@meridianjs/meridian 1.31.0 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api/admin/events/route.d.ts.map +1 -1
- package/dist/api/admin/events/route.js +15 -8
- package/dist/api/admin/events/route.js.map +1 -1
- package/dist/api/admin/issues/[id]/attachments/[attachmentId]/route.d.ts.map +1 -1
- package/dist/api/admin/issues/[id]/attachments/[attachmentId]/route.js +34 -31
- package/dist/api/admin/issues/[id]/attachments/[attachmentId]/route.js.map +1 -1
- package/dist/api/admin/issues/[id]/attachments/route.d.ts.map +1 -1
- package/dist/api/admin/issues/[id]/attachments/route.js +47 -22
- package/dist/api/admin/issues/[id]/attachments/route.js.map +1 -1
- package/dist/api/admin/issues/[id]/comments/route.d.ts.map +1 -1
- package/dist/api/admin/issues/[id]/comments/route.js +20 -17
- package/dist/api/admin/issues/[id]/comments/route.js.map +1 -1
- package/dist/api/admin/issues/[id]/time-logs/[logId]/route.d.ts.map +1 -1
- package/dist/api/admin/issues/[id]/time-logs/[logId]/route.js +63 -60
- package/dist/api/admin/issues/[id]/time-logs/[logId]/route.js.map +1 -1
- package/dist/api/admin/issues/[id]/time-logs/route.d.ts.map +1 -1
- package/dist/api/admin/issues/[id]/time-logs/route.js +42 -17
- package/dist/api/admin/issues/[id]/time-logs/route.js.map +1 -1
- package/dist/api/admin/issues/[id]/time-logs/timer/route.d.ts.map +1 -1
- package/dist/api/admin/issues/[id]/time-logs/timer/route.js +49 -24
- package/dist/api/admin/issues/[id]/time-logs/timer/route.js.map +1 -1
- package/dist/api/admin/issues/route.d.ts.map +1 -1
- package/dist/api/admin/issues/route.js +2 -7
- package/dist/api/admin/issues/route.js.map +1 -1
- package/dist/api/admin/my/tasks/route.d.ts.map +1 -1
- package/dist/api/admin/my/tasks/route.js +16 -24
- package/dist/api/admin/my/tasks/route.js.map +1 -1
- package/dist/api/admin/projects/[id]/access/route.d.ts.map +1 -1
- package/dist/api/admin/projects/[id]/access/route.js +15 -2
- package/dist/api/admin/projects/[id]/access/route.js.map +1 -1
- package/dist/api/admin/projects/[id]/access-requests/[requestId]/route.d.ts +4 -0
- package/dist/api/admin/projects/[id]/access-requests/[requestId]/route.d.ts.map +1 -0
- package/dist/api/admin/projects/[id]/access-requests/[requestId]/route.js +105 -0
- package/dist/api/admin/projects/[id]/access-requests/[requestId]/route.js.map +1 -0
- package/dist/api/admin/projects/[id]/access-requests/route.d.ts +5 -0
- package/dist/api/admin/projects/[id]/access-requests/route.d.ts.map +1 -0
- package/dist/api/admin/projects/[id]/access-requests/route.js +138 -0
- package/dist/api/admin/projects/[id]/access-requests/route.js.map +1 -0
- package/dist/api/admin/projects/[id]/health/[updateId]/route.d.ts.map +1 -1
- package/dist/api/admin/projects/[id]/health/[updateId]/route.js +83 -73
- package/dist/api/admin/projects/[id]/health/[updateId]/route.js.map +1 -1
- package/dist/api/admin/projects/[id]/health/[updateId]/send/route.d.ts.map +1 -1
- package/dist/api/admin/projects/[id]/health/[updateId]/send/route.js +68 -65
- package/dist/api/admin/projects/[id]/health/[updateId]/send/route.js.map +1 -1
- package/dist/api/admin/projects/[id]/health/route.d.ts.map +1 -1
- package/dist/api/admin/projects/[id]/health/route.js +33 -30
- package/dist/api/admin/projects/[id]/health/route.js.map +1 -1
- package/dist/api/admin/projects/[id]/share/route.d.ts.map +1 -1
- package/dist/api/admin/projects/[id]/share/route.js +44 -39
- package/dist/api/admin/projects/[id]/share/route.js.map +1 -1
- package/dist/api/admin/projects/[id]/statuses/[statusId]/route.d.ts.map +1 -1
- package/dist/api/admin/projects/[id]/statuses/[statusId]/route.js +77 -72
- package/dist/api/admin/projects/[id]/statuses/[statusId]/route.js.map +1 -1
- package/dist/api/admin/projects/[id]/statuses/reorder/route.d.ts.map +1 -1
- package/dist/api/admin/projects/[id]/statuses/reorder/route.js +20 -17
- package/dist/api/admin/projects/[id]/statuses/reorder/route.js.map +1 -1
- package/dist/api/admin/projects/[id]/statuses/route.d.ts.map +1 -1
- package/dist/api/admin/projects/[id]/statuses/route.js +23 -20
- package/dist/api/admin/projects/[id]/statuses/route.js.map +1 -1
- package/dist/api/admin/projects/[id]/task-lists/route.d.ts.map +1 -1
- package/dist/api/admin/projects/[id]/task-lists/route.js +22 -19
- package/dist/api/admin/projects/[id]/task-lists/route.js.map +1 -1
- package/dist/api/admin/projects/route.d.ts.map +1 -1
- package/dist/api/admin/projects/route.js +58 -40
- package/dist/api/admin/projects/route.js.map +1 -1
- package/dist/api/admin/reporting/members/route.d.ts.map +1 -1
- package/dist/api/admin/reporting/members/route.js +2 -6
- package/dist/api/admin/reporting/members/route.js.map +1 -1
- package/dist/api/admin/reporting/time-logs/route.d.ts.map +1 -1
- package/dist/api/admin/reporting/time-logs/route.js +11 -26
- package/dist/api/admin/reporting/time-logs/route.js.map +1 -1
- package/dist/api/admin/task-lists/[id]/route.d.ts.map +1 -1
- package/dist/api/admin/task-lists/[id]/route.js +44 -39
- package/dist/api/admin/task-lists/[id]/route.js.map +1 -1
- package/dist/api/admin/time-logs/active-timer/route.d.ts.map +1 -1
- package/dist/api/admin/time-logs/active-timer/route.js +14 -11
- package/dist/api/admin/time-logs/active-timer/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/access-requests/[requestId]/route.d.ts +1 -0
- package/dist/api/admin/workspaces/[id]/access-requests/[requestId]/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/access-requests/[requestId]/route.js +35 -15
- package/dist/api/admin/workspaces/[id]/access-requests/[requestId]/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/access-requests/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/access-requests/route.js +5 -19
- package/dist/api/admin/workspaces/[id]/access-requests/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/invitations/[inviteId]/resend/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/invitations/[inviteId]/resend/route.js +1 -15
- package/dist/api/admin/workspaces/[id]/invitations/[inviteId]/resend/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/invitations/[inviteId]/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/invitations/[inviteId]/route.js +1 -15
- package/dist/api/admin/workspaces/[id]/invitations/[inviteId]/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/invitations/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/invitations/route.js +49 -65
- package/dist/api/admin/workspaces/[id]/invitations/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/logo/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/logo/route.js +1 -15
- package/dist/api/admin/workspaces/[id]/logo/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/members/[userId]/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/members/[userId]/route.js +1 -19
- package/dist/api/admin/workspaces/[id]/members/[userId]/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/members/batch/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/members/batch/route.js +48 -56
- package/dist/api/admin/workspaces/[id]/members/batch/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/members/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/members/route.js +43 -60
- package/dist/api/admin/workspaces/[id]/members/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/route.js +3 -22
- package/dist/api/admin/workspaces/[id]/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/teams/[teamId]/members/[userId]/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/teams/[teamId]/members/[userId]/route.js +1 -19
- package/dist/api/admin/workspaces/[id]/teams/[teamId]/members/[userId]/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/teams/[teamId]/members/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/teams/[teamId]/members/route.js +1 -19
- package/dist/api/admin/workspaces/[id]/teams/[teamId]/members/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/teams/[teamId]/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/teams/[teamId]/route.js +1 -19
- package/dist/api/admin/workspaces/[id]/teams/[teamId]/route.js.map +1 -1
- package/dist/api/admin/workspaces/[id]/teams/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/[id]/teams/route.js +1 -19
- package/dist/api/admin/workspaces/[id]/teams/route.js.map +1 -1
- package/dist/api/admin/workspaces/my-access-requests/route.d.ts +3 -0
- package/dist/api/admin/workspaces/my-access-requests/route.d.ts.map +1 -0
- package/dist/api/admin/workspaces/my-access-requests/route.js +20 -0
- package/dist/api/admin/workspaces/my-access-requests/route.js.map +1 -0
- package/dist/api/admin/workspaces/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/route.js +49 -34
- package/dist/api/admin/workspaces/route.js.map +1 -1
- package/dist/api/admin/workspaces/search/route.d.ts.map +1 -1
- package/dist/api/admin/workspaces/search/route.js +5 -2
- package/dist/api/admin/workspaces/search/route.js.map +1 -1
- package/dist/api/auth/_apply-pending-invites.d.ts +12 -0
- package/dist/api/auth/_apply-pending-invites.d.ts.map +1 -0
- package/dist/api/auth/_apply-pending-invites.js +68 -0
- package/dist/api/auth/_apply-pending-invites.js.map +1 -0
- package/dist/api/auth/google/callback/route.d.ts.map +1 -1
- package/dist/api/auth/google/callback/route.js +20 -0
- package/dist/api/auth/google/callback/route.js.map +1 -1
- package/dist/api/auth/invite/[token]/route.d.ts.map +1 -1
- package/dist/api/auth/invite/[token]/route.js +2 -9
- package/dist/api/auth/invite/[token]/route.js.map +1 -1
- package/dist/api/auth/register/route.d.ts.map +1 -1
- package/dist/api/auth/register/route.js +16 -0
- package/dist/api/auth/register/route.js.map +1 -1
- package/dist/api/utils/assign-default-role.d.ts +6 -0
- package/dist/api/utils/assign-default-role.d.ts.map +1 -0
- package/dist/api/utils/assign-default-role.js +23 -0
- package/dist/api/utils/assign-default-role.js.map +1 -0
- package/dist/api/utils/project-access.d.ts +9 -0
- package/dist/api/utils/project-access.d.ts.map +1 -1
- package/dist/api/utils/project-access.js +27 -0
- package/dist/api/utils/project-access.js.map +1 -1
- package/dist/api/utils/workspace-access.d.ts +17 -0
- package/dist/api/utils/workspace-access.d.ts.map +1 -0
- package/dist/api/utils/workspace-access.js +72 -0
- package/dist/api/utils/workspace-access.js.map +1 -0
- package/dist/subscribers/project-access-request-resolved.d.ts +12 -0
- package/dist/subscribers/project-access-request-resolved.d.ts.map +1 -0
- package/dist/subscribers/project-access-request-resolved.js +55 -0
- package/dist/subscribers/project-access-request-resolved.js.map +1 -0
- package/dist/subscribers/project-access-requested.d.ts +11 -0
- package/dist/subscribers/project-access-requested.d.ts.map +1 -0
- package/dist/subscribers/project-access-requested.js +12 -0
- package/dist/subscribers/project-access-requested.js.map +1 -0
- package/dist/subscribers/workspace-access-request-resolved.d.ts +12 -0
- package/dist/subscribers/workspace-access-request-resolved.d.ts.map +1 -0
- package/dist/subscribers/workspace-access-request-resolved.js +60 -0
- package/dist/subscribers/workspace-access-request-resolved.js.map +1 -0
- package/dist/subscribers/workspace-access-requested.d.ts.map +1 -1
- package/dist/subscribers/workspace-access-requested.js +1 -0
- package/dist/subscribers/workspace-access-requested.js.map +1 -1
- package/package.json +19 -19
|
@@ -1,82 +1,66 @@
|
|
|
1
|
+
import { requirePermission } from "@meridianjs/auth";
|
|
1
2
|
import { createInvitationWorkflow } from "../../../../../workflows/create-invitation.js";
|
|
2
|
-
|
|
3
|
-
const workspaceService = req.scope.resolve("workspaceModuleService");
|
|
4
|
-
const workspaceMemberService = req.scope.resolve("workspaceMemberModuleService");
|
|
5
|
-
const workspace = await workspaceService.retrieveWorkspace(req.params.id);
|
|
6
|
-
if (!workspace) {
|
|
7
|
-
res.status(404).json({ error: { message: "Workspace not found" } });
|
|
8
|
-
return false;
|
|
9
|
-
}
|
|
10
|
-
const roles = req.user?.roles ?? [];
|
|
11
|
-
const isPrivileged = roles.includes("super-admin") || roles.includes("admin");
|
|
12
|
-
// Private workspaces: always require membership regardless of role
|
|
13
|
-
if (workspace.is_private || !isPrivileged) {
|
|
14
|
-
const membership = await workspaceMemberService.getMembership(req.params.id, req.user?.id);
|
|
15
|
-
if (!membership) {
|
|
16
|
-
res.status(403).json({ error: { message: "Forbidden — not a member of this workspace" } });
|
|
17
|
-
return false;
|
|
18
|
-
}
|
|
19
|
-
}
|
|
20
|
-
return true;
|
|
21
|
-
}
|
|
3
|
+
import { assertWorkspaceAccess } from "../../../../utils/workspace-access.js";
|
|
22
4
|
export const GET = async (req, res) => {
|
|
23
|
-
if (!await
|
|
5
|
+
if (!await assertWorkspaceAccess(req, res))
|
|
24
6
|
return;
|
|
25
7
|
const svc = req.scope.resolve("invitationModuleService");
|
|
26
8
|
const [invitations, count] = await svc.listAndCountInvitations({ workspace_id: req.params.id }, { limit: 100 });
|
|
27
9
|
res.json({ invitations, count });
|
|
28
10
|
};
|
|
29
11
|
export const POST = async (req, res) => {
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
const { email, role, app_role_id } = req.body;
|
|
33
|
-
if (!role || !["super-admin", "admin", "member"].includes(role)) {
|
|
34
|
-
res.status(400).json({ error: { message: "role must be 'super-admin', 'admin', or 'member'" } });
|
|
35
|
-
return;
|
|
36
|
-
}
|
|
37
|
-
// Privilege check: only admins/super-admins can invite admins; only super-admins can invite super-admins
|
|
38
|
-
const callerRoles = req.user?.roles ?? [];
|
|
39
|
-
if (role === "super-admin") {
|
|
40
|
-
if (!callerRoles.includes("super-admin")) {
|
|
41
|
-
res.status(403).json({ error: { message: "Only super-admins can invite users with the super-admin role" } });
|
|
12
|
+
requirePermission("member:invite")(req, res, async () => {
|
|
13
|
+
if (!await assertWorkspaceAccess(req, res))
|
|
42
14
|
return;
|
|
43
|
-
}
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
if (!callerRoles.includes("super-admin") && !callerRoles.includes("admin")) {
|
|
47
|
-
res.status(403).json({ error: { message: "Only admins can invite users with elevated roles" } });
|
|
15
|
+
const { email, role, app_role_id } = req.body;
|
|
16
|
+
if (!role || !["super-admin", "admin", "member"].includes(role)) {
|
|
17
|
+
res.status(400).json({ error: { message: "role must be 'super-admin', 'admin', or 'member'" } });
|
|
48
18
|
return;
|
|
49
19
|
}
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
20
|
+
// Privilege check: only admins/super-admins can invite admins; only super-admins can invite super-admins
|
|
21
|
+
const callerRoles = req.user?.roles ?? [];
|
|
22
|
+
if (role === "super-admin") {
|
|
23
|
+
if (!callerRoles.includes("super-admin")) {
|
|
24
|
+
res.status(403).json({ error: { message: "Only super-admins can invite users with the super-admin role" } });
|
|
25
|
+
return;
|
|
26
|
+
}
|
|
27
|
+
}
|
|
28
|
+
else if (role !== "member") {
|
|
29
|
+
if (!callerRoles.includes("super-admin") && !callerRoles.includes("admin")) {
|
|
30
|
+
res.status(403).json({ error: { message: "Only admins can invite users with elevated roles" } });
|
|
31
|
+
return;
|
|
32
|
+
}
|
|
59
33
|
}
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
34
|
+
if (email?.trim()) {
|
|
35
|
+
const normalizedEmail = email.trim().toLowerCase();
|
|
36
|
+
const userService = req.scope.resolve("userModuleService");
|
|
37
|
+
const invitationService = req.scope.resolve("invitationModuleService");
|
|
38
|
+
const [existing] = await userService.listAndCountUsers({ email: normalizedEmail }, { limit: 1 });
|
|
39
|
+
if (existing.length > 0) {
|
|
40
|
+
res.status(409).json({ error: { message: `A user with email ${normalizedEmail} already exists. They can be added directly as a workspace member.` } });
|
|
41
|
+
return;
|
|
42
|
+
}
|
|
43
|
+
// Check for any pending invitation for this email (any scope)
|
|
44
|
+
const [pendingInvites] = await invitationService.listAndCountInvitations({ email: normalizedEmail, status: "pending" }, { limit: 1 });
|
|
45
|
+
if (pendingInvites.length > 0) {
|
|
46
|
+
res.status(409).json({ error: { message: `A pending invitation for ${normalizedEmail} already exists.` } });
|
|
47
|
+
return;
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
const { result, errors, transaction_status } = await createInvitationWorkflow(req.scope).run({
|
|
51
|
+
input: {
|
|
52
|
+
workspace_id: req.params.id,
|
|
53
|
+
email: email?.trim() || null,
|
|
54
|
+
role,
|
|
55
|
+
app_role_id: app_role_id ?? null,
|
|
56
|
+
created_by: req.user?.id ?? "system",
|
|
57
|
+
},
|
|
58
|
+
});
|
|
59
|
+
if (transaction_status === "reverted") {
|
|
60
|
+
res.status(500).json({ error: { message: errors[0]?.message ?? "Failed to create invitation" } });
|
|
64
61
|
return;
|
|
65
62
|
}
|
|
66
|
-
|
|
67
|
-
const { result, errors, transaction_status } = await createInvitationWorkflow(req.scope).run({
|
|
68
|
-
input: {
|
|
69
|
-
workspace_id: req.params.id,
|
|
70
|
-
email: email?.trim() || null,
|
|
71
|
-
role,
|
|
72
|
-
app_role_id: app_role_id ?? null,
|
|
73
|
-
created_by: req.user?.id ?? "system",
|
|
74
|
-
},
|
|
63
|
+
res.status(201).json({ invitation: result });
|
|
75
64
|
});
|
|
76
|
-
if (transaction_status === "reverted") {
|
|
77
|
-
res.status(500).json({ error: { message: errors[0]?.message ?? "Failed to create invitation" } });
|
|
78
|
-
return;
|
|
79
|
-
}
|
|
80
|
-
res.status(201).json({ invitation: result });
|
|
81
65
|
};
|
|
82
66
|
//# sourceMappingURL=route.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../src/api/admin/workspaces/[id]/invitations/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../src/api/admin/workspaces/[id]/invitations/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAA;AACpD,OAAO,EAAE,wBAAwB,EAAE,MAAM,+CAA+C,CAAA;AACxF,OAAO,EAAE,qBAAqB,EAAE,MAAM,uCAAuC,CAAA;AAE7E,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACnD,IAAI,CAAC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,CAAC;QAAE,OAAM;IAClD,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,yBAAyB,CAAQ,CAAA;IAC/D,MAAM,CAAC,WAAW,EAAE,KAAK,CAAC,GAAG,MAAM,GAAG,CAAC,uBAAuB,CAC5D,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAC/B,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAA;IACD,GAAG,CAAC,IAAI,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,CAAA;AAClC,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACpD,iBAAiB,CAAC,eAAe,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,IAAI,EAAE;QACtD,IAAI,CAAC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,CAAC;YAAE,OAAM;QAClD,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;QAE/C,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,aAAa,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAChE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,kDAAkD,EAAE,EAAE,CAAC,CAAA;YAChG,OAAM;QACR,CAAC;QAED,yGAAyG;QACzG,MAAM,WAAW,GAAa,GAAG,CAAC,IAAI,EAAE,KAAK,IAAI,EAAE,CAAA;QACnD,IAAI,IAAI,KAAK,aAAa,EAAE,CAAC;YAC3B,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;gBACzC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,8DAA8D,EAAE,EAAE,CAAC,CAAA;gBAC5G,OAAM;YACR,CAAC;QACH,CAAC;aAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3E,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,kDAAkD,EAAE,EAAE,CAAC,CAAA;gBAChG,OAAM;YACR,CAAC;QACH,CAAC;QAED,IAAI,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC;YAClB,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;YAClD,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAQ,CAAA;YACjE,MAAM,iBAAiB,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,yBAAyB,CAAQ,CAAA;YAE7E,MAAM,CAAC,QAAQ,CAAC,GAAG,MAAM,WAAW,CAAC,iBAAiB,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAA;YAChG,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,qBAAqB,eAAe,oEAAoE,EAAE,EAAE,CAAC,CAAA;gBACtJ,OAAM;YACR,CAAC;YAED,8DAA8D;YAC9D,MAAM,CAAC,cAAc,CAAC,GAAG,MAAM,iBAAiB,CAAC,uBAAuB,CACtE,EAAE,KAAK,EAAE,eAAe,EAAE,MAAM,EAAE,SAAS,EAAE,EAC7C,EAAE,KAAK,EAAE,CAAC,EAAE,CACb,CAAA;YACD,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,4BAA4B,eAAe,kBAAkB,EAAE,EAAE,CAAC,CAAA;gBAC3G,OAAM;YACR,CAAC;QACH,CAAC;QAED,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,kBAAkB,EAAE,GAAG,MAAM,wBAAwB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC;YAC3F,KAAK,EAAE;gBACL,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE;gBAC3B,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,IAAI;gBAC5B,IAAI;gBACJ,WAAW,EAAE,WAAW,IAAI,IAAI;gBAChC,UAAU,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,IAAI,QAAQ;aACrC;SACF,CAAC,CAAA;QAEF,IAAI,kBAAkB,KAAK,UAAU,EAAE,CAAC;YACtC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,6BAA6B,EAAE,EAAE,CAAC,CAAA;YACjG,OAAM;QACR,CAAC;QAEC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IAC9C,CAAC,CAAC,CAAA;AACJ,CAAC,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../src/api/admin/workspaces/[id]/logo/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../src/api/admin/workspaces/[id]/logo/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAKvC,eAAO,MAAM,IAAI,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,kBAsBjD,CAAA;AAED,eAAO,MAAM,MAAM,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,kBAenD,CAAA"}
|
|
@@ -1,20 +1,6 @@
|
|
|
1
1
|
import { requirePermission } from "@meridianjs/auth";
|
|
2
2
|
import { processUpload, deleteUpload } from "../../../../../utils/upload.js";
|
|
3
|
-
|
|
4
|
-
const workspaceService = req.scope.resolve("workspaceModuleService");
|
|
5
|
-
const workspaceMemberService = req.scope.resolve("workspaceMemberModuleService");
|
|
6
|
-
const workspace = await workspaceService.retrieveWorkspace(req.params.id);
|
|
7
|
-
const roles = req.user?.roles ?? [];
|
|
8
|
-
const isPrivileged = roles.includes("super-admin") || roles.includes("admin");
|
|
9
|
-
if (workspace?.is_private || !isPrivileged) {
|
|
10
|
-
const membership = await workspaceMemberService.getMembership(req.params.id, req.user?.id);
|
|
11
|
-
if (!membership) {
|
|
12
|
-
res.status(403).json({ error: { message: "Forbidden — not a member of this workspace" } });
|
|
13
|
-
return false;
|
|
14
|
-
}
|
|
15
|
-
}
|
|
16
|
-
return true;
|
|
17
|
-
}
|
|
3
|
+
import { assertWorkspaceAccess } from "../../../../utils/workspace-access.js";
|
|
18
4
|
export const POST = async (req, res) => {
|
|
19
5
|
requirePermission("workspace:update")(req, res, async () => {
|
|
20
6
|
if (!await assertWorkspaceAccess(req, res))
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../src/api/admin/workspaces/[id]/logo/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAA;AACpD,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAA;
|
|
1
|
+
{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../src/api/admin/workspaces/[id]/logo/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAA;AACpD,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAA;AAC5E,OAAO,EAAE,qBAAqB,EAAE,MAAM,uCAAuC,CAAA;AAE7E,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACpD,iBAAiB,CAAC,kBAAkB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,IAAI,EAAE;QACzD,IAAI,CAAC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,CAAC;YAAE,OAAM;QAElD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,iBAAiB,CAAC,CAAA;QACvE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,mEAAmE,EAAE,EAAE,CAAC,CAAA;YACjH,OAAM;QACR,CAAC;QAED,MAAM,gBAAgB,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,wBAAwB,CAAQ,CAAA;QAC3E,MAAM,QAAQ,GAAG,MAAM,gBAAgB,CAAC,iBAAiB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;QAC1F,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,sBAAsB,EAAE,EAAE,CAAC,CAAA;YACpE,OAAM;QACR,CAAC;QAED,IAAI,QAAQ,CAAC,QAAQ;YAAE,MAAM,YAAY,CAAC,GAAG,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAA;QAEjE,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,CAAA;QACjG,GAAG,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,CAAC,CAAA;IACzB,CAAC,CAAC,CAAA;AACJ,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,MAAM,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACtD,iBAAiB,CAAC,kBAAkB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,IAAI,EAAE;QACzD,IAAI,CAAC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,CAAC;YAAE,OAAM;QAElD,MAAM,gBAAgB,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,wBAAwB,CAAQ,CAAA;QAC3E,MAAM,QAAQ,GAAG,MAAM,gBAAgB,CAAC,iBAAiB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;QAC1F,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,sBAAsB,EAAE,EAAE,CAAC,CAAA;YACpE,OAAM;QACR,CAAC;QAED,IAAI,QAAQ,CAAC,QAAQ;YAAE,MAAM,YAAY,CAAC,GAAG,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAA;QACjE,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;QAC3F,GAAG,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,CAAC,CAAA;IACzB,CAAC,CAAC,CAAA;AACJ,CAAC,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../../src/api/admin/workspaces/[id]/members/[userId]/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../../src/api/admin/workspaces/[id]/members/[userId]/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;AAiBrD,eAAO,MAAM,KAAK,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,kBAsCtE,CAAA;AAED,eAAO,MAAM,MAAM,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,kBA6CvE,CAAA"}
|
|
@@ -9,25 +9,7 @@ function actorRank(req) {
|
|
|
9
9
|
const roles = req.user?.roles ?? [];
|
|
10
10
|
return Math.max(...roles.map((r) => ROLE_RANK[r] ?? 0), 0);
|
|
11
11
|
}
|
|
12
|
-
|
|
13
|
-
const workspaceService = req.scope.resolve("workspaceModuleService");
|
|
14
|
-
const workspaceMemberService = req.scope.resolve("workspaceMemberModuleService");
|
|
15
|
-
const workspace = await workspaceService.retrieveWorkspace(req.params.id);
|
|
16
|
-
if (!workspace) {
|
|
17
|
-
res.status(404).json({ error: { message: "Workspace not found" } });
|
|
18
|
-
return false;
|
|
19
|
-
}
|
|
20
|
-
const roles = req.user?.roles ?? [];
|
|
21
|
-
const isPrivileged = roles.includes("super-admin") || roles.includes("admin");
|
|
22
|
-
if (workspace.is_private || !isPrivileged) {
|
|
23
|
-
const membership = await workspaceMemberService.getMembership(req.params.id, req.user?.id);
|
|
24
|
-
if (!membership) {
|
|
25
|
-
res.status(403).json({ error: { message: "Forbidden — not a member of this workspace" } });
|
|
26
|
-
return false;
|
|
27
|
-
}
|
|
28
|
-
}
|
|
29
|
-
return true;
|
|
30
|
-
}
|
|
12
|
+
import { assertWorkspaceAccess } from "../../../../../utils/workspace-access.js";
|
|
31
13
|
export const PATCH = async (req, res, next) => {
|
|
32
14
|
requirePermission("member:update_role")(req, res, async () => {
|
|
33
15
|
try {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../../src/api/admin/workspaces/[id]/members/[userId]/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAA;AAEpD,MAAM,SAAS,GAA2B;IACxC,aAAa,EAAE,CAAC;IAChB,OAAO,EAAE,CAAC;IACV,WAAW,EAAE,CAAC;IACd,QAAQ,EAAE,CAAC;CACZ,CAAA;AAED,SAAS,SAAS,CAAC,GAAQ;IACzB,MAAM,KAAK,GAAa,GAAG,CAAC,IAAI,EAAE,KAAK,IAAI,EAAE,CAAA;IAC7C,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;AAC5D,CAAC;AAED,
|
|
1
|
+
{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../../src/api/admin/workspaces/[id]/members/[userId]/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAA;AAEpD,MAAM,SAAS,GAA2B;IACxC,aAAa,EAAE,CAAC;IAChB,OAAO,EAAE,CAAC;IACV,WAAW,EAAE,CAAC;IACd,QAAQ,EAAE,CAAC;CACZ,CAAA;AAED,SAAS,SAAS,CAAC,GAAQ;IACzB,MAAM,KAAK,GAAa,GAAG,CAAC,IAAI,EAAE,KAAK,IAAI,EAAE,CAAA;IAC7C,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;AAC5D,CAAC;AAED,OAAO,EAAE,qBAAqB,EAAE,MAAM,0CAA0C,CAAA;AAEhF,MAAM,CAAC,MAAM,KAAK,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;IACzE,iBAAiB,CAAC,oBAAoB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,IAAI,EAAE;QAC3D,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,CAAC;gBAAE,OAAM;YAElD,MAAM,sBAAsB,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,8BAA8B,CAAQ,CAAA;YACvF,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;YAEzB,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,kCAAkC,EAAE,EAAE,CAAC,CAAA;gBAChF,OAAM;YACR,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,sBAAsB,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;YAC/F,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE,EAAE,CAAC,CAAA;gBAChE,OAAM;YACR,CAAC;YAED,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,CAAA;YAC5B,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAElD,IAAI,UAAU,IAAI,KAAK,EAAE,CAAC;gBACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,+DAA+D,EAAE,EAAE,CAAC,CAAA;gBAC7G,OAAM;YACR,CAAC;YAED,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC;gBACpC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,qDAAqD,EAAE,EAAE,CAAC,CAAA;gBACnG,OAAM;YACR,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,sBAAsB,CAAC,qBAAqB,CAAC,UAAU,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;YAC3F,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAA;QAC/B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,GAAG,CAAC,CAAA;QACX,CAAC;IACH,CAAC,CAAC,CAAA;AACJ,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,MAAM,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;IAC1E,iBAAiB,CAAC,eAAe,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,IAAI,EAAE;QACtD,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,CAAC;gBAAE,OAAM;YAElD,MAAM,sBAAsB,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,8BAA8B,CAAQ,CAAA;YACvF,MAAM,cAAc,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,sBAAsB,CAAQ,CAAA;YACvE,MAAM,oBAAoB,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,4BAA4B,CAAQ,CAAA;YAEnF,MAAM,UAAU,GAAG,MAAM,sBAAsB,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;YAC/F,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE,EAAE,CAAC,CAAA;gBAChE,OAAM;YACR,CAAC;YAED,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,KAAK,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC;gBACvC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,4BAA4B,EAAE,EAAE,CAAC,CAAA;gBAC1E,OAAM;YACR,CAAC;YAED,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,CAAA;YAC5B,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAElD,IAAI,UAAU,IAAI,KAAK,EAAE,CAAC;gBACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,mDAAmD,EAAE,EAAE,CAAC,CAAA;gBACjG,OAAM;YACR,CAAC;YAED,6CAA6C;YAC7C,MAAM,CAAC,QAAQ,CAAC,GAAG,MAAM,cAAc,CAAC,oBAAoB,CAC1D,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAC/B,EAAE,KAAK,EAAE,IAAI,EAAE,CAChB,CAAA;YACD,MAAM,OAAO,CAAC,GAAG,CACf,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CACtB,oBAAoB,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAClF,CACF,CAAA;YAED,MAAM,sBAAsB,CAAC,qBAAqB,CAAC,UAAU,CAAC,EAAE,CAAC,CAAA;YACjE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAA;QACxB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,GAAG,CAAC,CAAA;QACX,CAAC;IACH,CAAC,CAAC,CAAA;AACJ,CAAC,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../../src/api/admin/workspaces/[id]/members/batch/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../../src/api/admin/workspaces/[id]/members/batch/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;AAKrD,eAAO,MAAM,IAAI,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,kBA+DrE,CAAA"}
|
|
@@ -1,68 +1,60 @@
|
|
|
1
|
+
import { requirePermission } from "@meridianjs/auth";
|
|
2
|
+
import { assertWorkspaceAccess } from "../../../../../utils/workspace-access.js";
|
|
3
|
+
import { assignDefaultUserRole } from "../../../../../utils/assign-default-role.js";
|
|
1
4
|
export const POST = async (req, res, next) => {
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
const roles = req.user?.roles ?? [];
|
|
11
|
-
const isPrivileged = roles.includes("super-admin") || roles.includes("admin");
|
|
12
|
-
if (workspace.is_private || !isPrivileged) {
|
|
13
|
-
const membership = await workspaceMemberService.getMembership(req.params.id, req.user?.id);
|
|
14
|
-
if (!membership) {
|
|
15
|
-
res.status(403).json({ error: { message: "Forbidden — not a member of this workspace" } });
|
|
5
|
+
requirePermission("member:invite")(req, res, async () => {
|
|
6
|
+
try {
|
|
7
|
+
if (!await assertWorkspaceAccess(req, res))
|
|
8
|
+
return;
|
|
9
|
+
const workspaceMemberService = req.scope.resolve("workspaceMemberModuleService");
|
|
10
|
+
const { user_ids, role, app_role_id } = req.body;
|
|
11
|
+
if (!Array.isArray(user_ids) || user_ids.length === 0) {
|
|
12
|
+
res.status(400).json({ error: { message: "user_ids must be a non-empty array" } });
|
|
16
13
|
return;
|
|
17
14
|
}
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
let skipped = 0;
|
|
27
|
-
for (const userId of user_ids) {
|
|
28
|
-
const existing = await workspaceMemberService.getMembership(req.params.id, userId);
|
|
29
|
-
if (existing) {
|
|
30
|
-
skipped++;
|
|
31
|
-
continue;
|
|
15
|
+
const wsRole = role === "member" ? "member" : "admin";
|
|
16
|
+
// Validate all user IDs exist before creating memberships
|
|
17
|
+
const userService = req.scope.resolve("userModuleService");
|
|
18
|
+
const userMap = await userService.listUsersByIds(user_ids);
|
|
19
|
+
const invalidIds = user_ids.filter((id) => !userMap.has(id));
|
|
20
|
+
if (invalidIds.length > 0) {
|
|
21
|
+
res.status(404).json({ error: { message: `Users not found: ${invalidIds.join(", ")}` } });
|
|
22
|
+
return;
|
|
32
23
|
}
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
data: {
|
|
24
|
+
let added = 0;
|
|
25
|
+
let skipped = 0;
|
|
26
|
+
for (const userId of user_ids) {
|
|
27
|
+
const existing = await workspaceMemberService.getMembership(req.params.id, userId);
|
|
28
|
+
if (existing) {
|
|
29
|
+
skipped++;
|
|
30
|
+
continue;
|
|
31
|
+
}
|
|
32
|
+
await workspaceMemberService.createWorkspaceMember({
|
|
43
33
|
workspace_id: req.params.id,
|
|
44
34
|
user_id: userId,
|
|
45
35
|
role: wsRole,
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
36
|
+
});
|
|
37
|
+
added++;
|
|
38
|
+
const eventBus = req.scope.resolve("eventBus");
|
|
39
|
+
eventBus.emit({
|
|
40
|
+
name: "workspace.member_added",
|
|
41
|
+
data: {
|
|
42
|
+
workspace_id: req.params.id,
|
|
43
|
+
user_id: userId,
|
|
44
|
+
role: wsRole,
|
|
45
|
+
actor_id: req.user?.id ?? "system",
|
|
46
|
+
},
|
|
47
|
+
}).catch(() => { });
|
|
57
48
|
}
|
|
58
|
-
|
|
59
|
-
|
|
49
|
+
// Assign app roles
|
|
50
|
+
for (const userId of user_ids) {
|
|
51
|
+
await assignDefaultUserRole(req, userId, app_role_id);
|
|
60
52
|
}
|
|
53
|
+
res.status(201).json({ added, skipped });
|
|
54
|
+
}
|
|
55
|
+
catch (err) {
|
|
56
|
+
next(err);
|
|
61
57
|
}
|
|
62
|
-
|
|
63
|
-
}
|
|
64
|
-
catch (err) {
|
|
65
|
-
next(err);
|
|
66
|
-
}
|
|
58
|
+
});
|
|
67
59
|
};
|
|
68
60
|
//# sourceMappingURL=route.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../../src/api/admin/workspaces/[id]/members/batch/route.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../../src/api/admin/workspaces/[id]/members/batch/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAA;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,0CAA0C,CAAA;AAChF,OAAO,EAAE,qBAAqB,EAAE,MAAM,6CAA6C,CAAA;AAEnF,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;IACxE,iBAAiB,CAAC,eAAe,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,IAAI,EAAE;QACtD,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,CAAC;gBAAE,OAAM;YAElD,MAAM,sBAAsB,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,8BAA8B,CAAQ,CAAA;YACvF,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;YAEhD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,oCAAoC,EAAE,EAAE,CAAC,CAAA;gBAClF,OAAM;YACR,CAAC;YAED,MAAM,MAAM,GAAuB,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAA;YAEzE,0DAA0D;YAC1D,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAQ,CAAA;YACjE,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAA;YAC1D,MAAM,UAAU,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,EAAU,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;YACpE,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,oBAAoB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;gBACzF,OAAM;YACR,CAAC;YAED,IAAI,KAAK,GAAG,CAAC,CAAA;YACb,IAAI,OAAO,GAAG,CAAC,CAAA;YAEf,KAAK,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;gBAC9B,MAAM,QAAQ,GAAG,MAAM,sBAAsB,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,CAAA;gBAClF,IAAI,QAAQ,EAAE,CAAC;oBACb,OAAO,EAAE,CAAA;oBACT,SAAQ;gBACV,CAAC;gBAED,MAAM,sBAAsB,CAAC,qBAAqB,CAAC;oBACjD,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE;oBAC3B,OAAO,EAAE,MAAM;oBACf,IAAI,EAAE,MAAM;iBACb,CAAC,CAAA;gBACF,KAAK,EAAE,CAAA;gBAEP,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAQ,CAAA;gBACrD,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,wBAAwB;oBAC9B,IAAI,EAAE;wBACJ,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE;wBAC3B,OAAO,EAAE,MAAM;wBACf,IAAI,EAAE,MAAM;wBACZ,QAAQ,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,IAAI,QAAQ;qBACnC;iBACF,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;YACpB,CAAC;YAED,mBAAmB;YACnB,KAAK,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;gBAC9B,MAAM,qBAAqB,CAAC,GAAG,EAAE,MAAM,EAAE,WAAW,CAAC,CAAA;YACvD,CAAC;YAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAA;QAC1C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,GAAG,CAAC,CAAA;QACX,CAAC;IACH,CAAC,CAAC,CAAA;AACJ,CAAC,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../src/api/admin/workspaces/[id]/members/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../src/api/admin/workspaces/[id]/members/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;AAKrD,eAAO,MAAM,GAAG,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,kBA2BhD,CAAA;AAED,eAAO,MAAM,IAAI,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,kBAqDrE,CAAA"}
|
|
@@ -1,22 +1,6 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
const workspace = await workspaceService.retrieveWorkspace(req.params.id);
|
|
5
|
-
if (!workspace) {
|
|
6
|
-
res.status(404).json({ error: { message: "Workspace not found" } });
|
|
7
|
-
return false;
|
|
8
|
-
}
|
|
9
|
-
const roles = req.user?.roles ?? [];
|
|
10
|
-
const isPrivileged = roles.includes("super-admin") || roles.includes("admin");
|
|
11
|
-
if (workspace.is_private || !isPrivileged) {
|
|
12
|
-
const membership = await workspaceMemberService.getMembership(req.params.id, req.user?.id);
|
|
13
|
-
if (!membership) {
|
|
14
|
-
res.status(403).json({ error: { message: "Forbidden — not a member of this workspace" } });
|
|
15
|
-
return false;
|
|
16
|
-
}
|
|
17
|
-
}
|
|
18
|
-
return true;
|
|
19
|
-
}
|
|
1
|
+
import { requirePermission } from "@meridianjs/auth";
|
|
2
|
+
import { assertWorkspaceAccess } from "../../../../utils/workspace-access.js";
|
|
3
|
+
import { assignDefaultUserRole } from "../../../../utils/assign-default-role.js";
|
|
20
4
|
export const GET = async (req, res) => {
|
|
21
5
|
if (!await assertWorkspaceAccess(req, res))
|
|
22
6
|
return;
|
|
@@ -40,51 +24,50 @@ export const GET = async (req, res) => {
|
|
|
40
24
|
res.json({ members: enriched, count: enriched.length });
|
|
41
25
|
};
|
|
42
26
|
export const POST = async (req, res, next) => {
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
const existing = await workspaceMemberService.getMembership(req.params.id, user_id);
|
|
53
|
-
if (existing) {
|
|
54
|
-
res.status(409).json({ error: { message: "User is already a member of this workspace" } });
|
|
55
|
-
return;
|
|
56
|
-
}
|
|
57
|
-
// workspace_member.role only supports "admin" | "member" — map super-admin → admin
|
|
58
|
-
const wsRole = role === "member" ? "member" : "admin";
|
|
59
|
-
const member = await workspaceMemberService.createWorkspaceMember({
|
|
60
|
-
workspace_id: req.params.id,
|
|
61
|
-
user_id,
|
|
62
|
-
role: wsRole,
|
|
63
|
-
});
|
|
64
|
-
// Optionally assign custom app role to the user
|
|
65
|
-
if (app_role_id) {
|
|
66
|
-
try {
|
|
67
|
-
const userService = req.scope.resolve("userModuleService");
|
|
68
|
-
await userService.updateUser(user_id, { app_role_id });
|
|
27
|
+
requirePermission("member:invite")(req, res, async () => {
|
|
28
|
+
try {
|
|
29
|
+
if (!await assertWorkspaceAccess(req, res))
|
|
30
|
+
return;
|
|
31
|
+
const workspaceMemberService = req.scope.resolve("workspaceMemberModuleService");
|
|
32
|
+
const { user_id, role, app_role_id } = req.body;
|
|
33
|
+
if (!user_id) {
|
|
34
|
+
res.status(400).json({ error: { message: "user_id is required" } });
|
|
35
|
+
return;
|
|
69
36
|
}
|
|
70
|
-
|
|
71
|
-
|
|
37
|
+
const userService = req.scope.resolve("userModuleService");
|
|
38
|
+
const targetUser = await userService.retrieveUser(user_id).catch(() => null);
|
|
39
|
+
if (!targetUser) {
|
|
40
|
+
res.status(404).json({ error: { message: "User not found" } });
|
|
41
|
+
return;
|
|
72
42
|
}
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
43
|
+
const existing = await workspaceMemberService.getMembership(req.params.id, user_id);
|
|
44
|
+
if (existing) {
|
|
45
|
+
res.status(409).json({ error: { message: "User is already a member of this workspace" } });
|
|
46
|
+
return;
|
|
47
|
+
}
|
|
48
|
+
// workspace_member.role only supports "admin" | "member" — map super-admin → admin
|
|
49
|
+
const wsRole = role === "member" ? "member" : "admin";
|
|
50
|
+
const member = await workspaceMemberService.createWorkspaceMember({
|
|
78
51
|
workspace_id: req.params.id,
|
|
79
52
|
user_id,
|
|
80
53
|
role: wsRole,
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
54
|
+
});
|
|
55
|
+
await assignDefaultUserRole(req, user_id, app_role_id);
|
|
56
|
+
const eventBus = req.scope.resolve("eventBus");
|
|
57
|
+
eventBus.emit({
|
|
58
|
+
name: "workspace.member_added",
|
|
59
|
+
data: {
|
|
60
|
+
workspace_id: req.params.id,
|
|
61
|
+
user_id,
|
|
62
|
+
role: wsRole,
|
|
63
|
+
actor_id: req.user?.id ?? "system",
|
|
64
|
+
},
|
|
65
|
+
}).catch(() => { });
|
|
66
|
+
res.status(201).json({ member });
|
|
67
|
+
}
|
|
68
|
+
catch (err) {
|
|
69
|
+
next(err);
|
|
70
|
+
}
|
|
71
|
+
});
|
|
89
72
|
};
|
|
90
73
|
//# sourceMappingURL=route.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../src/api/admin/workspaces/[id]/members/route.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../../src/api/admin/workspaces/[id]/members/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAA;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,uCAAuC,CAAA;AAC7E,OAAO,EAAE,qBAAqB,EAAE,MAAM,0CAA0C,CAAA;AAEhF,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACnD,IAAI,CAAC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,CAAC;QAAE,OAAM;IAElD,MAAM,sBAAsB,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,8BAA8B,CAAQ,CAAA;IACvF,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAQ,CAAA;IAEjE,MAAM,CAAC,OAAO,CAAC,GAAG,MAAM,sBAAsB,CAAC,4BAA4B,CACzE,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,EAC/B,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAA;IAED,0EAA0E;IAC1E,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAA;IAEpF,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE;QACtC,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,IAAI,CAAA;QAC3C,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAA;QACtB,OAAO;YACL,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,OAAO,EAAE,CAAC,CAAC,OAAO;YAClB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,IAAI;YACrC,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE;SACjG,CAAA;IACH,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAElB,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAA;AACzD,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;IACxE,iBAAiB,CAAC,eAAe,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,IAAI,EAAE;QACtD,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,CAAC;gBAAE,OAAM;YAElD,MAAM,sBAAsB,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,8BAA8B,CAAQ,CAAA;YACvF,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;YAE/C,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,qBAAqB,EAAE,EAAE,CAAC,CAAA;gBACnE,OAAM;YACR,CAAC;YAED,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAQ,CAAA;YACjE,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;YAC5E,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,gBAAgB,EAAE,EAAE,CAAC,CAAA;gBAC9D,OAAM;YACR,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,sBAAsB,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,CAAA;YACnF,IAAI,QAAQ,EAAE,CAAC;gBACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,4CAA4C,EAAE,EAAE,CAAC,CAAA;gBAC1F,OAAM;YACR,CAAC;YAED,mFAAmF;YACnF,MAAM,MAAM,GAAuB,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAA;YAEzE,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,qBAAqB,CAAC;gBAChE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE;gBAC3B,OAAO;gBACP,IAAI,EAAE,MAAM;aACb,CAAC,CAAA;YAEF,MAAM,qBAAqB,CAAC,GAAG,EAAE,OAAO,EAAE,WAAW,CAAC,CAAA;YAEtD,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAQ,CAAA;YACrD,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,wBAAwB;gBAC9B,IAAI,EAAE;oBACJ,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE;oBAC3B,OAAO;oBACP,IAAI,EAAE,MAAM;oBACZ,QAAQ,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,IAAI,QAAQ;iBACnC;aACF,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;YAElB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAA;QAClC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,GAAG,CAAC,CAAA;QACX,CAAC;IACH,CAAC,CAAC,CAAA;AACJ,CAAC,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/api/admin/workspaces/[id]/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/api/admin/workspaces/[id]/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;AAIrD,eAAO,MAAM,GAAG,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,kBAMhD,CAAA;AAED,eAAO,MAAM,GAAG,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,kBAkBpE,CAAA"}
|
|
@@ -1,26 +1,7 @@
|
|
|
1
1
|
import { requirePermission } from "@meridianjs/auth";
|
|
2
|
-
|
|
3
|
-
const workspaceService = req.scope.resolve("workspaceModuleService");
|
|
4
|
-
const workspaceMemberService = req.scope.resolve("workspaceMemberModuleService");
|
|
5
|
-
const workspace = await workspaceService.retrieveWorkspace(workspaceId);
|
|
6
|
-
if (!workspace) {
|
|
7
|
-
res.status(404).json({ error: { message: "Workspace not found" } });
|
|
8
|
-
return false;
|
|
9
|
-
}
|
|
10
|
-
const roles = req.user?.roles ?? [];
|
|
11
|
-
const isPrivileged = roles.includes("super-admin") || roles.includes("admin");
|
|
12
|
-
// Private workspaces: always require membership regardless of role
|
|
13
|
-
if (workspace.is_private || !isPrivileged) {
|
|
14
|
-
const membership = await workspaceMemberService.getMembership(workspaceId, req.user?.id);
|
|
15
|
-
if (!membership) {
|
|
16
|
-
res.status(403).json({ error: { message: "Forbidden — not a member of this workspace" } });
|
|
17
|
-
return false;
|
|
18
|
-
}
|
|
19
|
-
}
|
|
20
|
-
return true;
|
|
21
|
-
}
|
|
2
|
+
import { assertWorkspaceAccess } from "../../../utils/workspace-access.js";
|
|
22
3
|
export const GET = async (req, res) => {
|
|
23
|
-
if (!await assertWorkspaceAccess(req, res
|
|
4
|
+
if (!await assertWorkspaceAccess(req, res))
|
|
24
5
|
return;
|
|
25
6
|
const workspaceService = req.scope.resolve("workspaceModuleService");
|
|
26
7
|
const workspace = await workspaceService.retrieveWorkspace(req.params.id);
|
|
@@ -29,7 +10,7 @@ export const GET = async (req, res) => {
|
|
|
29
10
|
export const PUT = async (req, res, next) => {
|
|
30
11
|
requirePermission("workspace:update")(req, res, async () => {
|
|
31
12
|
try {
|
|
32
|
-
if (!await assertWorkspaceAccess(req, res
|
|
13
|
+
if (!await assertWorkspaceAccess(req, res))
|
|
33
14
|
return;
|
|
34
15
|
const workspaceService = req.scope.resolve("workspaceModuleService");
|
|
35
16
|
const { name, logo_url, is_private } = req.body;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../src/api/admin/workspaces/[id]/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAA;
|
|
1
|
+
{"version":3,"file":"route.js","sourceRoot":"","sources":["../../../../../src/api/admin/workspaces/[id]/route.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAA;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAA;AAE1E,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,EAAE;IACnD,IAAI,CAAC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,CAAC;QAAE,OAAM;IAElD,MAAM,gBAAgB,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,wBAAwB,CAAQ,CAAA;IAC3E,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,iBAAiB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IACzE,GAAG,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,CAAC,CAAA;AACzB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;IACvE,iBAAiB,CAAC,kBAAkB,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,IAAI,EAAE;QACzD,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,CAAC;gBAAE,OAAM;YAElD,MAAM,gBAAgB,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,wBAAwB,CAAQ,CAAA;YAC3E,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;YAC/C,MAAM,OAAO,GAA4B,EAAE,CAAA;YAC3C,IAAI,IAAI,KAAK,SAAS;gBAAE,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;YAClD,IAAI,QAAQ,KAAK,SAAS;gBAAE,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAA;YACvD,IAAI,UAAU,KAAK,SAAS;gBAAE,OAAO,CAAC,UAAU,GAAG,UAAU,CAAA;YAE7D,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,CAAA;YAChF,GAAG,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,CAAC,CAAA;QACzB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,GAAG,CAAC,CAAA;QACX,CAAC;IACH,CAAC,CAAC,CAAA;AACJ,CAAC,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../../../../src/api/admin/workspaces/[id]/teams/[teamId]/members/[userId]/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../../../../../src/api/admin/workspaces/[id]/teams/[teamId]/members/[userId]/route.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;AAcrD,eAAO,MAAM,MAAM,GAAU,KAAK,GAAG,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,kBAavE,CAAA"}
|