fix: batch 5 — input validation tightening + health check endpoint

- z.any() replaced with z.record(z.string()) on webhook headers - availabilityJson typed with z.array(z.object({ start, end })) - Frontend webhook headers converted from array to Record before API call - Docker HEALTHCHECK added to Dockerfile (health endpoint already existed) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-07 18:26:28 +01:00
parent a68ec3fb45
commit 1ebdf5f9c9
4 changed files with 13 additions and 5 deletions
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -69,5 +69,8 @@ EXPOSE 7600
 ENV PORT=7600
 ENV HOSTNAME="0.0.0.0"

+HEALTHCHECK --interval=30s --timeout=5s --start-period=30s --retries=3 \
+  CMD wget -qO- http://localhost:7600/api/health || exit 1
+
 # Run via entrypoint (migrate then start)
 CMD ["/app/docker-entrypoint.sh"]
--- a/src/app/(admin)/admin/settings/webhooks/page.tsx
+++ b/src/app/(admin)/admin/settings/webhooks/page.tsx
@@ -210,11 +210,16 @@ export default function WebhooksPage() {
      return
    }

+    const filteredHeaders = formData.headers.filter((h) => h.key)
+    const headersRecord = filteredHeaders.length > 0
+      ? Object.fromEntries(filteredHeaders.map((h) => [h.key, h.value]))
+      : undefined
+
    const payload = {
      name: formData.name,
      url: formData.url,
      events: formData.events,
-      headers: formData.headers.filter((h) => h.key) as Record<string, string>[] | undefined,
+      headers: headersRecord,
      maxRetries: formData.maxRetries,
    }

--- a/src/server/routers/user.ts
+++ b/src/server/routers/user.ts
@@ -106,7 +106,7 @@ export const userRouter = router({
        notificationPreference: z.enum(['EMAIL', 'WHATSAPP', 'BOTH', 'NONE']).optional(),
        expertiseTags: z.array(z.string()).max(15).optional(),
        digestFrequency: z.enum(['none', 'daily', 'weekly']).optional(),
-        availabilityJson: z.any().optional(),
+        availabilityJson: z.array(z.object({ start: z.string(), end: z.string() })).optional(),
        preferredWorkload: z.number().int().min(1).max(100).optional().nullable(),
      })
    )
@@ -539,7 +539,7 @@ export const userRouter = router({
        status: z.enum(['NONE', 'INVITED', 'ACTIVE', 'SUSPENDED']).optional(),
        expertiseTags: z.array(z.string()).optional(),
        maxAssignments: z.number().int().min(1).max(100).optional().nullable(),
-        availabilityJson: z.any().optional(),
+        availabilityJson: z.array(z.object({ start: z.string(), end: z.string() })).optional(),
        preferredWorkload: z.number().int().min(1).max(100).optional().nullable(),
      })
    )
--- a/src/server/routers/webhook.ts
+++ b/src/server/routers/webhook.ts
@@ -81,7 +81,7 @@ export const webhookRouter = router({
        name: z.string().min(1).max(200),
        url: z.string().url(),
        events: z.array(z.string()).min(1),
-        headers: z.any().optional(),
+        headers: z.record(z.string()).optional(),
        maxRetries: z.number().int().min(0).max(10).default(3),
      })
    )
@@ -126,7 +126,7 @@ export const webhookRouter = router({
        name: z.string().min(1).max(200).optional(),
        url: z.string().url().optional(),
        events: z.array(z.string()).min(1).optional(),
-        headers: z.any().optional(),
+        headers: z.record(z.string()).optional(),
        isActive: z.boolean().optional(),
        maxRetries: z.number().int().min(0).max(10).optional(),
      })