Stage 211: forecast.threshold_crossed (infra/api/app.py)

infra/api/app.py

@@ -2067,6 +2067,34 @@ def create_app(db_path: Optional[str] = None,
         except ValueError as e:
             raise ApiError("bad_request", str(e), status=400) from e
 
+    # Stage 211 — manual trigger for the forecast-threshold scan.
+    # Admin role required: this fires webhooks + writes audit rows,
+    # so the operator running it should have the same authority as
+    # someone who'd configure a cron. The intended runtime is a
+    # daily cron picking this up; for now the dashboard / curl is
+    # the trigger.
+    @app.post("/tenants/{tenant_id}/forecast/check_thresholds",
+               tags=["runs"])
+    async def post_forecast_check_thresholds_route(
+        tenant_id: str, body: dict,
+        key: ApiKey = Depends(auth_dep),
+    ):
+        require_tenant_access(key, tenant_id)
+        require_role(key, ROLE_ADMIN)
+        days_threshold = body.get("days_threshold", 7)
+        if not isinstance(days_threshold, int):
+            raise ApiError(
+                "bad_request",
+                "days_threshold must be an integer", status=400,
+            )
+        try:
+            return svc.check_forecast_thresholds(
+                tenant_id, days_threshold=days_threshold,
+                actor=key.key_id,
+            )
+        except ValueError as e:
+            raise ApiError("bad_request", str(e), status=400) from e
+
     @app.post("/tenants/{tenant_id}/forecasts/batch", tags=["runs"])
     async def post_forecasts_batch_route(
         tenant_id: str,