feat: Implement notification edge functions

supabase/functions/notify-system-announcement/index.ts

@@ -0,0 +1,183 @@
+import { serve } from "https://deno.land/std@0.168.0/http/server.ts";
+import { createClient } from "https://esm.sh/@supabase/supabase-js@2.57.4";
+import { startRequest, endRequest } from "../_shared/logger.ts";
+
+const corsHeaders = {
+  'Access-Control-Allow-Origin': '*',
+  'Access-Control-Allow-Headers': 'authorization, x-client-info, apikey, content-type, x-request-id',
+};
+
+interface AnnouncementPayload {
+  title: string;
+  message: string;
+  severity: 'info' | 'warning' | 'critical';
+  actionUrl?: string;
+}
+
+serve(async (req) => {
+  if (req.method === 'OPTIONS') {
+    return new Response(null, { headers: corsHeaders });
+  }
+
+  const tracking = startRequest('notify-system-announcement');
+
+  try {
+    const supabaseUrl = Deno.env.get('SUPABASE_URL')!;
+    const supabaseServiceKey = Deno.env.get('SUPABASE_SERVICE_ROLE_KEY')!;
+    
+    const supabase = createClient(supabaseUrl, supabaseServiceKey);
+
+    // Get authorization header
+    const authHeader = req.headers.get('authorization');
+    if (!authHeader) {
+      throw new Error('Authorization header required');
+    }
+
+    // Verify user is admin or superuser
+    const token = authHeader.replace('Bearer ', '');
+    const { data: { user }, error: authError } = await supabase.auth.getUser(token);
+    
+    if (authError || !user) {
+      throw new Error('Unauthorized: Invalid token');
+    }
+
+    // Check user role
+    const { data: roles, error: roleError } = await supabase
+      .from('user_roles')
+      .select('role')
+      .eq('user_id', user.id)
+      .in('role', ['admin', 'superuser']);
+
+    if (roleError || !roles || roles.length === 0) {
+      throw new Error('Unauthorized: Admin or superuser role required');
+    }
+
+    // Get user profile for logging
+    const { data: profile } = await supabase
+      .from('profiles')
+      .select('username, display_name')
+      .eq('user_id', user.id)
+      .single();
+
+    const payload: AnnouncementPayload = await req.json();
+
+    // Validate required fields
+    if (!payload.title || !payload.message || !payload.severity) {
+      throw new Error('Missing required fields: title, message, or severity');
+    }
+
+    if (!['info', 'warning', 'critical'].includes(payload.severity)) {
+      throw new Error('Invalid severity level. Must be: info, warning, or critical');
+    }
+
+    console.log('Processing system announcement:', {
+      title: payload.title,
+      severity: payload.severity,
+      publishedBy: profile?.username || 'unknown',
+      requestId: tracking.requestId
+    });
+
+    // Fetch the workflow ID for system announcements
+    const { data: template, error: templateError } = await supabase
+      .from('notification_templates')
+      .select('workflow_id')
+      .eq('workflow_id', 'system-announcement')
+      .eq('is_active', true)
+      .maybeSingle();
+
+    if (templateError) {
+      console.error('Error fetching workflow:', templateError);
+      throw new Error(`Failed to fetch workflow: ${templateError.message}`);
+    }
+
+    if (!template) {
+      console.warn('No active system-announcement workflow found');
+      return new Response(
+        JSON.stringify({
+          success: false,
+          error: 'No active system-announcement workflow configured',
+        }),
+        {
+          headers: { ...corsHeaders, 'Content-Type': 'application/json' },
+          status: 400,
+        }
+      );
+    }
+
+    const announcementId = crypto.randomUUID();
+    const publishedAt = new Date().toISOString();
+    const publishedBy = profile?.display_name || profile?.username || 'System Admin';
+
+    // Build notification payload for all users
+    const notificationPayload = {
+      announcementId,
+      title: payload.title,
+      message: payload.message,
+      severity: payload.severity,
+      actionUrl: payload.actionUrl || '',
+      publishedAt,
+      publishedBy,
+    };
+
+    console.log('Triggering announcement to all users via "users" topic');
+
+    // Invoke the trigger-notification function with users topic
+    const { data: result, error: notifyError } = await supabase.functions.invoke(
+      'trigger-notification',
+      {
+        body: {
+          workflowId: template.workflow_id,
+          topicKey: 'users',
+          payload: notificationPayload,
+        },
+      }
+    );
+
+    if (notifyError) {
+      console.error('Error triggering notification:', notifyError);
+      throw notifyError;
+    }
+
+    console.log('System announcement triggered successfully:', result);
+
+    endRequest(tracking, 200);
+
+    return new Response(
+      JSON.stringify({
+        success: true,
+        transactionId: result?.transactionId,
+        announcementId,
+        payload: notificationPayload,
+        requestId: tracking.requestId
+      }),
+      {
+        headers: { 
+          ...corsHeaders, 
+          'Content-Type': 'application/json',
+          'X-Request-ID': tracking.requestId
+        },
+        status: 200,
+      }
+    );
+  } catch (error: any) {
+    console.error('Error in notify-system-announcement:', error);
+    
+    endRequest(tracking, error.message.includes('Unauthorized') ? 403 : 500, error.message);
+
+    return new Response(
+      JSON.stringify({
+        success: false,
+        error: error.message,
+        requestId: tracking.requestId
+      }),
+      {
+        headers: { 
+          ...corsHeaders, 
+          'Content-Type': 'application/json',
+          'X-Request-ID': tracking.requestId
+        },
+        status: error.message.includes('Unauthorized') ? 403 : 500,
+      }
+    );
+  }
+});