feat(compliance): merchant data export endpoint (#313)

- Add DataExportJob model + DataExportStatus enum to Prisma schema
- Add migration 20260329140000_add_data_export_job
- dataExport.service: enqueue + async process export (profile, payments
  summary, webhook logs); base64 payload stored on job record
- dataExport.controller: merchant self-service + admin-triggered endpoints
- dataExport.route: POST /merchants/export, GET /export/:jobId,
  GET /export/:jobId/download, admin variants under /admin/merchants/:id
- Wire route into app.ts at /api/v1/merchants/export
- 7 unit tests covering job creation, status polling, download guards
  (409 not-ready, 410 expired, 404 not-found)

Author: rayeberechi

fluxapay_backend/prisma/migrations/20260329140000_add_data_export_job/migration.sql

@@ -0,0 +1,24 @@
+-- CreateEnum
+CREATE TYPE "DataExportStatus" AS ENUM ('pending', 'processing', 'completed', 'failed');
+
+-- CreateTable
+CREATE TABLE "DataExportJob" (
+    "id" TEXT NOT NULL,
+    "merchantId" TEXT NOT NULL,
+    "status" "DataExportStatus" NOT NULL DEFAULT 'pending',
+    "payload" TEXT,
+    "error" TEXT,
+    "requested_by" TEXT NOT NULL,
+    "expires_at" TIMESTAMP(3) NOT NULL,
+    "created_at" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "DataExportJob_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE INDEX "DataExportJob_merchantId_idx" ON "DataExportJob"("merchantId");
+
+-- AddForeignKey
+ALTER TABLE "DataExportJob" ADD CONSTRAINT "DataExportJob_merchantId_fkey"
+    FOREIGN KEY ("merchantId") REFERENCES "Merchant"("id") ON DELETE CASCADE ON UPDATE CASCADE;

fluxapay_backend/prisma/schema.prisma

@@ -53,6 +53,7 @@ model Merchant {
   discrepancyThresholds DiscrepancyThreshold[]
   discrepancyAlerts     DiscrepancyAlert[]
   customers             Customer[]
+  dataExportJobs        DataExportJob[]
 }
 
 model Customer {
@@ -398,6 +399,23 @@ model IdempotencyRecord {
   updated_at       DateTime @updatedAt
 }
 
+/// Async GDPR-style data export job for a merchant.
+model DataExportJob {
+  id          String           @id @default(cuid())
+  merchant    Merchant         @relation(fields: [merchantId], references: [id], onDelete: Cascade)
+  merchantId  String
+  status      DataExportStatus @default(pending)
+  /// Base64-encoded JSON payload — populated when status = completed.
+  payload     String?
+  error       String?
+  requested_by String          // "merchant" | "admin:<adminId>"
+  expires_at  DateTime
+  created_at  DateTime         @default(now())
+  updated_at  DateTime         @updatedAt
+
+  @@index([merchantId])
+}
+
 // ...existing code...
 
 enum MerchantStatus {
@@ -504,3 +522,10 @@ enum AuditEntityType {
   sweep_operation
   settlement_batch
 }
+
+enum DataExportStatus {
+  pending
+  processing
+  completed
+  failed
+}

fluxapay_backend/src/app.ts

@@ -24,6 +24,7 @@ import keysRoutes from "./routes/keys.route";
 import settlementBatchRoutes from "./routes/settlementBatch.route";
 import dashboardRoutes from "./routes/dashboard.route";
 import auditRoutes from "./routes/audit.route";
+import dataExportRoutes from "./routes/dataExport.route";
 
 const app = express();
 const prisma = new PrismaClient();
@@ -86,6 +87,7 @@ app.use("/api/v1/admin/reconciliation", reconciliationRoutes);
 app.use("/api/v1/admin/settlement", settlementBatchRoutes);
 app.use("/api/v1/admin/sweep", sweepRoutes);
 app.use("/api/v1/admin", auditRoutes);
+app.use("/api/v1/merchants/export", dataExportRoutes);
 
 // Basic health check
 app.get("/health", (req, res) => {

fluxapay_backend/src/controllers/dataExport.controller.ts

@@ -0,0 +1,92 @@
+import { Response } from "express";
+import { AuthRequest } from "../types/express";
+import { validateUserId } from "../helpers/request.helper";
+import {
+  requestDataExport,
+  getExportJob,
+  downloadExport,
+} from "../services/dataExport.service";
+
+/**
+ * POST /api/v1/merchants/export
+ * Merchant self-service: enqueue a data export for the authenticated merchant.
+ */
+export async function requestExport(req: AuthRequest, res: Response) {
+  try {
+    const merchantId = await validateUserId(req);
+    const result = await requestDataExport(merchantId, "merchant");
+    res.status(202).json({
+      message: "Export job queued. Poll /export/:jobId for status.",
+      ...result,
+    });
+  } catch (err: any) {
+    res.status(err.status || 500).json({ message: err.message || "Server error" });
+  }
+}
+
+/**
+ * GET /api/v1/merchants/export/:jobId
+ * Poll job status.
+ */
+export async function getExportStatus(req: AuthRequest, res: Response) {
+  try {
+    const merchantId = await validateUserId(req);
+    const job = await getExportJob(req.params.jobId, merchantId);
+    res.json({
+      jobId: job.id,
+      status: job.status,
+      expires_at: job.expires_at,
+      error: job.error ?? undefined,
+    });
+  } catch (err: any) {
+    res.status(err.status || 500).json({ message: err.message || "Server error" });
+  }
+}
+
+/**
+ * GET /api/v1/merchants/export/:jobId/download
+ * Download the completed export as JSON.
+ */
+export async function downloadExportHandler(req: AuthRequest, res: Response) {
+  try {
+    const merchantId = await validateUserId(req);
+    const data = await downloadExport(req.params.jobId, merchantId);
+    res.setHeader("Content-Disposition", `attachment; filename="export-${req.params.jobId}.json"`);
+    res.json(data);
+  } catch (err: any) {
+    res.status(err.status || 500).json({ message: err.message || "Server error" });
+  }
+}
+
+/**
+ * POST /api/v1/admin/merchants/:merchantId/export
+ * Admin-triggered export on behalf of a merchant.
+ */
+export async function adminRequestExport(req: AuthRequest, res: Response) {
+  try {
+    const { merchantId } = req.params;
+    const adminId = req.adminUser?.id ?? req.user?.id ?? "admin";
+    const result = await requestDataExport(merchantId, `admin:${adminId}`);
+    res.status(202).json({
+      message: "Export job queued.",
+      ...result,
+    });
+  } catch (err: any) {
+    res.status(err.status || 500).json({ message: err.message || "Server error" });
+  }
+}
+
+/**
+ * GET /api/v1/admin/merchants/:merchantId/export/:jobId/download
+ * Admin download of a completed export.
+ */
+export async function adminDownloadExport(req: AuthRequest, res: Response) {
+  try {
+    const { merchantId, jobId } = req.params;
+    const data = await downloadExport(jobId, merchantId);
+    res.setHeader("Content-Disposition", `attachment; filename="export-${jobId}.json"`);
+    res.json(data);
+  } catch (err: any) {
+    res.status(err.status || 500).json({ message: err.message || "Server error" });
+  }
+}

fluxapay_backend/src/routes/dataExport.route.ts

@@ -0,0 +1,136 @@
+import { Router } from "express";
+import { authenticateToken } from "../middleware/auth.middleware";
+import { authenticateApiKey } from "../middleware/apiKeyAuth.middleware";
+import { adminAuth } from "../middleware/adminAuth.middleware";
+import {
+  requestExport,
+  getExportStatus,
+  downloadExportHandler,
+  adminRequestExport,
+  adminDownloadExport,
+} from "../controllers/dataExport.controller";
+
+const router = Router();
+
+/**
+ * @swagger
+ * /api/v1/merchants/export:
+ *   post:
+ *     summary: Request a GDPR data export (merchant self-service)
+ *     tags: [Data Export]
+ *     security:
+ *       - bearerAuth: []
+ *     responses:
+ *       202:
+ *         description: Export job queued
+ *       401:
+ *         description: Unauthorized
+ */
+router.post("/", authenticateApiKey, requestExport);
+
+/**
+ * @swagger
+ * /api/v1/merchants/export/{jobId}:
+ *   get:
+ *     summary: Poll export job status
+ *     tags: [Data Export]
+ *     security:
+ *       - bearerAuth: []
+ *     parameters:
+ *       - in: path
+ *         name: jobId
+ *         required: true
+ *         schema:
+ *           type: string
+ *     responses:
+ *       200:
+ *         description: Job status
+ *       404:
+ *         description: Job not found
+ */
+router.get("/:jobId", authenticateApiKey, getExportStatus);
+
+/**
+ * @swagger
+ * /api/v1/merchants/export/{jobId}/download:
+ *   get:
+ *     summary: Download completed export
+ *     tags: [Data Export]
+ *     security:
+ *       - bearerAuth: []
+ *     parameters:
+ *       - in: path
+ *         name: jobId
+ *         required: true
+ *         schema:
+ *           type: string
+ *     responses:
+ *       200:
+ *         description: Export JSON file
+ *       409:
+ *         description: Export not ready
+ *       410:
+ *         description: Export link expired
+ */
+router.get("/:jobId/download", authenticateApiKey, downloadExportHandler);
+
+// ── Admin routes ──────────────────────────────────────────────────────────────
+
+/**
+ * @swagger
+ * /api/v1/admin/merchants/{merchantId}/export:
+ *   post:
+ *     summary: Admin-triggered data export for a merchant
+ *     tags: [Admin - Data Export]
+ *     security:
+ *       - bearerAuth: []
+ *       - adminSecret: []
+ *     parameters:
+ *       - in: path
+ *         name: merchantId
+ *         required: true
+ *         schema:
+ *           type: string
+ *     responses:
+ *       202:
+ *         description: Export job queued
+ */
+router.post(
+  "/admin/:merchantId",
+  authenticateToken,
+  adminAuth,
+  adminRequestExport,
+);
+
+/**
+ * @swagger
+ * /api/v1/admin/merchants/{merchantId}/export/{jobId}/download:
+ *   get:
+ *     summary: Admin download of a completed merchant export
+ *     tags: [Admin - Data Export]
+ *     security:
+ *       - bearerAuth: []
+ *       - adminSecret: []
+ *     parameters:
+ *       - in: path
+ *         name: merchantId
+ *         required: true
+ *         schema:
+ *           type: string
+ *       - in: path
+ *         name: jobId
+ *         required: true
+ *         schema:
+ *           type: string
+ *     responses:
+ *       200:
+ *         description: Export JSON file
+ */
+router.get(
+  "/admin/:merchantId/:jobId/download",
+  authenticateToken,
+  adminAuth,
+  adminDownloadExport,
+);
+
+export default router;