import { Router } from 'express'; import pool from '../db'; const router = Router(); const RM_API = process.env.RAINMAKER_API_URL || 'http://127.0.0.1:3021/api'; const RAINMAKER_PROPERTY_ID = 'rainmaker_web'; async function proxyToRainmaker(path: string, method: string = 'GET', body?: any) { const res = await fetch(`${RM_API}${path}`, { method, headers: { 'Content-Type': 'application/json' }, body: body ? JSON.stringify(body) : undefined, }); return res.json(); } // ── Scans ── // GET /api/compliance/scans (rainmaker_web only) router.get('/scans', async (req, res) => { try { const page = parseInt(req.query.page as string) || 1; const limit = 25; const offset = (page - 1) * limit; const status = req.query.status as string; const contentType = req.query.contentType as string; // Always scope to rainmaker_web let where = `WHERE property_id = '${RAINMAKER_PROPERTY_ID}'`; const params: any[] = []; let idx = 1; if (status) { where += ` AND final_status = $${idx++}`; params.push(status); } if (contentType) { where += ` AND content_type = $${idx++}`; params.push(contentType); } const countQ = await pool.query(`SELECT COUNT(*) FROM rm_compliance_scans ${where}`, params); const total = parseInt(countQ.rows[0].count); const { rows } = await pool.query( `SELECT id, content_id, content_type, content_source, policy_version, severity_score, risk_score_after, final_status, rewrite_attempted, rewrite_passed, applied_at, reviewed_by, created_at, property_id, jsonb_array_length(findings) AS findings_count FROM rm_compliance_scans ${where} ORDER BY created_at DESC LIMIT $${idx++} OFFSET $${idx}`, [...params, limit, offset] ); res.json({ scans: rows, total, page, pages: Math.ceil(total / limit) }); } catch (err: any) { console.error('[CRM-COMPLIANCE] List scans error:', err); res.status(500).json({ error: err.message }); } }); // GET /api/compliance/scans/:id router.get('/scans/:id', async (req, res) => { try { const { rows: scans } = await pool.query( 'SELECT * FROM rm_compliance_scans WHERE id = $1', [req.params.id] ); if (scans.length === 0) return res.status(404).json({ error: 'Scan not found' }); const { rows: hits } = await pool.query( 'SELECT * FROM rm_compliance_rule_hits WHERE scan_id = $1 ORDER BY created_at', [req.params.id] ); res.json({ scan: scans[0], ruleHits: hits }); } catch (err: any) { res.status(500).json({ error: err.message }); } }); // POST /api/compliance/scan — proxy to Rainmaker (always rainmaker_web) router.post('/scan', async (req, res) => { try { const body = { ...req.body, propertyId: RAINMAKER_PROPERTY_ID }; const result = await proxyToRainmaker('/compliance/scan', 'POST', body); res.json(result); } catch (err: any) { res.status(500).json({ error: err.message }); } }); // POST /api/compliance/apply — proxy to Rainmaker (always rainmaker_web) router.post('/apply', async (req, res) => { try { const body = { ...req.body, propertyId: RAINMAKER_PROPERTY_ID }; const result = await proxyToRainmaker('/compliance/apply', 'POST', body); res.json(result); } catch (err: any) { res.status(500).json({ error: err.message }); } }); // POST /api/compliance/review — admin review router.post('/review', async (req, res) => { try { const result = await proxyToRainmaker('/compliance/review', 'POST', req.body); res.json(result); } catch (err: any) { res.status(500).json({ error: err.message }); } }); // ── Policies ── // GET /api/compliance/policies router.get('/policies', async (_req, res) => { try { const { rows } = await pool.query( `SELECT * FROM rm_compliance_policies WHERE property_id = $1 ORDER BY version DESC`, [RAINMAKER_PROPERTY_ID] ); res.json({ policies: rows }); } catch (err: any) { res.status(500).json({ error: err.message }); } }); // GET /api/compliance/policies/active router.get('/policies/active', async (_req, res) => { try { const { rows } = await pool.query( 'SELECT * FROM rm_compliance_policies WHERE is_active = TRUE AND property_id = $1 LIMIT 1', [RAINMAKER_PROPERTY_ID] ); res.json({ policy: rows[0] || null }); } catch (err: any) { res.status(500).json({ error: err.message }); } }); // POST /api/compliance/policies — proxy to Rainmaker router.post('/policies', async (req, res) => { try { const body = { ...req.body, propertyId: RAINMAKER_PROPERTY_ID }; const result = await proxyToRainmaker('/compliance/policies', 'POST', body); res.json(result); } catch (err: any) { res.status(500).json({ error: err.message }); } }); // POST /api/compliance/policies/:version/activate — proxy to Rainmaker router.post('/policies/:version/activate', async (req, res) => { try { const result = await proxyToRainmaker(`/compliance/policies/${req.params.version}/activate`, 'POST'); res.json(result); } catch (err: any) { res.status(500).json({ error: err.message }); } }); // ── Analytics (rainmaker_web only) ── router.get('/analytics', async (req, res) => { try { const days = parseInt(req.query.days as string) || 30; const since = new Date(); since.setDate(since.getDate() - days); const [topRules, dailyVolume, statusBreakdown, sourceBreakdown, totalScans, autoFixed] = await Promise.all([ pool.query( `SELECT rule_id, COUNT(*) AS hit_count, MAX(severity) AS max_severity FROM rm_compliance_rule_hits rh JOIN rm_compliance_scans rs ON rh.scan_id = rs.id WHERE rh.created_at >= $1 AND rs.property_id = $2 GROUP BY rule_id ORDER BY hit_count DESC LIMIT 10`, [since, RAINMAKER_PROPERTY_ID] ), pool.query( `SELECT DATE(created_at) AS day, final_status, COUNT(*) AS count FROM rm_compliance_scans WHERE created_at >= $1 AND property_id = $2 GROUP BY DATE(created_at), final_status ORDER BY day DESC`, [since, RAINMAKER_PROPERTY_ID] ), pool.query( `SELECT final_status, COUNT(*) AS count FROM rm_compliance_scans WHERE created_at >= $1 AND property_id = $2 GROUP BY final_status`, [since, RAINMAKER_PROPERTY_ID] ), pool.query( `SELECT content_source, COUNT(*) AS count FROM rm_compliance_scans WHERE created_at >= $1 AND property_id = $2 GROUP BY content_source`, [since, RAINMAKER_PROPERTY_ID] ), pool.query( `SELECT COUNT(*) AS count FROM rm_compliance_scans WHERE created_at >= $1 AND property_id = $2`, [since, RAINMAKER_PROPERTY_ID] ), pool.query( `SELECT COUNT(*) AS count FROM rm_compliance_scans WHERE created_at >= $1 AND property_id = $2 AND rewrite_attempted = TRUE AND rewrite_passed = TRUE`, [since, RAINMAKER_PROPERTY_ID] ), ]); const total = parseInt(totalScans.rows[0].count) || 0; const statusMap: Record = {}; for (const row of statusBreakdown.rows) { statusMap[row.final_status] = parseInt(row.count); } res.json({ totalScans: total, passCount: statusMap['PASS'] || 0, warnCount: statusMap['WARN'] || 0, blockCount: statusMap['BLOCK'] || 0, autoFixedCount: parseInt(autoFixed.rows[0].count), topRules: topRules.rows, dailyVolume: dailyVolume.rows, sourceBreakdown: sourceBreakdown.rows, }); } catch (err: any) { console.error('[CRM-COMPLIANCE] Analytics error:', err); res.status(500).json({ error: err.message }); } }); export default router;