From 57c8fb0cab5360bd8ef5ba92a869654aff57ab72 Mon Sep 17 00:00:00 2001 From: "T. Narantuya" Date: Sat, 6 Sep 2025 13:57:14 +0900 Subject: [PATCH] Add optional WHMCS admin credentials to environment configuration - Introduced WHMCS_ADMIN_USERNAME and WHMCS_ADMIN_PASSWORD_MD5 for elevated admin actions. - Updated env.validation.ts and portal-backend.env.sample to reflect new optional fields. - Enhanced order fulfillment service to set order status to "Pending Review" and include error diagnostics in updates to Salesforce. --- apps/bff/src/common/config/env.validation.ts | 5 +++++ .../order-fulfillment-orchestrator.service.ts | 22 ++++++++++--------- env/portal-backend.env.sample | 5 +++++ 3 files changed, 22 insertions(+), 10 deletions(-) diff --git a/apps/bff/src/common/config/env.validation.ts b/apps/bff/src/common/config/env.validation.ts index 91ffaa24..69801dd9 100644 --- a/apps/bff/src/common/config/env.validation.ts +++ b/apps/bff/src/common/config/env.validation.ts @@ -35,6 +35,11 @@ export const envSchema = z.object({ WHMCS_API_SECRET: z.string().optional(), WHMCS_API_ACCESS_KEY: z.string().optional(), WHMCS_WEBHOOK_SECRET: z.string().optional(), + // Optional elevated admin credentials for privileged WHMCS actions (eg. AcceptOrder) + WHMCS_ADMIN_USERNAME: z.string().optional(), + // Expect MD5 hash of the admin password (preferred). Alias supported for compatibility. + WHMCS_ADMIN_PASSWORD_MD5: z.string().optional(), + WHMCS_ADMIN_PASSWORD_HASH: z.string().optional(), // Salesforce Configuration SF_LOGIN_URL: z.string().url().optional(), diff --git a/apps/bff/src/orders/services/order-fulfillment-orchestrator.service.ts b/apps/bff/src/orders/services/order-fulfillment-orchestrator.service.ts index 6c50a02f..cc7f5359 100644 --- a/apps/bff/src/orders/services/order-fulfillment-orchestrator.service.ts +++ b/apps/bff/src/orders/services/order-fulfillment-orchestrator.service.ts @@ -306,18 +306,20 @@ export class OrderFulfillmentOrchestrator { // Try to update Salesforce with failure status try { - await this.salesforceService.updateOrder({ + const updates: Record = { Id: context.sfOrderId, + // Set overall Order.Status to Pending Review for manual attention + Status: "Pending Review", [fields.order.activationStatus]: "Failed", - // Optional diagnostics fields if present in org - ...(fields.order.lastErrorCode && { - [fields.order.lastErrorCode]: - this.orderFulfillmentErrorService.getShortCode(error) || String(errorCode), - }), - ...(fields.order.lastErrorMessage && { - [fields.order.lastErrorMessage]: userMessage?.substring(0, 255), - }), - }); + }; + updates[fields.order.lastErrorCode as string] = ( + this.orderFulfillmentErrorService.getShortCode(error) || String(errorCode) + ) + .toString() + .substring(0, 60); + updates[fields.order.lastErrorMessage as string] = userMessage?.substring(0, 255); + + await this.salesforceService.updateOrder(updates as { Id: string; [key: string]: unknown }); this.logger.log("Salesforce updated with failure status", { sfOrderId: context.sfOrderId, diff --git a/env/portal-backend.env.sample b/env/portal-backend.env.sample index 2c315a1a..3883d3fc 100644 --- a/env/portal-backend.env.sample +++ b/env/portal-backend.env.sample @@ -26,6 +26,11 @@ TRUST_PROXY=true WHMCS_BASE_URL=https://accounts.asolutions.co.jp WHMCS_API_IDENTIFIER= WHMCS_API_SECRET= +# Optional elevated admin credentials for privileged actions (eg. AcceptOrder) +# Provide the admin username and MD5 hash of the admin password. +# When set, the backend will use these ONLY for the AcceptOrder action. +WHMCS_ADMIN_USERNAME= +WHMCS_ADMIN_PASSWORD_MD5= # Salesforce Credentials SF_LOGIN_URL=https://asolutions.my.salesforce.com