feat(api): POST /v1/customer/bulk — transaction-wrapped batch create#66
Merged
Conversation
ETL / import workflows shouldn't need to POST one customer at a
time. The new endpoint takes an array (capped at 500 per request)
and inserts inside a single Sequelize transaction:
POST /v1/customer/bulk
{ "customers": [ {...}, {...}, ... ] }
All-or-nothing: if any insert fails (DB constraint, value out of
range, etc.) the whole transaction rolls back and the response is
500 with the error. On success: 201 with `{ count, customers }`.
Auth shape matches POST /v1/customer applied per-entry:
- missing authKey -> 403
- non-master, entry with custCompId NOT in auth scope -> 403 (with index)
- non-master without custCompId on entry -> defaults to scope
- master without custCompId on entry -> 400 (with index)
Validation is zod-driven: each entry runs through createCustomerBody,
so unknown fields per-entry are rejected the same way as on the
single-create endpoint. 500-entry hard cap so a single request
doesn't lock the table for minutes.
Tests: 7 cases covering the auth contract, body validation (empty
array, oversize batch, unknown top-level field, unknown per-entry
field, exactly-500 boundary), and route mounting.
Suite: 34 files / 249 passing + 4 integration skipped (was 33 / 241).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
New
POST /v1/customer/bulkendpoint. Takes{ customers: [{...}, ...] }(capped at 500 per request) and inserts inside a Sequelize transaction. All-or-nothing: any failure rolls the entire batch back. Closes the ETL gap.Auth applied per-entry: master keys must specify
custCompIdon each entry; non-master keys auto-scope to their authKey's company and any mismatching entry returns 403 with the offending index.Test plan
Proudly Made in Nebraska. Go Big Red! 🌽 https://xkcd.com/2347/