kindred/silo
1
1
Fork 0
Code Issues 30 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
afb382b68df68f1d6635054868a43a718136112c
silo/internal/api/routes.go
Forbes afb382b68d feat: LibreOffice Calc extension, ODS library, AI description, audit design 
Calc extension (pkg/calc/):
- Python UNO ProtocolHandler with 8 toolbar commands
- SiloClient HTTP client adapted from FreeCAD workbench
- Pull BOM/Project: populates sheets with 28-col format, hidden property
  columns, row hash tracking, auto project tagging
- Push: row classification, create/update items, conflict detection
- Completion wizard: 3-step category/description/fields with PN conflict
  resolution dialog
- OpenRouter AI integration: generate standardized descriptions from seller
  text, configurable model/instructions, review dialog
- Settings: JSON persistence, env var fallbacks, OpenRouter fields
- 31 unit tests (no UNO/network required)

Go ODS library (internal/ods/):
- Pure Go ODS read/write (ZIP of XML, no headless LibreOffice)
- Writer, reader, 10 round-trip tests

Server ODS endpoints (internal/api/ods.go):
- GET /api/items/export.ods, template.ods, POST import.ods
- GET /api/items/{pn}/bom/export.ods
- GET /api/projects/{code}/sheet.ods
- POST /api/sheets/diff

Documentation:
- docs/CALC_EXTENSION.md: extension progress report
- docs/COMPONENT_AUDIT.md: web audit tool design with weighted scoring,
  assembly computed fields, batch AI assistance plan
2026-02-01 10:06:20 -06:00

196 lines
6.6 KiB
Go
Raw Blame History

package api
import (
"net/http"
"github.com/go-chi/chi/v5"
"github.com/go-chi/chi/v5/middleware"
"github.com/go-chi/cors"
"github.com/kindredsystems/silo/internal/auth"
"github.com/rs/zerolog"
)
// NewRouter creates a new chi router with all routes registered.
func NewRouter(server *Server, logger zerolog.Logger) http.Handler {
r := chi.NewRouter()
// Base middleware stack
r.Use(middleware.RequestID)
r.Use(middleware.RealIP)
r.Use(RequestLogger(logger))
r.Use(Recoverer(logger))
// CORS: configurable origins, locked down when auth is enabled
corsOrigins := []string{"*"}
corsCredentials := false
if server.authConfig != nil && server.authConfig.Enabled {
if len(server.authConfig.CORS.AllowedOrigins) > 0 {
corsOrigins = server.authConfig.CORS.AllowedOrigins
}
corsCredentials = true
}
r.Use(cors.Handler(cors.Options{
AllowedOrigins: corsOrigins,
AllowedMethods: []string{"GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"},
AllowedHeaders: []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token", "X-Request-ID"},
ExposedHeaders: []string{"Link", "X-Request-ID"},
AllowCredentials: corsCredentials,
MaxAge: 300,
}))
// Session middleware (must come before auth middleware)
if server.sessions != nil {
r.Use(server.sessions.LoadAndSave)
}
// Web handler for HTML pages
webHandler, err := NewWebHandler(logger, server)
if err != nil {
logger.Fatal().Err(err).Msg("failed to create web handler")
}
// Health endpoints (no auth)
r.Get("/health", server.HandleHealth)
r.Get("/ready", server.HandleReady)
// Auth endpoints (no auth required)
r.Get("/login", server.HandleLoginPage)
r.Post("/login", server.HandleLogin)
r.Post("/logout", server.HandleLogout)
r.Get("/auth/oidc", server.HandleOIDCLogin)
r.Get("/auth/callback", server.HandleOIDCCallback)
// Web UI routes (require auth + CSRF)
r.Group(func(r chi.Router) {
r.Use(server.RequireAuth)
r.Use(server.CSRFProtect)
r.Get("/", webHandler.HandleIndex)
r.Get("/projects", webHandler.HandleProjectsPage)
r.Get("/schemas", webHandler.HandleSchemasPage)
r.Get("/settings", server.HandleSettingsPage)
r.Post("/settings/tokens", server.HandleCreateTokenWeb)
r.Post("/settings/tokens/{id}/revoke", server.HandleRevokeTokenWeb)
})
// API routes (require auth, no CSRF — token auth instead)
r.Route("/api", func(r chi.Router) {
r.Use(server.RequireAuth)
// Auth endpoints
r.Get("/auth/me", server.HandleGetCurrentUser)
r.Route("/auth/tokens", func(r chi.Router) {
r.Get("/", server.HandleListTokens)
r.Post("/", server.HandleCreateToken)
r.Delete("/{id}", server.HandleRevokeToken)
})
// Schemas (read: viewer, write: editor)
r.Route("/schemas", func(r chi.Router) {
r.Get("/", server.HandleListSchemas)
r.Get("/{name}", server.HandleGetSchema)
r.Get("/{name}/properties", server.HandleGetPropertySchema)
r.Group(func(r chi.Router) {
r.Use(server.RequireRole(auth.RoleEditor))
r.Route("/{name}/segments/{segment}/values", func(r chi.Router) {
r.Post("/", server.HandleAddSchemaValue)
r.Put("/{code}", server.HandleUpdateSchemaValue)
r.Delete("/{code}", server.HandleDeleteSchemaValue)
})
})
})
// Projects (read: viewer, write: editor)
r.Route("/projects", func(r chi.Router) {
r.Get("/", server.HandleListProjects)
r.Get("/{code}", server.HandleGetProject)
r.Get("/{code}/items", server.HandleGetProjectItems)
r.Get("/{code}/sheet.ods", server.HandleProjectSheetODS)
r.Group(func(r chi.Router) {
r.Use(server.RequireRole(auth.RoleEditor))
r.Post("/", server.HandleCreateProject)
r.Put("/{code}", server.HandleUpdateProject)
r.Delete("/{code}", server.HandleDeleteProject)
})
})
// Items (read: viewer, write: editor)
r.Route("/items", func(r chi.Router) {
r.Get("/", server.HandleListItems)
r.Get("/search", server.HandleFuzzySearch)
r.Get("/export.csv", server.HandleExportCSV)
r.Get("/template.csv", server.HandleCSVTemplate)
r.Get("/export.ods", server.HandleExportODS)
r.Get("/template.ods", server.HandleODSTemplate)
r.Group(func(r chi.Router) {
r.Use(server.RequireRole(auth.RoleEditor))
r.Post("/", server.HandleCreateItem)
r.Post("/import", server.HandleImportCSV)
r.Post("/import.ods", server.HandleImportODS)
})
r.Route("/{partNumber}", func(r chi.Router) {
r.Get("/", server.HandleGetItem)
r.Get("/projects", server.HandleGetItemProjects)
r.Get("/revisions", server.HandleListRevisions)
r.Get("/revisions/compare", server.HandleCompareRevisions)
r.Get("/revisions/{revision}", server.HandleGetRevision)
r.Get("/file", server.HandleDownloadLatestFile)
r.Get("/file/{revision}", server.HandleDownloadFile)
r.Get("/bom", server.HandleGetBOM)
r.Get("/bom/expanded", server.HandleGetExpandedBOM)
r.Get("/bom/where-used", server.HandleGetWhereUsed)
r.Get("/bom/export.csv", server.HandleExportBOMCSV)
r.Get("/bom/export.ods", server.HandleExportBOMODS)
r.Group(func(r chi.Router) {
r.Use(server.RequireRole(auth.RoleEditor))
r.Put("/", server.HandleUpdateItem)
r.Delete("/", server.HandleDeleteItem)
r.Post("/projects", server.HandleAddItemProjects)
r.Delete("/projects/{code}", server.HandleRemoveItemProject)
r.Post("/revisions", server.HandleCreateRevision)
r.Patch("/revisions/{revision}", server.HandleUpdateRevision)
r.Post("/revisions/{revision}/rollback", server.HandleRollbackRevision)
r.Post("/file", server.HandleUploadFile)
r.Post("/bom", server.HandleAddBOMEntry)
r.Post("/bom/import", server.HandleImportBOMCSV)
r.Put("/bom/{childPartNumber}", server.HandleUpdateBOMEntry)
r.Delete("/bom/{childPartNumber}", server.HandleDeleteBOMEntry)
})
})
})
// Integrations (read: viewer, write: editor)
r.Route("/integrations/odoo", func(r chi.Router) {
r.Get("/config", server.HandleGetOdooConfig)
r.Get("/sync-log", server.HandleGetOdooSyncLog)
r.Group(func(r chi.Router) {
r.Use(server.RequireRole(auth.RoleEditor))
r.Put("/config", server.HandleUpdateOdooConfig)
r.Post("/test-connection", server.HandleTestOdooConnection)
r.Post("/sync/push/{partNumber}", server.HandleOdooPush)
r.Post("/sync/pull/{odooId}", server.HandleOdooPull)
})
})
// Sheets (editor)
r.Group(func(r chi.Router) {
r.Use(server.RequireRole(auth.RoleEditor))
r.Post("/sheets/diff", server.HandleSheetDiff)
})
// Part number generation (editor)
r.Group(func(r chi.Router) {
r.Use(server.RequireRole(auth.RoleEditor))
r.Post("/generate-part-number", server.HandleGeneratePartNumber)
})
})
return r
}
Reference in New Issue View Git Blame Copy Permalink