Fix UserController permission serialization and include current updates

src/api/procurement/[id]/fetch.ts

@@ -0,0 +1,25 @@
+import { createRoute } from "../../../modules/api-utils/createRoute";
+import { procurement } from "../../../managers/procurement";
+import { apiResponse } from "../../../modules/api-utils/apiResponse";
+import { ContentfulStatusCode } from "hono/utils/http-status";
+import { authMiddleware } from "../../middleware/authorization";
+
+/* /v1/procurement/items/:identifier */
+export default createRoute(
+  "get",
+  ["/items/:identifier"],
+  async (c) => {
+    const identifier = c.req.param("identifier");
+    const includeLinkedItems = c.req.query("includeLinkedItems") === "true";
+
+    const item = await procurement.fetchItem(identifier);
+
+    const response = apiResponse.successful(
+      "Catalog item fetched successfully!",
+      item.toJson({ includeLinkedItems }),
+    );
+
+    return c.json(response, response.status as ContentfulStatusCode);
+  },
+  authMiddleware({ permissions: ["procurement.catalog.fetch"] }),
+);

src/api/procurement/[id]/fetchLinked.ts

@@ -0,0 +1,25 @@
+import { createRoute } from "../../../modules/api-utils/createRoute";
+import { procurement } from "../../../managers/procurement";
+import { apiResponse } from "../../../modules/api-utils/apiResponse";
+import { ContentfulStatusCode } from "hono/utils/http-status";
+import { authMiddleware } from "../../middleware/authorization";
+
+/* GET /v1/procurement/items/:identifier/linked */
+export default createRoute(
+  "get",
+  ["/items/:identifier/linked"],
+  async (c) => {
+    const identifier = c.req.param("identifier");
+    const item = await procurement.fetchItem(identifier);
+
+    const linkedItems = item.getLinkedItems().map((linked) => linked.toJson());
+
+    const response = apiResponse.successful(
+      "Linked catalog items fetched successfully!",
+      linkedItems,
+    );
+
+    return c.json(response, response.status as ContentfulStatusCode);
+  },
+  authMiddleware({ permissions: ["procurement.catalog.fetch"] }),
+);

src/api/procurement/[id]/link.ts

@@ -0,0 +1,28 @@
+import { createRoute } from "../../../modules/api-utils/createRoute";
+import { procurement } from "../../../managers/procurement";
+import { apiResponse } from "../../../modules/api-utils/apiResponse";
+import { ContentfulStatusCode } from "hono/utils/http-status";
+import { authMiddleware } from "../../middleware/authorization";
+import { z } from "zod";
+
+/* POST /v1/procurement/items/:identifier/link */
+export default createRoute(
+  "post",
+  ["/items/:identifier/link"],
+  async (c) => {
+    const identifier = c.req.param("identifier");
+    const body = await c.req.json();
+    const schema = z.object({ targetId: z.string() }).strict();
+    const { targetId } = schema.parse(body);
+
+    const item = await procurement.linkItems(identifier, targetId);
+
+    const response = apiResponse.successful(
+      "Catalog item linked successfully!",
+      item.toJson({ includeLinkedItems: true }),
+    );
+
+    return c.json(response, response.status as ContentfulStatusCode);
+  },
+  authMiddleware({ permissions: ["procurement.catalog.link"] }),
+);

src/api/procurement/[id]/refreshInventory.ts

@@ -0,0 +1,25 @@
+import { createRoute } from "../../../modules/api-utils/createRoute";
+import { procurement } from "../../../managers/procurement";
+import { apiResponse } from "../../../modules/api-utils/apiResponse";
+import { ContentfulStatusCode } from "hono/utils/http-status";
+import { authMiddleware } from "../../middleware/authorization";
+
+/* /v1/procurement/items/:identifier/refresh-inventory */
+export default createRoute(
+  "post",
+  ["/items/:identifier/refresh-inventory"],
+  async (c) => {
+    const identifier = c.req.param("identifier");
+    const item = await procurement.fetchItem(identifier);
+
+    await item.refreshInventory();
+
+    const response = apiResponse.successful(
+      "Inventory refreshed successfully!",
+      item.toJson(),
+    );
+
+    return c.json(response, response.status as ContentfulStatusCode);
+  },
+  authMiddleware({ permissions: ["procurement.catalog.inventory.refresh"] }),
+);

src/api/procurement/[id]/unlink.ts

@@ -0,0 +1,28 @@
+import { createRoute } from "../../../modules/api-utils/createRoute";
+import { procurement } from "../../../managers/procurement";
+import { apiResponse } from "../../../modules/api-utils/apiResponse";
+import { ContentfulStatusCode } from "hono/utils/http-status";
+import { authMiddleware } from "../../middleware/authorization";
+import { z } from "zod";
+
+/* POST /v1/procurement/items/:identifier/unlink */
+export default createRoute(
+  "post",
+  ["/items/:identifier/unlink"],
+  async (c) => {
+    const identifier = c.req.param("identifier");
+    const body = await c.req.json();
+    const schema = z.object({ targetId: z.string() }).strict();
+    const { targetId } = schema.parse(body);
+
+    const item = await procurement.unlinkItems(identifier, targetId);
+
+    const response = apiResponse.successful(
+      "Catalog item unlinked successfully!",
+      item.toJson({ includeLinkedItems: true }),
+    );
+
+    return c.json(response, response.status as ContentfulStatusCode);
+  },
+  authMiddleware({ permissions: ["procurement.catalog.link"] }),
+);