Security: - Add auth + file type/size validation to upload API - Add admin auth to /api/admin/ endpoints - Add SSRF protection to scrape action - Whitelist fields in PUT /api/notes/[id] to prevent mass assignment - Protect /lab, /agents, /chat, /canvas, /notebooks routes in middleware AI provider fixes: - Add deepseek/openrouter to factory ProviderType (was silently falling back to ollama) - Fix title-suggestion.service.ts to use factory instead of hardcoded OpenAI - Fix getAIProvider→getChatProvider in memory-echo, notebook-summary, agent-executor - Fix getAIProvider→getTagsProvider in notebook-suggestion, title-suggestions, transform-markdown Functional bugs: - Fix ALLOW_REGISTRATION AND→OR logic - Fix note-editor.tsx passing stale props to useAutoTagging instead of local state - Fix stale Note.embedding type (migrated to NoteEmbedding table) - Remove hardcoded SQLite path from prisma.ts Frontend: - Add AbortController to useAutoTagging and useTitleSuggestions hooks - Add error rollback to optimistic UI in note-inline-editor - Remove stale closure over notebookId/language in useAutoTagging Cleanup: - Rename docker-compose from keepnotes→memento - Remove unused unstable_cache import from config.ts - Remove dead useUndoRedo hook - Fix TagSuggestion type (add isNewLabel, reasoning) - Remove dead AIConfig/AIProviderType types - Fix ghost-tags unused isEmpty var and as any cast - Fix note-editor titleSuggestions typed as any[] Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
62 lines
1.6 KiB
TypeScript
62 lines
1.6 KiB
TypeScript
import { NextResponse } from 'next/server';
|
|
import prisma from '@/lib/prisma';
|
|
import { auth } from '@/auth';
|
|
|
|
export const dynamic = 'force-dynamic';
|
|
|
|
export async function GET() {
|
|
try {
|
|
const session = await auth()
|
|
if (!session?.user?.id || (session.user as any).role !== 'ADMIN') {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
|
}
|
|
// 1. Get all notes
|
|
const notes = await prisma.note.findMany({
|
|
select: { labels: true }
|
|
});
|
|
|
|
// 2. Extract all unique labels from JSON
|
|
const uniqueLabels = new Set<string>();
|
|
notes.forEach((note: any) => {
|
|
if (note.labels) {
|
|
try {
|
|
if (Array.isArray(note.labels)) {
|
|
(note.labels as string[]).forEach((l: string) => uniqueLabels.add(l));
|
|
}
|
|
} catch (e) {
|
|
// ignore error
|
|
}
|
|
}
|
|
});
|
|
|
|
// 3. Get existing labels in DB
|
|
const existingDbLabels = await prisma.label.findMany();
|
|
const existingNames = new Set(existingDbLabels.map((l: any) => l.name));
|
|
|
|
// 4. Create missing labels
|
|
const created = [];
|
|
for (const name of uniqueLabels) {
|
|
if (!existingNames.has(name)) {
|
|
const newLabel = await prisma.label.create({
|
|
data: {
|
|
name,
|
|
color: 'gray' // Default color
|
|
}
|
|
});
|
|
created.push(newLabel);
|
|
}
|
|
}
|
|
|
|
return NextResponse.json({
|
|
success: true,
|
|
foundInNotes: uniqueLabels.size,
|
|
alreadyInDb: existingNames.size,
|
|
created: created.length,
|
|
createdLabels: created
|
|
});
|
|
|
|
} catch (error) {
|
|
return NextResponse.json({ error: String(error) }, { status: 500 });
|
|
}
|
|
}
|