Add activities endpoint to custom CRM example

[jamipuchi]

Summary

Adds a complete activities feature to the custom CRM example, including database schema, REST endpoint, dashboard UI, and documentation with company engagement update examples.

Changes

Database Schema (prisma/schema.prisma)

• Added Activity model with fields for:
  • contactId - links activity to a contact
  • type - activity type (email, call, linkedin_message, etc.)
  • direction - inbound or outbound
  • subject and body - activity content
  • metadata - JSON field for additional data
  • occurredAt - when the activity happened

REST API (server.js)

• POST /activities - Create a new activity
• GET /activities - List all activities (with optional contactId filter)
• GET /activities/:id - Get a single activity by ID

Dashboard UI

• New activities.html page - Full CRUD interface for viewing activities
  • Displays activity type, direction, subject, contact, and timestamp
  • Shows metadata in expandable JSON format
  • Filter activities by contact
• Updated navigation - Added "Activities" link to all dashboard pages (index, contacts, companies, tasks)

Documentation (README.md)

• Added activities endpoint documentation with request/response examples
• Included sample payloads for different activity types (email, LinkedIn message)
• Documented metadata structure and engagement field updates
• Added company engagement update examples

Files Changed

• README.md (+82)
• prisma/schema.prisma (+15)
• public/activities.html (+177) - New file
• public/companies.html (+1)
• public/contacts.html (+1)
• public/index.html (+11, -1)
• public/tasks.html (+1)
• server.js (+41)

Total: +329, -1

Related PRs

• leads-gpt: https://github.com/Genesy-AI/leads-gpt/pull/3386
• api-docs: https://github.com/Genesy-AI/api-docs/pull/3

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 47d1a8de10

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Escape activity subject before injecting into table

The activity rows are rendered via innerHTML, and a.subject is interpolated directly into the template without escaping. If an activity subject originates from external content (e.g., synced email/LinkedIn data) and contains HTML/JS like <img onerror=...>, it will be executed when someone views the Activities page, creating a stored XSS vector. Consider inserting untrusted fields via textContent or escaping them before building the HTML (similar to the stripHtml handling for body).

Useful? React with 👍 / 👎.