paperclip/server/src/routes/activity.ts

import { Router } from "express";
import { z } from "zod";
import type { Db } from "@paperclip/db";
import { validate } from "../middleware/validate.js";
import { activityService } from "../services/activity.js";
import { assertBoard, assertCompanyAccess } from "./authz.js";

const createActivitySchema = z.object({
  actorType: z.enum(["agent", "user", "system"]).optional().default("system"),
  actorId: z.string().min(1),
  action: z.string().min(1),
  entityType: z.string().min(1),
  entityId: z.string().min(1),
  agentId: z.string().uuid().optional().nullable(),
  details: z.record(z.unknown()).optional().nullable(),
});

export function activityRoutes(db: Db) {
  const router = Router();
  const svc = activityService(db);

  router.get("/companies/:companyId/activity", async (req, res) => {
    const companyId = req.params.companyId as string;
    assertCompanyAccess(req, companyId);

    const filters = {
      companyId,
      agentId: req.query.agentId as string | undefined,
      entityType: req.query.entityType as string | undefined,
      entityId: req.query.entityId as string | undefined,
    };
    const result = await svc.list(filters);
    res.json(result);
  });

  router.post("/companies/:companyId/activity", validate(createActivitySchema), async (req, res) => {
    assertBoard(req);
    const companyId = req.params.companyId as string;
    const event = await svc.create({
      companyId,
      ...req.body,
    });
    res.status(201).json(event);
  });

  return router;
}
Add API server with routes, services, and middleware Express server with CRUD routes for agents, goals, issues, projects, and activity log. Includes validation middleware, structured error handling, request logging, and health check endpoint with tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-16 13:31:58 -06:00			`import { Router } from "express";`
			`import { z } from "zod";`
			`import type { Db } from "@paperclip/db";`
			`import { validate } from "../middleware/validate.js";`
			`import { activityService } from "../services/activity.js";`
Add server routes for companies, approvals, costs, and dashboard New routes: companies, approvals, costs, dashboard, authz. New services: companies, approvals, costs, dashboard, heartbeat, activity-log. Add auth middleware and structured error handling. Expand existing agent and issue routes with richer CRUD operations. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-17 09:07:27 -06:00			`import { assertBoard, assertCompanyAccess } from "./authz.js";`
Add API server with routes, services, and middleware Express server with CRUD routes for agents, goals, issues, projects, and activity log. Includes validation middleware, structured error handling, request logging, and health check endpoint with tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-16 13:31:58 -06:00
			`const createActivitySchema = z.object({`
Add server routes for companies, approvals, costs, and dashboard New routes: companies, approvals, costs, dashboard, authz. New services: companies, approvals, costs, dashboard, heartbeat, activity-log. Add auth middleware and structured error handling. Expand existing agent and issue routes with richer CRUD operations. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-17 09:07:27 -06:00			`actorType: z.enum(["agent", "user", "system"]).optional().default("system"),`
			`actorId: z.string().min(1),`
Add API server with routes, services, and middleware Express server with CRUD routes for agents, goals, issues, projects, and activity log. Includes validation middleware, structured error handling, request logging, and health check endpoint with tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-16 13:31:58 -06:00			`action: z.string().min(1),`
			`entityType: z.string().min(1),`
Add server routes for companies, approvals, costs, and dashboard New routes: companies, approvals, costs, dashboard, authz. New services: companies, approvals, costs, dashboard, heartbeat, activity-log. Add auth middleware and structured error handling. Expand existing agent and issue routes with richer CRUD operations. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-17 09:07:27 -06:00			`entityId: z.string().min(1),`
Add API server with routes, services, and middleware Express server with CRUD routes for agents, goals, issues, projects, and activity log. Includes validation middleware, structured error handling, request logging, and health check endpoint with tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-16 13:31:58 -06:00			`agentId: z.string().uuid().optional().nullable(),`
			`details: z.record(z.unknown()).optional().nullable(),`
			`});`

			`export function activityRoutes(db: Db) {`
			`const router = Router();`
			`const svc = activityService(db);`

Add server routes for companies, approvals, costs, and dashboard New routes: companies, approvals, costs, dashboard, authz. New services: companies, approvals, costs, dashboard, heartbeat, activity-log. Add auth middleware and structured error handling. Expand existing agent and issue routes with richer CRUD operations. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-17 09:07:27 -06:00			`router.get("/companies/:companyId/activity", async (req, res) => {`
			`const companyId = req.params.companyId as string;`
			`assertCompanyAccess(req, companyId);`

Add API server with routes, services, and middleware Express server with CRUD routes for agents, goals, issues, projects, and activity log. Includes validation middleware, structured error handling, request logging, and health check endpoint with tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-16 13:31:58 -06:00			`const filters = {`
Add server routes for companies, approvals, costs, and dashboard New routes: companies, approvals, costs, dashboard, authz. New services: companies, approvals, costs, dashboard, heartbeat, activity-log. Add auth middleware and structured error handling. Expand existing agent and issue routes with richer CRUD operations. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-17 09:07:27 -06:00			`companyId,`
Add API server with routes, services, and middleware Express server with CRUD routes for agents, goals, issues, projects, and activity log. Includes validation middleware, structured error handling, request logging, and health check endpoint with tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-16 13:31:58 -06:00			`agentId: req.query.agentId as string \| undefined,`
			`entityType: req.query.entityType as string \| undefined,`
			`entityId: req.query.entityId as string \| undefined,`
			`};`
			`const result = await svc.list(filters);`
			`res.json(result);`
			`});`

Add server routes for companies, approvals, costs, and dashboard New routes: companies, approvals, costs, dashboard, authz. New services: companies, approvals, costs, dashboard, heartbeat, activity-log. Add auth middleware and structured error handling. Expand existing agent and issue routes with richer CRUD operations. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-17 09:07:27 -06:00			`router.post("/companies/:companyId/activity", validate(createActivitySchema), async (req, res) => {`
			`assertBoard(req);`
			`const companyId = req.params.companyId as string;`
			`const event = await svc.create({`
			`companyId,`
			`...req.body,`
			`});`
Add API server with routes, services, and middleware Express server with CRUD routes for agents, goals, issues, projects, and activity log. Includes validation middleware, structured error handling, request logging, and health check endpoint with tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-16 13:31:58 -06:00			`res.status(201).json(event);`
			`});`

			`return router;`
			`}`