[STAGING] FAC-134 feat: qualitative analytics view for faculty analysis page (#347) (#348)

Backend for the new theme-first qualitative analytics surface on
FacultyReportScreen (dean / chairperson / campus-head views).

## New

- `GET /analytics/faculty/:facultyId/qualitative-summary` — aggregates
  sentiment distribution + themes (with sample quotes) for the latest
  completed pipeline in scope. Themes ordered by descending mention
  count. Sample quotes are PII-scrubbed (280-char cap, two-word
  capitalized-name regex redaction).

## Extended

- `GET /analytics/faculty/:facultyId/report/comments` now accepts
  optional `sentiment` and `themeId` filters plus returns per-row
  `sentiment` + `themeIds[]` annotations when a pipeline is resolved.
  Filter semantics: `is_dominant = true` only (dominance invariant).

## Pipeline scope tightening (prerequisite that landed alongside)

Context: faculty-page pipeline discovery was leaking/missing pipelines
across roles because listPipelines used loose matching. Addressed here
so the FAC-134 UI could be verified; formalized separately as FAC-136.

- ListPipelines filter now binds unspecified scope keys to null for
  aggregate queries (strict scope isolation), and leaves
  dept/program/campus unbound for faculty-level queries so the same
  faculty pipeline is discoverable across DEAN/CHAIRPERSON/CAMPUS_HEAD
  with a new assertFacultyInScope authorization check.
- CreatePipelineDto + ListPipelinesQueryDto now accept
  `questionnaireTypeCode`; server resolves to the latest ACTIVE
  version at create time.

## Tests

- 50 analytics.service.spec tests (24 new): GetQualitativeSummary,
  findLatestCompletedPipelineByScope, extended comments with sentiment
  /themeId filters
- 64 pipeline-orchestrator.service.spec tests (7 new): scope isolation,
  faculty-level query semantics, cross-role visibility

All passing. Lint clean.

Author: y4nder

src/modules/analysis/dto/create-pipeline.dto.ts

@@ -1,11 +1,12 @@
 import { z } from 'zod';
 import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger';
-import { IsNotEmpty, IsOptional, IsUUID } from 'class-validator';
+import { IsNotEmpty, IsOptional, IsString, IsUUID } from 'class-validator';
 
 export const createPipelineSchema = z.object({
   semesterId: z.string().uuid(),
   facultyId: z.string().uuid().optional(),
   questionnaireVersionId: z.string().uuid().optional(),
+  questionnaireTypeCode: z.string().min(1).optional(),
   departmentId: z.string().uuid().optional(),
   programId: z.string().uuid().optional(),
   campusId: z.string().uuid().optional(),
@@ -30,6 +31,14 @@ export class CreatePipelineDto {
   @IsOptional()
   questionnaireVersionId?: string;
 
+  @ApiPropertyOptional({
+    description:
+      'Questionnaire type code; server resolves to the latest ACTIVE version for that type when versionId is omitted',
+  })
+  @IsString()
+  @IsOptional()
+  questionnaireTypeCode?: string;
+
   @ApiPropertyOptional({ description: 'Department ID' })
   @IsUUID()
   @IsOptional()

src/modules/analysis/dto/list-pipelines.dto.ts

@@ -1,6 +1,6 @@
 import { z } from 'zod';
 import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger';
-import { IsNotEmpty, IsOptional, IsUUID } from 'class-validator';
+import { IsNotEmpty, IsOptional, IsString, IsUUID } from 'class-validator';
 
 export const listPipelinesQuerySchema = z.object({
   semesterId: z.string().uuid(),
@@ -10,6 +10,7 @@ export const listPipelinesQuerySchema = z.object({
   campusId: z.string().uuid().optional(),
   courseId: z.string().uuid().optional(),
   questionnaireVersionId: z.string().uuid().optional(),
+  questionnaireTypeCode: z.string().min(1).optional(),
 });
 
 export type ListPipelinesQueryInput = z.infer<typeof listPipelinesQuerySchema>;
@@ -49,4 +50,12 @@ export class ListPipelinesQueryDto {
   @IsUUID()
   @IsOptional()
   questionnaireVersionId?: string;
+
+  @ApiPropertyOptional({
+    description:
+      'Filter pipelines whose questionnaire version belongs to this type code',
+  })
+  @IsString()
+  @IsOptional()
+  questionnaireTypeCode?: string;
 }

src/modules/analysis/services/pipeline-orchestrator.service.spec.ts

@@ -47,6 +47,7 @@ describe('PipelineOrchestratorService', () => {
   };
 
   beforeEach(async () => {
+    const mockExecute = jest.fn().mockResolvedValue([]);
     mockFork = {
       findOne: jest.fn(),
       findOneOrFail: jest.fn(),
@@ -68,6 +69,8 @@ describe('PipelineOrchestratorService', () => {
       populate: jest.fn().mockResolvedValue(undefined),
       flush: jest.fn(),
       nativeUpdate: jest.fn(),
+      getConnection: jest.fn().mockReturnValue({ execute: mockExecute }),
+      execute: mockExecute,
     };
 
     const mockEm = {
@@ -1087,6 +1090,149 @@ describe('PipelineOrchestratorService', () => {
           ForbiddenException,
         );
       });
+
+      it('aggregate query (no facultyId): binds every unspecified scope key to null', async () => {
+        setCurrentUser('admin-1', [UserRole.SUPER_ADMIN]);
+        mockFork.find.mockResolvedValueOnce([]);
+
+        await service.ListPipelines({ semesterId });
+
+        const filter = mockFork.find.mock.calls[0][1] as Record<
+          string,
+          unknown
+        >;
+        expect(filter).toEqual({
+          semester: semesterId,
+          faculty: null,
+          course: null,
+          questionnaireVersion: null,
+          department: null,
+          program: null,
+          campus: null,
+        });
+      });
+
+      it('facultyId query: binds faculty/course/qV but leaves dept/program/campus unbound', async () => {
+        setCurrentUser('admin-1', [UserRole.SUPER_ADMIN]);
+        mockFork.find.mockResolvedValueOnce([]);
+
+        await service.ListPipelines({
+          semesterId,
+          facultyId: facultyOneId,
+        });
+
+        const filter = mockFork.find.mock.calls[0][1] as Record<
+          string,
+          unknown
+        >;
+        expect(filter.faculty).toBe(facultyOneId);
+        expect(filter.course).toBeNull();
+        expect(filter.questionnaireVersion).toBeNull();
+        // dept/program/campus unbound — a faculty pipeline stays
+        // discoverable regardless of which scoped role triggered it.
+        expect(filter).not.toHaveProperty('department');
+        expect(filter).not.toHaveProperty('program');
+        expect(filter).not.toHaveProperty('campus');
+      });
+
+      it('resolves questionnaireTypeCode to deep filter when no versionId', async () => {
+        setCurrentUser('admin-1', [UserRole.SUPER_ADMIN]);
+        mockFork.find.mockResolvedValueOnce([]);
+
+        await service.ListPipelines({
+          semesterId,
+          facultyId: facultyOneId,
+          questionnaireTypeCode: 'STUDENT_EVAL',
+        });
+
+        const filter = mockFork.find.mock.calls[0][1] as Record<
+          string,
+          unknown
+        >;
+        expect(filter.questionnaireVersion).toEqual({
+          questionnaire: { type: { code: 'STUDENT_EVAL' } },
+        });
+      });
+
+      it('questionnaireVersionId wins over questionnaireTypeCode if both passed', async () => {
+        setCurrentUser('admin-1', [UserRole.SUPER_ADMIN]);
+        mockFork.find.mockResolvedValueOnce([]);
+
+        const versionId = '550e8400-e29b-41d4-a716-446655440030';
+        await service.ListPipelines({
+          semesterId,
+          questionnaireVersionId: versionId,
+          questionnaireTypeCode: 'STUDENT_EVAL',
+        });
+
+        const filter = mockFork.find.mock.calls[0][1] as Record<
+          string,
+          unknown
+        >;
+        expect(filter.questionnaireVersion).toBe(versionId);
+      });
+
+      it('DEAN on faculty page: drops dept/program/campus filters (facultyId is more-specific scope)', async () => {
+        setCurrentUser('dean-1', [UserRole.DEAN]);
+        mockScopeResolver.ResolveDepartmentIds.mockResolvedValue([deptA]);
+        // assertFacultyInScope looks up faculty's dept via raw SQL execute
+        mockFork.execute.mockResolvedValueOnce([{ department_id: deptA }]);
+        mockFork.find.mockResolvedValueOnce([]);
+
+        await service.ListPipelines({
+          semesterId,
+          facultyId: facultyOneId,
+          questionnaireTypeCode: 'STUDENT_EVAL',
+        });
+
+        const filter = mockFork.find.mock.calls[0][1] as Record<
+          string,
+          unknown
+        >;
+        expect(filter.faculty).toBe(facultyOneId);
+        // dept/program/campus unbound so the same faculty pipeline is
+        // discoverable across DEAN/CHAIRPERSON/CAMPUS_HEAD as long as each
+        // has faculty access.
+        expect(filter).not.toHaveProperty('department');
+        expect(filter).not.toHaveProperty('program');
+        expect(filter).not.toHaveProperty('campus');
+      });
+
+      it('DEAN on faculty page: 403 when faculty belongs to foreign dept', async () => {
+        setCurrentUser('dean-1', [UserRole.DEAN]);
+        mockScopeResolver.ResolveDepartmentIds.mockResolvedValue([deptA]);
+        mockFork.execute.mockResolvedValueOnce([{ department_id: deptB }]);
+
+        await expect(
+          service.ListPipelines({
+            semesterId,
+            facultyId: facultyOneId,
+            questionnaireTypeCode: 'STUDENT_EVAL',
+          }),
+        ).rejects.toThrow(ForbiddenException);
+      });
+
+      it('CAMPUS_HEAD on faculty page: finds a DEAN-triggered pipeline (dept/campus unbound)', async () => {
+        setCurrentUser('ch-1', [UserRole.CAMPUS_HEAD]);
+        mockScopeResolver.ResolveDepartmentIds.mockResolvedValue([deptA]);
+        mockFork.execute.mockResolvedValueOnce([{ department_id: deptA }]);
+        mockFork.find.mockResolvedValueOnce([]);
+
+        await service.ListPipelines({
+          semesterId,
+          facultyId: facultyOneId,
+          questionnaireTypeCode: 'STUDENT_EVAL',
+        });
+
+        const filter = mockFork.find.mock.calls[0][1] as Record<
+          string,
+          unknown
+        >;
+        expect(filter.faculty).toBe(facultyOneId);
+        expect(filter).not.toHaveProperty('campus');
+        expect(filter).not.toHaveProperty('department');
+        expect(filter).not.toHaveProperty('program');
+      });
     });
 
     describe('assertCanAccessPipeline (via GetPipelineStatus / GetRecommendations)', () => {

src/modules/analysis/services/pipeline-orchestrator.service.ts

@@ -123,6 +123,21 @@ export class PipelineOrchestratorService {
     // exactly one assigned scope and didn't specify one explicitly.
     const input = await this.assertCanCreatePipeline(parsed);
 
+    // Resolve questionnaireTypeCode → latest ACTIVE version. Pipelines
+    // store a concrete `questionnaireVersionId` (submissions are bound to
+    // a version), so we commit the type code to a version at trigger time.
+    if (!input.questionnaireVersionId && input.questionnaireTypeCode) {
+      const resolvedVersionId = await this.resolveLatestActiveVersionId(
+        input.questionnaireTypeCode,
+      );
+      if (!resolvedVersionId) {
+        throw new BadRequestException(
+          `No ACTIVE questionnaire version exists for type "${input.questionnaireTypeCode}"`,
+        );
+      }
+      input.questionnaireVersionId = resolvedVersionId;
+    }
+
     const fork = this.em.fork();
 
     // Check for active duplicate
@@ -235,28 +250,60 @@ export class PipelineOrchestratorService {
     const filled = await this.fillAndAssertListScope(parsed);
 
     const fork = this.em.fork();
+    // Two filter modes:
+    //  1. Faculty-level query (facultyId present): match on {semester,
+    //     faculty, qV, course} only. Dept/program/campus are metadata
+    //     about the triggering caller, NOT match criteria — so a
+    //     DEAN-triggered pipeline stays visible to a CAMPUS_HEAD viewing
+    //     the same faculty.
+    //  2. Aggregate query (no facultyId): bind every scope key explicitly
+    //     (null by default) so narrower-scope pipelines don't leak.
+    //     Matches CreatePipeline's `existingFilter` shape.
     const filter: Record<string, unknown> = {
       semester: filled.semesterId,
+      course: filled.courseId ?? null,
     };
-    if (filled.facultyId) filter['faculty'] = filled.facultyId;
-    if (filled.questionnaireVersionId)
+
+    if (filled.questionnaireVersionId) {
       filter['questionnaireVersion'] = filled.questionnaireVersionId;
-    if (filled.courseId) filter['course'] = filled.courseId;
-    if (filled.programId) filter['program'] = filled.programId;
-    if (filled.campusId) filter['campus'] = filled.campusId;
-
-    // Default-filled departmentIds come through as string[] (via $in), a
-    // client-provided scalar departmentId still works.
-    if (filled.departmentIdSet) {
-      filter['department'] = { $in: filled.departmentIdSet };
-    } else if (filled.departmentId) {
-      filter['department'] = filled.departmentId;
-    }
-    if (filled.programIdSet) {
-      filter['program'] = { $in: filled.programIdSet };
+    } else if (filled.questionnaireTypeCode) {
+      filter['questionnaireVersion'] = {
+        questionnaire: { type: { code: filled.questionnaireTypeCode } },
+      };
+    } else {
+      filter['questionnaireVersion'] = null;
     }
-    if (filled.campusIdSet) {
-      filter['campus'] = { $in: filled.campusIdSet };
+
+    if (filled.facultyId) {
+      filter['faculty'] = filled.facultyId;
+      // Faculty-level query: intentionally leave dept/program/campus
+      // unbound. See comment above.
+    } else {
+      filter['faculty'] = null;
+
+      if (filled.departmentId) {
+        filter['department'] = filled.departmentId;
+      } else if (filled.departmentIdSet) {
+        filter['department'] = { $in: filled.departmentIdSet };
+      } else {
+        filter['department'] = null;
+      }
+
+      if (filled.programId) {
+        filter['program'] = filled.programId;
+      } else if (filled.programIdSet) {
+        filter['program'] = { $in: filled.programIdSet };
+      } else {
+        filter['program'] = null;
+      }
+
+      if (filled.campusId) {
+        filter['campus'] = filled.campusId;
+      } else if (filled.campusIdSet) {
+        filter['campus'] = { $in: filled.campusIdSet };
+      } else {
+        filter['campus'] = null;
+      }
     }
 
     return fork.find(AnalysisPipeline, filter, {
@@ -899,6 +946,21 @@ export class PipelineOrchestratorService {
     // is typically also FACULTY, and the more-permissive DEAN behavior
     // must win.
 
+    // Faculty-level queries (query.facultyId set) short-circuit the set
+    // filters for scoped roles. Rationale: a faculty-level pipeline is
+    // "the pipeline for faculty F" regardless of which scoped role
+    // triggered it — its department/program/campus fields are metadata
+    // about origin, not match criteria. We still enforce authorization
+    // via the faculty's home department ∈ caller's resolved depts.
+    const isScopedRole =
+      user.roles.includes(UserRole.DEAN) ||
+      user.roles.includes(UserRole.CHAIRPERSON) ||
+      user.roles.includes(UserRole.CAMPUS_HEAD);
+    if (query.facultyId && isScopedRole) {
+      await this.assertFacultyInScope(query.facultyId, query.semesterId);
+      return { ...query };
+    }
+
     if (user.roles.includes(UserRole.DEAN)) {
       const allowed = await this.scopeResolver.ResolveDepartmentIds(
         query.semesterId,
@@ -1035,6 +1097,51 @@ export class PipelineOrchestratorService {
 
   // --- Private Helpers ---
 
+  private async assertFacultyInScope(
+    facultyId: string,
+    semesterId: string,
+  ): Promise<void> {
+    const allowedDepts =
+      await this.scopeResolver.ResolveDepartmentIds(semesterId);
+    if (allowedDepts === null) return; // unrestricted (SUPER_ADMIN-equivalent)
+
+    const fork = this.em.fork();
+    const rows: { department_id: string | null }[] = await fork
+      .getConnection()
+      .execute(
+        'SELECT u.department_id FROM "user" u WHERE u.id = ? AND u.deleted_at IS NULL',
+        [facultyId],
+      );
+    if (rows.length === 0) {
+      throw new NotFoundException('Faculty not found');
+    }
+    const facultyDeptId = rows[0].department_id;
+    if (!facultyDeptId || !allowedDepts.includes(facultyDeptId)) {
+      throw new ForbiddenException('scope not in your assigned access');
+    }
+  }
+
+  private async resolveLatestActiveVersionId(
+    typeCode: string,
+  ): Promise<string | null> {
+    const fork = this.em.fork();
+    const rows: { id: string }[] = await fork.getConnection().execute(
+      `SELECT qv.id
+           FROM questionnaire_version qv
+           JOIN questionnaire q ON q.id = qv.questionnaire_id
+           JOIN questionnaire_type qt ON qt.id = q.type_id
+          WHERE qt.code = ?
+            AND qv.status = 'ACTIVE'
+            AND qv.deleted_at IS NULL
+            AND q.deleted_at IS NULL
+            AND qt.deleted_at IS NULL
+          ORDER BY qv.version_number DESC
+          LIMIT 1`,
+      [typeCode],
+    );
+    return rows[0]?.id ?? null;
+  }
+
   private BuildScopeFromPipeline(pipeline: AnalysisPipeline): ScopeFilter {
     const scope: ScopeFilter = { semester: pipeline.semester.id };
     if (pipeline.faculty) scope.faculty = pipeline.faculty.id;