Phase8: Auto bill credit card

2026-05-28 23:27:32 +02:00
parent 1741574eb2
commit a6ed74b1be
12 changed files with 288 additions and 69 deletions
--- a/src/app/api/admin/requests/[id]/approve/route.ts
+++ b/src/app/api/admin/requests/[id]/approve/route.ts
@@ -4,14 +4,12 @@ import {
  getTenantRequestById,
  updateTenantRequestStatus,
  clearEncryptedSecrets,
-  recordTenantCreated,
-  recordSkillEvents,
-  recordSuspensionEvent,
 } from "@/lib/db";
 import { createTenant, patchTenantSpec, setTenantAnnotation } from "@/lib/k8s";
 import { sendApprovalEmail, sendResumeApprovalEmail } from "@/lib/email";
 import { decryptSecrets } from "@/lib/crypto";
 import { writePackageSecrets } from "@/lib/openbao";
+import { createRoute as createRelayRoute } from "@/lib/threema-relay";
 import {
  getDefaultSoulMd,
  getDefaultAgentsMd,
@@ -88,23 +86,6 @@ export async function POST(
    }
    try {
      await patchTenantSpec(tenantRequest.tenantName, { suspend: false });
-
-      // Billing — Phase 1: record the resume so monthly proration
-      // counts the suspended segment correctly. Best-effort; if
-      // logging fails, the approval still succeeds.
-      try {
-        await recordSuspensionEvent(
-          tenantRequest.tenantName,
-          tenantRequest.zitadelOrgId,
-          "resumed"
-        );
-      } catch (e) {
-        console.error(
-          "billing: failed to record resumed suspension event:",
-          e
-        );
-      }
-
      // Clear the annotation that pauses the operator's 60-day TTL.
      // Best-effort — annotation cleanup is also done by the operator
      // when it sees suspend=false on the next reconcile (it clears
@@ -197,6 +178,29 @@ export async function POST(
          ? tenantRequest.contactName || "Assistant"
          : tenantRequest.companyName;

+    // Phase 9b: split the customer's initial channel-user ids into
+    //   (a) ids the operator needs in spec.channelUsers (telegram,
+    //       discord, …) — passed straight into createTenant
+    //   (b) Threema ids that ALSO need a relay route registered so
+    //       inbound messages reach this tenant. Threema is in (a)
+    //       AND (b): spec.channelUsers tells the operator the id is
+    //       authorized; the relay's route maps inbound traffic from
+    //       that id to this tenant.
+    const initialChannelUsers = tenantRequest.channelUsers ?? {};
+    // Strip channels the customer didn't actually enable (defensive
+    // — the wizard already filters this, but the row could carry
+    // stale data if the customer edited their request post-submit).
+    const filteredChannelUsers: Record<string, string[]> = {};
+    for (const [channel, ids] of Object.entries(initialChannelUsers)) {
+      if (!packages.includes(channel)) continue;
+      const cleaned = (ids ?? [])
+        .map((s) => (s ?? "").trim())
+        .filter((s) => s.length > 0);
+      if (cleaned.length > 0) {
+        filteredChannelUsers[channel] = cleaned;
+      }
+    }
+
    await createTenant(
      tenantName,
      {
@@ -204,6 +208,9 @@ export async function POST(
        agentName: tenantRequest.agentName,
        packages,
        workspaceFiles,
+        ...(Object.keys(filteredChannelUsers).length > 0
+          ? { channelUsers: filteredChannelUsers }
+          : {}),
      },
      {
        "pieced.ch/zitadel-org-id": tenantRequest.zitadelOrgId,
@@ -219,33 +226,33 @@ export async function POST(
      }
    );

-    // Billing — Phase 1: record the tenant's creation and initial
-    // package state. Anchored at "now" rather than the CR's
-    // creationTimestamp because we don't get the timestamp back from
-    // createTenant — the few-millisecond skew vs the CR's actual
-    // creationTimestamp is irrelevant for monthly billing.
-    //
-    // Best-effort: tracking failures must never block provisioning.
-    // The backfill helper can repair any gaps later if needed.
-    const billingAnchor = new Date();
-    try {
-      await recordTenantCreated(
-        tenantName,
-        tenantRequest.zitadelOrgId,
-        billingAnchor
-      );
-      await recordSkillEvents(
-        tenantName,
-        tenantRequest.zitadelOrgId,
-        packages,
-        [],
-        billingAnchor
-      );
-    } catch (e) {
-      console.error(
-        "billing: failed to record tenant creation / initial skill events:",
-        e
-      );
+    // Threema: register relay routes for each id the customer
+    // entered. Best-effort — a route failure doesn't unwind the
+    // tenant creation (admin can retry from the tenant page later).
+    // The Threema package itself isn't enabled on the tenant until
+    // the customer toggles it from the tenant detail page (which
+    // also mints the per-tenant token); the routes here pre-warm
+    // the relay so the first toggle works without re-typing the id.
+    if (
+      packages.includes("threema") &&
+      filteredChannelUsers.threema &&
+      filteredChannelUsers.threema.length > 0
+    ) {
+      for (const tid of filteredChannelUsers.threema) {
+        try {
+          const res = await createRelayRoute(tenantName, tid);
+          if (!res.ok) {
+            console.warn(
+              `[approve] Threema route create for tenant=${tenantName} id=${tid} returned not-ok: ${res.message}`
+            );
+          }
+        } catch (e) {
+          console.error(
+            `[approve] Threema route create threw for tenant=${tenantName} id=${tid}:`,
+            e
+          );
+        }
+      }
    }

    // Step 5: Update request status — clear admin notes on re-approval