Merge branch 'main' of https://github.com/trycompai/comp into mariano/agent-screenshots

Author: Marfuen

.npmrc

@@ -1,3 +1,15 @@
+# [1.70.0](https://github.com/trycompai/comp/compare/v1.69.0...v1.70.0) (2025-12-12)
+
+
+### Bug Fixes
+
+* **auditor:** increase max poll duration to 30 minutes and add limit to scrape ([#1897](https://github.com/trycompai/comp/issues/1897)) ([764d605](https://github.com/trycompai/comp/commit/764d6055fb8a1c7d4fa90d8d41c8234fc55c3de9))
+
+
+### Features
+
+* **api:** add access request notification email functionality ([#1910](https://github.com/trycompai/comp/issues/1910)) ([8d2a811](https://github.com/trycompai/comp/commit/8d2a81127c523e92decc56e29a7ef4f53e28986d))
+
 # [1.69.0](https://github.com/trycompai/comp/compare/v1.68.1...v1.69.0) (2025-12-08)
 
 

CHANGELOG.md

@@ -50,13 +50,20 @@ phases:
 
       - echo "Checking build output..."
       - ls -la dist/
-      - ls -la dist/src/
-      - '[ -f "dist/src/main.js" ] || { echo "❌ main.js not found in dist/src"; exit 1; }'
+      - ls -la dist/apps/api/src/ || ls -la dist/src/
+      - '[ -f "dist/apps/api/src/main.js" ] || [ -f "dist/src/main.js" ] || { echo "❌ main.js not found"; exit 1; }'
 
       - mkdir -p ../docker-build
-      - cp -r dist/* ../docker-build/
+      # Handle both output structures (dist/apps/api/src or dist/src)
+      - |
+        if [ -d "dist/apps/api/src" ]; then
+          echo "Using composite output structure..."
+          cp -r dist/apps/api/* ../docker-build/
+        else
+          echo "Using standard output structure..."
+          cp -r dist/* ../docker-build/
+        fi
       - cp -r prisma ../docker-build/
-
       - echo "Verifying copied files..."
       - ls -la ../docker-build/
       - ls -la ../docker-build/src/

apps/api/buildspec.yml

@@ -25,7 +25,7 @@
     "@react-email/components": "^0.0.41",
     "@trigger.dev/build": "4.0.6",
     "@trigger.dev/sdk": "4.0.6",
-    "@trycompai/db": "^1.3.17",
+    "@trycompai/db": "1.3.19",
     "@upstash/vector": "^1.2.2",
     "adm-zip": "^0.5.16",
     "ai": "^5.0.60",

apps/api/package.json

@@ -0,0 +1,147 @@
+import {
+  Body,
+  Button,
+  Container,
+  Font,
+  Heading,
+  Html,
+  Preview,
+  Section,
+  Tailwind,
+  Text,
+} from '@react-email/components';
+import { Footer } from '../components/footer';
+import { Logo } from '../components/logo';
+
+interface Props {
+  organizationName: string;
+  requesterName: string;
+  requesterEmail: string;
+  requesterCompany?: string | null;
+  requesterJobTitle?: string | null;
+  purpose?: string | null;
+  requestedDurationDays?: number | null;
+  reviewUrl: string;
+}
+
+export const AccessRequestNotificationEmail = ({
+  organizationName,
+  requesterName,
+  requesterEmail,
+  requesterCompany,
+  requesterJobTitle,
+  purpose,
+  requestedDurationDays,
+  reviewUrl,
+}: Props) => {
+  return (
+    <Html>
+      <Tailwind>
+        <head>
+          <Font
+            fontFamily="Geist"
+            fallbackFontFamily="Helvetica"
+            fontWeight={400}
+            fontStyle="normal"
+          />
+          <Font
+            fontFamily="Geist"
+            fallbackFontFamily="Helvetica"
+            fontWeight={500}
+            fontStyle="normal"
+          />
+        </head>
+        <Preview>New Trust Portal Access Request from {requesterName}</Preview>
+
+        <Body className="mx-auto my-auto bg-[#fff] font-sans">
+          <Container
+            className="mx-auto my-[40px] max-w-[600px] border-transparent p-[20px] md:border-[#E8E7E1]"
+            style={{ borderStyle: 'solid', borderWidth: 1 }}
+          >
+            <Logo />
+            <Heading className="mx-0 my-[30px] p-0 text-center text-[24px] font-normal text-[#121212]">
+              New Access Request
+            </Heading>
+
+            <Text className="text-[14px] leading-[24px] text-[#121212]">
+              A new request to access <strong>{organizationName}</strong>'s
+              trust portal has been submitted and is awaiting your review.
+            </Text>
+
+            <Section
+              className="mt-[20px] mb-[20px] rounded-[3px] p-[15px]"
+              style={{ backgroundColor: '#f8f9fa' }}
+            >
+              <Text className="m-0 mb-[10px] text-[14px] font-semibold text-[#121212]">
+                Requester Details
+              </Text>
+              <Text className="m-0 text-[14px] leading-[20px] text-[#121212]">
+                <strong>Name:</strong> {requesterName}
+                <br />
+                <strong>Email:</strong> {requesterEmail}
+                {requesterCompany && (
+                  <>
+                    <br />
+                    <strong>Company:</strong> {requesterCompany}
+                  </>
+                )}
+                {requesterJobTitle && (
+                  <>
+                    <br />
+                    <strong>Job Title:</strong> {requesterJobTitle}
+                  </>
+                )}
+              </Text>
+            </Section>
+
+            {purpose && (
+              <Section className="mb-[20px]">
+                <Text className="m-0 mb-[8px] text-[14px] font-semibold text-[#121212]">
+                  Purpose
+                </Text>
+                <Text className="m-0 text-[14px] leading-[20px] text-[#121212]">
+                  {purpose}
+                </Text>
+              </Section>
+            )}
+
+            {requestedDurationDays && (
+              <Text className="text-[14px] leading-[24px] text-[#121212]">
+                <strong>Requested Access Duration:</strong>{' '}
+                {requestedDurationDays} days
+              </Text>
+            )}
+
+            <Section className="mt-[32px] mb-[32px] text-center">
+              <Button
+                className="rounded-[3px] bg-[#121212] px-[20px] py-[12px] text-center text-[14px] font-semibold text-white no-underline"
+                href={reviewUrl}
+              >
+                Review Request
+              </Button>
+            </Section>
+
+            <Section
+              className="mt-[30px] mb-[20px] rounded-[3px] border-l-4 p-[15px]"
+              style={{ backgroundColor: '#fff4e6', borderColor: '#f59e0b' }}
+            >
+              <Text className="m-0 text-[14px] leading-[24px] text-[#121212]">
+                <strong>Action Required</strong>
+                <br />
+                Please review this request and either approve or deny access.
+                Approved requests will require the requester to sign an NDA
+                before accessing your trust portal.
+              </Text>
+            </Section>
+
+            <br />
+
+            <Footer />
+          </Container>
+        </Body>
+      </Tailwind>
+    </Html>
+  );
+};
+
+export default AccessRequestNotificationEmail;

apps/api/src/email/templates/access-request-notification.tsx

@@ -8,4 +8,5 @@ export interface UpdateOrganizationDto {
   hasAccess?: boolean;
   fleetDmLabelId?: number;
   isFleetSetupCompleted?: boolean;
+  primaryColor?: string;
 }

apps/api/src/organization/dto/update-organization.dto.ts

@@ -6,12 +6,14 @@ import {
   Get,
   Patch,
   Post,
+  Query,
   UseGuards,
 } from '@nestjs/common';
 import {
   ApiBody,
   ApiHeader,
   ApiOperation,
+  ApiQuery,
   ApiResponse,
   ApiSecurity,
   ApiTags,
@@ -30,6 +32,7 @@ import { GET_ORGANIZATION_RESPONSES } from './schemas/get-organization.responses
 import { UPDATE_ORGANIZATION_RESPONSES } from './schemas/update-organization.responses';
 import { DELETE_ORGANIZATION_RESPONSES } from './schemas/delete-organization.responses';
 import { TRANSFER_OWNERSHIP_RESPONSES } from './schemas/transfer-ownership.responses';
+import { GET_ORGANIZATION_PRIMARY_COLOR_RESPONSES } from './schemas/get-organization-primary-color';
 import {
   UPDATE_ORGANIZATION_BODY,
   TRANSFER_OWNERSHIP_BODY,
@@ -162,4 +165,47 @@ export class OrganizationController {
       }),
     };
   }
+
+  @Get('primary-color')
+  @ApiOperation(ORGANIZATION_OPERATIONS.getPrimaryColor)
+  @ApiQuery({
+    name: 'token',
+    required: false,
+    description:
+      'Access token for public access (alternative to authentication). When provided, authentication is not required.',
+    example: 'tok_abc123def456',
+  })
+  @ApiResponse(GET_ORGANIZATION_PRIMARY_COLOR_RESPONSES[200])
+  @ApiResponse(GET_ORGANIZATION_PRIMARY_COLOR_RESPONSES[401])
+  @ApiResponse(GET_ORGANIZATION_PRIMARY_COLOR_RESPONSES[404])
+  async getPrimaryColor(
+    @Query('token') token: string | undefined,
+    @OrganizationId() organizationId?: string,
+    @AuthContext() authContext?: AuthContextType,
+  ) {
+    // If token is provided, use it to resolve organization
+    // Otherwise, require organizationId from auth
+    if (!token && !organizationId) {
+      throw new BadRequestException(
+        'Either authentication or access token is required',
+      );
+    }
+
+    const primaryColor = await this.organizationService.getPrimaryColor(
+      organizationId || '',
+      token,
+    );
+
+    return {
+      ...primaryColor,
+      authType: token ? 'access-token' : authContext?.authType,
+      // Include user context for session auth (helpful for debugging)
+      ...(authContext?.userId && {
+        authenticatedUser: {
+          id: authContext.userId,
+          email: authContext.userEmail,
+        },
+      }),
+    };
+  }
 }

apps/api/src/organization/organization.controller.ts

@@ -28,6 +28,7 @@ export class OrganizationService {
           hasAccess: true,
           fleetDmLabelId: true,
           isFleetSetupCompleted: true,
+          primaryColor: true,
           createdAt: true,
         },
       });
@@ -63,6 +64,7 @@ export class OrganizationService {
           hasAccess: true,
           fleetDmLabelId: true,
           isFleetSetupCompleted: true,
+          primaryColor: true,
           createdAt: true,
         },
       });
@@ -86,6 +88,7 @@ export class OrganizationService {
           hasAccess: true,
           fleetDmLabelId: true,
           isFleetSetupCompleted: true,
+          primaryColor: true,
           createdAt: true,
         },
       });
@@ -271,4 +274,60 @@ export class OrganizationService {
       throw error;
     }
   }
+  async getPrimaryColor(organizationId: string, token?: string) {
+    try {
+      let targetOrgId = organizationId;
+
+      // If token is provided, resolve organization from the access grant
+      if (token) {
+        const grant = await db.trustAccessGrant.findUnique({
+          where: { accessToken: token },
+          select: {
+            expiresAt: true,
+            accessRequest: {
+              select: {
+                organizationId: true,
+              },
+            },
+          },
+        });
+
+        if (!grant) {
+          throw new NotFoundException('Invalid or expired access token');
+        }
+
+        if (grant.expiresAt && new Date() > grant.expiresAt) {
+          throw new NotFoundException('Access token has expired');
+        }
+
+        targetOrgId = grant.accessRequest.organizationId;
+      }
+
+      const primaryColor = await db.organization.findUnique({
+        where: { id: targetOrgId },
+        select: { primaryColor: true },
+      });
+
+      if (!primaryColor) {
+        throw new NotFoundException(`Organization with ID ${targetOrgId} not found`);
+      }
+
+      this.logger.log(
+        `Retrieved organization primary color for organization ${targetOrgId}: ${primaryColor.primaryColor}`,
+      );
+
+      return {
+        primaryColor: primaryColor.primaryColor,
+      };
+    } catch (error) {
+      if (error instanceof NotFoundException) {
+        throw error;
+      }
+      this.logger.error(
+        `Failed to retrieve organization primary color for organization ${organizationId}:`,
+        error,
+      );
+      throw error;
+    }
+  }
 }