Mike/Kordant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix review findings for info broker removal service FRE-5402

Browse Source 
P0 fixes:
- Add CANCELLED status to RemovalStatus enum (types + Prisma schema)
- Use CANCELLED instead of REJECTED for user-initiated cancellations
- Add null guard for req.broker?.name in GET /request/:id
- Remove unsafe 'as any' casts in RemoveBrokersService.ts
- Add type-safe toPersonalInfo() validator for JSON deserialization
- Type RemovalRequestWithBroker properly in getRemovalStatus()
- Fix alert: any to NormalizedAlertInput in BrokerAlertPipeline

P1 fixes:
- Fix admin role check: remove non-existent 'admin', only check 'support'
- Fix BrokerDefinition.category type from string to BrokerCategory
- Add complete OpenAPI spec for all removebrokers routes and schemas
This commit is contained in:
Michael Freno
2026-05-17 02:30:00 -04:00
parent e9e547be78
commit 7410813f4e
6 changed files with 3673 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3629
packages/api/src/openapi/spec.json Normal file
View File

File diff suppressed because it is too large Load Diff

8
packages/api/src/routes/removebrokers.routes.ts
View File

@@ -270,7 +270,7 @@ export async function removebrokersRoutes(fastify: FastifyInstance) {
request: {
id: req.id,
brokerId: req.brokerId,
brokerName: req.broker.name,
brokerName: req.broker?.name || null,
status: req.status,
method: req.method,
attempts: req.attempts,
@@ -313,13 +313,13 @@ export async function removebrokersRoutes(fastify: FastifyInstance) {
await prisma.removalRequest.update({
where: { id },
data: { status: RemovalStatus.REJECTED },
data: { status: RemovalStatus.CANCELLED },
});
return reply.send({
request: {
id: req.id,
status: RemovalStatus.REJECTED,
status: RemovalStatus.CANCELLED,
},
});
} catch (error) {
@@ -335,7 +335,7 @@ export async function removebrokersRoutes(fastify: FastifyInstance) {
return reply.code(401).send({ error: 'User not authenticated' });
}
if (authReq.user.role !== 'admin' && authReq.user.role !== 'support') {
if (authReq.user.role !== 'support') {
return reply.code(403).send({ error: 'Admin access required' });
}