feat: refactor session retrieval logic to utilize generic session queries, enhancing code maintainability and reducing duplication across session types

2026-02-17 14:38:54 +01:00
parent aad4b7f111
commit 4d04d3ede8
11 changed files with 777 additions and 1499 deletions
--- a/src/services/sessions.ts
+++ b/src/services/sessions.ts
@@ -1,232 +1,103 @@
 import { prisma } from '@/services/database';
 import { resolveCollaborator } from '@/services/auth';
-import { getTeamMemberIdsForAdminTeams, isAdminOfUser } from '@/services/teams';
+import { getTeamMemberIdsForAdminTeams } from '@/services/teams';
+import { createSessionPermissionChecks } from '@/services/session-permissions';
+import { createShareAndEventHandlers } from '@/services/session-share-events';
+import {
+  mergeSessionsByUserId,
+  fetchTeamCollaboratorSessions,
+  getSessionByIdGeneric,
+} from '@/services/session-queries';
 import type { SwotCategory, ShareRole } from '@prisma/client';

+const sessionInclude = {
+  user: { select: { id: true, name: true, email: true } },
+  shares: { include: { user: { select: { id: true, name: true, email: true } } } },
+  _count: { select: { items: true, actions: true } },
+};
+
 // ============================================
 // Session CRUD
 // ============================================

 export async function getSessionsByUserId(userId: string) {
-  // Get owned sessions + shared sessions
-  const [owned, shared] = await Promise.all([
-    prisma.session.findMany({
-      where: { userId },
-      include: {
-        user: { select: { id: true, name: true, email: true } },
-        shares: {
-          include: {
-            user: { select: { id: true, name: true, email: true } },
-          },
-        },
-        _count: {
-          select: {
-            items: true,
-            actions: true,
-          },
-        },
-      },
-      orderBy: { updatedAt: 'desc' },
-    }),
-    prisma.sessionShare.findMany({
-      where: { userId },
-      include: {
-        session: {
-          include: {
-            user: { select: { id: true, name: true, email: true } },
-            shares: {
-              include: {
-                user: { select: { id: true, name: true, email: true } },
-              },
-            },
-            _count: {
-              select: {
-                items: true,
-                actions: true,
-              },
-            },
-          },
-        },
-      },
-    }),
-  ]);
-
-  // Mark owned sessions and merge with shared
-  const ownedWithRole = owned.map((s) => ({
-    ...s,
-    isOwner: true as const,
-    role: 'OWNER' as const,
-  }));
-  const sharedWithRole = shared.map((s) => ({
-    ...s.session,
-    isOwner: false as const,
-    role: s.role,
-    sharedAt: s.createdAt,
-  }));
-
-  const allSessions = [...ownedWithRole, ...sharedWithRole].sort(
-    (a, b) => new Date(b.updatedAt).getTime() - new Date(a.updatedAt).getTime()
+  return mergeSessionsByUserId(
+    (uid) =>
+      prisma.session.findMany({
+        where: { userId: uid },
+        include: sessionInclude,
+        orderBy: { updatedAt: 'desc' },
+      }),
+    (uid) =>
+      prisma.sessionShare.findMany({
+        where: { userId: uid },
+        include: { session: { include: sessionInclude } },
+      }),
+    userId,
+    (s) => resolveCollaborator(s.collaborator).then((r) => ({ resolvedCollaborator: r }))
  );
-
-  // Resolve collaborators to users
-  const sessionsWithResolved = await Promise.all(
-    allSessions.map(async (s) => ({
-      ...s,
-      resolvedCollaborator: await resolveCollaborator(s.collaborator),
-    }))
-  );
-
-  return sessionsWithResolved;
 }

 /** Sessions owned by team members (where user is team admin) that are NOT shared with the user. */
 export async function getTeamCollaboratorSessionsForAdmin(userId: string) {
-  const teamMemberIds = await getTeamMemberIdsForAdminTeams(userId);
-  if (teamMemberIds.length === 0) return [];
-
-  const sessions = await prisma.session.findMany({
-    where: {
-      userId: { in: teamMemberIds },
-      shares: { none: { userId } },
-    },
-    include: {
-      user: { select: { id: true, name: true, email: true } },
-      shares: {
-        include: {
-          user: { select: { id: true, name: true, email: true } },
-        },
-      },
-      _count: {
-        select: {
-          items: true,
-          actions: true,
-        },
-      },
-    },
-    orderBy: { updatedAt: 'desc' },
-  });
-
-  const withRole = sessions.map((s) => ({
-    ...s,
-    isOwner: false as const,
-    role: 'VIEWER' as const,
-    isTeamCollab: true as const,
-    canEdit: true as const, // Admin has full rights on team member sessions
-  }));
-
-  return Promise.all(
-    withRole.map(async (s) => ({
-      ...s,
-      resolvedCollaborator: await resolveCollaborator(s.collaborator),
-    }))
+  return fetchTeamCollaboratorSessions(
+    (teamMemberIds, uid) =>
+      prisma.session.findMany({
+        where: { userId: { in: teamMemberIds }, shares: { none: { userId: uid } } },
+        include: sessionInclude,
+        orderBy: { updatedAt: 'desc' },
+      }),
+    getTeamMemberIdsForAdminTeams,
+    userId,
+    (s) => resolveCollaborator(s.collaborator).then((r) => ({ resolvedCollaborator: r }))
  );
 }

+const sessionByIdInclude = {
+  user: { select: { id: true, name: true, email: true } },
+  items: { orderBy: { order: 'asc' } as const },
+  actions: {
+    include: { links: { include: { swotItem: true } } },
+    orderBy: { createdAt: 'asc' } as const,
+  },
+  shares: { include: { user: { select: { id: true, name: true, email: true } } } },
+};
+
 export async function getSessionById(sessionId: string, userId: string) {
-  // Check if user owns the session, has it shared, or is team admin of owner
-  let session = await prisma.session.findFirst({
-    where: {
-      id: sessionId,
-      OR: [
-        { userId }, // Owner
-        { shares: { some: { userId } } }, // Shared with user
-      ],
-    },
-    include: {
-      user: { select: { id: true, name: true, email: true } },
-      items: {
-        orderBy: { order: 'asc' },
-      },
-      actions: {
-        include: {
-          links: {
-            include: {
-              swotItem: true,
-            },
-          },
-        },
-        orderBy: { createdAt: 'asc' },
-      },
-      shares: {
-        include: {
-          user: { select: { id: true, name: true, email: true } },
-        },
-      },
-    },
-  });
-
-  if (!session) {
-    // Fallback: team admin viewing team member's session
-    const raw = await prisma.session.findUnique({
-      where: { id: sessionId },
-      include: {
-        user: { select: { id: true, name: true, email: true } },
-        items: { orderBy: { order: 'asc' } },
-        actions: {
-          include: { links: { include: { swotItem: true } } },
-          orderBy: { createdAt: 'asc' },
-        },
-        shares: { include: { user: { select: { id: true, name: true, email: true } } } },
-      },
-    });
-    if (!raw || !(await isAdminOfUser(raw.userId, userId))) return null;
-    session = raw;
-  }
-
-  // Determine user's role
-  const isOwner = session.userId === userId;
-  const share = session.shares.find((s) => s.userId === userId);
-  const isAdminOfOwner = !isOwner && !share && (await isAdminOfUser(session.userId, userId));
-  const role = isOwner ? ('OWNER' as const) : share?.role || ('VIEWER' as const);
-  const canEdit = isOwner || role === 'EDITOR' || isAdminOfOwner;
-
-  // Resolve collaborator to user if it's an email
-  const resolvedCollaborator = await resolveCollaborator(session.collaborator);
-
-  return { ...session, isOwner, role, canEdit, resolvedCollaborator };
+  return getSessionByIdGeneric(
+    sessionId,
+    userId,
+    (sid, uid) =>
+      prisma.session.findFirst({
+        where: { id: sid, OR: [{ userId: uid }, { shares: { some: { userId: uid } } }] },
+        include: sessionByIdInclude,
+      }),
+    (sid) => prisma.session.findUnique({ where: { id: sid }, include: sessionByIdInclude }),
+    (s) => resolveCollaborator(s.collaborator).then((r) => ({ resolvedCollaborator: r }))
+  );
 }

-// Check if user can access session (owner, shared, or team admin of owner)
-export async function canAccessSession(sessionId: string, userId: string) {
-  const count = await prisma.session.count({
-    where: {
-      id: sessionId,
-      OR: [{ userId }, { shares: { some: { userId } } }],
-    },
-  });
-  if (count > 0) return true;
-  const session = await prisma.session.findUnique({
-    where: { id: sessionId },
-    select: { userId: true },
-  });
-  return session ? isAdminOfUser(session.userId, userId) : false;
-}
+const sessionPermissions = createSessionPermissionChecks(prisma.session);

-// Check if user can edit session (owner, EDITOR role, or team admin of owner)
-export async function canEditSession(sessionId: string, userId: string) {
-  const count = await prisma.session.count({
-    where: {
-      id: sessionId,
-      OR: [{ userId }, { shares: { some: { userId, role: 'EDITOR' } } }],
-    },
-  });
-  if (count > 0) return true;
-  const session = await prisma.session.findUnique({
-    where: { id: sessionId },
-    select: { userId: true },
-  });
-  return session ? isAdminOfUser(session.userId, userId) : false;
-}
+const sessionShareEvents = createShareAndEventHandlers<
+  | 'ITEM_CREATED'
+  | 'ITEM_UPDATED'
+  | 'ITEM_DELETED'
+  | 'ITEM_MOVED'
+  | 'ACTION_CREATED'
+  | 'ACTION_UPDATED'
+  | 'ACTION_DELETED'
+  | 'SESSION_UPDATED'
+>(
+  prisma.session,
+  prisma.sessionShare,
+  prisma.sessionEvent,
+  sessionPermissions.canAccess
+);

-// Check if user can delete session (owner or team admin only - NOT EDITOR)
-export async function canDeleteSession(sessionId: string, userId: string) {
-  const session = await prisma.session.findUnique({
-    where: { id: sessionId },
-    select: { userId: true },
-  });
-  if (!session) return false;
-  return session.userId === userId || isAdminOfUser(session.userId, userId);
-}
+export const canAccessSession = sessionPermissions.canAccess;
+export const canEditSession = sessionPermissions.canEdit;
+export const canDeleteSession = sessionPermissions.canDelete;

 export async function createSession(userId: string, data: { title: string; collaborator: string }) {
  return prisma.session.create({
@@ -456,77 +327,9 @@ export async function unlinkItemFromAction(actionId: string, swotItemId: string)
 // Session Sharing
 // ============================================

-export async function shareSession(
-  sessionId: string,
-  ownerId: string,
-  targetEmail: string,
-  role: ShareRole = 'EDITOR'
-) {
-  // Verify owner
-  const session = await prisma.session.findFirst({
-    where: { id: sessionId, userId: ownerId },
-  });
-  if (!session) {
-    throw new Error('Session not found or not owned');
-  }
-
-  // Find target user
-  const targetUser = await prisma.user.findUnique({
-    where: { email: targetEmail },
-  });
-  if (!targetUser) {
-    throw new Error('User not found');
-  }
-
-  // Can't share with yourself
-  if (targetUser.id === ownerId) {
-    throw new Error('Cannot share session with yourself');
-  }
-
-  // Create or update share
-  return prisma.sessionShare.upsert({
-    where: {
-      sessionId_userId: { sessionId, userId: targetUser.id },
-    },
-    update: { role },
-    create: {
-      sessionId,
-      userId: targetUser.id,
-      role,
-    },
-    include: {
-      user: { select: { id: true, name: true, email: true } },
-    },
-  });
-}
-
-export async function removeShare(sessionId: string, ownerId: string, shareUserId: string) {
-  // Verify owner
-  const session = await prisma.session.findFirst({
-    where: { id: sessionId, userId: ownerId },
-  });
-  if (!session) {
-    throw new Error('Session not found or not owned');
-  }
-
-  return prisma.sessionShare.deleteMany({
-    where: { sessionId, userId: shareUserId },
-  });
-}
-
-export async function getSessionShares(sessionId: string, userId: string) {
-  // Verify access
-  if (!(await canAccessSession(sessionId, userId))) {
-    throw new Error('Access denied');
-  }
-
-  return prisma.sessionShare.findMany({
-    where: { sessionId },
-    include: {
-      user: { select: { id: true, name: true, email: true } },
-    },
-  });
-}
+export const shareSession = sessionShareEvents.share;
+export const removeShare = sessionShareEvents.removeShare;
+export const getSessionShares = sessionShareEvents.getShares;

 // ============================================
 // Session Events (for real-time sync)
@@ -542,40 +345,6 @@ export type SessionEventType =
  | 'ACTION_DELETED'
  | 'SESSION_UPDATED';

-export async function createSessionEvent(
-  sessionId: string,
-  userId: string,
-  type: SessionEventType,
-  payload: Record<string, unknown>
-) {
-  return prisma.sessionEvent.create({
-    data: {
-      sessionId,
-      userId,
-      type,
-      payload: JSON.stringify(payload),
-    },
-  });
-}
-
-export async function getSessionEvents(sessionId: string, since?: Date) {
-  return prisma.sessionEvent.findMany({
-    where: {
-      sessionId,
-      ...(since && { createdAt: { gt: since } }),
-    },
-    include: {
-      user: { select: { id: true, name: true, email: true } },
-    },
-    orderBy: { createdAt: 'asc' },
-  });
-}
-
-export async function getLatestEventTimestamp(sessionId: string) {
-  const event = await prisma.sessionEvent.findFirst({
-    where: { sessionId },
-    orderBy: { createdAt: 'desc' },
-    select: { createdAt: true },
-  });
-  return event?.createdAt;
-}
+export const createSessionEvent = sessionShareEvents.createEvent;
+export const getSessionEvents = sessionShareEvents.getEvents;
+export const getLatestEventTimestamp = sessionShareEvents.getLatestEventTimestamp;