mirror of
https://github.com/kjanat/livedash-node.git
synced 2026-02-13 23:55:43 +01:00
Kaj Kowalski
cd05fc8648
- Fix syntax errors in skills markdown files (.github/skills, .opencode/skills) - Change typescript to tsx for code blocks with JSX - Replace ellipsis (...) in array examples with valid syntax - Separate CSS from TypeScript into distinct code blocks - Convert JavaScript object examples to valid JSON in docs - Fix enum definitions with proper comma separation
144 lines
3.5 KiB
TypeScript
144 lines
3.5 KiB
TypeScript
import { type NextRequest, NextResponse } from "next/server";
|
|
import {
|
|
getAuthenticatedPlatformUser,
|
|
hasPlatformAccess,
|
|
} from "@/lib/auth/server";
|
|
import { prisma } from "@/lib/prisma";
|
|
|
|
// POST /api/platform/companies/[id]/users - Invite user to company
|
|
export async function POST(
|
|
request: NextRequest,
|
|
{ params }: { params: Promise<{ id: string }> }
|
|
) {
|
|
try {
|
|
const { user: platformUser } = await getAuthenticatedPlatformUser();
|
|
|
|
if (
|
|
!platformUser ||
|
|
!hasPlatformAccess(platformUser.role, "PLATFORM_ADMIN")
|
|
) {
|
|
return NextResponse.json(
|
|
{ error: "Admin access required" },
|
|
{ status: 403 }
|
|
);
|
|
}
|
|
|
|
const { id: companyId } = await params;
|
|
const body = await request.json();
|
|
const { name, email, role = "USER" } = body;
|
|
|
|
if (!name || !email) {
|
|
return NextResponse.json(
|
|
{ error: "Name and email are required" },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// Check if company exists
|
|
const company = await prisma.company.findUnique({
|
|
where: { id: companyId },
|
|
include: { _count: { select: { users: true } } },
|
|
});
|
|
|
|
if (!company) {
|
|
return NextResponse.json({ error: "Company not found" }, { status: 404 });
|
|
}
|
|
|
|
// Check if user limit would be exceeded
|
|
if (company._count.users >= company.maxUsers) {
|
|
return NextResponse.json(
|
|
{ error: "Company has reached maximum user limit" },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// Check if user already exists
|
|
const existingUser = await prisma.user.findUnique({
|
|
where: { email },
|
|
});
|
|
|
|
if (existingUser) {
|
|
return NextResponse.json(
|
|
{ error: "User with this email already exists" },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// Create the user placeholder (they'll complete signup via Neon Auth)
|
|
const user = await prisma.user.create({
|
|
data: {
|
|
name,
|
|
email,
|
|
role,
|
|
companyId,
|
|
invitedBy: platformUser.email,
|
|
invitedAt: new Date(),
|
|
},
|
|
select: {
|
|
id: true,
|
|
name: true,
|
|
email: true,
|
|
role: true,
|
|
createdAt: true,
|
|
invitedBy: true,
|
|
invitedAt: true,
|
|
},
|
|
});
|
|
|
|
// TODO: Send invitation email with sign-up link
|
|
return NextResponse.json({
|
|
user,
|
|
signupUrl: "/auth/sign-up",
|
|
message:
|
|
"User invited. They should sign up at /auth/sign-up with this email.",
|
|
});
|
|
} catch (error) {
|
|
console.error("Platform user invitation error:", error);
|
|
return NextResponse.json(
|
|
{ error: "Internal server error" },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|
|
|
|
// GET /api/platform/companies/[id]/users - Get company users
|
|
export async function GET(
|
|
_request: NextRequest,
|
|
{ params }: { params: Promise<{ id: string }> }
|
|
) {
|
|
try {
|
|
const { user } = await getAuthenticatedPlatformUser();
|
|
|
|
if (!user) {
|
|
return NextResponse.json(
|
|
{ error: "Platform access required" },
|
|
{ status: 401 }
|
|
);
|
|
}
|
|
|
|
const { id: companyId } = await params;
|
|
|
|
const users = await prisma.user.findMany({
|
|
where: { companyId },
|
|
select: {
|
|
id: true,
|
|
name: true,
|
|
email: true,
|
|
role: true,
|
|
createdAt: true,
|
|
invitedBy: true,
|
|
invitedAt: true,
|
|
},
|
|
orderBy: { createdAt: "desc" },
|
|
});
|
|
|
|
return NextResponse.json({ users });
|
|
} catch (error) {
|
|
console.error("Platform users list error:", error);
|
|
return NextResponse.json(
|
|
{ error: "Internal server error" },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|