fix: PR C — operational (round 4, bugs 7, 10, 12) (#80)

Bug 7 (HIGH): outbound webhook delivery not implemented
- New webhook_deliveries table (id, subscriptionId, eventType, payload,
  status, attempts, nextRetryAt, lastStatusCode, lastError, etc.)
- WebhookDeliveryService: async POST with HMAC-SHA256 signature,
  X-HAIP-Signature/Event-Id/Event-Type headers, 5s timeout
- Exponential backoff 30s/2m/10m/1h/6h (5 attempts)
- In-process setInterval scanner (30s) re-processes pending retries
- GET /connect/subscriptions/:id/deliveries for observability
- BullMQ deferred — Redis not wired up, pragmatic fallback per brief

Bug 10 (HIGH): push-schema.ts missing tables
- Added: agent_configs, agent_decisions, agent_training_snapshots,
  tax_profiles, tax_rules, guest_reviews, webhook_deliveries
- Enums: agent_type, agent_mode, agent_decision_status, tax_rule_type,
  review_source, review_response_status, webhook_delivery_status
- Long-term: replace push-schema.ts with real Drizzle migrations

Bug 12 (MEDIUM): agent config mutations unaudited
- updateConfig writes audit_logs row with per-field diff (isEnabled, mode,
  autopilotConfidenceThreshold, config), no-op changes skipped
- approveDecision, rejectDecision also audited with actor from @currentuser
- Reused existing auditLogs table; no new schema

562/562 tests passing (+9), build + typecheck clean.

Co-authored-by: Dušan Milićević <dusanmilicevic33@gmail.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: telivity-otaip

apps/api/src/modules/agent/agent.controller.ts

@@ -15,6 +15,7 @@ import { eq, and, desc } from 'drizzle-orm';
 import { guestReviews } from '@haip/database';
 import { DRIZZLE } from '../../database/database.module';
 import { Roles } from '../auth/roles.decorator';
+import { CurrentUser, type AuthUser } from '../auth/current-user.decorator';
 import { AgentService } from './agent.service';
 import { UpdateAgentConfigDto } from './dto/agent-config.dto';
 import { RejectDecisionDto } from './dto/agent-decision.dto';
@@ -50,8 +51,9 @@ export class AgentController {
     @Param('propertyId', ParseUUIDPipe) propertyId: string,
     @Param('agentType') agentType: string,
     @Body() dto: UpdateAgentConfigDto,
+    @CurrentUser() user?: AuthUser,
   ) {
-    return this.agentService.updateConfig(propertyId, agentType, dto as any);
+    return this.agentService.updateConfig(propertyId, agentType, dto as any, user?.sub);
   }
 
   @Post(':propertyId/:agentType/run')
@@ -83,8 +85,9 @@ export class AgentController {
   async approveDecision(
     @Param('propertyId', ParseUUIDPipe) propertyId: string,
     @Param('id', ParseUUIDPipe) id: string,
+    @CurrentUser() user?: AuthUser,
   ) {
-    return this.agentService.approveDecision(propertyId, id);
+    return this.agentService.approveDecision(propertyId, id, user?.sub);
   }
 
   @Post(':propertyId/decisions/:id/reject')
@@ -93,8 +96,9 @@ export class AgentController {
     @Param('propertyId', ParseUUIDPipe) propertyId: string,
     @Param('id', ParseUUIDPipe) id: string,
     @Body() dto: RejectDecisionDto,
+    @CurrentUser() user?: AuthUser,
   ) {
-    return this.agentService.rejectDecision(propertyId, id, undefined, dto.reason);
+    return this.agentService.rejectDecision(propertyId, id, user?.sub, dto.reason);
   }
 
   @Get(':propertyId/:agentType/performance')

apps/api/src/modules/agent/agent.service.spec.ts

@@ -300,6 +300,78 @@ describe('AgentService', () => {
     await expect(service.getDecisions('prop-1', 'not_real')).rejects.toThrow(BadRequestException);
   });
 
+  // --- Audit logging ---
+
+  it('writes an audit log row when updateConfig changes a field', async () => {
+    const disabledConfig = { ...existingConfig, isEnabled: false };
+    const updatedConfig = { ...existingConfig, isEnabled: true };
+    const db = createMockDb({
+      selectResult: [disabledConfig],
+      updateResult: [updatedConfig],
+    });
+    const module = await Test.createTestingModule({
+      providers: [
+        AgentService,
+        { provide: DRIZZLE, useValue: db },
+        { provide: WebhookService, useValue: { emit: vi.fn() } },
+      ],
+    }).compile();
+    const service = module.get(AgentService);
+
+    await service.updateConfig('prop-1', 'pricing', { isEnabled: true }, 'user-42');
+
+    // First insert is the audit row (no other inserts happen in updateConfig).
+    expect(db.insert).toHaveBeenCalledTimes(1);
+    const insertedValues = (db.insert.mock.results[0]!.value.values as any).mock.calls[0][0];
+    expect(insertedValues.action).toBe('update');
+    expect(insertedValues.entityType).toBe('agent_config');
+    expect(insertedValues.userId).toBe('user-42');
+    expect(insertedValues.previousValue).toEqual({ isEnabled: false });
+    expect(insertedValues.newValue).toEqual({ isEnabled: true });
+  });
+
+  it('skips audit log when updateConfig makes no effective change', async () => {
+    // isEnabled already true, update passes the same value
+    const db = createMockDb({
+      selectResult: [existingConfig],
+      updateResult: [existingConfig],
+    });
+    const module = await Test.createTestingModule({
+      providers: [
+        AgentService,
+        { provide: DRIZZLE, useValue: db },
+        { provide: WebhookService, useValue: { emit: vi.fn() } },
+      ],
+    }).compile();
+    const service = module.get(AgentService);
+
+    await service.updateConfig('prop-1', 'pricing', { isEnabled: true });
+    expect(db.insert).not.toHaveBeenCalled();
+  });
+
+  it('writes an audit log row when rejectDecision is called', async () => {
+    const db = createMockDb({
+      selectResult: [pendingDecision],
+      updateResult: [{ ...pendingDecision, status: 'rejected' }],
+    });
+    const module = await Test.createTestingModule({
+      providers: [
+        AgentService,
+        { provide: DRIZZLE, useValue: db },
+        { provide: WebhookService, useValue: { emit: vi.fn() } },
+      ],
+    }).compile();
+    const service = module.get(AgentService);
+
+    await service.rejectDecision('prop-1', 'dec-1', 'user-99', 'not confident');
+
+    expect(db.insert).toHaveBeenCalledTimes(1);
+    const insertedValues = (db.insert.mock.results[0]!.value.values as any).mock.calls[0][0];
+    expect(insertedValues.entityType).toBe('agent_decision');
+    expect(insertedValues.userId).toBe('user-99');
+    expect(insertedValues.newValue).toMatchObject({ status: 'rejected', reason: 'not confident' });
+  });
+
   // --- getPerformance logic ---
 
   it('calculates performance metrics correctly', () => {

apps/api/src/modules/agent/agent.service.ts

@@ -1,6 +1,6 @@
 import { Injectable, Inject, NotFoundException, BadRequestException } from '@nestjs/common';
 import { eq, and, desc } from 'drizzle-orm';
-import { agentConfigs, agentDecisions, agentTrainingSnapshots } from '@haip/database';
+import { agentConfigs, agentDecisions, agentTrainingSnapshots, auditLogs } from '@haip/database';
 import { DRIZZLE } from '../../database/database.module';
 import { WebhookService } from '../webhook/webhook.service';
 import type {
@@ -165,6 +165,17 @@ export class AgentService {
       .where(eq(agentDecisions.id, decisionId))
       .returning();
 
+    await this.db.insert(auditLogs).values({
+      propertyId,
+      action: 'update',
+      entityType: 'agent_decision',
+      entityId: decisionId,
+      userId: userId ?? null,
+      previousValue: { status: 'pending' },
+      newValue: { status: 'approved', agentType: decision.agentType, decisionType: decision.decisionType },
+      description: `Agent decision approved and executed: ${decision.agentType}/${decision.decisionType}`,
+    });
+
     await this.webhookService.emit(
       'agent.decision_executed',
       'agent_decision',
@@ -194,6 +205,17 @@ export class AgentService {
       .where(eq(agentDecisions.id, decisionId))
       .returning();
 
+    await this.db.insert(auditLogs).values({
+      propertyId,
+      action: 'update',
+      entityType: 'agent_decision',
+      entityId: decisionId,
+      userId: userId ?? null,
+      previousValue: { status: 'pending' },
+      newValue: { status: 'rejected', reason: reason ?? null },
+      description: `Agent decision rejected: ${decision.agentType}/${decision.decisionType}`,
+    });
+
     return updated;
   }
 
@@ -260,8 +282,13 @@ export class AgentService {
     return config;
   }
 
-  /** Update agent config. */
-  async updateConfig(propertyId: string, agentType: string, updates: Record<string, unknown>) {
+  /** Update agent config — writes an audit log row describing the diff. */
+  async updateConfig(
+    propertyId: string,
+    agentType: string,
+    updates: Record<string, unknown>,
+    userId?: string,
+  ) {
     const config = await this.getOrCreateConfig(propertyId, agentType);
 
     const setValues: Record<string, unknown> = { updatedAt: new Date() };
@@ -277,6 +304,36 @@ export class AgentService {
       .where(eq(agentConfigs.id, config.id))
       .returning();
 
+    // Build diff of the fields the user actually changed (sensitive config only).
+    const auditFields = ['isEnabled', 'mode', 'autopilotConfidenceThreshold', 'config'];
+    const diff: Record<string, { old: unknown; new: unknown }> = {};
+    for (const field of auditFields) {
+      if (updates[field] === undefined) continue;
+      const oldValue = (config as any)[field];
+      const newValue = (updated as any)[field];
+      // Only record if actually changed (string-compare to handle numeric thresholds).
+      if (JSON.stringify(oldValue) !== JSON.stringify(newValue)) {
+        diff[field] = { old: oldValue, new: newValue };
+      }
+    }
+
+    if (Object.keys(diff).length > 0) {
+      await this.db.insert(auditLogs).values({
+        propertyId,
+        action: 'update',
+        entityType: 'agent_config',
+        entityId: config.id,
+        userId: userId ?? null,
+        previousValue: Object.fromEntries(
+          Object.entries(diff).map(([k, v]) => [k, v.old]),
+        ),
+        newValue: Object.fromEntries(
+          Object.entries(diff).map(([k, v]) => [k, v.new]),
+        ),
+        description: `Agent config updated: ${agentType} (${Object.keys(diff).join(', ')})`,
+      });
+    }
+
     return updated;
   }
 

apps/api/src/modules/connect/connect-events.service.spec.ts

@@ -131,6 +131,59 @@ describe('ConnectEventsService', () => {
     });
   });
 
+  describe('handleEvent', () => {
+    it('enqueues a delivery via WebhookDeliveryService for each matching subscription', async () => {
+      mockDb.select.mockImplementation(() => ({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue([mockSubscription]),
+        }),
+      }));
+
+      const deliveryService = { enqueue: vi.fn().mockResolvedValue({ id: 'del-1' }) };
+      const svc = new ConnectEventsService(mockDb, deliveryService as any);
+
+      await svc.handleEvent({
+        event: 'reservation.created',
+        entityType: 'reservation',
+        entityId: 'res-1',
+        propertyId: 'prop-1',
+        data: { foo: 'bar' },
+        timestamp: new Date().toISOString(),
+      });
+
+      expect(deliveryService.enqueue).toHaveBeenCalledWith(
+        expect.objectContaining({
+          eventType: 'reservation.created',
+          propertyId: 'prop-1',
+          entityType: 'reservation',
+          entityId: 'res-1',
+        }),
+        'sub-1',
+      );
+    });
+
+    it('does nothing when no subscriptions match', async () => {
+      mockDb.select.mockImplementation(() => ({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue([mockSubscription]),
+        }),
+      }));
+      const deliveryService = { enqueue: vi.fn() };
+      const svc = new ConnectEventsService(mockDb, deliveryService as any);
+
+      await svc.handleEvent({
+        event: 'unrelated.event',
+        entityType: 'x',
+        entityId: 'y',
+        propertyId: 'prop-1',
+        data: {},
+        timestamp: new Date().toISOString(),
+      });
+
+      expect(deliveryService.enqueue).not.toHaveBeenCalled();
+    });
+  });
+
   describe('pollEvents', () => {
     it('should return events filtered by type', async () => {
       const mockEvents = [

apps/api/src/modules/connect/connect-events.service.ts

@@ -1,13 +1,17 @@
-import { Injectable, Inject, NotFoundException } from '@nestjs/common';
+import { Injectable, Inject, NotFoundException, Optional } from '@nestjs/common';
 import { OnEvent } from '@nestjs/event-emitter';
 import { eq, and, gte, desc } from 'drizzle-orm';
 import { agentWebhookSubscriptions, auditLogs } from '@haip/database';
 import { DRIZZLE } from '../../database/database.module';
 import type { CreateSubscriptionDto } from './dto/agent-event-subscription.dto';
+import { WebhookDeliveryService } from '../webhook/webhook-delivery.service';
 
 @Injectable()
 export class ConnectEventsService {
-  constructor(@Inject(DRIZZLE) private readonly db: any) {}
+  constructor(
+    @Inject(DRIZZLE) private readonly db: any,
+    @Optional() private readonly deliveryService?: WebhookDeliveryService,
+  ) {}
 
   /**
    * Create an event subscription for an OTAIP agent.
@@ -174,19 +178,55 @@ export class ConnectEventsService {
     for (const sub of subscriptions) {
       const events = (sub.events ?? []) as string[];
       if (events.some((pattern: string) => this.matchesEventPattern(payload.event, pattern))) {
-        // Log the delivery attempt (no actual HTTP call yet)
-        await this.db
-          .update(agentWebhookSubscriptions)
-          .set({
-            lastDeliveryAt: new Date(),
-            lastDeliveryStatus: 'logged',
-            updatedAt: new Date(),
-          })
-          .where(eq(agentWebhookSubscriptions.id, sub.id));
+        if (this.deliveryService) {
+          // Enqueue a real HTTP delivery (HMAC-signed, retried).
+          await this.deliveryService.enqueue(
+            {
+              eventType: payload.event,
+              propertyId: payload.propertyId,
+              entityType: payload.entityType,
+              entityId: payload.entityId,
+              data: payload.data ?? {},
+              timestamp: payload.timestamp ?? new Date().toISOString(),
+            },
+            sub.id,
+          );
+        } else {
+          // Fallback — just log the match (for tests / environments without delivery service).
+          await this.db
+            .update(agentWebhookSubscriptions)
+            .set({
+              lastDeliveryAt: new Date(),
+              lastDeliveryStatus: 'logged',
+              updatedAt: new Date(),
+            })
+            .where(eq(agentWebhookSubscriptions.id, sub.id));
+        }
       }
     }
   }
 
+  /**
+   * List delivery attempts for a subscription (scoped by propertyId).
+   */
+  async listDeliveries(subscriptionId: string, propertyId: string, limit = 50) {
+    if (!this.deliveryService) return [];
+    // Verify subscription belongs to propertyId before returning deliveries.
+    const [subscription] = await this.db
+      .select()
+      .from(agentWebhookSubscriptions)
+      .where(
+        and(
+          eq(agentWebhookSubscriptions.id, subscriptionId),
+          eq(agentWebhookSubscriptions.propertyId, propertyId),
+        ),
+      );
+    if (!subscription) {
+      throw new NotFoundException(`Subscription ${subscriptionId} not found`);
+    }
+    return this.deliveryService.listDeliveries(subscriptionId, propertyId, limit);
+  }
+
   /**
    * Match event type against subscription pattern.
    * Supports wildcards: 'reservation.*' matches 'reservation.created'.

apps/api/src/modules/connect/connect.controller.ts

@@ -122,6 +122,22 @@ export class ConnectController {
     return this.eventsService.testSubscription(id, propertyId);
   }
 
+  @Get('subscriptions/:id/deliveries')
+  @ApiOperation({ summary: 'List webhook delivery attempts for a subscription' })
+  @ApiQuery({ name: 'propertyId', required: true })
+  @ApiQuery({ name: 'limit', required: false })
+  async listDeliveries(
+    @Param('id', ParseUUIDPipe) id: string,
+    @Query('propertyId', ParseUUIDPipe) propertyId: string,
+    @Query('limit') limit?: string,
+  ) {
+    return this.eventsService.listDeliveries(
+      id,
+      propertyId,
+      limit ? parseInt(limit, 10) : undefined,
+    );
+  }
+
   // --- Event Polling ---
 
   @Get('events')