.userId) throw new UnauthorizedError();
|
|
return user;
|
|
}
|
|
|
|
const cardTypes = [
|
|
'basic',
|
|
'basic-reverse',
|
|
'cloze',
|
|
'type-in',
|
|
'image-occlusion',
|
|
'audio',
|
|
'multiple-choice',
|
|
] as const;
|
|
|
|
const cardPayloadSchema = z.object({
|
|
type: z.enum(cardTypes),
|
|
fields: z.record(z.string(), z.string()),
|
|
});
|
|
|
|
const createPrSchema = z.object({
|
|
title: z.string().min(1).max(140),
|
|
body: z.string().max(4000).optional(),
|
|
diff: z.object({
|
|
add: z.array(cardPayloadSchema).default([]),
|
|
modify: z
|
|
.array(
|
|
cardPayloadSchema.extend({
|
|
previousContentHash: z.string().min(1),
|
|
})
|
|
)
|
|
.default([]),
|
|
remove: z.array(z.object({ contentHash: z.string().min(1) })).default([]),
|
|
}),
|
|
});
|
|
|
|
const mergeSchema = z.object({
|
|
newSemver: z
|
|
.string()
|
|
.regex(/^\d+\.\d+\.\d+$/)
|
|
.optional(),
|
|
mergeNote: z.string().max(2000).optional(),
|
|
});
|
|
|
|
export function createPullRequestRoutes(service: PullRequestService) {
|
|
const router = new Hono<{ Variables: { user?: AuthUser } }>();
|
|
|
|
router.post('/decks/:slug/pull-requests', async (c) => {
|
|
const user = requireUser(c.get('user'));
|
|
const parsed = createPrSchema.safeParse(await c.req.json().catch(() => ({})));
|
|
if (!parsed.success) throw new BadRequestError('Invalid body', parsed.error.format());
|
|
const pr = await service.create(user.userId, c.req.param('slug'), parsed.data);
|
|
return c.json(pr, 201);
|
|
});
|
|
|
|
router.get('/decks/:slug/pull-requests', async (c) => {
|
|
const url = new URL(c.req.url);
|
|
const status = url.searchParams.get('status');
|
|
const valid = ['open', 'merged', 'closed', 'rejected'] as const;
|
|
const statusFilter = (valid as readonly string[]).includes(status ?? '')
|
|
? (status as (typeof valid)[number])
|
|
: undefined;
|
|
const list = await service.list(c.req.param('slug'), statusFilter);
|
|
return c.json(list);
|
|
});
|
|
|
|
router.get('/pull-requests/:id', async (c) => {
|
|
const pr = await service.get(c.req.param('id'));
|
|
return c.json(pr);
|
|
});
|
|
|
|
router.post('/pull-requests/:id/close', async (c) => {
|
|
const user = requireUser(c.get('user'));
|
|
await service.close(user.userId, c.req.param('id'));
|
|
return c.json({ ok: true });
|
|
});
|
|
|
|
router.post('/pull-requests/:id/reject', async (c) => {
|
|
const user = requireUser(c.get('user'));
|
|
await service.reject(user.userId, c.req.param('id'));
|
|
return c.json({ ok: true });
|
|
});
|
|
|
|
router.post('/pull-requests/:id/merge', async (c) => {
|
|
const user = requireUser(c.get('user'));
|
|
const parsed = mergeSchema.safeParse(await c.req.json().catch(() => ({})));
|
|
if (!parsed.success) throw new BadRequestError('Invalid body', parsed.error.format());
|
|
const result = await service.merge(user.userId, c.req.param('id'), parsed.data);
|
|
return c.json(result, 201);
|
|
});
|
|
|
|
return router;
|
|
}
|