- Changed chatAssetTypeToDatabaseAssetType to a Partial<Record> for better type safety.
- Updated convertChatAssetTypeToDatabaseAssetType to throw an error for unmapped asset types.
- Modified downloadMetricFileHandler tests to use fake timers and improve timeout handling.
- Updated report sharing endpoint to use SharePermissionsUpdateRequest for better clarity.
- Renamed schemas in server-shared for backward compatibility while maintaining clarity.
- Adjusted GetTitleRequestSchema to restrict asset types to those supporting title retrieval.
- Added permission checks to metric file download handler
- Added permission checks to export-metric-data trigger task
- Created comprehensive tests for access control integration
- Updated AssetType enums to include report_file
- Resolved export conflicts in server-shared package
- Fixed AI package imports for new getPermissionedDatasets API
- Combined asset type enums from both branches
- Merged all database query exports
- Integrated access-controls package into server-shared
- Resolved conflicts in AI package instructions
- Introduced new API endpoint for downloading metric files as CSV.
- Implemented export logic to handle large datasets (up to 1 million rows) and generate presigned URLs for secure downloads.
- Added cleanup task to remove exported files from R2 storage after 60 seconds.
- Updated environment configuration to include Cloudflare R2 credentials.
- Enhanced error handling for various export scenarios.
- Refactored related database queries and schemas for better integration.
- Updated documentation for new features and usage instructions.
- Replace ReportElementsSchema with z.any() cast to ReportElements type
- Avoid complex Zod schema inference that exceeds TypeScript serialization limits
- Maintain type safety through explicit type annotations while fixing CI compilation
Co-Authored-By: nate@buster.so <nate@buster.so>
- Use BaseReportSchema.extend() pattern to break down complex type inference
- Separate content field extension to avoid 'type exceeds maximum length' errors
- Maintain same API contract while fixing CI compilation issues
Co-Authored-By: nate@buster.so <nate@buster.so>
- Add Report schema extending ReportElements with metadata fields
- Create GET /api/v2/reports endpoint with pagination
- Create PUT /api/v2/reports/:id endpoint for updates
- Use stubbed data responses following established patterns
- Follow modular route structure and Zod-first validation
Co-Authored-By: nate@buster.so <nate@buster.so>
- Fixed permission hierarchy: full_access (5) now correctly ranks higher than viewer (3)
- Removed 'querier' role from admin permission check as it was too permissive
- Added organizationId parameter to dashboard access checks to prevent unauthorized access
- Fixed public dashboard expiry date check to verify dates are in the future
- Added cycle detection for collection permissions to prevent infinite recursion
- Fixed bulk remove permissions to correctly filter by identityIds array
- Updated date comparison to use ISO string format for PostgreSQL timestamp columns
These fixes address critical security and logic issues identified in the PR review.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fixed AssetTypeSchema to include all active asset types (excluding deprecated 'metric' and 'dashboard')
- Added missing 'restricted_querier' role to UserOrganizationRole type
- Fixed dataset access caching to store full result object including accessPath and userRole
- Updated count query to use SQL COUNT for better performance
- Fixed IdentityType consistency across dataset permissions
- Removed unused 'ne' import from list-asset-permissions.ts
- Updated comments to correctly reference 6 access paths instead of 5
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
dal
Nate Kelley
Devin AI