Spaces:

Legal-i
/

orgstate

Running

App Files Files Community

Legal-i commited on 1 day ago

Commit

8f1492f

verified ·

1 Parent(s): 059729c

Stage 239: per-delivery retry (infra/api/app.py)

Browse files

Files changed (1) hide show

infra/api/app.py +50 -0

infra/api/app.py CHANGED Viewed

@@ -3533,6 +3533,56 @@ def create_app(db_path: Optional[str] = None,
     # Stage 168 — delivery log for a single webhook. Read-only,
     # any tenant role can see it (debugging "why didn't I get the
     # Slack ping" needs analyst-tier access, not operator).
     @app.get("/webhooks/{webhook_id}/deliveries", tags=["webhooks"])
     async def list_webhook_deliveries_route(
         webhook_id: str,

     # Stage 168 — delivery log for a single webhook. Read-only,
     # any tenant role can see it (debugging "why didn't I get the
     # Slack ping" needs analyst-tier access, not operator).
+    # Stage 239 — tenant-wide delivery list (cross-webhook). Used
+    # by the Webhooks page "failed deliveries" section.
+    @app.get("/tenants/{tenant_id}/webhook_deliveries",
+              tags=["webhooks"])
+    async def list_tenant_webhook_deliveries_route(
+        tenant_id: str,
+        status: Optional[str] = Query(default=None),
+        limit: int = Query(100, ge=1, le=500),
+        key: ApiKey = Depends(auth_dep),
+    ):
+        require_tenant_access(key, tenant_id)
+        require_role(key, ROLE_READONLY)
+        try:
+            return {
+                "deliveries": svc.list_tenant_webhook_deliveries(
+                    tenant_id, status=status, limit=limit,
+                ),
+            }
+        except ValueError as e:
+            raise ApiError("bad_request", str(e), status=400) from e
+    # Stage 239 — manual retry of one specific delivery.
+    @app.post("/webhook_deliveries/{delivery_id}/retry",
+                tags=["webhooks"])
+    async def retry_one_delivery_route(
+        delivery_id: str,
+        authorization: Optional[str] = Header(default=None),
+    ):
+        # Resolve the delivery's tenant before auth so a
+        # forged delivery_id doesn't sneak through.
+        delivery = svc.webhook_deliveries.get(delivery_id)
+        if delivery is None:
+            raise ApiError(
+                "not_found",
+                f"unknown delivery {delivery_id!r}", status=404,
+            )
+        key = require_tenant_or_admin(
+            svc, authorization, delivery["tenant_id"],
+        )
+        if key is not None:
+            require_role(key, ROLE_OPERATOR)
+        actor = (key.key_id if key is not None
+                 else _admin_actor(authorization))
+        try:
+            return svc.retry_one_delivery(delivery_id, actor=actor)
+        except KeyError as e:
+            raise ApiError("not_found", str(e), status=404) from e
+        except ValueError as e:
+            raise ApiError("bad_request", str(e), status=400) from e
     @app.get("/webhooks/{webhook_id}/deliveries", tags=["webhooks"])
     async def list_webhook_deliveries_route(
         webhook_id: str,