paperclip/server/src/routes/sidebar-preferences.ts

import { Router, type Request, type Response } from "express";
import type { Db } from "@paperclipai/db";
import { upsertSidebarOrderPreferenceSchema } from "@paperclipai/shared";
import { validate } from "../middleware/validate.js";
import { logActivity, sidebarPreferenceService } from "../services/index.js";
import { assertBoard, assertCompanyAccess, getActorInfo } from "./authz.js";

function requireBoardUserId(req: Request, res: Response): string | null {
  assertBoard(req);
  if (!req.actor.userId) {
    res.status(403).json({ error: "Board user context required" });
    return null;
  }
  return req.actor.userId;
}

export function sidebarPreferenceRoutes(db: Db) {
  const router = Router();
  const svc = sidebarPreferenceService(db);

  router.get("/sidebar-preferences/me", async (req, res) => {
    const userId = requireBoardUserId(req, res);
    if (!userId) return;
    res.json(await svc.getCompanyOrder(userId));
  });

  router.put("/sidebar-preferences/me", validate(upsertSidebarOrderPreferenceSchema), async (req, res) => {
    const userId = requireBoardUserId(req, res);
    if (!userId) return;
    res.json(await svc.upsertCompanyOrder(userId, req.body.orderedIds));
  });

  router.get("/companies/:companyId/sidebar-preferences/me", async (req, res) => {
    const companyId = req.params.companyId as string;
    assertCompanyAccess(req, companyId);
    const userId = requireBoardUserId(req, res);
    if (!userId) return;
    res.json(await svc.getProjectOrder(companyId, userId));
  });

  router.put(
    "/companies/:companyId/sidebar-preferences/me",
    validate(upsertSidebarOrderPreferenceSchema),
    async (req, res) => {
      const companyId = req.params.companyId as string;
      assertCompanyAccess(req, companyId);
      const userId = requireBoardUserId(req, res);
      if (!userId) return;

      const result = await svc.upsertProjectOrder(companyId, userId, req.body.orderedIds);
      const actor = getActorInfo(req);
      await logActivity(db, {
        companyId,
        actorType: actor.actorType,
        actorId: actor.actorId,
        agentId: actor.agentId,
        runId: actor.runId,
        action: "sidebar_preferences.project_order_updated",
        entityType: "company",
        entityId: companyId,
        details: {
          userId,
          orderedIds: result.orderedIds,
        },
      });
      res.json(result);
    },
  );

  return router;
}
[codex] Improve workspace runtime and navigation ergonomics (#3680) ## Thinking Path > - Paperclip orchestrates AI agents for zero-human companies > - That operator experience depends not just on issue chat, but also on how workspaces, inbox groups, and navigation state behave over long-running sessions > - The current branch included a separate cluster of workspace-runtime controls, inbox grouping, sidebar ordering, and worktree lifecycle fixes > - Those changes cross server, shared contracts, database state, and UI navigation, but they still form one coherent operator workflow area > - This pull request isolates the workspace/runtime and navigation ergonomics work into one standalone branch > - The benefit is better workspace recovery and navigation persistence without forcing reviewers through the unrelated issue-detail/chat work ## What Changed - Improved execution workspace and project workspace controls, request wiring, layout, and JSON editor ergonomics - Hardened linked worktree reuse/startup behavior and documented the `worktree repair` flow for recovering linked worktrees safely - Added inbox workspace grouping, mobile collapse, archive undo, keyboard navigation, shared group-header styling, and persisted collapsed-group behavior - Added persistent sidebar order preferences with the supporting DB migration, shared/server contracts, routes, services, hooks, and UI integration - Scoped issue-list preferences by context and added targeted UI/server tests for workspace controls, inbox behavior, sidebar preferences, and worktree validation ## Verification - `pnpm vitest run server/src/__tests__/sidebar-preferences-routes.test.ts ui/src/pages/Inbox.test.tsx ui/src/components/ProjectWorkspaceSummaryCard.test.tsx ui/src/components/WorkspaceRuntimeControls.test.tsx ui/src/api/workspace-runtime-control.test.ts` - `server/src/__tests__/workspace-runtime.test.ts` was attempted, but the embedded Postgres suite self-skipped/hung on this host after reporting an init-script issue, so it is not counted as a local pass here ## Risks - Medium: this branch includes migration-backed preference storage plus worktree/runtime behavior, so merge review should pay attention to state persistence and worktree recovery semantics - The sidebar preference migration is standalone, but it should still be watched for conflicts if another migration lands first ## Model Used - OpenAI Codex coding agent (GPT-5-class runtime in Codex CLI; exact deployed model ID is not exposed in this environment), reasoning enabled, tool use and local code execution enabled ## Checklist - [x] I have included a thinking path that traces from project context to this change - [x] I have specified the model used (with version and capability details) - [ ] I have run tests locally and they pass - [x] I have added or updated tests where applicable - [ ] If this change affects the UI, I have included before/after screenshots - [x] I have updated relevant documentation to reflect my changes - [x] I have considered and documented any risks above - [x] I will address all Greptile and reviewer comments before requesting merge --------- Co-authored-by: Paperclip <noreply@paperclip.ing> 2026-04-14 12:57:11 -05:00			`import { Router, type Request, type Response } from "express";`
			`import type { Db } from "@paperclipai/db";`
			`import { upsertSidebarOrderPreferenceSchema } from "@paperclipai/shared";`
			`import { validate } from "../middleware/validate.js";`
			`import { logActivity, sidebarPreferenceService } from "../services/index.js";`
			`import { assertBoard, assertCompanyAccess, getActorInfo } from "./authz.js";`

			`function requireBoardUserId(req: Request, res: Response): string \| null {`
			`assertBoard(req);`
			`if (!req.actor.userId) {`
			`res.status(403).json({ error: "Board user context required" });`
			`return null;`
			`}`
			`return req.actor.userId;`
			`}`

			`export function sidebarPreferenceRoutes(db: Db) {`
			`const router = Router();`
			`const svc = sidebarPreferenceService(db);`

			`router.get("/sidebar-preferences/me", async (req, res) => {`
			`const userId = requireBoardUserId(req, res);`
			`if (!userId) return;`
			`res.json(await svc.getCompanyOrder(userId));`
			`});`

			`router.put("/sidebar-preferences/me", validate(upsertSidebarOrderPreferenceSchema), async (req, res) => {`
			`const userId = requireBoardUserId(req, res);`
			`if (!userId) return;`
			`res.json(await svc.upsertCompanyOrder(userId, req.body.orderedIds));`
			`});`

			`router.get("/companies/:companyId/sidebar-preferences/me", async (req, res) => {`
			`const companyId = req.params.companyId as string;`
			`assertCompanyAccess(req, companyId);`
			`const userId = requireBoardUserId(req, res);`
			`if (!userId) return;`
			`res.json(await svc.getProjectOrder(companyId, userId));`
			`});`

			`router.put(`
			`"/companies/:companyId/sidebar-preferences/me",`
			`validate(upsertSidebarOrderPreferenceSchema),`
			`async (req, res) => {`
			`const companyId = req.params.companyId as string;`
			`assertCompanyAccess(req, companyId);`
			`const userId = requireBoardUserId(req, res);`
			`if (!userId) return;`

			`const result = await svc.upsertProjectOrder(companyId, userId, req.body.orderedIds);`
			`const actor = getActorInfo(req);`
			`await logActivity(db, {`
			`companyId,`
			`actorType: actor.actorType,`
			`actorId: actor.actorId,`
			`agentId: actor.agentId,`
			`runId: actor.runId,`
			`action: "sidebar_preferences.project_order_updated",`
			`entityType: "company",`
			`entityId: companyId,`
			`details: {`
			`userId,`
			`orderedIds: result.orderedIds,`
			`},`
			`});`
			`res.json(result);`
			`},`
			`);`

			`return router;`
			`}`