Smart Supply Pro – Backend API (1.0.0)

Returns the current authenticated user's profile information including email, full name, role, and profile picture URL from OAuth2 provider.

User data is loaded from the database based on OAuth2 email claim.

Returns the list of granted authorities (roles and permissions) for the authenticated user. Used for frontend authorization checks.

Authorities are returned as sorted strings (e.g., ROLE_USER, ROLE_ADMIN).

Programmatic logout endpoint for API clients (SPAs, mobile apps).

What it does:

• Invalidates the Spring Security session
• Expires JSESSIONID and SESSION cookies
• Returns 204 No Content

Cookie settings:

• HttpOnly: true (prevents JavaScript access)
• Secure: true (HTTPS only)
• SameSite: None (cross-origin support)
• MaxAge: 0 (immediate expiration)

Note: Browser clients should prefer the standard POST /logout endpoint.

Retrieves all inventory items in the system (non-paginated). Includes supplier names and calculated total values.

Security: Requires authentication OR demo mode enabled. If APP_DEMO_READONLY=true, unauthenticated access is allowed.

Note: For large datasets, consider using the search endpoint with pagination.

Creates a new inventory item. Requires ADMIN role.

Authorization:

• Requires ROLE_ADMIN
• Blocked in demo mode (APP_DEMO_READONLY=true) - returns 403 Forbidden

Validation:

• ID must be absent (system-generated)
• Name, quantity, price, and supplierId are required
• Price must be positive
• Quantity must be zero or positive

Response:

• 201 Created with Location header pointing to new resource
• Body contains the created item with system-generated ID and timestamps

Retrieves a single inventory item by its unique identifier. Includes supplier name and calculated total value.

Updates an existing inventory item completely (full replacement).

Authorization:

• Requires ROLE_ADMIN
• Blocked in demo mode (APP_DEMO_READONLY=true) - returns 403 Forbidden

ID Handling:

• Path parameter takes precedence
• Request body ID is ignored to prevent conflicts

Validation:

• All required fields must be provided
• Price must be positive
• Quantity must be zero or positive

Deletes an inventory item permanently. Requires ADMIN role.

Authorization:

• Requires ROLE_ADMIN
• Blocked in demo mode (APP_DEMO_READONLY=true) - returns 403 Forbidden

Business Rules:

• Item must have quantity = 0 (all stock must be removed before deletion)
• Reason parameter is required for compliance tracking
• Deletion is logged in stock history with specified reason

Validation Flow:

1. Verify item exists (404 if not found)
2. Enforce quantity = 0 business rule (409 if quantity > 0)
3. Validate deletion reason is one of allowed values
4. Log deletion in audit trail
5. Remove item from system

Error Response Examples:

• 404: Item not found
• 409: Item has quantity > 0 (message: "You still have merchandise in stock. You need to first remove items from stock by changing quantity.")
• 400: Invalid deletion reason

Returns the total number of inventory items in the system.

Security: Requires authentication OR demo mode enabled. If APP_DEMO_READONLY=true, unauthenticated access is allowed.

Searches for inventory items by name with pagination and sorting support. Name search is case-insensitive and matches substrings.

Security: Requires authentication OR demo mode enabled. If APP_DEMO_READONLY=true, unauthenticated access is allowed.

Adjusts the quantity of an inventory item by a delta amount.

Authorization:

• Requires ROLE_USER or ROLE_ADMIN
• Blocked in demo mode (APP_DEMO_READONLY=true) - returns 403 Forbidden

Delta Logic:

• Positive delta: Add stock (e.g., +50 to increase by 50 units)
• Negative delta: Remove stock (e.g., -25 to decrease by 25 units)

Audit Trail:

• All quantity changes are logged in stock history
• Reason parameter is required for compliance tracking

Updates the unit price of an inventory item. Total value is automatically recalculated (quantity × new price).

Authorization:

• Requires ROLE_USER or ROLE_ADMIN
• Blocked in demo mode (APP_DEMO_READONLY=true) - returns 403 Forbidden

Retrieves a list of all suppliers in the system. Supports demo readonly access.

Creates a new supplier. Requires ADMIN role.

Validation:

• ID must be absent (system-generated)
• Name and createdBy are required
• Email (if provided) must be valid format

Response:

• 201 Created with Location header pointing to new resource
• Body contains the created supplier with system-generated ID and timestamp

Retrieves a single supplier by its unique identifier.

Updates an existing supplier completely (full replacement). Requires ADMIN role.

ID Handling:

• Path parameter takes precedence
• Request body ID must match path ID (if provided)

Validation:

• All required fields must be provided
• Email (if provided) must be valid format

Deletes a supplier permanently. Requires ADMIN role.

Referential Integrity:

• System enforces referential integrity checks
• May fail if supplier has active inventory items

Returns the total number of suppliers in the system.

Searches for suppliers by partial or full name match. Case-insensitive substring search.

Retrieves all stock history entries without pagination. Use for comprehensive audit trail export or analysis.

Retrieves all stock movement history for a specific inventory item. Shows the complete change timeline for an item with reasons and actors.

Filters stock history entries by the reason for change. Useful for tracking all sales, returns, damages, etc.

Advanced paginated search with multiple filter criteria and date range bounds.

Filters (all optional):

• Date range: startDate to endDate (inclusive, ISO-8601 format)
• Item name: Partial name matching for inventory items
• Supplier ID: Filter by supplier identifier

Validation:

• endDate must be >= startDate if both provided
• Page size is capped at 200 to prevent memory issues

Default sorting: timestamp DESC (newest first)

Gets time series of total stock value between dates. Shows inventory value trends with optional supplier filtering.

Gets current total stock quantity per supplier for charts and distribution analysis.

Gets the count of items below their minimum stock threshold. Useful for quick dashboard indicators.

Gets item update frequency for a specific supplier. Shows which items are updated most frequently, indicating high activity.

Gets items below minimum stock threshold for a supplier. Lists items requiring reorder with current and recommended levels.

Gets monthly stock movement (inbound/outbound) within a date range. Shows inventory flow trends with optional supplier filtering.

Gets filtered stock updates via query parameters. Defaults to last 30 days if dates not specified.

Filters (all optional):

• Date range: startDate to endDate (ISO-8601 datetime)
• Item name: Partial name matching
• Supplier: By supplierId
• User: By createdBy (who made the change)
• Quantity: Min and max change values

Gets filtered stock updates via JSON request body. Allows complex filtering criteria in structured format.

Gets comprehensive dashboard summary with multiple analytics aggregated. Includes supplier distribution, low stock items, trends, and activity.

Defaults: If dates not provided, uses last 30 days.

Gets historical price changes for a specific inventory item. Shows price evolution over a date range with optional supplier filtering.

Gets financial summary with Weighted Average Cost (WAC) calculations. Shows inventory costs, valuations, and financial metrics.

Performs a lightweight health check to verify the application is running.

This endpoint provides a quick way to monitor application availability without checking external dependencies like databases. Useful for load balancers, orchestration platforms, and basic uptime monitoring.

Security: This endpoint is publicly accessible (no authentication required). Used by Fly.io HTTP health checks and container orchestration systems.

Performs a comprehensive health check including database connectivity verification.

Uses Oracle-specific SYS_CONTEXT query to:

• Verify database is reachable and responsive
• Confirm Oracle functionality is available
• Return client IP address as seen by the database
• Detect temporary database pausing (common in Oracle Free Tier)

Useful for monitoring critical dependencies and detecting infrastructure issues. Returns 503 Service Unavailable if database is unreachable or misconfigured.

Security: This endpoint is publicly accessible (no authentication required). Used by monitoring systems to verify database health.