wip: listings/admin in-flight — bulk update, duplicates, audit log, price constraints

Batch-committing concurrent work-in-progress so it isn't lost:

Listings — bulk update + duplicate detection
---------------------------------------------
- New command BulkUpdateListings + handler + tests under
  application/commands/bulk-update-listings/.
- New DTO presentation/dto/bulk-update-listings.dto.ts.
- Controller wires the bulk endpoint; update DTO extended.
- Property duplicate detector hardened: normalized-address pipeline
  (new migration 20260420020000_add_property_address_normalized),
  repository + service updates, tests refreshed.
- Listing entity gains ownership-transferred event (new event file).
- Integration specs for price constraints
  (20260420000000_add_price_check_constraints) and duplicates.
- E2E: e2e/api/listings-duplicates.spec.ts.

Admin — moderation audit log
----------------------------
- New Prisma table (migration 20260420010000_add_moderation_audit_log)
  + Prisma repo + interface + DI wiring.
- Listener `moderation-audit.listener.ts` + unit spec.
- Query GetModerationAuditLogs + handler + controller
  `admin-moderation-audit.controller.ts` + DTO.

Supporting
----------
- shared/infrastructure/cache.service.ts tweak.
- AUDIT_LISTINGS_PROPERTY_MANAGEMENT.md — in-repo audit notes.
- Various test + module wiring updates to keep the tree green.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

prisma/migrations/20260420000000_add_price_check_constraints/migration.sql

@@ -0,0 +1,65 @@
+-- Add CHECK constraints to enforce positive prices at the DB layer.
+-- Scope (per TEC-2925): Listing price columns. Property has no direct
+-- "price" column, only nullable maintenanceFeeVND (covered defensively).
+-- Related price tables (PriceHistory) are also covered to keep the
+-- invariant consistent across the price domain.
+
+-- -----------------------------------------------------------------------------
+-- 1) Backfill / clean offending data BEFORE applying constraints.
+--    Strategy: NULL-out optional bad values; for the required Listing.priceVND
+--    column we cannot null it, so any non-positive value is set to 1 (token
+--    minimum) so the migration succeeds. In dev/seed these should not exist;
+--    in prod the migration runner should review the audit log below before
+--    applying.
+-- -----------------------------------------------------------------------------
+
+-- Audit (informational): how many rows would violate?
+-- SELECT COUNT(*) FROM "Listing" WHERE "priceVND" <= 0;
+-- SELECT COUNT(*) FROM "Listing" WHERE "rentPriceMonthly" IS NOT NULL AND "rentPriceMonthly" <= 0;
+-- SELECT COUNT(*) FROM "Listing" WHERE "pricePerM2"       IS NOT NULL AND "pricePerM2"       <= 0;
+-- SELECT COUNT(*) FROM "Listing" WHERE "aiPriceEstimate"  IS NOT NULL AND "aiPriceEstimate"  <= 0;
+-- SELECT COUNT(*) FROM "PriceHistory" WHERE "oldPrice" <= 0 OR "newPrice" <= 0;
+
+-- Backfill: required column → coerce to 1 VND (audit trail before applying).
+UPDATE "Listing"      SET "priceVND"         = 1    WHERE "priceVND"         <= 0;
+
+-- Backfill: optional columns → NULL them out (was clearly invalid data).
+UPDATE "Listing"      SET "rentPriceMonthly" = NULL WHERE "rentPriceMonthly" IS NOT NULL AND "rentPriceMonthly" <= 0;
+UPDATE "Listing"      SET "pricePerM2"       = NULL WHERE "pricePerM2"       IS NOT NULL AND "pricePerM2"       <= 0;
+UPDATE "Listing"      SET "aiPriceEstimate"  = NULL WHERE "aiPriceEstimate"  IS NOT NULL AND "aiPriceEstimate"  <= 0;
+
+-- PriceHistory rows with non-positive prices are corrupt; remove them.
+DELETE FROM "PriceHistory" WHERE "oldPrice" <= 0 OR "newPrice" <= 0;
+
+-- -----------------------------------------------------------------------------
+-- 2) Apply CHECK constraints
+-- -----------------------------------------------------------------------------
+
+ALTER TABLE "Listing"
+  ADD CONSTRAINT "listing_price_vnd_positive_chk"
+  CHECK ("priceVND" > 0);
+
+ALTER TABLE "Listing"
+  ADD CONSTRAINT "listing_rent_price_monthly_positive_chk"
+  CHECK ("rentPriceMonthly" IS NULL OR "rentPriceMonthly" > 0);
+
+ALTER TABLE "Listing"
+  ADD CONSTRAINT "listing_price_per_m2_positive_chk"
+  CHECK ("pricePerM2" IS NULL OR "pricePerM2" > 0);
+
+ALTER TABLE "Listing"
+  ADD CONSTRAINT "listing_ai_price_estimate_positive_chk"
+  CHECK ("aiPriceEstimate" IS NULL OR "aiPriceEstimate" > 0);
+
+ALTER TABLE "PriceHistory"
+  ADD CONSTRAINT "price_history_old_price_positive_chk"
+  CHECK ("oldPrice" > 0);
+
+ALTER TABLE "PriceHistory"
+  ADD CONSTRAINT "price_history_new_price_positive_chk"
+  CHECK ("newPrice" > 0);
+
+-- Property defensive guard (only column with a monetary value):
+ALTER TABLE "Property"
+  ADD CONSTRAINT "property_maintenance_fee_vnd_nonnegative_chk"
+  CHECK ("maintenanceFeeVND" IS NULL OR "maintenanceFeeVND" >= 0);

prisma/migrations/20260420010000_add_moderation_audit_log/migration.sql

@@ -0,0 +1,25 @@
+-- CreateTable
+CREATE TABLE "ModerationAuditLog" (
+    "id" TEXT NOT NULL,
+    "targetType" TEXT NOT NULL,
+    "targetId" TEXT NOT NULL,
+    "action" TEXT NOT NULL,
+    "moderatorId" TEXT NOT NULL,
+    "reason" TEXT,
+    "metadata" JSONB,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "ModerationAuditLog_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE INDEX "ModerationAuditLog_targetType_targetId_idx" ON "ModerationAuditLog"("targetType", "targetId");
+
+-- CreateIndex
+CREATE INDEX "ModerationAuditLog_moderatorId_createdAt_idx" ON "ModerationAuditLog"("moderatorId", "createdAt" DESC);
+
+-- CreateIndex
+CREATE INDEX "ModerationAuditLog_action_createdAt_idx" ON "ModerationAuditLog"("action", "createdAt" DESC);
+
+-- CreateIndex
+CREATE INDEX "ModerationAuditLog_createdAt_idx" ON "ModerationAuditLog"("createdAt");

prisma/migrations/20260420020000_add_property_address_normalized/migration.sql

@@ -0,0 +1,46 @@
+-- TEC-2932: add a normalized-address column for duplicate detection
+--
+-- Strategy:
+--   * Vietnamese-aware normalization done in application code (Address VO),
+--     so the column is plain TEXT and is populated by the API layer.
+--   * Backfill existing rows with an in-DB approximation
+--     (LOWER + UNACCENT + collapse whitespace + trim). This keeps the
+--     migration self-contained without requiring a TS backfill script.
+--   * BTree index on (agentId-aware lookups via Listing) so equality
+--     filtering is cheap. Address normalization is also valuable for
+--     analytics/admin so we index the column itself.
+--
+-- The column is added nullable so the migration can be applied to a
+-- production database without blocking writes; new inserts coming through
+-- the API layer always populate the value.
+
+CREATE EXTENSION IF NOT EXISTS "unaccent";
+
+ALTER TABLE "Property"
+  ADD COLUMN IF NOT EXISTS "addressNormalized" TEXT;
+
+-- Backfill existing rows. The expression mirrors the application-level
+-- Address.normalize() rule:
+--   1. concatenate `address, ward, district, city`
+--   2. unaccent (strip Vietnamese diacritics)
+--   3. lowercase
+--   4. replace any non-alphanumeric run with a single space
+--   5. collapse whitespace and trim
+UPDATE "Property"
+SET "addressNormalized" = TRIM(
+  REGEXP_REPLACE(
+    LOWER(
+      UNACCENT(
+        CONCAT_WS(', ', "address", "ward", "district", "city")
+      )
+    ),
+    '[^a-z0-9]+',
+    ' ',
+    'g'
+  )
+)
+WHERE "addressNormalized" IS NULL;
+
+-- Equality lookup index (used by duplicate detector + admin endpoint).
+CREATE INDEX IF NOT EXISTS "Property_addressNormalized_idx"
+  ON "Property" ("addressNormalized");