@hammadj/better-auth 1.5.0-beta.9

package/dist/plugins/organization/routes/crud-invites.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"crud-invites.mjs","names":[],"sources":["../../../../src/plugins/organization/routes/crud-invites.ts"],"sourcesContent":["import { createAuthEndpoint } from \"@better-auth/core/api\";\nimport { APIError, BASE_ERROR_CODES } from \"@better-auth/core/error\";\nimport * as z from \"zod\";\nimport { getSessionFromCtx } from \"../../../api/routes\";\nimport { setSessionCookie } from \"../../../cookies\";\nimport type { InferAdditionalFieldsFromPluginOptions } from \"../../../db\";\nimport { toZodSchema } from \"../../../db\";\nimport { getDate } from \"../../../utils/date\";\nimport { defaultRoles } from \"../access/statement\";\nimport { getOrgAdapter } from \"../adapter\";\nimport { orgMiddleware, orgSessionMiddleware } from \"../call\";\nimport { ORGANIZATION_ERROR_CODES } from \"../error-codes\";\nimport { hasPermission } from \"../has-permission\";\nimport { parseRoles } from \"../organization\";\nimport type {\n\tInferInvitation,\n\tInferOrganizationRolesFromOption,\n\tInvitation,\n\tMember,\n} from \"../schema\";\nimport type { OrganizationOptions } from \"../types\";\n\nconst baseInvitationSchema = z.object({\n\temail: z.string().meta({\n\t\tdescription: \"The email address of the user to invite\",\n\t}),\n\trole: z\n\t\t.union([\n\t\t\tz.string().meta({\n\t\t\t\tdescription: \"The role to assign to the user\",\n\t\t\t}),\n\t\t\tz.array(\n\t\t\t\tz.string().meta({\n\t\t\t\t\tdescription: \"The roles to assign to the user\",\n\t\t\t\t}),\n\t\t\t),\n\t\t])\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t'The role(s) to assign to the user. It can be `admin`, `member`, owner. Eg: \"member\"',\n\t\t}),\n\torganizationId: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription: \"The organization ID to invite the user to\",\n\t\t})\n\t\t.optional(),\n\tresend: z\n\t\t.boolean()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t\"Resend the invitation email, if the user is already invited. Eg: true\",\n\t\t})\n\t\t.optional(),\n\tteamId: z.union([\n\t\tz\n\t\t\t.string()\n\t\t\t.meta({\n\t\t\t\tdescription: \"The team ID to invite the user to\",\n\t\t\t})\n\t\t\t.optional(),\n\t\tz\n\t\t\t.array(z.string())\n\t\t\t.meta({\n\t\t\t\tdescription: \"The team IDs to invite the user to\",\n\t\t\t})\n\t\t\t.optional(),\n\t]),\n});\n\nexport const createInvitation = <O extends OrganizationOptions>(option: O) => {\n\tconst additionalFieldsSchema = toZodSchema({\n\t\tfields: option?.schema?.invitation?.additionalFields || {},\n\t\tisClientSide: true,\n\t});\n\n\treturn createAuthEndpoint(\n\t\t\"/organization/invite-member\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\tbody: z.object({\n\t\t\t\t...baseInvitationSchema.shape,\n\t\t\t\t...additionalFieldsSchema.shape,\n\t\t\t}),\n\t\t\tmetadata: {\n\t\t\t\t$Infer: {\n\t\t\t\t\tbody: {} as {\n\t\t\t\t\t\t/**\n\t\t\t\t\t\t * The email address of the user\n\t\t\t\t\t\t * to invite\n\t\t\t\t\t\t */\n\t\t\t\t\t\temail: string;\n\t\t\t\t\t\t/**\n\t\t\t\t\t\t * The role to assign to the user\n\t\t\t\t\t\t */\n\t\t\t\t\t\trole:\n\t\t\t\t\t\t\t| InferOrganizationRolesFromOption<O>\n\t\t\t\t\t\t\t| InferOrganizationRolesFromOption<O>[];\n\t\t\t\t\t\t/**\n\t\t\t\t\t\t * The organization ID to invite\n\t\t\t\t\t\t * the user to\n\t\t\t\t\t\t */\n\t\t\t\t\t\torganizationId?: string | undefined;\n\t\t\t\t\t\t/**\n\t\t\t\t\t\t * Resend the invitation email, if\n\t\t\t\t\t\t * the user is already invited\n\t\t\t\t\t\t */\n\t\t\t\t\t\tresend?: boolean | undefined;\n\t\t\t\t\t} & (O extends { teams: { enabled: true } }\n\t\t\t\t\t\t? {\n\t\t\t\t\t\t\t\t/**\n\t\t\t\t\t\t\t\t * The team the user is\n\t\t\t\t\t\t\t\t * being invited to.\n\t\t\t\t\t\t\t\t */\n\t\t\t\t\t\t\t\tteamId?: (string | string[]) | undefined;\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t: {}) &\n\t\t\t\t\t\tInferAdditionalFieldsFromPluginOptions<\"invitation\", O, false>,\n\t\t\t\t},\n\t\t\t\topenapi: {\n\t\t\t\t\toperationId: \"createOrganizationInvitation\",\n\t\t\t\t\tdescription: \"Create an invitation to an organization\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tid: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\temail: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trole: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\torganizationId: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tinviterId: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tstatus: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\texpiresAt: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tcreatedAt: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trequired: [\n\t\t\t\t\t\t\t\t\t\t\t\"id\",\n\t\t\t\t\t\t\t\t\t\t\t\"email\",\n\t\t\t\t\t\t\t\t\t\t\t\"role\",\n\t\t\t\t\t\t\t\t\t\t\t\"organizationId\",\n\t\t\t\t\t\t\t\t\t\t\t\"inviterId\",\n\t\t\t\t\t\t\t\t\t\t\t\"status\",\n\t\t\t\t\t\t\t\t\t\t\t\"expiresAt\",\n\t\t\t\t\t\t\t\t\t\t\t\"createdAt\",\n\t\t\t\t\t\t\t\t\t\t],\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tconst organizationId =\n\t\t\t\tctx.body.organizationId || session.session.activeOrganizationId;\n\t\t\tif (!organizationId) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst email = ctx.body.email.toLowerCase();\n\t\t\tconst isValidEmail = z.email().safeParse(email);\n\t\t\tif (!isValidEmail.success) {\n\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", BASE_ERROR_CODES.INVALID_EMAIL);\n\t\t\t}\n\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, option as O);\n\t\t\tconst member = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: session.user.id,\n\t\t\t\torganizationId: organizationId,\n\t\t\t});\n\t\t\tif (!member) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst canInvite = await hasPermission(\n\t\t\t\t{\n\t\t\t\t\trole: member.role,\n\t\t\t\t\toptions: ctx.context.orgOptions,\n\t\t\t\t\tpermissions: {\n\t\t\t\t\t\tinvitation: [\"create\"],\n\t\t\t\t\t},\n\t\t\t\t\torganizationId,\n\t\t\t\t},\n\t\t\t\tctx,\n\t\t\t);\n\n\t\t\tif (!canInvite) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_INVITE_USERS_TO_THIS_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst creatorRole = ctx.context.orgOptions.creatorRole || \"owner\";\n\n\t\t\tconst roles = parseRoles(ctx.body.role);\n\n\t\t\tconst rolesArray = roles\n\t\t\t\t.split(\",\")\n\t\t\t\t.map((r) => r.trim())\n\t\t\t\t.filter(Boolean);\n\t\t\tconst defaults = Object.keys(defaultRoles);\n\t\t\tconst customRoles = Object.keys(ctx.context.orgOptions.roles || {});\n\t\t\tconst validStaticRoles = new Set([...defaults, ...customRoles]);\n\n\t\t\tconst unknownRoles = rolesArray.filter(\n\t\t\t\t(role) => !validStaticRoles.has(role),\n\t\t\t);\n\n\t\t\tif (unknownRoles.length > 0) {\n\t\t\t\tif (ctx.context.orgOptions.dynamicAccessControl?.enabled) {\n\t\t\t\t\tconst foundRoles = await ctx.context.adapter.findMany({\n\t\t\t\t\t\tmodel: \"organizationRole\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"organizationId\", value: organizationId },\n\t\t\t\t\t\t\t{ field: \"role\", value: unknownRoles, operator: \"in\" },\n\t\t\t\t\t\t],\n\t\t\t\t\t});\n\t\t\t\t\tconst foundRoleNames = foundRoles.map((r: any) => r.role);\n\t\t\t\t\tconst stillInvalid = unknownRoles.filter(\n\t\t\t\t\t\t(r) => !foundRoleNames.includes(r),\n\t\t\t\t\t);\n\n\t\t\t\t\tif (stillInvalid.length > 0) {\n\t\t\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\t\t\tmessage: `${ORGANIZATION_ERROR_CODES.ROLE_NOT_FOUND}: ${stillInvalid.join(\", \")}`,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\t\tmessage: `${ORGANIZATION_ERROR_CODES.ROLE_NOT_FOUND}: ${unknownRoles.join(\", \")}`,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (\n\t\t\t\tmember.role !== creatorRole &&\n\t\t\t\troles.split(\",\").includes(creatorRole)\n\t\t\t) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_INVITE_USER_WITH_THIS_ROLE,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst alreadyMember = await adapter.findMemberByEmail({\n\t\t\t\temail: email,\n\t\t\t\torganizationId: organizationId,\n\t\t\t});\n\t\t\tif (alreadyMember) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.USER_IS_ALREADY_A_MEMBER_OF_THIS_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst alreadyInvited = await adapter.findPendingInvitation({\n\t\t\t\temail: email,\n\t\t\t\torganizationId: organizationId,\n\t\t\t});\n\t\t\tif (alreadyInvited.length && !ctx.body.resend) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.USER_IS_ALREADY_INVITED_TO_THIS_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst organization = await adapter.findOrganizationById(organizationId);\n\t\t\tif (!organization) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\t// If resend is true and there's an existing invitation, reuse it\n\t\t\tif (alreadyInvited.length && ctx.body.resend) {\n\t\t\t\tconst existingInvitation = alreadyInvited[0];\n\n\t\t\t\t// Update the invitation's expiration date using the same logic as createInvitation\n\t\t\t\tconst defaultExpiration = 60 * 60 * 48; // 48 hours in seconds\n\t\t\t\tconst newExpiresAt = getDate(\n\t\t\t\t\tctx.context.orgOptions.invitationExpiresIn || defaultExpiration,\n\t\t\t\t\t\"sec\",\n\t\t\t\t);\n\n\t\t\t\tawait ctx.context.adapter.update({\n\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\twhere: [\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t\t\tvalue: existingInvitation!.id,\n\t\t\t\t\t\t},\n\t\t\t\t\t],\n\t\t\t\t\tupdate: {\n\t\t\t\t\t\texpiresAt: newExpiresAt,\n\t\t\t\t\t},\n\t\t\t\t});\n\n\t\t\t\tconst updatedInvitation = {\n\t\t\t\t\t...existingInvitation,\n\t\t\t\t\texpiresAt: newExpiresAt,\n\t\t\t\t};\n\n\t\t\t\tif (ctx.context.orgOptions.sendInvitationEmail) {\n\t\t\t\t\tawait ctx.context.runInBackgroundOrAwait(\n\t\t\t\t\t\tctx.context.orgOptions.sendInvitationEmail(\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\tid: updatedInvitation.id!,\n\t\t\t\t\t\t\t\trole: updatedInvitation.role! as string,\n\t\t\t\t\t\t\t\temail: updatedInvitation.email!.toLowerCase(),\n\t\t\t\t\t\t\t\torganization: organization,\n\t\t\t\t\t\t\t\tinviter: {\n\t\t\t\t\t\t\t\t\t...member,\n\t\t\t\t\t\t\t\t\tuser: session.user,\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tinvitation: updatedInvitation as unknown as Invitation,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tctx.request,\n\t\t\t\t\t\t),\n\t\t\t\t\t);\n\t\t\t\t}\n\n\t\t\t\treturn ctx.json(updatedInvitation as unknown as InferInvitation<O>);\n\t\t\t}\n\n\t\t\tif (\n\t\t\t\talreadyInvited.length &&\n\t\t\t\tctx.context.orgOptions.cancelPendingInvitationsOnReInvite\n\t\t\t) {\n\t\t\t\tawait adapter.updateInvitation({\n\t\t\t\t\tinvitationId: alreadyInvited[0]!.id,\n\t\t\t\t\tstatus: \"canceled\",\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst invitationLimit =\n\t\t\t\ttypeof ctx.context.orgOptions.invitationLimit === \"function\"\n\t\t\t\t\t? await ctx.context.orgOptions.invitationLimit(\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\tuser: session.user,\n\t\t\t\t\t\t\t\torganization,\n\t\t\t\t\t\t\t\tmember: member as Member,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tctx.context,\n\t\t\t\t\t\t)\n\t\t\t\t\t: (ctx.context.orgOptions.invitationLimit ?? 100);\n\n\t\t\tconst pendingInvitations = await adapter.findPendingInvitations({\n\t\t\t\torganizationId: organizationId,\n\t\t\t});\n\n\t\t\tif (pendingInvitations.length >= invitationLimit) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.INVITATION_LIMIT_REACHED,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tif (\n\t\t\t\tctx.context.orgOptions.teams &&\n\t\t\t\tctx.context.orgOptions.teams.enabled &&\n\t\t\t\ttypeof ctx.context.orgOptions.teams.maximumMembersPerTeam !==\n\t\t\t\t\t\"undefined\" &&\n\t\t\t\t\"teamId\" in ctx.body &&\n\t\t\t\tctx.body.teamId\n\t\t\t) {\n\t\t\t\tconst teamIds =\n\t\t\t\t\ttypeof ctx.body.teamId === \"string\"\n\t\t\t\t\t\t? [ctx.body.teamId as string]\n\t\t\t\t\t\t: (ctx.body.teamId as string[]);\n\n\t\t\t\tfor (const teamId of teamIds) {\n\t\t\t\t\tconst team = await adapter.findTeamById({\n\t\t\t\t\t\tteamId,\n\t\t\t\t\t\torganizationId: organizationId,\n\t\t\t\t\t\tincludeTeamMembers: true,\n\t\t\t\t\t});\n\n\t\t\t\t\tif (!team) {\n\t\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\t\tORGANIZATION_ERROR_CODES.TEAM_NOT_FOUND,\n\t\t\t\t\t\t);\n\t\t\t\t\t}\n\n\t\t\t\t\tconst maximumMembersPerTeam =\n\t\t\t\t\t\ttypeof ctx.context.orgOptions.teams.maximumMembersPerTeam ===\n\t\t\t\t\t\t\"function\"\n\t\t\t\t\t\t\t? await ctx.context.orgOptions.teams.maximumMembersPerTeam({\n\t\t\t\t\t\t\t\t\tteamId,\n\t\t\t\t\t\t\t\t\tsession: session,\n\t\t\t\t\t\t\t\t\torganizationId: organizationId,\n\t\t\t\t\t\t\t\t})\n\t\t\t\t\t\t\t: ctx.context.orgOptions.teams.maximumMembersPerTeam;\n\t\t\t\t\tif (team.members.length >= maximumMembersPerTeam) {\n\t\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\t\t\tORGANIZATION_ERROR_CODES.TEAM_MEMBER_LIMIT_REACHED,\n\t\t\t\t\t\t);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst teamIds: string[] =\n\t\t\t\t\"teamId\" in ctx.body\n\t\t\t\t\t? typeof ctx.body.teamId === \"string\"\n\t\t\t\t\t\t? [ctx.body.teamId as string]\n\t\t\t\t\t\t: ((ctx.body.teamId as string[]) ?? [])\n\t\t\t\t\t: [];\n\n\t\t\tconst {\n\t\t\t\temail: _,\n\t\t\t\trole: __,\n\t\t\t\torganizationId: ___,\n\t\t\t\tresend: ____,\n\t\t\t\t...additionalFields\n\t\t\t} = ctx.body;\n\n\t\t\tlet invitationData = {\n\t\t\t\trole: roles,\n\t\t\t\temail: email,\n\t\t\t\torganizationId: organizationId,\n\t\t\t\tteamIds,\n\t\t\t\t...(additionalFields ? additionalFields : {}),\n\t\t\t};\n\n\t\t\t// Run beforeCreateInvitation hook\n\t\t\tif (option?.organizationHooks?.beforeCreateInvitation) {\n\t\t\t\tconst response = await option?.organizationHooks.beforeCreateInvitation(\n\t\t\t\t\t{\n\t\t\t\t\t\tinvitation: {\n\t\t\t\t\t\t\t...invitationData,\n\t\t\t\t\t\t\tinviterId: session.user.id,\n\t\t\t\t\t\t\tteamId: teamIds.length > 0 ? teamIds[0] : undefined,\n\t\t\t\t\t\t},\n\t\t\t\t\t\tinviter: session.user,\n\t\t\t\t\t\torganization,\n\t\t\t\t\t},\n\t\t\t\t);\n\t\t\t\tif (response && typeof response === \"object\" && \"data\" in response) {\n\t\t\t\t\tinvitationData = {\n\t\t\t\t\t\t...invitationData,\n\t\t\t\t\t\t...response.data,\n\t\t\t\t\t};\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst invitation = await adapter.createInvitation({\n\t\t\t\tinvitation: invitationData,\n\t\t\t\tuser: session.user,\n\t\t\t});\n\n\t\t\tif (ctx.context.orgOptions.sendInvitationEmail) {\n\t\t\t\tawait ctx.context.runInBackgroundOrAwait(\n\t\t\t\t\tctx.context.orgOptions.sendInvitationEmail(\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tid: invitation.id,\n\t\t\t\t\t\t\trole: invitation.role,\n\t\t\t\t\t\t\temail: invitation.email.toLowerCase(),\n\t\t\t\t\t\t\torganization: organization,\n\t\t\t\t\t\t\tinviter: {\n\t\t\t\t\t\t\t\t...(member as Member),\n\t\t\t\t\t\t\t\tuser: session.user,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tinvitation,\n\t\t\t\t\t\t},\n\t\t\t\t\t\tctx.request,\n\t\t\t\t\t),\n\t\t\t\t);\n\t\t\t}\n\n\t\t\t// Run afterCreateInvitation hook\n\t\t\tif (option?.organizationHooks?.afterCreateInvitation) {\n\t\t\t\tawait option?.organizationHooks.afterCreateInvitation({\n\t\t\t\t\tinvitation: invitation as unknown as Invitation,\n\t\t\t\t\tinviter: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\treturn ctx.json(invitation);\n\t\t},\n\t);\n};\n\nconst acceptInvitationBodySchema = z.object({\n\tinvitationId: z.string().meta({\n\t\tdescription: \"The ID of the invitation to accept\",\n\t}),\n});\n\nexport const acceptInvitation = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/accept-invitation\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: acceptInvitationBodySchema,\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"Accept an invitation to an organization\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tinvitation: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tmember: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tconst invitation = await adapter.findInvitationById(\n\t\t\t\tctx.body.invitationId,\n\t\t\t);\n\n\t\t\tif (\n\t\t\t\t!invitation ||\n\t\t\t\tinvitation.expiresAt < new Date() ||\n\t\t\t\tinvitation.status !== \"pending\"\n\t\t\t) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.INVITATION_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tif (invitation.email.toLowerCase() !== session.user.email.toLowerCase()) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tif (\n\t\t\t\tctx.context.orgOptions.requireEmailVerificationOnInvitation &&\n\t\t\t\t!session.user.emailVerified\n\t\t\t) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.EMAIL_VERIFICATION_REQUIRED_BEFORE_ACCEPTING_OR_REJECTING_INVITATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst membershipLimit = ctx.context.orgOptions?.membershipLimit || 100;\n\t\t\tconst membersCount = await adapter.countMembers({\n\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t});\n\n\t\t\tconst organization = await adapter.findOrganizationById(\n\t\t\t\tinvitation.organizationId,\n\t\t\t);\n\t\t\tif (!organization) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst limit =\n\t\t\t\ttypeof membershipLimit === \"number\"\n\t\t\t\t\t? membershipLimit\n\t\t\t\t\t: await membershipLimit(session.user, organization);\n\n\t\t\tif (membersCount >= limit) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_MEMBERSHIP_LIMIT_REACHED,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\t// Run beforeAcceptInvitation hook\n\t\t\tif (options?.organizationHooks?.beforeAcceptInvitation) {\n\t\t\t\tawait options?.organizationHooks.beforeAcceptInvitation({\n\t\t\t\t\tinvitation: invitation as unknown as Invitation,\n\t\t\t\t\tuser: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst acceptedI = await adapter.updateInvitation({\n\t\t\t\tinvitationId: ctx.body.invitationId,\n\t\t\t\tstatus: \"accepted\",\n\t\t\t});\n\t\t\tif (!acceptedI) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.FAILED_TO_RETRIEVE_INVITATION,\n\t\t\t\t);\n\t\t\t}\n\t\t\tif (\n\t\t\t\tctx.context.orgOptions.teams &&\n\t\t\t\tctx.context.orgOptions.teams.enabled &&\n\t\t\t\t\"teamId\" in acceptedI &&\n\t\t\t\tacceptedI.teamId\n\t\t\t) {\n\t\t\t\tconst teamIds = (acceptedI.teamId as string).split(\",\");\n\t\t\t\tconst onlyOne = teamIds.length === 1;\n\n\t\t\t\tfor (const teamId of teamIds) {\n\t\t\t\t\tawait adapter.findOrCreateTeamMember({\n\t\t\t\t\t\tteamId: teamId,\n\t\t\t\t\t\tuserId: session.user.id,\n\t\t\t\t\t});\n\n\t\t\t\t\tif (\n\t\t\t\t\t\ttypeof ctx.context.orgOptions.teams.maximumMembersPerTeam !==\n\t\t\t\t\t\t\"undefined\"\n\t\t\t\t\t) {\n\t\t\t\t\t\tconst members = await adapter.countTeamMembers({ teamId });\n\n\t\t\t\t\t\tconst maximumMembersPerTeam =\n\t\t\t\t\t\t\ttypeof ctx.context.orgOptions.teams.maximumMembersPerTeam ===\n\t\t\t\t\t\t\t\"function\"\n\t\t\t\t\t\t\t\t? await ctx.context.orgOptions.teams.maximumMembersPerTeam({\n\t\t\t\t\t\t\t\t\t\tteamId,\n\t\t\t\t\t\t\t\t\t\tsession: session,\n\t\t\t\t\t\t\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t\t\t\t\t\t\t})\n\t\t\t\t\t\t\t\t: ctx.context.orgOptions.teams.maximumMembersPerTeam;\n\n\t\t\t\t\t\tif (members >= maximumMembersPerTeam) {\n\t\t\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\t\t\t\tORGANIZATION_ERROR_CODES.TEAM_MEMBER_LIMIT_REACHED,\n\t\t\t\t\t\t\t);\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tif (onlyOne) {\n\t\t\t\t\tconst teamId = teamIds[0]!;\n\t\t\t\t\tconst updatedSession = await adapter.setActiveTeam(\n\t\t\t\t\t\tsession.session.token,\n\t\t\t\t\t\tteamId,\n\t\t\t\t\t\tctx,\n\t\t\t\t\t);\n\n\t\t\t\t\tawait setSessionCookie(ctx, {\n\t\t\t\t\t\tsession: updatedSession,\n\t\t\t\t\t\tuser: session.user,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst member = await adapter.createMember({\n\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t\tuserId: session.user.id,\n\t\t\t\trole: invitation.role,\n\t\t\t\tcreatedAt: new Date(),\n\t\t\t});\n\n\t\t\tawait adapter.setActiveOrganization(\n\t\t\t\tsession.session.token,\n\t\t\t\tinvitation.organizationId,\n\t\t\t\tctx,\n\t\t\t);\n\t\t\tif (!acceptedI) {\n\t\t\t\treturn ctx.json(null, {\n\t\t\t\t\tstatus: 400,\n\t\t\t\t\tbody: {\n\t\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.INVITATION_NOT_FOUND.message,\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t}\n\t\t\tif (options?.organizationHooks?.afterAcceptInvitation) {\n\t\t\t\tawait options?.organizationHooks.afterAcceptInvitation({\n\t\t\t\t\tinvitation: acceptedI as unknown as Invitation,\n\t\t\t\t\tmember,\n\t\t\t\t\tuser: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\t\t\treturn ctx.json({\n\t\t\t\tinvitation: acceptedI,\n\t\t\t\tmember,\n\t\t\t});\n\t\t},\n\t);\n\nconst rejectInvitationBodySchema = z.object({\n\tinvitationId: z.string().meta({\n\t\tdescription: \"The ID of the invitation to reject\",\n\t}),\n});\n\nexport const rejectInvitation = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/reject-invitation\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: rejectInvitationBodySchema,\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"Reject an invitation to an organization\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tinvitation: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tmember: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tconst adapter = getOrgAdapter(ctx.context, ctx.context.orgOptions);\n\t\t\tconst invitation = await adapter.findInvitationById(\n\t\t\t\tctx.body.invitationId,\n\t\t\t);\n\t\t\tif (!invitation || invitation.status !== \"pending\") {\n\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"Invitation not found!\",\n\t\t\t\t\tcode: \"INVITATION_NOT_FOUND\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tif (invitation.email.toLowerCase() !== session.user.email.toLowerCase()) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tif (\n\t\t\t\tctx.context.orgOptions.requireEmailVerificationOnInvitation &&\n\t\t\t\t!session.user.emailVerified\n\t\t\t) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.EMAIL_VERIFICATION_REQUIRED_BEFORE_ACCEPTING_OR_REJECTING_INVITATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst organization = await adapter.findOrganizationById(\n\t\t\t\tinvitation.organizationId,\n\t\t\t);\n\t\t\tif (!organization) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\t// Run beforeRejectInvitation hook\n\t\t\tif (options?.organizationHooks?.beforeRejectInvitation) {\n\t\t\t\tawait options?.organizationHooks.beforeRejectInvitation({\n\t\t\t\t\tinvitation: invitation as unknown as Invitation,\n\t\t\t\t\tuser: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst rejectedI = await adapter.updateInvitation({\n\t\t\t\tinvitationId: ctx.body.invitationId,\n\t\t\t\tstatus: \"rejected\",\n\t\t\t});\n\n\t\t\t// Run afterRejectInvitation hook\n\t\t\tif (options?.organizationHooks?.afterRejectInvitation) {\n\t\t\t\tawait options?.organizationHooks.afterRejectInvitation({\n\t\t\t\t\tinvitation: rejectedI || (invitation as unknown as Invitation),\n\t\t\t\t\tuser: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\treturn ctx.json({\n\t\t\t\tinvitation: rejectedI,\n\t\t\t\tmember: null,\n\t\t\t});\n\t\t},\n\t);\n\nconst cancelInvitationBodySchema = z.object({\n\tinvitationId: z.string().meta({\n\t\tdescription: \"The ID of the invitation to cancel\",\n\t}),\n});\n\nexport const cancelInvitation = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/cancel-invitation\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: cancelInvitationBodySchema,\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\topenapi: {\n\t\t\t\toperationId: \"cancelOrganizationInvitation\",\n\t\t\t\tdescription: \"Cancel an invitation to an organization\",\n\t\t\t\tresponses: {\n\t\t\t\t\t\"200\": {\n\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\tinvitation: {\n\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tconst invitation = await adapter.findInvitationById(\n\t\t\t\tctx.body.invitationId,\n\t\t\t);\n\t\t\tif (!invitation) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.INVITATION_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst member = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: session.user.id,\n\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t});\n\t\t\tif (!member) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst canCancel = await hasPermission(\n\t\t\t\t{\n\t\t\t\t\trole: member.role,\n\t\t\t\t\toptions: ctx.context.orgOptions,\n\t\t\t\t\tpermissions: {\n\t\t\t\t\t\tinvitation: [\"cancel\"],\n\t\t\t\t\t},\n\t\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t\t},\n\t\t\t\tctx,\n\t\t\t);\n\n\t\t\tif (!canCancel) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_CANCEL_THIS_INVITATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst organization = await adapter.findOrganizationById(\n\t\t\t\tinvitation.organizationId,\n\t\t\t);\n\t\t\tif (!organization) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\t// Run beforeCancelInvitation hook\n\t\t\tif (options?.organizationHooks?.beforeCancelInvitation) {\n\t\t\t\tawait options?.organizationHooks.beforeCancelInvitation({\n\t\t\t\t\tinvitation: invitation as unknown as Invitation,\n\t\t\t\t\tcancelledBy: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst canceledI = await adapter.updateInvitation({\n\t\t\t\tinvitationId: ctx.body.invitationId,\n\t\t\t\tstatus: \"canceled\",\n\t\t\t});\n\n\t\t\t// Run afterCancelInvitation hook\n\t\t\tif (options?.organizationHooks?.afterCancelInvitation) {\n\t\t\t\tawait options?.organizationHooks.afterCancelInvitation({\n\t\t\t\t\tinvitation: (canceledI as unknown as Invitation) || invitation,\n\t\t\t\t\tcancelledBy: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\treturn ctx.json(canceledI);\n\t\t},\n\t);\n\nconst getInvitationQuerySchema = z.object({\n\tid: z.string().meta({\n\t\tdescription: \"The ID of the invitation to get\",\n\t}),\n});\n\nexport const getInvitation = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/get-invitation\",\n\t\t{\n\t\t\tmethod: \"GET\",\n\t\t\tuse: [orgMiddleware],\n\t\t\trequireHeaders: true,\n\t\t\tquery: getInvitationQuerySchema,\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"Get an invitation by ID\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tid: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\temail: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trole: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\torganizationId: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tinviterId: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tstatus: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\texpiresAt: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\torganizationName: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\torganizationSlug: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tinviterEmail: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trequired: [\n\t\t\t\t\t\t\t\t\t\t\t\"id\",\n\t\t\t\t\t\t\t\t\t\t\t\"email\",\n\t\t\t\t\t\t\t\t\t\t\t\"role\",\n\t\t\t\t\t\t\t\t\t\t\t\"organizationId\",\n\t\t\t\t\t\t\t\t\t\t\t\"inviterId\",\n\t\t\t\t\t\t\t\t\t\t\t\"status\",\n\t\t\t\t\t\t\t\t\t\t\t\"expiresAt\",\n\t\t\t\t\t\t\t\t\t\t\t\"organizationName\",\n\t\t\t\t\t\t\t\t\t\t\t\"organizationSlug\",\n\t\t\t\t\t\t\t\t\t\t\t\"inviterEmail\",\n\t\t\t\t\t\t\t\t\t\t],\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = await getSessionFromCtx(ctx);\n\t\t\tif (!session) {\n\t\t\t\tthrow APIError.fromStatus(\"UNAUTHORIZED\", {\n\t\t\t\t\tmessage: \"Not authenticated\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tconst invitation = await adapter.findInvitationById(ctx.query.id);\n\t\t\tif (\n\t\t\t\t!invitation ||\n\t\t\t\tinvitation.status !== \"pending\" ||\n\t\t\t\tinvitation.expiresAt < new Date()\n\t\t\t) {\n\t\t\t\tthrow APIError.fromStatus(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"Invitation not found!\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tif (invitation.email.toLowerCase() !== session.user.email.toLowerCase()) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst organization = await adapter.findOrganizationById(\n\t\t\t\tinvitation.organizationId,\n\t\t\t);\n\t\t\tif (!organization) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst member = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: invitation.inviterId,\n\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t});\n\t\t\tif (!member) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.INVITER_IS_NO_LONGER_A_MEMBER_OF_THE_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\treturn ctx.json({\n\t\t\t\t...invitation,\n\t\t\t\torganizationName: organization.name,\n\t\t\t\torganizationSlug: organization.slug,\n\t\t\t\tinviterEmail: member.user.email,\n\t\t\t});\n\t\t},\n\t);\n\nconst listInvitationQuerySchema = z\n\t.object({\n\t\torganizationId: z\n\t\t\t.string()\n\t\t\t.meta({\n\t\t\t\tdescription: \"The ID of the organization to list invitations for\",\n\t\t\t})\n\t\t\t.optional(),\n\t})\n\t.optional();\n\nexport const listInvitations = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/list-invitations\",\n\t\t{\n\t\t\tmethod: \"GET\",\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\tquery: listInvitationQuerySchema,\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = await getSessionFromCtx(ctx);\n\t\t\tif (!session) {\n\t\t\t\tthrow APIError.fromStatus(\"UNAUTHORIZED\", {\n\t\t\t\t\tmessage: \"Not authenticated\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst orgId =\n\t\t\t\tctx.query?.organizationId || session.session.activeOrganizationId;\n\t\t\tif (!orgId) {\n\t\t\t\tthrow APIError.fromStatus(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"Organization ID is required\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tconst isMember = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: session.user.id,\n\t\t\t\torganizationId: orgId,\n\t\t\t});\n\t\t\tif (!isMember) {\n\t\t\t\tthrow APIError.fromStatus(\"FORBIDDEN\", {\n\t\t\t\t\tmessage: \"You are not a member of this organization\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst invitations = await adapter.listInvitations({\n\t\t\t\torganizationId: orgId,\n\t\t\t});\n\t\t\treturn ctx.json(invitations);\n\t\t},\n\t);\n\n/**\n * List all invitations a user has received\n */\nexport const listUserInvitations = <O extends OrganizationOptions>(\n\toptions: O,\n) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/list-user-invitations\",\n\t\t{\n\t\t\tmethod: \"GET\",\n\t\t\tuse: [orgMiddleware],\n\t\t\tquery: z\n\t\t\t\t.object({\n\t\t\t\t\temail: z\n\t\t\t\t\t\t.string()\n\t\t\t\t\t\t.meta({\n\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\"The email of the user to list invitations for. This only works for server side API calls.\",\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.optional(),\n\t\t\t\t})\n\t\t\t\t.optional(),\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"List all invitations a user has received\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"array\",\n\t\t\t\t\t\t\t\t\t\titems: {\n\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\t\tid: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\temail: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\trole: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\torganizationId: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\torganizationName: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\tinviterId: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"The ID of the user who created the invitation\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\tteamId: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"The ID of the team associated with the invitation\",\n\t\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\tstatus: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\texpiresAt: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\tcreatedAt: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trequired: [\n\t\t\t\t\t\t\t\t\t\t\t\t\"id\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"email\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"role\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"organizationId\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"organizationName\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"inviterId\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"status\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"expiresAt\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"createdAt\",\n\t\t\t\t\t\t\t\t\t\t\t],\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = await getSessionFromCtx(ctx);\n\n\t\t\tif (ctx.request && ctx.query?.email) {\n\t\t\t\tthrow APIError.fromStatus(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"User email cannot be passed for client side API calls.\",\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst userEmail = session?.user.email || ctx.query?.email;\n\t\t\tif (!userEmail) {\n\t\t\t\tthrow APIError.fromStatus(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"Missing session headers, or email query parameter.\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\n\t\t\tconst invitations = await adapter.listUserInvitations(userEmail);\n\t\t\tconst pendingInvitations = invitations.filter(\n\t\t\t\t(inv) => inv.status === \"pending\",\n\t\t\t);\n\t\t\treturn ctx.json(pendingInvitations);\n\t\t},\n\t);\n"],"mappings":";;;;;;;;;;;;;;;;;AAsBA,MAAM,uBAAuB,EAAE,OAAO;CACrC,OAAO,EAAE,QAAQ,CAAC,KAAK,EACtB,aAAa,2CACb,CAAC;CACF,MAAM,EACJ,MAAM,CACN,EAAE,QAAQ,CAAC,KAAK,EACf,aAAa,kCACb,CAAC,EACF,EAAE,MACD,EAAE,QAAQ,CAAC,KAAK,EACf,aAAa,mCACb,CAAC,CACF,CACD,CAAC,CACD,KAAK,EACL,aACC,yFACD,CAAC;CACH,gBAAgB,EACd,QAAQ,CACR,KAAK,EACL,aAAa,6CACb,CAAC,CACD,UAAU;CACZ,QAAQ,EACN,SAAS,CACT,KAAK,EACL,aACC,yEACD,CAAC,CACD,UAAU;CACZ,QAAQ,EAAE,MAAM,CACf,EACE,QAAQ,CACR,KAAK,EACL,aAAa,qCACb,CAAC,CACD,UAAU,EACZ,EACE,MAAM,EAAE,QAAQ,CAAC,CACjB,KAAK,EACL,aAAa,sCACb,CAAC,CACD,UAAU,CACZ,CAAC;CACF,CAAC;AAEF,MAAa,oBAAmD,WAAc;CAC7E,MAAM,yBAAyB,YAAY;EAC1C,QAAQ,QAAQ,QAAQ,YAAY,oBAAoB,EAAE;EAC1D,cAAc;EACd,CAAC;AAEF,QAAO,mBACN,+BACA;EACC,QAAQ;EACR,gBAAgB;EAChB,KAAK,CAAC,eAAe,qBAAqB;EAC1C,MAAM,EAAE,OAAO;GACd,GAAG,qBAAqB;GACxB,GAAG,uBAAuB;GAC1B,CAAC;EACF,UAAU;GACT,QAAQ,EACP,MAAM,EAAE,EAgCR;GACD,SAAS;IACR,aAAa;IACb,aAAa;IACb,WAAW,EACV,OAAO;KACN,aAAa;KACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;MACP,MAAM;MACN,YAAY;OACX,IAAI,EACH,MAAM,UACN;OACD,OAAO,EACN,MAAM,UACN;OACD,MAAM,EACL,MAAM,UACN;OACD,gBAAgB,EACf,MAAM,UACN;OACD,WAAW,EACV,MAAM,UACN;OACD,QAAQ,EACP,MAAM,UACN;OACD,WAAW,EACV,MAAM,UACN;OACD,WAAW,EACV,MAAM,UACN;OACD;MACD,UAAU;OACT;OACA;OACA;OACA;OACA;OACA;OACA;OACA;OACA;MACD,EACD,EACD;KACD,EACD;IACD;GACD;EACD,EACD,OAAO,QAAQ;EACd,MAAM,UAAU,IAAI,QAAQ;EAC5B,MAAM,iBACL,IAAI,KAAK,kBAAkB,QAAQ,QAAQ;AAC5C,MAAI,CAAC,eACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;EAGF,MAAM,QAAQ,IAAI,KAAK,MAAM,aAAa;AAE1C,MAAI,CADiB,EAAE,OAAO,CAAC,UAAU,MAAM,CAC7B,QACjB,OAAM,SAAS,KAAK,eAAe,iBAAiB,cAAc;EAGnE,MAAM,UAAU,cAAiB,IAAI,SAAS,OAAY;EAC1D,MAAM,SAAS,MAAM,QAAQ,kBAAkB;GAC9C,QAAQ,QAAQ,KAAK;GACL;GAChB,CAAC;AACF,MAAI,CAAC,OACJ,OAAM,SAAS,KACd,eACA,yBAAyB,iBACzB;AAcF,MAAI,CAZc,MAAM,cACvB;GACC,MAAM,OAAO;GACb,SAAS,IAAI,QAAQ;GACrB,aAAa,EACZ,YAAY,CAAC,SAAS,EACtB;GACD;GACA,EACD,IACA,CAGA,OAAM,SAAS,KACd,aACA,yBAAyB,yDACzB;EAGF,MAAM,cAAc,IAAI,QAAQ,WAAW,eAAe;EAE1D,MAAM,QAAQ,WAAW,IAAI,KAAK,KAAK;EAEvC,MAAM,aAAa,MACjB,MAAM,IAAI,CACV,KAAK,MAAM,EAAE,MAAM,CAAC,CACpB,OAAO,QAAQ;EACjB,MAAM,WAAW,OAAO,KAAK,aAAa;EAC1C,MAAM,cAAc,OAAO,KAAK,IAAI,QAAQ,WAAW,SAAS,EAAE,CAAC;EACnE,MAAM,mBAAmB,IAAI,IAAI,CAAC,GAAG,UAAU,GAAG,YAAY,CAAC;EAE/D,MAAM,eAAe,WAAW,QAC9B,SAAS,CAAC,iBAAiB,IAAI,KAAK,CACrC;AAED,MAAI,aAAa,SAAS,EACzB,KAAI,IAAI,QAAQ,WAAW,sBAAsB,SAAS;GAQzD,MAAM,kBAPa,MAAM,IAAI,QAAQ,QAAQ,SAAS;IACrD,OAAO;IACP,OAAO,CACN;KAAE,OAAO;KAAkB,OAAO;KAAgB,EAClD;KAAE,OAAO;KAAQ,OAAO;KAAc,UAAU;KAAM,CACtD;IACD,CAAC,EACgC,KAAK,MAAW,EAAE,KAAK;GACzD,MAAM,eAAe,aAAa,QAChC,MAAM,CAAC,eAAe,SAAS,EAAE,CAClC;AAED,OAAI,aAAa,SAAS,EACzB,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,GAAG,yBAAyB,eAAe,IAAI,aAAa,KAAK,KAAK,IAC/E,CAAC;QAGH,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,GAAG,yBAAyB,eAAe,IAAI,aAAa,KAAK,KAAK,IAC/E,CAAC;AAIJ,MACC,OAAO,SAAS,eAChB,MAAM,MAAM,IAAI,CAAC,SAAS,YAAY,CAEtC,OAAM,SAAS,KACd,aACA,yBAAyB,kDACzB;AAOF,MAJsB,MAAM,QAAQ,kBAAkB;GAC9C;GACS;GAChB,CAAC,CAED,OAAM,SAAS,KACd,eACA,yBAAyB,8CACzB;EAEF,MAAM,iBAAiB,MAAM,QAAQ,sBAAsB;GACnD;GACS;GAChB,CAAC;AACF,MAAI,eAAe,UAAU,CAAC,IAAI,KAAK,OACtC,OAAM,SAAS,KACd,eACA,yBAAyB,6CACzB;EAGF,MAAM,eAAe,MAAM,QAAQ,qBAAqB,eAAe;AACvE,MAAI,CAAC,aACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;AAIF,MAAI,eAAe,UAAU,IAAI,KAAK,QAAQ;GAC7C,MAAM,qBAAqB,eAAe;GAI1C,MAAM,eAAe,QACpB,IAAI,QAAQ,WAAW,uBAFE,OAAU,IAGnC,MACA;AAED,SAAM,IAAI,QAAQ,QAAQ,OAAO;IAChC,OAAO;IACP,OAAO,CACN;KACC,OAAO;KACP,OAAO,mBAAoB;KAC3B,CACD;IACD,QAAQ,EACP,WAAW,cACX;IACD,CAAC;GAEF,MAAM,oBAAoB;IACzB,GAAG;IACH,WAAW;IACX;AAED,OAAI,IAAI,QAAQ,WAAW,oBAC1B,OAAM,IAAI,QAAQ,uBACjB,IAAI,QAAQ,WAAW,oBACtB;IACC,IAAI,kBAAkB;IACtB,MAAM,kBAAkB;IACxB,OAAO,kBAAkB,MAAO,aAAa;IAC/B;IACd,SAAS;KACR,GAAG;KACH,MAAM,QAAQ;KACd;IACD,YAAY;IACZ,EACD,IAAI,QACJ,CACD;AAGF,UAAO,IAAI,KAAK,kBAAmD;;AAGpE,MACC,eAAe,UACf,IAAI,QAAQ,WAAW,mCAEvB,OAAM,QAAQ,iBAAiB;GAC9B,cAAc,eAAe,GAAI;GACjC,QAAQ;GACR,CAAC;EAGH,MAAM,kBACL,OAAO,IAAI,QAAQ,WAAW,oBAAoB,aAC/C,MAAM,IAAI,QAAQ,WAAW,gBAC7B;GACC,MAAM,QAAQ;GACd;GACQ;GACR,EACD,IAAI,QACJ,GACC,IAAI,QAAQ,WAAW,mBAAmB;AAM/C,OAJ2B,MAAM,QAAQ,uBAAuB,EAC/C,gBAChB,CAAC,EAEqB,UAAU,gBAChC,OAAM,SAAS,KACd,aACA,yBAAyB,yBACzB;AAGF,MACC,IAAI,QAAQ,WAAW,SACvB,IAAI,QAAQ,WAAW,MAAM,WAC7B,OAAO,IAAI,QAAQ,WAAW,MAAM,0BACnC,eACD,YAAY,IAAI,QAChB,IAAI,KAAK,QACR;GACD,MAAM,UACL,OAAO,IAAI,KAAK,WAAW,WACxB,CAAC,IAAI,KAAK,OAAiB,GAC1B,IAAI,KAAK;AAEd,QAAK,MAAM,UAAU,SAAS;IAC7B,MAAM,OAAO,MAAM,QAAQ,aAAa;KACvC;KACgB;KAChB,oBAAoB;KACpB,CAAC;AAEF,QAAI,CAAC,KACJ,OAAM,SAAS,KACd,eACA,yBAAyB,eACzB;IAGF,MAAM,wBACL,OAAO,IAAI,QAAQ,WAAW,MAAM,0BACpC,aACG,MAAM,IAAI,QAAQ,WAAW,MAAM,sBAAsB;KACzD;KACS;KACO;KAChB,CAAC,GACD,IAAI,QAAQ,WAAW,MAAM;AACjC,QAAI,KAAK,QAAQ,UAAU,sBAC1B,OAAM,SAAS,KACd,aACA,yBAAyB,0BACzB;;;EAKJ,MAAM,UACL,YAAY,IAAI,OACb,OAAO,IAAI,KAAK,WAAW,WAC1B,CAAC,IAAI,KAAK,OAAiB,GACzB,IAAI,KAAK,UAAuB,EAAE,GACrC,EAAE;EAEN,MAAM,EACL,OAAO,GACP,MAAM,IACN,gBAAgB,KAChB,QAAQ,MACR,GAAG,qBACA,IAAI;EAER,IAAI,iBAAiB;GACpB,MAAM;GACC;GACS;GAChB;GACA,GAAI,mBAAmB,mBAAmB,EAAE;GAC5C;AAGD,MAAI,QAAQ,mBAAmB,wBAAwB;GACtD,MAAM,WAAW,MAAM,QAAQ,kBAAkB,uBAChD;IACC,YAAY;KACX,GAAG;KACH,WAAW,QAAQ,KAAK;KACxB,QAAQ,QAAQ,SAAS,IAAI,QAAQ,KAAK;KAC1C;IACD,SAAS,QAAQ;IACjB;IACA,CACD;AACD,OAAI,YAAY,OAAO,aAAa,YAAY,UAAU,SACzD,kBAAiB;IAChB,GAAG;IACH,GAAG,SAAS;IACZ;;EAIH,MAAM,aAAa,MAAM,QAAQ,iBAAiB;GACjD,YAAY;GACZ,MAAM,QAAQ;GACd,CAAC;AAEF,MAAI,IAAI,QAAQ,WAAW,oBAC1B,OAAM,IAAI,QAAQ,uBACjB,IAAI,QAAQ,WAAW,oBACtB;GACC,IAAI,WAAW;GACf,MAAM,WAAW;GACjB,OAAO,WAAW,MAAM,aAAa;GACvB;GACd,SAAS;IACR,GAAI;IACJ,MAAM,QAAQ;IACd;GACD;GACA,EACD,IAAI,QACJ,CACD;AAIF,MAAI,QAAQ,mBAAmB,sBAC9B,OAAM,QAAQ,kBAAkB,sBAAsB;GACzC;GACZ,SAAS,QAAQ;GACjB;GACA,CAAC;AAGH,SAAO,IAAI,KAAK,WAAW;GAE5B;;AAGF,MAAM,6BAA6B,EAAE,OAAO,EAC3C,cAAc,EAAE,QAAQ,CAAC,KAAK,EAC7B,aAAa,sCACb,CAAC,EACF,CAAC;AAEF,MAAa,oBAAmD,YAC/D,mBACC,mCACA;CACC,QAAQ;CACR,MAAM;CACN,gBAAgB;CAChB,KAAK,CAAC,eAAe,qBAAqB;CAC1C,UAAU,EACT,SAAS;EACR,aAAa;EACb,WAAW,EACV,OAAO;GACN,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY;KACX,YAAY,EACX,MAAM,UACN;KACD,QAAQ,EACP,MAAM,UACN;KACD;IACD,EACD,EACD;GACD,EACD;EACD,EACD;CACD,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,IAAI,QAAQ;CAC5B,MAAM,UAAU,cAAiB,IAAI,SAAS,QAAQ;CACtD,MAAM,aAAa,MAAM,QAAQ,mBAChC,IAAI,KAAK,aACT;AAED,KACC,CAAC,cACD,WAAW,4BAAY,IAAI,MAAM,IACjC,WAAW,WAAW,UAEtB,OAAM,SAAS,KACd,eACA,yBAAyB,qBACzB;AAGF,KAAI,WAAW,MAAM,aAAa,KAAK,QAAQ,KAAK,MAAM,aAAa,CACtE,OAAM,SAAS,KACd,aACA,yBAAyB,4CACzB;AAGF,KACC,IAAI,QAAQ,WAAW,wCACvB,CAAC,QAAQ,KAAK,cAEd,OAAM,SAAS,KACd,aACA,yBAAyB,qEACzB;CAGF,MAAM,kBAAkB,IAAI,QAAQ,YAAY,mBAAmB;CACnE,MAAM,eAAe,MAAM,QAAQ,aAAa,EAC/C,gBAAgB,WAAW,gBAC3B,CAAC;CAEF,MAAM,eAAe,MAAM,QAAQ,qBAClC,WAAW,eACX;AACD,KAAI,CAAC,aACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;AAQF,KAAI,iBAJH,OAAO,oBAAoB,WACxB,kBACA,MAAM,gBAAgB,QAAQ,MAAM,aAAa,EAGpD,OAAM,SAAS,KACd,aACA,yBAAyB,sCACzB;AAIF,KAAI,SAAS,mBAAmB,uBAC/B,OAAM,SAAS,kBAAkB,uBAAuB;EAC3C;EACZ,MAAM,QAAQ;EACd;EACA,CAAC;CAGH,MAAM,YAAY,MAAM,QAAQ,iBAAiB;EAChD,cAAc,IAAI,KAAK;EACvB,QAAQ;EACR,CAAC;AACF,KAAI,CAAC,UACJ,OAAM,SAAS,KACd,eACA,yBAAyB,8BACzB;AAEF,KACC,IAAI,QAAQ,WAAW,SACvB,IAAI,QAAQ,WAAW,MAAM,WAC7B,YAAY,aACZ,UAAU,QACT;EACD,MAAM,UAAW,UAAU,OAAkB,MAAM,IAAI;EACvD,MAAM,UAAU,QAAQ,WAAW;AAEnC,OAAK,MAAM,UAAU,SAAS;AAC7B,SAAM,QAAQ,uBAAuB;IAC5B;IACR,QAAQ,QAAQ,KAAK;IACrB,CAAC;AAEF,OACC,OAAO,IAAI,QAAQ,WAAW,MAAM,0BACpC,aAcA;QAZgB,MAAM,QAAQ,iBAAiB,EAAE,QAAQ,CAAC,KAGzD,OAAO,IAAI,QAAQ,WAAW,MAAM,0BACpC,aACG,MAAM,IAAI,QAAQ,WAAW,MAAM,sBAAsB;KACzD;KACS;KACT,gBAAgB,WAAW;KAC3B,CAAC,GACD,IAAI,QAAQ,WAAW,MAAM,uBAGhC,OAAM,SAAS,KACd,aACA,yBAAyB,0BACzB;;;AAKJ,MAAI,SAAS;GACZ,MAAM,SAAS,QAAQ;AAOvB,SAAM,iBAAiB,KAAK;IAC3B,SAPsB,MAAM,QAAQ,cACpC,QAAQ,QAAQ,OAChB,QACA,IACA;IAIA,MAAM,QAAQ;IACd,CAAC;;;CAIJ,MAAM,SAAS,MAAM,QAAQ,aAAa;EACzC,gBAAgB,WAAW;EAC3B,QAAQ,QAAQ,KAAK;EACrB,MAAM,WAAW;EACjB,2BAAW,IAAI,MAAM;EACrB,CAAC;AAEF,OAAM,QAAQ,sBACb,QAAQ,QAAQ,OAChB,WAAW,gBACX,IACA;AACD,KAAI,CAAC,UACJ,QAAO,IAAI,KAAK,MAAM;EACrB,QAAQ;EACR,MAAM,EACL,SAAS,yBAAyB,qBAAqB,SACvD;EACD,CAAC;AAEH,KAAI,SAAS,mBAAmB,sBAC/B,OAAM,SAAS,kBAAkB,sBAAsB;EACtD,YAAY;EACZ;EACA,MAAM,QAAQ;EACd;EACA,CAAC;AAEH,QAAO,IAAI,KAAK;EACf,YAAY;EACZ;EACA,CAAC;EAEH;AAEF,MAAM,6BAA6B,EAAE,OAAO,EAC3C,cAAc,EAAE,QAAQ,CAAC,KAAK,EAC7B,aAAa,sCACb,CAAC,EACF,CAAC;AAEF,MAAa,oBAAmD,YAC/D,mBACC,mCACA;CACC,QAAQ;CACR,MAAM;CACN,gBAAgB;CAChB,KAAK,CAAC,eAAe,qBAAqB;CAC1C,UAAU,EACT,SAAS;EACR,aAAa;EACb,WAAW,EACV,OAAO;GACN,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY;KACX,YAAY,EACX,MAAM,UACN;KACD,QAAQ;MACP,MAAM;MACN,UAAU;MACV;KACD;IACD,EACD,EACD;GACD,EACD;EACD,EACD;CACD,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,IAAI,QAAQ;CAC5B,MAAM,UAAU,cAAc,IAAI,SAAS,IAAI,QAAQ,WAAW;CAClE,MAAM,aAAa,MAAM,QAAQ,mBAChC,IAAI,KAAK,aACT;AACD,KAAI,CAAC,cAAc,WAAW,WAAW,UACxC,OAAM,SAAS,KAAK,eAAe;EAClC,SAAS;EACT,MAAM;EACN,CAAC;AAEH,KAAI,WAAW,MAAM,aAAa,KAAK,QAAQ,KAAK,MAAM,aAAa,CACtE,OAAM,SAAS,KACd,aACA,yBAAyB,4CACzB;AAGF,KACC,IAAI,QAAQ,WAAW,wCACvB,CAAC,QAAQ,KAAK,cAEd,OAAM,SAAS,KACd,aACA,yBAAyB,qEACzB;CAGF,MAAM,eAAe,MAAM,QAAQ,qBAClC,WAAW,eACX;AACD,KAAI,CAAC,aACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;AAIF,KAAI,SAAS,mBAAmB,uBAC/B,OAAM,SAAS,kBAAkB,uBAAuB;EAC3C;EACZ,MAAM,QAAQ;EACd;EACA,CAAC;CAGH,MAAM,YAAY,MAAM,QAAQ,iBAAiB;EAChD,cAAc,IAAI,KAAK;EACvB,QAAQ;EACR,CAAC;AAGF,KAAI,SAAS,mBAAmB,sBAC/B,OAAM,SAAS,kBAAkB,sBAAsB;EACtD,YAAY,aAAc;EAC1B,MAAM,QAAQ;EACd;EACA,CAAC;AAGH,QAAO,IAAI,KAAK;EACf,YAAY;EACZ,QAAQ;EACR,CAAC;EAEH;AAEF,MAAM,6BAA6B,EAAE,OAAO,EAC3C,cAAc,EAAE,QAAQ,CAAC,KAAK,EAC7B,aAAa,sCACb,CAAC,EACF,CAAC;AAEF,MAAa,oBAAmD,YAC/D,mBACC,mCACA;CACC,QAAQ;CACR,MAAM;CACN,gBAAgB;CAChB,KAAK,CAAC,eAAe,qBAAqB;CAC1C,SAAS;EACR,aAAa;EACb,aAAa;EACb,WAAW,EACV,OAAO;GACN,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY,EACX,YAAY,EACX,MAAM,UACN,EACD;IACD,EACD,EACD;GACD,EACD;EACD;CACD,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,IAAI,QAAQ;CAC5B,MAAM,UAAU,cAAiB,IAAI,SAAS,QAAQ;CACtD,MAAM,aAAa,MAAM,QAAQ,mBAChC,IAAI,KAAK,aACT;AACD,KAAI,CAAC,WACJ,OAAM,SAAS,KACd,eACA,yBAAyB,qBACzB;CAEF,MAAM,SAAS,MAAM,QAAQ,kBAAkB;EAC9C,QAAQ,QAAQ,KAAK;EACrB,gBAAgB,WAAW;EAC3B,CAAC;AACF,KAAI,CAAC,OACJ,OAAM,SAAS,KACd,eACA,yBAAyB,iBACzB;AAcF,KAAI,CAZc,MAAM,cACvB;EACC,MAAM,OAAO;EACb,SAAS,IAAI,QAAQ;EACrB,aAAa,EACZ,YAAY,CAAC,SAAS,EACtB;EACD,gBAAgB,WAAW;EAC3B,EACD,IACA,CAGA,OAAM,SAAS,KACd,aACA,yBAAyB,8CACzB;CAGF,MAAM,eAAe,MAAM,QAAQ,qBAClC,WAAW,eACX;AACD,KAAI,CAAC,aACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;AAIF,KAAI,SAAS,mBAAmB,uBAC/B,OAAM,SAAS,kBAAkB,uBAAuB;EAC3C;EACZ,aAAa,QAAQ;EACrB;EACA,CAAC;CAGH,MAAM,YAAY,MAAM,QAAQ,iBAAiB;EAChD,cAAc,IAAI,KAAK;EACvB,QAAQ;EACR,CAAC;AAGF,KAAI,SAAS,mBAAmB,sBAC/B,OAAM,SAAS,kBAAkB,sBAAsB;EACtD,YAAa,aAAuC;EACpD,aAAa,QAAQ;EACrB;EACA,CAAC;AAGH,QAAO,IAAI,KAAK,UAAU;EAE3B;AAEF,MAAM,2BAA2B,EAAE,OAAO,EACzC,IAAI,EAAE,QAAQ,CAAC,KAAK,EACnB,aAAa,mCACb,CAAC,EACF,CAAC;AAEF,MAAa,iBAAgD,YAC5D,mBACC,gCACA;CACC,QAAQ;CACR,KAAK,CAAC,cAAc;CACpB,gBAAgB;CAChB,OAAO;CACP,UAAU,EACT,SAAS;EACR,aAAa;EACb,WAAW,EACV,OAAO;GACN,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY;KACX,IAAI,EACH,MAAM,UACN;KACD,OAAO,EACN,MAAM,UACN;KACD,MAAM,EACL,MAAM,UACN;KACD,gBAAgB,EACf,MAAM,UACN;KACD,WAAW,EACV,MAAM,UACN;KACD,QAAQ,EACP,MAAM,UACN;KACD,WAAW,EACV,MAAM,UACN;KACD,kBAAkB,EACjB,MAAM,UACN;KACD,kBAAkB,EACjB,MAAM,UACN;KACD,cAAc,EACb,MAAM,UACN;KACD;IACD,UAAU;KACT;KACA;KACA;KACA;KACA;KACA;KACA;KACA;KACA;KACA;KACA;IACD,EACD,EACD;GACD,EACD;EACD,EACD;CACD,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,MAAM,kBAAkB,IAAI;AAC5C,KAAI,CAAC,QACJ,OAAM,SAAS,WAAW,gBAAgB,EACzC,SAAS,qBACT,CAAC;CAEH,MAAM,UAAU,cAAiB,IAAI,SAAS,QAAQ;CACtD,MAAM,aAAa,MAAM,QAAQ,mBAAmB,IAAI,MAAM,GAAG;AACjE,KACC,CAAC,cACD,WAAW,WAAW,aACtB,WAAW,4BAAY,IAAI,MAAM,CAEjC,OAAM,SAAS,WAAW,eAAe,EACxC,SAAS,yBACT,CAAC;AAEH,KAAI,WAAW,MAAM,aAAa,KAAK,QAAQ,KAAK,MAAM,aAAa,CACtE,OAAM,SAAS,KACd,aACA,yBAAyB,4CACzB;CAEF,MAAM,eAAe,MAAM,QAAQ,qBAClC,WAAW,eACX;AACD,KAAI,CAAC,aACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;CAEF,MAAM,SAAS,MAAM,QAAQ,kBAAkB;EAC9C,QAAQ,WAAW;EACnB,gBAAgB,WAAW;EAC3B,CAAC;AACF,KAAI,CAAC,OACJ,OAAM,SAAS,KACd,eACA,yBAAyB,kDACzB;AAGF,QAAO,IAAI,KAAK;EACf,GAAG;EACH,kBAAkB,aAAa;EAC/B,kBAAkB,aAAa;EAC/B,cAAc,OAAO,KAAK;EAC1B,CAAC;EAEH;AAEF,MAAM,4BAA4B,EAChC,OAAO,EACP,gBAAgB,EACd,QAAQ,CACR,KAAK,EACL,aAAa,sDACb,CAAC,CACD,UAAU,EACZ,CAAC,CACD,UAAU;AAEZ,MAAa,mBAAkD,YAC9D,mBACC,kCACA;CACC,QAAQ;CACR,gBAAgB;CAChB,KAAK,CAAC,eAAe,qBAAqB;CAC1C,OAAO;CACP,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,MAAM,kBAAkB,IAAI;AAC5C,KAAI,CAAC,QACJ,OAAM,SAAS,WAAW,gBAAgB,EACzC,SAAS,qBACT,CAAC;CAEH,MAAM,QACL,IAAI,OAAO,kBAAkB,QAAQ,QAAQ;AAC9C,KAAI,CAAC,MACJ,OAAM,SAAS,WAAW,eAAe,EACxC,SAAS,+BACT,CAAC;CAEH,MAAM,UAAU,cAAiB,IAAI,SAAS,QAAQ;AAKtD,KAAI,CAJa,MAAM,QAAQ,kBAAkB;EAChD,QAAQ,QAAQ,KAAK;EACrB,gBAAgB;EAChB,CAAC,CAED,OAAM,SAAS,WAAW,aAAa,EACtC,SAAS,6CACT,CAAC;CAEH,MAAM,cAAc,MAAM,QAAQ,gBAAgB,EACjD,gBAAgB,OAChB,CAAC;AACF,QAAO,IAAI,KAAK,YAAY;EAE7B;;;;AAKF,MAAa,uBACZ,YAEA,mBACC,uCACA;CACC,QAAQ;CACR,KAAK,CAAC,cAAc;CACpB,OAAO,EACL,OAAO,EACP,OAAO,EACL,QAAQ,CACR,KAAK,EACL,aACC,6FACD,CAAC,CACD,UAAU,EACZ,CAAC,CACD,UAAU;CACZ,UAAU,EACT,SAAS;EACR,aAAa;EACb,WAAW,EACV,OAAO;GACN,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,OAAO;KACN,MAAM;KACN,YAAY;MACX,IAAI,EACH,MAAM,UACN;MACD,OAAO,EACN,MAAM,UACN;MACD,MAAM,EACL,MAAM,UACN;MACD,gBAAgB,EACf,MAAM,UACN;MACD,kBAAkB,EACjB,MAAM,UACN;MACD,WAAW;OACV,MAAM;OACN,aACC;OACD;MACD,QAAQ;OACP,MAAM;OACN,aACC;OACD,UAAU;OACV;MACD,QAAQ,EACP,MAAM,UACN;MACD,WAAW,EACV,MAAM,UACN;MACD,WAAW,EACV,MAAM,UACN;MACD;KACD,UAAU;MACT;MACA;MACA;MACA;MACA;MACA;MACA;MACA;MACA;MACA;KACD;IACD,EACD,EACD;GACD,EACD;EACD,EACD;CACD,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,MAAM,kBAAkB,IAAI;AAE5C,KAAI,IAAI,WAAW,IAAI,OAAO,MAC7B,OAAM,SAAS,WAAW,eAAe,EACxC,SAAS,0DACT,CAAC;CAGH,MAAM,YAAY,SAAS,KAAK,SAAS,IAAI,OAAO;AACpD,KAAI,CAAC,UACJ,OAAM,SAAS,WAAW,eAAe,EACxC,SAAS,sDACT,CAAC;CAKH,MAAM,sBADc,MAFJ,cAAiB,IAAI,SAAS,QAAQ,CAEpB,oBAAoB,UAAU,EACzB,QACrC,QAAQ,IAAI,WAAW,UACxB;AACD,QAAO,IAAI,KAAK,mBAAmB;EAEpC"}

package/dist/plugins/organization/routes/crud-members.d.mts

@@ -0,0 +1,13 @@
+import { OrganizationOptions } from "../types.mjs";
+
+//#region src/plugins/organization/routes/crud-members.d.ts
+declare const addMember: <O extends OrganizationOptions>(option: O) => any;
+declare const removeMember: <O extends OrganizationOptions>(options: O) => any;
+declare const updateMemberRole: <O extends OrganizationOptions>(option: O) => any;
+declare const getActiveMember: <O extends OrganizationOptions>(options: O) => any;
+declare const leaveOrganization: <O extends OrganizationOptions>(options: O) => any;
+declare const listMembers: <O extends OrganizationOptions>(options: O) => any;
+declare const getActiveMemberRole: <O extends OrganizationOptions>(options: O) => any;
+//#endregion
+export { addMember, getActiveMember, getActiveMemberRole, leaveOrganization, listMembers, removeMember, updateMemberRole };
+//# sourceMappingURL=crud-members.d.mts.map

package/dist/plugins/organization/routes/crud-members.mjs

@@ -0,0 +1,473 @@
+import { toZodSchema } from "../../../db/to-zod.mjs";
+import { getSessionFromCtx, sessionMiddleware } from "../../../api/routes/session.mjs";
+import "../../../api/index.mjs";
+import { ORGANIZATION_ERROR_CODES } from "../error-codes.mjs";
+import { getOrgAdapter } from "../adapter.mjs";
+import { orgMiddleware, orgSessionMiddleware } from "../call.mjs";
+import { hasPermission } from "../has-permission.mjs";
+import { parseRoles } from "../organization.mjs";
+import { APIError, BASE_ERROR_CODES } from "@better-auth/core/error";
+import { createAuthEndpoint } from "@better-auth/core/api";
+import * as z from "zod";
+
+//#region src/plugins/organization/routes/crud-members.ts
+const baseMemberSchema = z.object({
+	userId: z.coerce.string().meta({ description: "The user Id which represents the user to be added as a member. If `null` is provided, then it's expected to provide session headers. Eg: \"user-id\"" }),
+	role: z.union([z.string(), z.array(z.string())]).meta({ description: "The role(s) to assign to the new member. Eg: [\"admin\", \"sale\"]" }),
+	organizationId: z.string().meta({ description: "An optional organization ID to pass. If not provided, will default to the user's active organization. Eg: \"org-id\"" }).optional(),
+	teamId: z.string().meta({ description: "An optional team ID to add the member to. Eg: \"team-id\"" }).optional()
+});
+const addMember = (option) => {
+	const additionalFieldsSchema = toZodSchema({
+		fields: option?.schema?.member?.additionalFields || {},
+		isClientSide: true
+	});
+	return createAuthEndpoint({
+		method: "POST",
+		body: z.object({
+			...baseMemberSchema.shape,
+			...additionalFieldsSchema.shape
+		}),
+		use: [orgMiddleware],
+		metadata: {
+			$Infer: { body: {} },
+			openapi: {
+				operationId: "addOrganizationMember",
+				description: "Add a member to an organization"
+			}
+		}
+	}, async (ctx) => {
+		const session = ctx.body.userId ? await getSessionFromCtx(ctx).catch((e) => null) : null;
+		const orgId = ctx.body.organizationId || session?.session.activeOrganizationId;
+		if (!orgId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION);
+		const teamId = "teamId" in ctx.body ? ctx.body.teamId : void 0;
+		if (teamId && !ctx.context.orgOptions.teams?.enabled) {
+			ctx.context.logger.error("Teams are not enabled");
+			throw APIError.fromStatus("BAD_REQUEST", { message: "Teams are not enabled" });
+		}
+		const adapter = getOrgAdapter(ctx.context, option);
+		const user = await ctx.context.internalAdapter.findUserById(ctx.body.userId);
+		if (!user) throw APIError.from("BAD_REQUEST", BASE_ERROR_CODES.USER_NOT_FOUND);
+		if (await adapter.findMemberByEmail({
+			email: user.email,
+			organizationId: orgId
+		})) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.USER_IS_ALREADY_A_MEMBER_OF_THIS_ORGANIZATION);
+		if (teamId) {
+			const team = await adapter.findTeamById({
+				teamId,
+				organizationId: orgId
+			});
+			if (!team || team.organizationId !== orgId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.TEAM_NOT_FOUND);
+		}
+		const membershipLimit = ctx.context.orgOptions?.membershipLimit || 100;
+		const count = await adapter.countMembers({ organizationId: orgId });
+		const organization = await adapter.findOrganizationById(orgId);
+		if (!organization) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND);
+		if (count >= (typeof membershipLimit === "number" ? membershipLimit : await membershipLimit(user, organization))) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.ORGANIZATION_MEMBERSHIP_LIMIT_REACHED);
+		const { role: _, userId: __, organizationId: ___, ...additionalFields } = ctx.body;
+		let memberData = {
+			organizationId: orgId,
+			userId: user.id,
+			role: parseRoles(ctx.body.role),
+			createdAt: /* @__PURE__ */ new Date(),
+			...additionalFields ? additionalFields : {}
+		};
+		if (option?.organizationHooks?.beforeAddMember) {
+			const response = await option?.organizationHooks.beforeAddMember({
+				member: {
+					userId: user.id,
+					organizationId: orgId,
+					role: parseRoles(ctx.body.role),
+					...additionalFields
+				},
+				user,
+				organization
+			});
+			if (response && typeof response === "object" && "data" in response) memberData = {
+				...memberData,
+				...response.data
+			};
+		}
+		const createdMember = await adapter.createMember(memberData);
+		if (teamId) await adapter.findOrCreateTeamMember({
+			userId: user.id,
+			teamId
+		});
+		if (option?.organizationHooks?.afterAddMember) await option?.organizationHooks.afterAddMember({
+			member: createdMember,
+			user,
+			organization
+		});
+		return ctx.json(createdMember);
+	});
+};
+const removeMemberBodySchema = z.object({
+	memberIdOrEmail: z.string().meta({ description: "The ID or email of the member to remove" }),
+	organizationId: z.string().meta({ description: "The ID of the organization to remove the member from. If not provided, the active organization will be used. Eg: \"org-id\"" }).optional()
+});
+const removeMember = (options) => createAuthEndpoint("/organization/remove-member", {
+	method: "POST",
+	body: removeMemberBodySchema,
+	requireHeaders: true,
+	use: [orgMiddleware, orgSessionMiddleware],
+	metadata: { openapi: {
+		description: "Remove a member from an organization",
+		responses: { "200": {
+			description: "Success",
+			content: { "application/json": { schema: {
+				type: "object",
+				properties: { member: {
+					type: "object",
+					properties: {
+						id: { type: "string" },
+						userId: { type: "string" },
+						organizationId: { type: "string" },
+						role: { type: "string" }
+					},
+					required: [
+						"id",
+						"userId",
+						"organizationId",
+						"role"
+					]
+				} },
+				required: ["member"]
+			} } }
+		} }
+	} }
+}, async (ctx) => {
+	const session = ctx.context.session;
+	const organizationId = ctx.body.organizationId || session.session.activeOrganizationId;
+	if (!organizationId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION);
+	const adapter = getOrgAdapter(ctx.context, options);
+	const member = await adapter.findMemberByOrgId({
+		userId: session.user.id,
+		organizationId
+	});
+	if (!member) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	let toBeRemovedMember = null;
+	if (ctx.body.memberIdOrEmail.includes("@")) toBeRemovedMember = await adapter.findMemberByEmail({
+		email: ctx.body.memberIdOrEmail,
+		organizationId
+	});
+	else {
+		const result = await adapter.findMemberById(ctx.body.memberIdOrEmail);
+		if (!result) toBeRemovedMember = null;
+		else {
+			const { user: _user, ...member } = result;
+			toBeRemovedMember = member;
+		}
+	}
+	if (!toBeRemovedMember) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	const roles = toBeRemovedMember.role.split(",");
+	const creatorRole = ctx.context.orgOptions?.creatorRole || "owner";
+	if (roles.includes(creatorRole)) {
+		if (member.role !== creatorRole) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER);
+		const { members } = await adapter.listMembers({ organizationId });
+		if (members.filter((member) => {
+			return member.role.split(",").includes(creatorRole);
+		}).length <= 1) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER);
+	}
+	if (!await hasPermission({
+		role: member.role,
+		options: ctx.context.orgOptions,
+		permissions: { member: ["delete"] },
+		organizationId
+	}, ctx)) throw APIError.from("UNAUTHORIZED", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_MEMBER);
+	if (toBeRemovedMember?.organizationId !== organizationId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	const organization = await adapter.findOrganizationById(organizationId);
+	if (!organization) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND);
+	const userBeingRemoved = await ctx.context.internalAdapter.findUserById(toBeRemovedMember.userId);
+	if (!userBeingRemoved) throw APIError.fromStatus("BAD_REQUEST", { message: "User not found" });
+	if (options?.organizationHooks?.beforeRemoveMember) await options?.organizationHooks.beforeRemoveMember({
+		member: toBeRemovedMember,
+		user: userBeingRemoved,
+		organization
+	});
+	await adapter.deleteMember({
+		memberId: toBeRemovedMember.id,
+		organizationId,
+		userId: toBeRemovedMember.userId
+	});
+	if (session.user.id === toBeRemovedMember.userId && session.session.activeOrganizationId === toBeRemovedMember.organizationId) await adapter.setActiveOrganization(session.session.token, null, ctx);
+	if (options?.organizationHooks?.afterRemoveMember) await options?.organizationHooks.afterRemoveMember({
+		member: toBeRemovedMember,
+		user: userBeingRemoved,
+		organization
+	});
+	return ctx.json({ member: toBeRemovedMember });
+});
+const updateMemberRoleBodySchema = z.object({
+	role: z.union([z.string(), z.array(z.string())]).meta({ description: "The new role to be applied. This can be a string or array of strings representing the roles. Eg: [\"admin\", \"sale\"]" }),
+	memberId: z.string().meta({ description: "The member id to apply the role update to. Eg: \"member-id\"" }),
+	organizationId: z.string().meta({ description: "An optional organization ID which the member is a part of to apply the role update. If not provided, you must provide session headers to get the active organization. Eg: \"organization-id\"" }).optional()
+});
+const updateMemberRole = (option) => createAuthEndpoint("/organization/update-member-role", {
+	method: "POST",
+	body: updateMemberRoleBodySchema,
+	use: [orgMiddleware, orgSessionMiddleware],
+	requireHeaders: true,
+	metadata: {
+		$Infer: { body: {} },
+		openapi: {
+			operationId: "updateOrganizationMemberRole",
+			description: "Update the role of a member in an organization",
+			responses: { "200": {
+				description: "Success",
+				content: { "application/json": { schema: {
+					type: "object",
+					properties: { member: {
+						type: "object",
+						properties: {
+							id: { type: "string" },
+							userId: { type: "string" },
+							organizationId: { type: "string" },
+							role: { type: "string" }
+						},
+						required: [
+							"id",
+							"userId",
+							"organizationId",
+							"role"
+						]
+					} },
+					required: ["member"]
+				} } }
+			} }
+		}
+	}
+}, async (ctx) => {
+	const session = ctx.context.session;
+	if (!ctx.body.role) throw APIError.fromStatus("BAD_REQUEST");
+	const organizationId = ctx.body.organizationId || session.session.activeOrganizationId;
+	if (!organizationId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION);
+	const adapter = getOrgAdapter(ctx.context, ctx.context.orgOptions);
+	const roleToSet = Array.isArray(ctx.body.role) ? ctx.body.role : ctx.body.role ? [ctx.body.role] : [];
+	const member = await adapter.findMemberByOrgId({
+		userId: session.user.id,
+		organizationId
+	});
+	if (!member) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	const toBeUpdatedMember = member.id !== ctx.body.memberId ? await adapter.findMemberById(ctx.body.memberId) : member;
+	if (!toBeUpdatedMember) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	if (!(toBeUpdatedMember.organizationId === organizationId)) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER);
+	const creatorRole = ctx.context.orgOptions?.creatorRole || "owner";
+	const updatingMemberRoles = member.role.split(",");
+	const isUpdatingCreator = toBeUpdatedMember.role.split(",").includes(creatorRole);
+	const updaterIsCreator = updatingMemberRoles.includes(creatorRole);
+	const isSettingCreatorRole = roleToSet.includes(creatorRole);
+	const memberIsUpdatingThemselves = member.id === toBeUpdatedMember.id;
+	if (isUpdatingCreator && !updaterIsCreator || isSettingCreatorRole && !updaterIsCreator) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER);
+	if (updaterIsCreator && memberIsUpdatingThemselves) {
+		if ((await ctx.context.adapter.findMany({
+			model: "member",
+			where: [{
+				field: "organizationId",
+				value: organizationId
+			}]
+		})).filter((member) => {
+			return member.role.split(",").includes(creatorRole);
+		}).length <= 1 && !isSettingCreatorRole) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.YOU_CANNOT_LEAVE_THE_ORGANIZATION_WITHOUT_AN_OWNER);
+	}
+	if (!await hasPermission({
+		role: member.role,
+		options: ctx.context.orgOptions,
+		permissions: { member: ["update"] },
+		allowCreatorAllPermissions: true,
+		organizationId
+	}, ctx)) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER);
+	const organization = await adapter.findOrganizationById(organizationId);
+	if (!organization) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND);
+	const userBeingUpdated = await ctx.context.internalAdapter.findUserById(toBeUpdatedMember.userId);
+	if (!userBeingUpdated) throw APIError.fromStatus("BAD_REQUEST", { message: "User not found" });
+	const previousRole = toBeUpdatedMember.role;
+	const newRole = parseRoles(ctx.body.role);
+	if (option?.organizationHooks?.beforeUpdateMemberRole) {
+		const response = await option?.organizationHooks.beforeUpdateMemberRole({
+			member: toBeUpdatedMember,
+			newRole,
+			user: userBeingUpdated,
+			organization
+		});
+		if (response && typeof response === "object" && "data" in response) {
+			const updatedMember = await adapter.updateMember(ctx.body.memberId, response.data.role || newRole);
+			if (!updatedMember) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+			if (option?.organizationHooks?.afterUpdateMemberRole) await option?.organizationHooks.afterUpdateMemberRole({
+				member: updatedMember,
+				previousRole,
+				user: userBeingUpdated,
+				organization
+			});
+			return ctx.json(updatedMember);
+		}
+	}
+	const updatedMember = await adapter.updateMember(ctx.body.memberId, newRole);
+	if (!updatedMember) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	if (option?.organizationHooks?.afterUpdateMemberRole) await option?.organizationHooks.afterUpdateMemberRole({
+		member: updatedMember,
+		previousRole,
+		user: userBeingUpdated,
+		organization
+	});
+	return ctx.json(updatedMember);
+});
+const getActiveMember = (options) => createAuthEndpoint("/organization/get-active-member", {
+	method: "GET",
+	use: [orgMiddleware, orgSessionMiddleware],
+	requireHeaders: true,
+	metadata: { openapi: {
+		description: "Get the member details of the active organization",
+		responses: { "200": {
+			description: "Success",
+			content: { "application/json": { schema: {
+				type: "object",
+				properties: {
+					id: { type: "string" },
+					userId: { type: "string" },
+					organizationId: { type: "string" },
+					role: { type: "string" }
+				},
+				required: [
+					"id",
+					"userId",
+					"organizationId",
+					"role"
+				]
+			} } }
+		} }
+	} }
+}, async (ctx) => {
+	const session = ctx.context.session;
+	const organizationId = session.session.activeOrganizationId;
+	if (!organizationId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION);
+	const member = await getOrgAdapter(ctx.context, options).findMemberByOrgId({
+		userId: session.user.id,
+		organizationId
+	});
+	if (!member) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	return ctx.json(member);
+});
+const leaveOrganizationBodySchema = z.object({ organizationId: z.string().meta({ description: "The organization Id for the member to leave. Eg: \"organization-id\"" }) });
+const leaveOrganization = (options) => createAuthEndpoint("/organization/leave", {
+	method: "POST",
+	body: leaveOrganizationBodySchema,
+	requireHeaders: true,
+	use: [sessionMiddleware, orgMiddleware]
+}, async (ctx) => {
+	const session = ctx.context.session;
+	const adapter = getOrgAdapter(ctx.context, options);
+	const member = await adapter.findMemberByOrgId({
+		userId: session.user.id,
+		organizationId: ctx.body.organizationId
+	});
+	if (!member) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	const creatorRole = ctx.context.orgOptions?.creatorRole || "owner";
+	if (member.role.split(",").includes(creatorRole)) {
+		if ((await ctx.context.adapter.findMany({
+			model: "member",
+			where: [{
+				field: "organizationId",
+				value: ctx.body.organizationId
+			}]
+		})).filter((member) => member.role.split(",").includes(creatorRole)).length <= 1) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER);
+	}
+	await adapter.deleteMember({
+		memberId: member.id,
+		organizationId: ctx.body.organizationId,
+		userId: session.user.id
+	});
+	if (session.session.activeOrganizationId === ctx.body.organizationId) await adapter.setActiveOrganization(session.session.token, null, ctx);
+	return ctx.json(member);
+});
+const listMembers = (options) => createAuthEndpoint("/organization/list-members", {
+	method: "GET",
+	query: z.object({
+		limit: z.string().meta({ description: "The number of users to return" }).or(z.number()).optional(),
+		offset: z.string().meta({ description: "The offset to start from" }).or(z.number()).optional(),
+		sortBy: z.string().meta({ description: "The field to sort by" }).optional(),
+		sortDirection: z.enum(["asc", "desc"]).meta({ description: "The direction to sort by" }).optional(),
+		filterField: z.string().meta({ description: "The field to filter by" }).optional(),
+		filterValue: z.string().meta({ description: "The value to filter by" }).or(z.number()).or(z.boolean()).optional(),
+		filterOperator: z.enum([
+			"eq",
+			"ne",
+			"lt",
+			"lte",
+			"gt",
+			"gte",
+			"contains"
+		]).meta({ description: "The operator to use for the filter" }).optional(),
+		organizationId: z.string().meta({ description: "The organization ID to list members for. If not provided, will default to the user's active organization. Eg: \"organization-id\"" }).optional(),
+		organizationSlug: z.string().meta({ description: "The organization slug to list members for. If not provided, will default to the user's active organization. Eg: \"organization-slug\"" }).optional()
+	}).optional(),
+	requireHeaders: true,
+	use: [orgMiddleware, orgSessionMiddleware]
+}, async (ctx) => {
+	const session = ctx.context.session;
+	let organizationId = ctx.query?.organizationId || session.session.activeOrganizationId;
+	const adapter = getOrgAdapter(ctx.context, options);
+	if (ctx.query?.organizationSlug) {
+		const organization = await adapter.findOrganizationBySlug(ctx.query?.organizationSlug);
+		if (!organization) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND);
+		organizationId = organization.id;
+	}
+	if (!organizationId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION);
+	if (!await adapter.findMemberByOrgId({
+		userId: session.user.id,
+		organizationId
+	})) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION);
+	const { members, total } = await adapter.listMembers({
+		organizationId,
+		limit: ctx.query?.limit ? Number(ctx.query.limit) : void 0,
+		offset: ctx.query?.offset ? Number(ctx.query.offset) : void 0,
+		sortBy: ctx.query?.sortBy,
+		sortOrder: ctx.query?.sortDirection,
+		filter: ctx.query?.filterField ? {
+			field: ctx.query?.filterField,
+			operator: ctx.query.filterOperator,
+			value: ctx.query.filterValue
+		} : void 0
+	});
+	return ctx.json({
+		members,
+		total
+	});
+});
+const getActiveMemberRoleQuerySchema = z.object({
+	userId: z.string().meta({ description: "The user ID to get the role for. If not provided, will default to the current user's" }).optional(),
+	organizationId: z.string().meta({ description: "The organization ID to list members for. If not provided, will default to the user's active organization. Eg: \"organization-id\"" }).optional(),
+	organizationSlug: z.string().meta({ description: "The organization slug to list members for. If not provided, will default to the user's active organization. Eg: \"organization-slug\"" }).optional()
+}).optional();
+const getActiveMemberRole = (options) => createAuthEndpoint("/organization/get-active-member-role", {
+	method: "GET",
+	query: getActiveMemberRoleQuerySchema,
+	requireHeaders: true,
+	use: [orgMiddleware, orgSessionMiddleware]
+}, async (ctx) => {
+	const session = ctx.context.session;
+	let organizationId = ctx.query?.organizationId || session.session.activeOrganizationId;
+	const adapter = getOrgAdapter(ctx.context, options);
+	if (ctx.query?.organizationSlug) {
+		const organization = await adapter.findOrganizationBySlug(ctx.query?.organizationSlug);
+		if (!organization) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND);
+		organizationId = organization.id;
+	}
+	if (!organizationId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION);
+	const isMember = await adapter.findMemberByOrgId({
+		userId: session.user.id,
+		organizationId
+	});
+	if (!isMember) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION);
+	if (!ctx.query?.userId) return ctx.json({ role: isMember.role });
+	const userIdToGetRole = ctx.query?.userId;
+	const member = await adapter.findMemberByOrgId({
+		userId: userIdToGetRole,
+		organizationId
+	});
+	if (!member) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION);
+	return ctx.json({ role: member?.role });
+});
+
+//#endregion
+export { addMember, getActiveMember, getActiveMemberRole, leaveOrganization, listMembers, removeMember, updateMemberRole };
+//# sourceMappingURL=crud-members.mjs.map