john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
tractatus/src/routes/cases.routes.js
TheFlow e24638ba58 feat: implement AI-powered features (Phase 1 Core) 
**Three Public Features:**
- Media Inquiry System: Press/media can submit inquiries with AI triage (Phase 2)
- Case Study Submissions: Community can submit real-world AI safety failures
- Blog Curation: Admin-only topic suggestions with AI assistance (Phase 2)

**Backend Implementation:**
- Media routes/controller: /api/media/inquiries endpoints
- Cases routes/controller: /api/cases/submit endpoints
- Blog routes/controller: Already existed, documented
- Human oversight: All submissions go to moderation queue
- Tractatus boundaries: BoundaryEnforcer integration in blog controller

**Frontend Forms:**
- /media-inquiry.html: Public submission form for press/media
- /case-submission.html: Public submission form for case studies
- Full validation, error handling, success messages

**Validation Middleware Updates:**
- Support nested field validation (contact.email, submitter.name)
- validateEmail(fieldPath) now parameterized
- validateRequired() supports dot-notation paths

**Phase 1 Status:**
- AI triage: Manual (Phase 2 will add Claude API integration)
- All submissions require human review and approval
- Moderation queue operational
- Admin dashboard endpoints ready

**Files Added:**
- public/media-inquiry.html
- public/case-submission.html
- src/controllers/media.controller.js
- src/controllers/cases.controller.js
- src/routes/media.routes.js
- src/routes/cases.routes.js

**Files Modified:**
- src/routes/index.js (registered new routes)
- src/routes/auth.routes.js (updated validateEmail call)
- src/middleware/validation.middleware.js (nested field support)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-08 00:14:00 +13:00

91 lines
2.5 KiB
JavaScript
Raw Blame History

/**
* Case Study Routes
* Community case study submission endpoints
*/
const express = require('express');
const router = express.Router();
const casesController = require('../controllers/cases.controller');
const { authenticateToken, requireRole } = require('../middleware/auth.middleware');
const { validateRequired, validateEmail, validateObjectId } = require('../middleware/validation.middleware');
const { asyncHandler } = require('../middleware/error.middleware');
/**
* Public routes
*/
// POST /api/cases/submit - Submit case study (public)
router.post('/submit',
validateRequired([
'submitter.name',
'submitter.email',
'case_study.title',
'case_study.description',
'case_study.failure_mode'
]),
validateEmail('submitter.email'),
asyncHandler(casesController.submitCase)
);
/**
* Admin routes
*/
// GET /api/cases/submissions - List all submissions (admin)
router.get('/submissions',
authenticateToken,
requireRole('admin', 'moderator'),
asyncHandler(casesController.listSubmissions)
);
// GET /api/cases/submissions/high-relevance - List high-relevance pending (admin)
router.get('/submissions/high-relevance',
authenticateToken,
requireRole('admin', 'moderator'),
asyncHandler(casesController.listHighRelevance)
);
// GET /api/cases/submissions/:id - Get submission by ID (admin)
router.get('/submissions/:id',
authenticateToken,
requireRole('admin', 'moderator'),
validateObjectId('id'),
asyncHandler(casesController.getSubmission)
);
// POST /api/cases/submissions/:id/approve - Approve submission (admin)
router.post('/submissions/:id/approve',
authenticateToken,
requireRole('admin'),
validateObjectId('id'),
asyncHandler(casesController.approveSubmission)
);
// POST /api/cases/submissions/:id/reject - Reject submission (admin)
router.post('/submissions/:id/reject',
authenticateToken,
requireRole('admin'),
validateObjectId('id'),
validateRequired(['reason']),
asyncHandler(casesController.rejectSubmission)
);
// POST /api/cases/submissions/:id/request-info - Request more information (admin)
router.post('/submissions/:id/request-info',
authenticateToken,
requireRole('admin', 'moderator'),
validateObjectId('id'),
validateRequired(['requested_info']),
asyncHandler(casesController.requestMoreInfo)
);
// DELETE /api/cases/submissions/:id - Delete submission (admin)
router.delete('/submissions/:id',
authenticateToken,
requireRole('admin'),
validateObjectId('id'),
asyncHandler(casesController.deleteSubmission)
);
module.exports = router;
Reference in a new issue View git blame Copy permalink