@goscribe/server 1.3.3 → 1.5.0

package/src/routers/members.ts

@@ -1,807 +1,85 @@
 import { z } from 'zod';
-import { TRPCError } from '@trpc/server';
 import { router, publicProcedure, authedProcedure } from '../trpc.js';
-import { logger } from '../lib/logger.js';
-import { sendInvitationEmail } from '../lib/email.js';
-import PusherService from '../lib/pusher.js';
-import {
-  notifyInviteAccepted,
-  notifyInviteRecipient,
-  notifyWorkspaceMembershipRemoved,
-  notifyWorkspaceRoleChanged,
-} from '../lib/notification-service.js';
+import { MemberService } from '../services/members/member.service.js';
+import { InvitationService } from '../services/members/invitation.service.js';
 
-/**
- * Members router for workspace member management
- * 
- * Features:
- * - Get workspace members
- * - Invite new members via email
- * - Accept invitations via UUID
- * - Change member roles
- * - Remove members
- * - Get current user's role
- */
 export const members = router({
-  /**
-   * Get all members of a workspace
-   */
   getMembers: authedProcedure
-    .input(z.object({
-      workspaceId: z.string(),
-    }))
-    .query(async ({ ctx, input }) => {
-      // Check if user has access to this workspace
-      const workspace = await ctx.db.workspace.findFirst({
-        where: {
-          id: input.workspaceId,
-          OR: [
-            { ownerId: ctx.session.user.id },
-            { members: { some: { userId: ctx.session.user.id } } }
-          ]
-        },
-        include: {
-          owner: {
-            select: {
-              id: true,
-              name: true,
-              email: true,
-              profilePicture: {
-                select: {
-                  id: true,
-                  name: true,
-                  url: true,
-                }
-              }
-            }
-          },
-          members: {
-            include: {
-              user: {
-                select: {
-                  id: true,
-                  name: true,
-                  email: true,
-                  profilePicture: {
-                    select: {
-                      id: true,
-                      name: true,
-                      url: true,
-                    }
-                  }
-                }
-              }
-            }
-          }
-        }
-      });
+    .input(z.object({ workspaceId: z.string() }))
+    .query(({ ctx, input }) =>
+      new MemberService(ctx.db).getMembers(ctx.session.user.id, input.workspaceId),
+    ),
 
-      if (!workspace) {
-        throw new TRPCError({
-          code: 'NOT_FOUND',
-          message: 'Workspace not found or access denied'
-        });
-      }
-
-      const workspaceMembers = [
-        {
-          id: workspace.owner.id,
-          name: workspace.owner.name || 'Unknown',
-          email: workspace.owner.email || '',
-          role: 'owner' as const,
-          joinedAt: workspace.createdAt,
-        },
-        ...workspace.members.map(membership => ({
-          id: membership.user.id,
-          name: membership.user.name || 'Unknown',
-          email: membership.user.email || '',
-          role: membership.role as 'admin' | 'member',
-          joinedAt: membership.joinedAt,
-        }))
-      ];
-
-      logger.info(`👥 Fetched ${workspaceMembers.length} members for workspace ${input.workspaceId}`, 'WORKSPACE', {
-        memberEmails: workspaceMembers.map(m => m.email)
-      });
-
-      return workspaceMembers;
-    }),
-
-  /**
-   * Get current user's role in a workspace
-   */
   getCurrentUserRole: authedProcedure
-    .input(z.object({
-      workspaceId: z.string(),
-    }))
-    .query(async ({ ctx, input }) => {
-      const workspace = await ctx.db.workspace.findFirst({
-        where: { id: input.workspaceId },
-        select: {
-          ownerId: true,
-          members: {
-            where: { userId: ctx.session.user.id },
-            select: { role: true }
-          }
-        }
-      });
-
-      if (!workspace) {
-        throw new TRPCError({
-          code: 'NOT_FOUND',
-          message: 'Workspace not found'
-        });
-      }
-
-      if (workspace.ownerId === ctx.session.user.id) {
-        return 'owner';
-      }
-
-      if (workspace.members.length > 0) {
-        return workspace.members[0].role as 'admin' | 'member';
-      }
-
-      throw new TRPCError({
-        code: 'FORBIDDEN',
-        message: 'Access denied to this workspace'
-      });
-    }),
+    .input(z.object({ workspaceId: z.string() }))
+    .query(({ ctx, input }) =>
+      new MemberService(ctx.db).getCurrentUserRole(ctx.session.user.id, input.workspaceId),
+    ),
 
-  /**
-   * Invite a new member to the workspace
-   */
   inviteMember: authedProcedure
-    .input(z.object({
-      workspaceId: z.string(),
-      email: z.string().email(),
-      role: z.enum(['admin', 'member']).default('member'),
-    }))
-    .mutation(async ({ ctx, input }) => {
-      // Check if user is owner or admin of the workspace
-      const workspace = await ctx.db.workspace.findFirst({
-        where: {
-          id: input.workspaceId,
-          ownerId: ctx.session.user.id // Only owners can invite for now
-        }
-      });
-
-      if (!workspace) {
-        throw new TRPCError({
-          code: 'NOT_FOUND',
-          message: 'Workspace not found or insufficient permissions'
-        });
-      }
-
-      // Check if user is already a member
-      const existingMember = await ctx.db.user.findFirst({
-        where: {
-          email: input.email,
-          OR: [
-            { id: workspace.ownerId },
-            { workspaceMemberships: { some: { workspaceId: input.workspaceId } } }
-          ]
-        }
-      });
-
-      if (existingMember) {
-        throw new TRPCError({
-          code: 'BAD_REQUEST',
-          message: 'User is already a member of this workspace'
-        });
-      }
-
-      // Check if there's already a pending invitation
-      const existingInvitation = await ctx.db.workspaceInvitation.findFirst({
-        where: {
-          workspaceId: input.workspaceId,
-          email: input.email,
-          acceptedAt: null,
-          expiresAt: { gt: new Date() }
-        }
-      });
-
-      if (existingInvitation) {
-        throw new TRPCError({
-          code: 'BAD_REQUEST',
-          message: 'Invitation already sent to this email'
-        });
-      }
-
-      // Create invitation
-      const invitation = await ctx.db.workspaceInvitation.create({
-        data: {
-          workspaceId: input.workspaceId,
-          email: input.email,
-          role: input.role,
-          invitedById: ctx.session.user.id,
-        },
-        include: {
-          workspace: {
-            select: {
-              title: true,
-              owner: {
-                select: {
-                  name: true,
-                  email: true,
-                }
-              }
-            }
-          }
-        }
-      });
-
-      const invitedExistingUser = await ctx.db.user.findUnique({
-        where: { email: input.email },
-        select: { id: true, name: true },
-      });
-
-      if (invitedExistingUser) {
-        await notifyInviteRecipient(ctx.db, {
-          invitedUserId: invitedExistingUser.id,
-          inviterUserId: ctx.session.user.id,
-          workspaceId: input.workspaceId,
-          workspaceTitle: invitation.workspace.title,
-          invitationId: invitation.id,
-          invitationToken: invitation.token,
-          inviterName: invitation.workspace.owner.name || invitation.workspace.owner.email,
-        });
-      }
+    .input(
+      z.object({
+        workspaceId: z.string(),
+        email: z.string().email(),
+        role: z.enum(['admin', 'member']).default('member'),
+      }),
+    )
+    .mutation(({ ctx, input }) =>
+      new InvitationService(ctx.db).inviteMember(ctx.session.user.id, input),
+    ),
 
-      logger.info(`🎫 Invitation created for ${input.email} to workspace ${input.workspaceId} with role ${input.role}`, 'WORKSPACE', {
-        invitationId: invitation.id,
-        workspaceId: input.workspaceId,
-        email: input.email,
-        role: input.role,
-        invitedBy: ctx.session.user.id
-      });
-
-      // Send email notification
-      await sendInvitationEmail({
-        email: invitation.email,
-        token: invitation.token,
-        role: invitation.role,
-        workspaceTitle: invitation.workspace.title,
-        invitedByName: invitation.workspace.owner.name || invitation.workspace.owner.email || 'Someone',
-      });
-
-      return {
-        invitationId: invitation.id,
-        token: invitation.token,
-        email: invitation.email,
-        role: invitation.role,
-        expiresAt: invitation.expiresAt,
-        workspaceTitle: invitation.workspace.title,
-        invitedByName: invitation.workspace.owner.name || invitation.workspace.owner.email,
-      };
-    }),
   getInvitations: authedProcedure
-    .input(z.object({
-      workspaceId: z.string(),
-    }))
-    .query(async ({ ctx, input }) => {
-      const invitations = await ctx.db.workspaceInvitation.findMany({
-        where: { workspaceId: input.workspaceId },
-      });
-      return invitations;
-    }),
-  /**
-   * Accept an invitation (public endpoint)
-   */
-  acceptInvite: publicProcedure
-    .input(z.object({
-      token: z.string(),
-    }))
-    .mutation(async ({ ctx, input }) => {
-      // Find the invitation
-      const invitation = await ctx.db.workspaceInvitation.findFirst({
-        where: {
-          token: input.token,
-          acceptedAt: null,
-          expiresAt: { gt: new Date() }
-        },
-        include: {
-          workspace: {
-            select: {
-              id: true,
-              title: true,
-              ownerId: true,
-              owner: {
-                select: {
-                  name: true,
-                  email: true,
-                }
-              }
-            }
-          }
-        }
-      });
-
-      if (!invitation) {
-        throw new TRPCError({
-          code: 'NOT_FOUND',
-          message: 'Invalid or expired invitation'
-        });
-      }
-
-      // Check if user is authenticated
-      if (!ctx.session?.user) {
-        throw new TRPCError({
-          code: 'UNAUTHORIZED',
-          message: 'Please log in to accept this invitation'
-        });
-      }
-
-      const user = await ctx.db.user.findFirst({ where: { id: ctx.session.user.id } });
-      if (!user || !user.email) throw new TRPCError({ code: 'NOT_FOUND' });
-
-      logger.info(`🔍 Verification check for ${user.email} accepting invite for ${invitation.email}`, 'WORKSPACE');
-
-      // Check if the email matches the user's email (case-insensitive)
-      if (user.email.toLowerCase() !== invitation.email.toLowerCase()) {
-        logger.warn(`❌ Invitation email mismatch: user ${user.email} vs invite ${invitation.email}`, 'WORKSPACE');
-        throw new TRPCError({
-          code: 'BAD_REQUEST',
-          message: 'This invitation was sent to a different email address'
-        });
-      }
-
-      // Check if user is already a member
-      const isAlreadyMember = await ctx.db.workspace.findFirst({
-        where: {
-          id: invitation.workspaceId,
-          OR: [
-            { ownerId: ctx.session.user.id },
-            { members: { some: { userId: ctx.session.user.id } } }
-          ]
-        }
-      });
-
-      if (isAlreadyMember) {
-        logger.info(`ℹ️ User ${ctx.session.user.id} is already a member of workspace ${invitation.workspaceId}. Marking invite as accepted.`, 'WORKSPACE');
-        // Mark invitation as accepted even if already a member
-        await ctx.db.workspaceInvitation.update({
-          where: { id: invitation.id },
-          data: { acceptedAt: new Date() }
-        });
-
-        return {
-          workspaceId: invitation.workspaceId,
-          workspaceTitle: invitation.workspace.title,
-          role: invitation.role,
-          ownerName: invitation.workspace.owner.name || invitation.workspace.owner.email,
-          message: 'You are already a member of this workspace'
-        };
-      }
-
-      // Add user to workspace with proper role.
-      // This can race if accept is triggered twice (e.g. redirects/retries),
-      // so treat duplicate membership as a successful, idempotent accept.
-      let memberAdded = false;
-      try {
-        await ctx.db.workspaceMember.create({
-          data: {
-            workspaceId: invitation.workspaceId,
-            userId: ctx.session.user.id,
-            role: invitation.role,
-          }
-        });
-        memberAdded = true;
-      } catch (error: any) {
-        if (error?.code !== 'P2002') {
-          throw error;
-        }
-        logger.info(`ℹ️ Duplicate invite accept handled for user ${ctx.session.user.id} in workspace ${invitation.workspaceId}`, 'WORKSPACE');
-      }
-
-      // Mark invitation as accepted
-      await ctx.db.workspaceInvitation.update({
-        where: { id: invitation.id },
-        data: { acceptedAt: new Date() }
-      });
-
-      if (memberAdded) {
-        await notifyInviteAccepted(ctx.db, {
-          recipientUserIds: [invitation.invitedById, invitation.workspace.ownerId],
-          actorUserId: ctx.session.user.id,
-          workspaceId: invitation.workspaceId,
-          workspaceTitle: invitation.workspace.title,
-          memberName: user.name || user.email,
-          invitationId: invitation.id,
-        });
-      }
-
-      logger.info(`✅ Invitation accepted by ${ctx.session.user.id} (${user.email}) for workspace ${invitation.workspaceId}`, 'WORKSPACE', {
-        invitationId: invitation.id,
-        workspaceId: invitation.workspaceId,
-        userId: ctx.session.user.id,
-        email: invitation.email
-      });
+    .input(z.object({ workspaceId: z.string() }))
+    .query(({ ctx, input }) => new InvitationService(ctx.db).getInvitations(input.workspaceId)),
 
-      // Try to emit a Pusher event if possible
-      try {
-        if (memberAdded) {
-          await PusherService.emitMemberJoined(invitation.workspaceId, {
-            id: ctx.session.user.id,
-            name: user.name || 'Member',
-            email: user.email,
-            role: invitation.role,
-          });
-        }
-      } catch (e) {
-        logger.error('Failed to emit member joined event', e);
-      }
-
-      return {
-        workspaceId: invitation.workspaceId,
-        workspaceTitle: invitation.workspace.title,
-        role: invitation.role,
-        ownerName: invitation.workspace.owner.name || invitation.workspace.owner.email,
-        ...(memberAdded ? {} : { message: 'You are already a member of this workspace' }),
-      };
-    }),
+  acceptInvite: publicProcedure
+    .input(z.object({ token: z.string() }))
+    .mutation(({ ctx, input }) =>
+      new InvitationService(ctx.db).acceptInvite(ctx.session?.user?.id, input.token),
+    ),
 
-  /**
-   * Change a member's role (owner only)
-   */
   changeMemberRole: authedProcedure
-    .input(z.object({
-      workspaceId: z.string(),
-      memberId: z.string(),
-      role: z.enum(['admin', 'member']),
-    }))
-    .mutation(async ({ ctx, input }) => {
-      // Check if user is owner of the workspace
-      const workspace = await ctx.db.workspace.findFirst({
-        where: {
-          id: input.workspaceId,
-          ownerId: ctx.session.user.id
-        },
-        select: { id: true, title: true, ownerId: true },
-      });
-
-      if (!workspace) {
-        throw new TRPCError({
-          code: 'NOT_FOUND',
-          message: 'Workspace not found or insufficient permissions'
-        });
-      }
-
-      // Check if member exists and is not the owner
-      if (input.memberId === workspace.ownerId) {
-        throw new TRPCError({
-          code: 'BAD_REQUEST',
-          message: 'Cannot change owner role'
-        });
-      }
-
-      const member = await ctx.db.workspaceMember.findFirst({
-        where: {
-          workspaceId: input.workspaceId,
-          userId: input.memberId
-        }
-      });
-
-      if (!member) {
-        throw new TRPCError({
-          code: 'NOT_FOUND',
-          message: 'Member not found in this workspace'
-        });
-      }
-
-      // Update the member's role
-      const updatedMember = await ctx.db.workspaceMember.update({
-        where: { id: member.id },
-        data: { role: input.role },
-        include: {
-          user: {
-            select: {
-              id: true,
-              name: true,
-              email: true,
-            }
-          }
-        }
-      });
-
-      logger.info(`🔄 Member role changed for ${input.memberId} from ${member.role} to ${input.role} in workspace ${input.workspaceId}`, 'WORKSPACE', {
-        workspaceId: input.workspaceId,
-        memberId: input.memberId,
-        oldRole: member.role,
-        newRole: input.role,
-        changedBy: ctx.session.user.id
-      });
+    .input(
+      z.object({
+        workspaceId: z.string(),
+        memberId: z.string(),
+        role: z.enum(['admin', 'member']),
+      }),
+    )
+    .mutation(({ ctx, input }) =>
+      new MemberService(ctx.db).changeMemberRole(ctx.session.user.id, input),
+    ),
 
-      const actor = await ctx.db.user.findUnique({
-        where: { id: ctx.session.user.id },
-        select: { name: true, email: true },
-      });
-      await notifyWorkspaceRoleChanged(ctx.db, {
-        memberUserId: input.memberId,
-        workspaceId: input.workspaceId,
-        workspaceTitle: workspace.title,
-        newRole: input.role,
-        oldRole: member.role,
-        actorUserId: ctx.session.user.id,
-        actorName: actor?.name || actor?.email || 'A workspace admin',
-      }).catch(() => {});
-
-      return {
-        memberId: input.memberId,
-        role: input.role,
-        memberName: updatedMember.user.name || updatedMember.user.email,
-        message: 'Role changed successfully'
-      };
-    }),
-
-  /**
-   * Remove a member from the workspace (owner only)
-   */
   removeMember: authedProcedure
-    .input(z.object({
-      workspaceId: z.string(),
-      memberId: z.string(),
-    }))
-    .mutation(async ({ ctx, input }) => {
-      // Check if user is owner of the workspace
-      const workspace = await ctx.db.workspace.findFirst({
-        where: {
-          id: input.workspaceId,
-          ownerId: ctx.session.user.id
-        },
-        select: { id: true, title: true, ownerId: true },
-      });
-
-      if (!workspace) {
-        throw new TRPCError({
-          code: 'NOT_FOUND',
-          message: 'Workspace not found or insufficient permissions'
-        });
-      }
-
-      // Check if trying to remove the owner
-      if (input.memberId === workspace.ownerId) {
-        throw new TRPCError({
-          code: 'BAD_REQUEST',
-          message: 'Cannot remove workspace owner'
-        });
-      }
-
-      // Check if member exists
-      const member = await ctx.db.workspaceMember.findFirst({
-        where: {
-          workspaceId: input.workspaceId,
-          userId: input.memberId
-        },
-        include: {
-          user: {
-            select: {
-              name: true,
-              email: true,
-            }
-          }
-        }
-      });
-
-      if (!member) {
-        throw new TRPCError({
-          code: 'NOT_FOUND',
-          message: 'Member not found in this workspace'
-        });
-      }
-
-      const actor = await ctx.db.user.findUnique({
-        where: { id: ctx.session.user.id },
-        select: { name: true, email: true },
-      });
-      await notifyWorkspaceMembershipRemoved(ctx.db, {
-        memberUserId: input.memberId,
-        workspaceId: input.workspaceId,
-        workspaceTitle: workspace.title,
-        actorUserId: ctx.session.user.id,
-        actorName: actor?.name || actor?.email || 'A workspace admin',
-      }).catch(() => {});
-
-      // Remove member from workspace
-      await ctx.db.workspaceMember.delete({
-        where: { id: member.id }
-      });
+    .input(z.object({ workspaceId: z.string(), memberId: z.string() }))
+    .mutation(({ ctx, input }) =>
+      new MemberService(ctx.db).removeMember(ctx.session.user.id, input),
+    ),
 
-      logger.info(`🗑️ Member ${input.memberId} removed from workspace ${input.workspaceId}`, 'WORKSPACE', {
-        workspaceId: input.workspaceId,
-        memberId: input.memberId,
-        removedBy: ctx.session.user.id
-      });
-
-      return {
-        memberId: input.memberId,
-        message: 'Member removed successfully'
-      };
-    }),
-
-  /**
-   * Get pending invitations for a workspace (owner only)
-   */
   getPendingInvitations: authedProcedure
-    .input(z.object({
-      workspaceId: z.string(),
-    }))
-    .query(async ({ ctx, input }) => {
-      // Check if user is owner of the workspace
-      const workspace = await ctx.db.workspace.findFirst({
-        where: {
-          id: input.workspaceId,
-          ownerId: ctx.session.user.id
-        }
-      });
-
-      if (!workspace) {
-        throw new TRPCError({
-          code: 'NOT_FOUND',
-          message: 'Workspace not found or insufficient permissions'
-        });
-      }
-
-      const invitations = await ctx.db.workspaceInvitation.findMany({
-        where: {
-          workspaceId: input.workspaceId,
-          acceptedAt: null,
-          expiresAt: { gt: new Date() }
-        },
-        include: {
-          invitedBy: {
-            select: {
-              name: true,
-              email: true,
-            }
-          }
-        },
-        orderBy: { createdAt: 'desc' }
-      });
+    .input(z.object({ workspaceId: z.string() }))
+    .query(({ ctx, input }) =>
+      new InvitationService(ctx.db).getPendingInvitations(ctx.session.user.id, input.workspaceId),
+    ),
 
-      return invitations.map(invitation => ({
-        id: invitation.id,
-        email: invitation.email,
-        role: invitation.role,
-        token: invitation.token,
-        expiresAt: invitation.expiresAt,
-        createdAt: invitation.createdAt,
-        invitedByName: invitation.invitedBy.name || invitation.invitedBy.email,
-      }));
-    }),
-
-  /**
-   * Cancel a pending invitation (owner only)
-   */
   cancelInvitation: authedProcedure
-    .input(z.object({
-      invitationId: z.string(),
-    }))
-    .mutation(async ({ ctx, input }) => {
-      // Check if user is owner of the workspace
-      const invitation = await ctx.db.workspaceInvitation.findFirst({
-        where: {
-          id: input.invitationId,
-          acceptedAt: null,
-          workspace: {
-            ownerId: ctx.session.user.id
-          }
-        }
-      });
-
-      if (!invitation) {
-        throw new TRPCError({
-          code: 'NOT_FOUND',
-          message: 'Invitation not found or insufficient permissions'
-        });
-      }
-
-      // Delete the invitation
-      await ctx.db.workspaceInvitation.delete({
-        where: { id: input.invitationId }
-      });
-
-      logger.info(`❌ Invitation cancelled for ${invitation.email} to workspace ${invitation.workspaceId}`, 'WORKSPACE', {
-        invitationId: input.invitationId,
-        workspaceId: invitation.workspaceId,
-        email: invitation.email,
-        cancelledBy: ctx.session.user.id
-      });
+    .input(z.object({ invitationId: z.string() }))
+    .mutation(({ ctx, input }) =>
+      new InvitationService(ctx.db).cancelInvitation(ctx.session.user.id, input.invitationId),
+    ),
 
-      return {
-        invitationId: input.invitationId,
-        message: 'Invitation cancelled successfully'
-      };
-    }),
-
-  /**
-   * Resend a pending invitation (owner only)
-   */
   resendInvitation: authedProcedure
-    .input(z.object({
-      invitationId: z.string(),
-    }))
-    .mutation(async ({ ctx, input }) => {
-      // Check if user is owner of the workspace and invitation is pending
-      const invitation = await ctx.db.workspaceInvitation.findFirst({
-        where: {
-          id: input.invitationId,
-          acceptedAt: null,
-          workspace: {
-            ownerId: ctx.session.user.id
-          }
-        },
-        include: {
-          workspace: {
-            select: {
-              title: true,
-              owner: {
-                select: {
-                  name: true,
-                  email: true,
-                }
-              }
-            }
-          }
-        }
-      });
-
-      if (!invitation) {
-        throw new TRPCError({
-          code: 'NOT_FOUND',
-          message: 'Invitation not found or insufficient permissions'
-        });
-      }
-
-      // Check if expired and update expiry if needed
-      if (invitation.expiresAt < new Date()) {
-        const newExpiry = new Date();
-        newExpiry.setDate(newExpiry.getDate() + 7);
-        await ctx.db.workspaceInvitation.update({
-          where: { id: invitation.id },
-          data: { expiresAt: newExpiry }
-        });
-        invitation.expiresAt = newExpiry;
-      }
-
-      // Send email notification
-      await sendInvitationEmail({
-        email: invitation.email,
-        token: invitation.token,
-        role: invitation.role,
-        workspaceTitle: invitation.workspace.title,
-        invitedByName: invitation.workspace.owner.name || invitation.workspace.owner.email || 'Someone',
-      });
+    .input(z.object({ invitationId: z.string() }))
+    .mutation(({ ctx, input }) =>
+      new InvitationService(ctx.db).resendInvitation(ctx.session.user.id, input.invitationId),
+    ),
 
-      logger.info(`📧 Invitation resent to ${invitation.email} for workspace ${invitation.workspaceId}`, 'WORKSPACE', {
-        invitationId: invitation.id,
-        workspaceId: invitation.workspaceId,
-        email: invitation.email,
-        resentBy: ctx.session.user.id
-      });
-
-      return {
-        invitationId: invitation.id,
-        message: 'Invitation email resent successfully'
-      };
-    }),
-
-  /**
-   * DEBUG ONLY: Get all invitations for a workspace
-   */
   getAllInvitationsDebug: authedProcedure
-    .input(z.object({
-      workspaceId: z.string(),
-    }))
-    .query(async ({ ctx, input }) => {
-      // Check if user is owner
-      const workspace = await ctx.db.workspace.findFirst({
-        where: { id: input.workspaceId, ownerId: ctx.session.user.id }
-      });
-      if (!workspace) throw new TRPCError({ code: 'UNAUTHORIZED' });
-
-      return ctx.db.workspaceInvitation.findMany({
-        where: { workspaceId: input.workspaceId },
-        orderBy: { createdAt: 'desc' }
-      });
-    }),
+    .input(z.object({ workspaceId: z.string() }))
+    .query(({ ctx, input }) =>
+      new InvitationService(ctx.db).getAllInvitationsDebug(
+        ctx.session.user.id,
+        input.workspaceId,
+      ),
+    ),
 });