refactor dashboard

Author: jamesholcombe

packages/api/src/authz/service.ts

@@ -111,15 +111,44 @@ export class AuthorizationService {
   /**
    * Get project context including organization and visibility
    */
-  async getProjectContext(projectId: string): Promise<ProjectContext> {
+  async getProjectContext(
+    projectId: string,
+    organizationId?: string
+  ): Promise<ProjectContext> {
     try {
+      console.log(
+        `[AUTHZ] Getting project context for projectId: ${projectId}, organizationId: ${organizationId}`
+      );
+
+      const whereConditions = organizationId
+        ? and(
+            eq(project.id, projectId),
+            eq(project.organizationId, organizationId)
+          )
+        : eq(project.id, projectId);
+
       const [projectData] = await db
         .select()
         .from(project)
-        .where(eq(project.id, projectId))
+        .where(whereConditions)
         .limit(1);
 
+      console.log(
+        `[AUTHZ] Project query result:`,
+        projectData
+          ? {
+              id: projectData.id,
+              organizationId: projectData.organizationId,
+              name: projectData.name,
+              visibility: projectData.visibility,
+            }
+          : "null"
+      );
+
       if (!projectData) {
+        console.log(
+          `[AUTHZ] Project not found for projectId: ${projectId}, organizationId: ${organizationId}`
+        );
         throw new ApiError("Project not found", 404);
       }
 
@@ -141,10 +170,14 @@ export class AuthorizationService {
   async canAccessProject(
     userId: string,
     projectId: string,
-    action: Permission
+    action: Permission,
+    organizationId?: string
   ): Promise<boolean> {
     try {
-      const projectContext = await this.getProjectContext(projectId);
+      const projectContext = await this.getProjectContext(
+        projectId,
+        organizationId
+      );
       const userContext = await this.getUserContext(
         userId,
         projectContext.organizationId
@@ -201,9 +234,16 @@ export class AuthorizationService {
   /**
    * Check if user can view project based on visibility
    */
-  async canViewProject(userId: string, projectId: string): Promise<boolean> {
+  async canViewProject(
+    userId: string,
+    projectId: string,
+    organizationId?: string
+  ): Promise<boolean> {
     try {
-      const projectContext = await this.getProjectContext(projectId);
+      const projectContext = await this.getProjectContext(
+        projectId,
+        organizationId
+      );
       const userContext = await this.getUserContext(
         userId,
         projectContext.organizationId

packages/api/src/middleware/authorization.ts

@@ -33,12 +33,17 @@ export function requirePermission(options: AuthorizationOptions) {
 
       if (options.resource === "project") {
         if (options.action === "read") {
-          hasPermission = await authzService.canViewProject(userId, resourceId);
+          hasPermission = await authzService.canViewProject(
+            userId,
+            resourceId,
+            organizationId
+          );
         } else {
           hasPermission = await authzService.canAccessProject(
             userId,
             resourceId,
-            options.action
+            options.action,
+            organizationId
           );
         }
       } else if (options.resource === "organization" && organizationId) {
@@ -72,6 +77,8 @@ export function requireProjectAccess(action: Permission = "read") {
     resource: "project",
     action,
     getResourceId: (req) => req.params.projectId as string,
+    getOrganizationId: (req) =>
+      req.organizationId || (req.params.organizationId as string),
   });
 }
 

packages/api/src/routes/projects.ts

@@ -19,6 +19,13 @@ import {
   createProject,
   updateProject,
 } from "../services/db/projects";
+import {
+  getDashboardStats,
+  getZones,
+  getProjectCentroidGeoJSON,
+  getLocationsForProject,
+  getProjectTeamMembers,
+} from "../services/db/dashboard";
 import { ApiError } from "../types";
 import { projectInsertSchema } from "@common/db/schema/project";
 
@@ -144,4 +151,87 @@ router.get(
   })
 );
 
+// Dashboard routes
+// Get dashboard statistics for a project
+router.get(
+  "/:projectId/dashboard/stats",
+  extractOrganizationContext,
+  requireProjectView(),
+  validateParams(getProjectParams),
+  asyncHandler(async (req, res) => {
+    const { projectId } = req.params as { projectId: string };
+
+    const stats = await getDashboardStats(projectId);
+
+    sendSuccess(res, stats, "Dashboard statistics retrieved successfully");
+  })
+);
+
+// Get zones for a project
+router.get(
+  "/:projectId/dashboard/zones",
+  extractOrganizationContext,
+  requireProjectView(),
+  validateParams(getProjectParams),
+  asyncHandler(async (req, res) => {
+    const { projectId } = req.params as { projectId: string };
+
+    const zones = await getZones(projectId);
+
+    sendSuccess(res, zones, "Zones retrieved successfully");
+  })
+);
+
+// Get project centroid for map
+router.get(
+  "/:projectId/dashboard/centroid",
+  extractOrganizationContext,
+  requireProjectView(),
+  validateParams(getProjectParams),
+  asyncHandler(async (req, res) => {
+    const { projectId } = req.params as { projectId: string };
+
+    const centroid = await getProjectCentroidGeoJSON(projectId);
+
+    sendSuccess(res, centroid, "Project centroid retrieved successfully");
+  })
+);
+
+// Get locations for a project
+router.get(
+  "/:projectId/dashboard/locations",
+  extractOrganizationContext,
+  requireProjectView(),
+  validateParams(getProjectParams),
+  asyncHandler(async (req, res) => {
+    const { projectId } = req.params as { projectId: string };
+
+    const locations = await getLocationsForProject(projectId);
+
+    sendSuccess(res, locations, "Locations retrieved successfully");
+  })
+);
+
+// Get project team members
+router.get(
+  "/:projectId/dashboard/team",
+  extractOrganizationContext,
+  requireProjectView(),
+  validateParams(getProjectParams),
+  asyncHandler(async (req, res) => {
+    const { projectId } = req.params as { projectId: string };
+    const page = parseInt(req.query.page as string) || 1;
+    const pageSize = parseInt(req.query.pageSize as string) || 100;
+    const search = req.query.search as string;
+
+    const team = await getProjectTeamMembers(projectId, {
+      search,
+      page,
+      pageSize,
+    });
+
+    sendSuccess(res, team, "Project team members retrieved successfully");
+  })
+);
+
 export default router;

packages/api/src/services/db/dashboard.ts

@@ -0,0 +1,185 @@
+import { db } from "./database";
+import { eq, countDistinct, avg, min, max, sql } from "drizzle-orm";
+import { zone } from "@common/db/schema/zone";
+import { location_details } from "@common/db/schema/data/location_details";
+import { sample_information } from "@common/db/schema/data/sample_information";
+import { standard_penetration_test_results } from "@common/db/schema/data/standard_penetration_test_results";
+import { userProject, project } from "@common/db/schema/project";
+import { user } from "@common/db/schema/user";
+
+// Dashboard statistics
+export async function getDashboardStats(projectId: string) {
+  const [numberOfSamples, avgDepth, numberOfBoreholes, sptStats] =
+    await Promise.all([
+      getNumberOfSamples(projectId),
+      getAvgDepthOfBorehole(projectId),
+      getNumberOfBoreholes(projectId),
+      getSptNValueStats(projectId),
+    ]);
+
+  return {
+    numberOfSamples,
+    avgDepth,
+    numberOfBoreholes,
+    sptStats,
+  };
+}
+
+export async function getNumberOfSamples(projectId: string): Promise<number> {
+  const result = await db
+    .select({ count: countDistinct(sample_information.id) })
+    .from(sample_information)
+    .innerJoin(
+      location_details,
+      eq(sample_information.locationDetailsId, location_details.id)
+    )
+    .where(eq(location_details.projectId, projectId));
+  return Number(result[0]?.count) || 0;
+}
+
+export async function getAvgDepthOfBorehole(
+  projectId: string
+): Promise<number> {
+  const result = await db
+    .select({ avg: avg(location_details.finalDepth) })
+    .from(location_details)
+    .where(eq(location_details.projectId, projectId));
+  return Number(result[0]?.avg) || 0;
+}
+
+export async function getNumberOfBoreholes(projectId: string): Promise<number> {
+  const result = await db
+    .select({ count: countDistinct(location_details.id) })
+    .from(location_details)
+    .where(eq(location_details.projectId, projectId));
+  return Number(result[0]?.count) || 0;
+}
+
+export async function getSptNValueStats(
+  projectId: string
+): Promise<{ min: number; avg: number; max: number }> {
+  const result = await db
+    .select({
+      min: min(standard_penetration_test_results.sptNValue),
+      avg: avg(standard_penetration_test_results.sptNValue),
+      max: max(standard_penetration_test_results.sptNValue),
+    })
+    .from(standard_penetration_test_results)
+    .innerJoin(
+      location_details,
+      eq(
+        standard_penetration_test_results.locationDetailsId,
+        location_details.id
+      )
+    )
+    .where(eq(location_details.projectId, projectId));
+
+  return {
+    min: Number(result[0]?.min) || 0,
+    avg: Number(result[0]?.avg) || 0,
+    max: Number(result[0]?.max) || 0,
+  };
+}
+
+// Zones
+export async function getZones(projectId: string) {
+  const zones = await db
+    .select()
+    .from(zone)
+    .where(eq(zone.projectId, projectId));
+  return zones;
+}
+
+// Map data
+export async function getProjectCentroidGeoJSON(
+  projectId: string
+): Promise<GeoJSON.Point | null> {
+  const locationsSubQuery = db
+    .select({ geometry: location_details.geometry })
+    .from(location_details)
+    .where(eq(location_details.projectId, projectId))
+    .as("project_locations");
+
+  const [result] = await db
+    .select({
+      geojson: sql<string>`ST_AsGeoJSON(ST_Centroid(ST_Collect(geometry)))`,
+    })
+    .from(locationsSubQuery)
+    .execute();
+
+  if (!result?.geojson) {
+    return null;
+  }
+
+  const geojson = JSON.parse(result.geojson) as GeoJSON.Point;
+
+  // Validate that the parsed result is a GeoJSON Point
+  if (geojson.type !== "Point" || !Array.isArray(geojson.coordinates)) {
+    return null;
+  }
+
+  return geojson;
+}
+
+export async function getLocationsForProject(projectId: string) {
+  const locations = await db
+    .select()
+    .from(location_details)
+    .where(eq(location_details.projectId, projectId));
+  return locations;
+}
+
+// Project team members
+export async function getProjectTeamMembers(
+  projectId: string,
+  options: {
+    search?: string;
+    page?: number;
+    pageSize?: number;
+  } = {}
+) {
+  const { search, page = 1, pageSize = 10 } = options;
+  const offset = (page - 1) * pageSize;
+
+  const teamMembers = await db
+    .select({
+      user: user,
+      role: userProject.role,
+      total: sql<number>`count(*) over()`,
+    })
+    .from(userProject)
+    .innerJoin(user, eq(user.id, userProject.userId))
+    .innerJoin(project, eq(project.id, userProject.projectId))
+    .where(
+      eq(userProject.projectId, projectId)
+      // Note: search functionality would need to be added here if needed
+    )
+    .limit(pageSize)
+    .offset(offset)
+    .orderBy(userProject.role);
+
+  if (teamMembers.length === 0) {
+    return {
+      users: [],
+      pagination: {
+        total: 0,
+        pageSize,
+        page,
+        totalPages: 0,
+      },
+    };
+  }
+
+  return {
+    users: teamMembers.map(({ user, role }) => ({
+      user,
+      role,
+    })),
+    pagination: {
+      total: teamMembers[0].total,
+      pageSize,
+      page,
+      totalPages: Math.ceil(teamMembers[0].total / pageSize),
+    },
+  };
+}