Initial MRP foundation scaffold

server/src/modules/settings/router.ts

@@ -0,0 +1,45 @@
+import { permissions } from "@mrp/shared";
+import { Router } from "express";
+import { z } from "zod";
+
+import { fail, ok } from "../../lib/http.js";
+import { requirePermissions } from "../../lib/rbac.js";
+import { getActiveCompanyProfile, updateActiveCompanyProfile } from "./service.js";
+
+const companySchema = z.object({
+  companyName: z.string().min(1),
+  legalName: z.string().min(1),
+  email: z.string().email(),
+  phone: z.string().min(1),
+  website: z.string().min(1),
+  taxId: z.string().min(1),
+  addressLine1: z.string().min(1),
+  addressLine2: z.string(),
+  city: z.string().min(1),
+  state: z.string().min(1),
+  postalCode: z.string().min(1),
+  country: z.string().min(1),
+  theme: z.object({
+    primaryColor: z.string().regex(/^#([A-Fa-f0-9]{6})$/),
+    accentColor: z.string().regex(/^#([A-Fa-f0-9]{6})$/),
+    surfaceColor: z.string().regex(/^#([A-Fa-f0-9]{6})$/),
+    fontFamily: z.string().min(1),
+    logoFileId: z.string().nullable(),
+  }),
+});
+
+export const settingsRouter = Router();
+
+settingsRouter.get("/company-profile", requirePermissions([permissions.companyRead]), async (_request, response) => {
+  return ok(response, await getActiveCompanyProfile());
+});
+
+settingsRouter.put("/company-profile", requirePermissions([permissions.companyWrite]), async (request, response) => {
+  const parsed = companySchema.safeParse(request.body);
+  if (!parsed.success) {
+    return fail(response, 400, "INVALID_INPUT", "Company settings payload is invalid.");
+  }
+
+  return ok(response, await updateActiveCompanyProfile(parsed.data));
+});
+

server/src/modules/settings/service.ts

@@ -0,0 +1,72 @@
+import type { CompanyProfileDto, CompanyProfileInput } from "@mrp/shared";
+
+import { prisma } from "../../lib/prisma.js";
+
+type CompanyProfileRecord = Awaited<ReturnType<typeof prisma.companyProfile.findFirstOrThrow>>;
+
+function mapCompanyProfile(profile: CompanyProfileRecord): CompanyProfileDto {
+  return {
+    id: profile.id,
+    companyName: profile.companyName,
+    legalName: profile.legalName,
+    email: profile.email,
+    phone: profile.phone,
+    website: profile.website,
+    taxId: profile.taxId,
+    addressLine1: profile.addressLine1,
+    addressLine2: profile.addressLine2,
+    city: profile.city,
+    state: profile.state,
+    postalCode: profile.postalCode,
+    country: profile.country,
+    theme: {
+      primaryColor: profile.primaryColor,
+      accentColor: profile.accentColor,
+      surfaceColor: profile.surfaceColor,
+      fontFamily: profile.fontFamily,
+      logoFileId: profile.logoFileId,
+    },
+    logoUrl: profile.logoFileId ? `/api/v1/files/${profile.logoFileId}/content` : null,
+    updatedAt: profile.updatedAt.toISOString(),
+  };
+}
+
+export async function getActiveCompanyProfile() {
+  return mapCompanyProfile(
+    await prisma.companyProfile.findFirstOrThrow({
+      where: { isActive: true },
+    })
+  );
+}
+
+export async function updateActiveCompanyProfile(payload: CompanyProfileInput) {
+  const current = await prisma.companyProfile.findFirstOrThrow({
+    where: { isActive: true },
+  });
+
+  const profile = await prisma.companyProfile.update({
+    where: { id: current.id },
+    data: {
+      companyName: payload.companyName,
+      legalName: payload.legalName,
+      email: payload.email,
+      phone: payload.phone,
+      website: payload.website,
+      taxId: payload.taxId,
+      addressLine1: payload.addressLine1,
+      addressLine2: payload.addressLine2,
+      city: payload.city,
+      state: payload.state,
+      postalCode: payload.postalCode,
+      country: payload.country,
+      primaryColor: payload.theme.primaryColor,
+      accentColor: payload.theme.accentColor,
+      surfaceColor: payload.theme.surfaceColor,
+      fontFamily: payload.theme.fontFamily,
+      logoFileId: payload.theme.logoFileId,
+    },
+  });
+
+  return mapCompanyProfile(profile);
+}
+