1bf05465c3
- Add successResponseSchema to common.ts for explicit success responses
- Update all auth, me, orgs, and admin procedures to return { success: true }
- Update contract.ts to use successResponseSchema instead of z.void()
- Add ast-grep rule to prevent future z.void() usage in contracts
- Add build:packages script to root package.json
- Fix test file lint errors with eslint-disable comments
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
102 lines
2.8 KiB
TypeScript
102 lines
2.8 KiB
TypeScript
/**
|
|
* Org management procedures - update, delete, leave
|
|
*/
|
|
|
|
import { ORPCError } from "@orpc/server";
|
|
import { authMiddleware, os } from "../base.js";
|
|
import {
|
|
countOwners,
|
|
getMembership,
|
|
lookupOrgBySlug,
|
|
requireRole,
|
|
} from "./helpers.js";
|
|
|
|
/**
|
|
* Update org details
|
|
* Requires admin or owner role
|
|
*/
|
|
export const orgsUpdate = os.orgs.update
|
|
.use(authMiddleware)
|
|
.handler(async ({ input, context }) => {
|
|
const { slug, displayName, logoUrl } = input;
|
|
|
|
// Lookup org and verify membership with admin+ role
|
|
const org = await lookupOrgBySlug(context.db, slug);
|
|
const membership = await getMembership(context.db, org.id, context.user.id);
|
|
requireRole(membership, "admin");
|
|
|
|
// Build update object with only provided fields
|
|
const updates: Record<string, unknown> = { updated_at: new Date() };
|
|
if (displayName !== undefined) {
|
|
updates.display_name = displayName;
|
|
}
|
|
if (logoUrl !== undefined) {
|
|
updates.logo_url = logoUrl;
|
|
}
|
|
|
|
await context.db
|
|
.updateTable("orgs")
|
|
.set(updates)
|
|
.where("id", "=", org.id)
|
|
.execute();
|
|
|
|
return { success: true };
|
|
});
|
|
|
|
/**
|
|
* Delete an org
|
|
* Requires owner role
|
|
* FK CASCADE handles deleting members, invites, and sites
|
|
*/
|
|
export const orgsDelete = os.orgs.delete
|
|
.use(authMiddleware)
|
|
.handler(async ({ input, context }) => {
|
|
const { slug } = input;
|
|
|
|
// Lookup org and verify ownership
|
|
const org = await lookupOrgBySlug(context.db, slug);
|
|
const membership = await getMembership(context.db, org.id, context.user.id);
|
|
requireRole(membership, "owner");
|
|
|
|
await context.db.deleteFrom("orgs").where("id", "=", org.id).execute();
|
|
|
|
return { success: true };
|
|
});
|
|
|
|
/**
|
|
* Leave an org
|
|
* Cannot leave if you're the only owner
|
|
* Uses transaction to prevent race condition where multiple owners leave simultaneously
|
|
*/
|
|
export const orgsLeave = os.orgs.leave
|
|
.use(authMiddleware)
|
|
.handler(async ({ input, context }) => {
|
|
const { slug } = input;
|
|
|
|
// Lookup org and get membership
|
|
const org = await lookupOrgBySlug(context.db, slug);
|
|
const membership = await getMembership(context.db, org.id, context.user.id);
|
|
|
|
await context.db.transaction().execute(async (trx) => {
|
|
// If user is an owner, check if they're the last one (with lock)
|
|
if (membership.role === "owner") {
|
|
const ownerCount = await countOwners(trx, org.id);
|
|
if (ownerCount === 1) {
|
|
throw new ORPCError("BAD_REQUEST", {
|
|
message:
|
|
"Cannot leave as the only owner. Transfer ownership or delete the organization.",
|
|
});
|
|
}
|
|
}
|
|
|
|
// Remove membership
|
|
await trx
|
|
.deleteFrom("org_members")
|
|
.where("org_id", "=", org.id)
|
|
.where("user_id", "=", context.user.id)
|
|
.execute();
|
|
});
|
|
|
|
return { success: true };
|
|
});
|