npm - @nexttylabs/echo - Versions diffs - 0.4.0 → 0.6.0 - Mend

@nexttylabs/echo 0.4.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (262) hide show

package/CHANGELOG.md +27 -0
package/app/(dashboard)/admin/feedback/[id]/edit/page.tsx +12 -6
package/app/(dashboard)/admin/feedback/new/page.tsx +19 -17
package/app/(dashboard)/admin/layout.tsx +16 -6
package/app/(dashboard)/layout.tsx +4 -2
package/app/(dashboard)/settings/api-keys/page.tsx +13 -3
package/app/(dashboard)/settings/layout.tsx +25 -2
package/app/(dashboard)/settings/organization/page.tsx +8 -9
package/app/(public)/[organizationSlug]/roadmap/page.tsx +19 -1
package/app/api/admin/backup/route.ts +22 -4
package/app/api/auth/register/handler.ts +1 -2
package/app/api/feedback/[id]/comments/[commentId]/route.ts +13 -4
package/app/api/feedback/[id]/reclassify/route.ts +4 -4
package/app/api/organizations/handler.ts +2 -4
package/components/settings/settings-sidebar.tsx +4 -4
package/hooks/use-organization.tsx +116 -0
package/hooks/use-permissions.ts +24 -11
package/lib/auth/config.ts +0 -7
package/lib/auth/organization.ts +20 -0
package/lib/auth/permissions.ts +10 -0
package/lib/db/migrations/0000_needy_leech.sql +335 -0
package/lib/db/migrations/meta/0000_snapshot.json +2186 -1
package/lib/db/migrations/meta/_journal.json +2 -135
package/lib/db/schema/auth.ts +0 -1
package/lib/db/schema/index.ts +0 -1
package/lib/portal/public-context.tsx +5 -0
package/package.json +20 -1
package/.changeset/README.md +0 -21
package/.changeset/config.json +0 -11
package/.changeset/cozy-ghosts-care.md +0 -5
package/.changeset/sharp-lines-stand.md +0 -5
package/.changeset/sour-doodles-eat.md +0 -5
package/.changeset/tender-moose-shop.md +0 -5
package/.github/pull_request_template.md +0 -13
package/.github/workflows/ci.yml +0 -41
package/.github/workflows/publish.yml +0 -44
package/.github/workflows/release.yml +0 -73
package/AGENTS.md +0 -92
package/Dockerfile +0 -57
package/Makefile +0 -77
package/bun.lock +0 -2503
package/components/portal/project-switcher.tsx +0 -20
package/docker-compose.dev.yml +0 -26
package/docker-compose.yml +0 -98
package/docs/architecture.md +0 -259
package/docs/component-inventory.md +0 -261
package/docs/database-migrations.md +0 -76
package/docs/development-guide.md +0 -209
package/docs/e2e-user-flows.csv +0 -31
package/docs/er-diagram-feedback.mmd +0 -138
package/docs/er-diagram.mmd +0 -281
package/docs/i18n-check-report.md +0 -296
package/docs/index.md +0 -214
package/docs/logic-chain.md +0 -94
package/docs/plans/2026-01-02-database-migration-scripts.md +0 -496
package/docs/plans/2026-01-02-user-login-design.md +0 -37
package/docs/plans/2026-01-02-user-login.md +0 -437
package/docs/plans/2026-01-02-user-registration-design.md +0 -47
package/docs/plans/2026-01-02-user-registration.md +0 -628
package/docs/plans/2026-01-03-roles-permissions-design.md +0 -20
package/docs/plans/2026-01-03-roles-permissions.md +0 -266
package/docs/plans/2026-01-05-authentication-middleware.md +0 -207
package/docs/plans/2026-01-05-member-removal.md +0 -186
package/docs/plans/2026-01-05-organization-creation.md +0 -374
package/docs/plans/2026-01-05-rbac-middleware.md +0 -112
package/docs/plans/2026-01-05-role-configuration.md +0 -441
package/docs/plans/2026-01-06-file-upload-support.md +0 -804
package/docs/plans/2026-01-06-permission-check-hook.md +0 -155
package/docs/plans/2026-01-06-resource-ownership-check.md +0 -231
package/docs/plans/2026-01-07-feedback-tracking-link.md +0 -459
package/docs/plans/2026-01-09-logout-redirect-design.md +0 -52
package/docs/plans/2026-01-09-phase2-3-plan.md +0 -654
package/docs/plans/2026-01-09-portal-execution-plan.md +0 -408
package/docs/plans/2026-01-09-project-delete-feature-design.md +0 -163
package/docs/plans/2026-01-09-project-delete-implementation.md +0 -451
package/docs/plans/2026-01-09-project-edit-delete-design.md +0 -52
package/docs/plans/2026-01-09-settings-center-design.md +0 -114
package/docs/plans/2026-01-09-settings-center.md +0 -948
package/docs/plans/2026-01-10-organization-only-design.md +0 -66
package/docs/plans/2026-01-10-organization-only-implementation.md +0 -433
package/docs/plans/2026-01-10-portal-settings-restructure-plan.md +0 -18
package/docs/plans/2026-01-10-project-settings-tabs-design-implementation.md +0 -296
package/docs/plans/2026-01-14-e2e-playwright-feedback.md +0 -173
package/docs/plans/2026-01-15-feedback-management-org-context-design.md +0 -82
package/docs/plans/2026-01-15-feedback-management-org-context-implementation-plan.md +0 -521
package/docs/plans/2026-01-16-admin-feedback-filters-design.md +0 -75
package/docs/plans/2026-01-16-admin-feedback-filters-implementation.md +0 -293
package/docs/plans/2026-01-16-admin-feedback-route-consolidation.md +0 -180
package/docs/plans/2026-01-16-e2e-test-fixes.md +0 -158
package/docs/plans/2026-01-17-admin-feedback-filters.md +0 -214
package/docs/plans/2026-01-17-admin-feedback-improvements.md +0 -453
package/docs/plans/2026-01-18-changesets-design.md +0 -40
package/docs/product_changes.md +0 -37
package/docs/project-overview.md +0 -159
package/docs/project-scan-report.json +0 -104
package/docs/route-role-visibility.md +0 -51
package/docs/source-tree-analysis.md +0 -150
package/docs/testing/delete-project-manual-tests.md +0 -18
package/docs/user-story-tracking.md +0 -191
package/eslint.config.mjs +0 -19
package/lib/db/migrations/.gitkeep +0 -0
package/lib/db/migrations/0000_cynical_gladiator.sql +0 -53
package/lib/db/migrations/0001_wandering_sunfire.sql +0 -27
package/lib/db/migrations/0002_shallow_speedball.sql +0 -1
package/lib/db/migrations/0003_add_org_description.sql +0 -1
package/lib/db/migrations/0003_boring_wild_pack.sql +0 -13
package/lib/db/migrations/0004_windy_tyrannus.sql +0 -27
package/lib/db/migrations/0005_perpetual_doorman.sql +0 -5
package/lib/db/migrations/0006_aberrant_captain_midlands.sql +0 -13
package/lib/db/migrations/0007_clever_captain_cross.sql +0 -14
package/lib/db/migrations/0008_sparkling_pandemic.sql +0 -2
package/lib/db/migrations/0009_happy_black_tom.sql +0 -29
package/lib/db/migrations/0010_kind_junta.sql +0 -8
package/lib/db/migrations/0011_mute_squadron_supreme.sql +0 -25
package/lib/db/migrations/0012_giant_power_man.sql +0 -24
package/lib/db/migrations/0013_damp_titanium_man.sql +0 -17
package/lib/db/migrations/0014_blue_alice.sql +0 -18
package/lib/db/migrations/0015_webhook_tables.sql +0 -41
package/lib/db/migrations/0016_github_integration.sql +0 -30
package/lib/db/migrations/0016_overjoyed_ghost_rider.sql +0 -22
package/lib/db/migrations/0017_slimy_inhumans.sql +0 -6
package/lib/db/migrations/0018_same_spitfire.sql +0 -1
package/lib/db/migrations/0019_jittery_loners.sql +0 -16
package/lib/db/migrations/0019_remove_projects_add_org_settings.sql +0 -14
package/lib/db/migrations/meta/0001_snapshot.json +0 -553
package/lib/db/migrations/meta/0002_snapshot.json +0 -560
package/lib/db/migrations/meta/0003_snapshot.json +0 -650
package/lib/db/migrations/meta/0004_snapshot.json +0 -852
package/lib/db/migrations/meta/0005_snapshot.json +0 -900
package/lib/db/migrations/meta/0006_snapshot.json +0 -1011
package/lib/db/migrations/meta/0007_snapshot.json +0 -1125
package/lib/db/migrations/meta/0008_snapshot.json +0 -1146
package/lib/db/migrations/meta/0009_snapshot.json +0 -1386
package/lib/db/migrations/meta/0010_snapshot.json +0 -1419
package/lib/db/migrations/meta/0011_snapshot.json +0 -1615
package/lib/db/migrations/meta/0012_snapshot.json +0 -1805
package/lib/db/migrations/meta/0013_snapshot.json +0 -1948
package/lib/db/migrations/meta/0014_snapshot.json +0 -2082
package/lib/db/migrations/meta/0015_snapshot.json +0 -2476
package/lib/db/migrations/meta/0016_snapshot.json +0 -2633
package/lib/db/migrations/meta/0017_snapshot.json +0 -2680
package/lib/db/migrations/meta/0018_snapshot.json +0 -2686
package/lib/db/migrations/meta/0019_snapshot.json +0 -2741
package/lib/db/schema/projects.ts +0 -145
package/lib/db/schema/user-profiles.ts +0 -31
package/lib/validations/projects.ts +0 -49
package/next-env.d.ts +0 -6
package/playwright.config.ts +0 -44
package/proxy.test.ts +0 -131
package/proxy.ts +0 -116
package/scripts/backup-db.sh +0 -57
package/scripts/backup-db.ts +0 -24
package/scripts/generate-openapi.ts +0 -22
package/scripts/migration-helper.ts +0 -39
package/scripts/pre-deploy.ts +0 -75
package/scripts/restore-db.sh +0 -60
package/scripts/rollback.ts +0 -72
package/scripts/seed-tags.ts +0 -48
package/tests/api/feedback-bulk.test.ts +0 -47
package/tests/api/feedback-by-id.test.ts +0 -67
package/tests/api/feedback-comments-route-import.test.ts +0 -26
package/tests/api/feedback-create.test.ts +0 -71
package/tests/api/feedback-delete.test.ts +0 -160
package/tests/api/feedback-filter.test.ts +0 -250
package/tests/api/feedback-list.test.ts +0 -234
package/tests/api/feedback-route-assignee-condition.test.ts +0 -32
package/tests/api/feedback-similar.test.ts +0 -46
package/tests/api/feedback-sort.test.ts +0 -261
package/tests/api/feedback-status-enum.test.ts +0 -49
package/tests/api/feedback-status-filter.test.ts +0 -117
package/tests/api/feedback-submit-on-behalf.test.ts +0 -269
package/tests/api/feedback.test.ts +0 -175
package/tests/api/identify-jwt.test.ts +0 -25
package/tests/api/invitation-accept.test.ts +0 -213
package/tests/api/organization-invitations.test.ts +0 -186
package/tests/api/organization-members-list.test.ts +0 -79
package/tests/api/organization-members.test.ts +0 -340
package/tests/api/organizations.test.ts +0 -149
package/tests/api/register.test.ts +0 -112
package/tests/api/upload.test.ts +0 -103
package/tests/api/vote.test.ts +0 -82
package/tests/app/admin-feedback-detail-page.test.tsx +0 -25
package/tests/app/admin-feedback-list-page.test.tsx +0 -25
package/tests/app/admin-feedback-new-page.test.tsx +0 -25
package/tests/app/health-route-helpers.test.ts +0 -27
package/tests/app/login-page.test.ts +0 -26
package/tests/app/portal-page.test.ts +0 -29
package/tests/app/project-portal-overview.test.tsx +0 -25
package/tests/app/widget-page-import.test.ts +0 -25
package/tests/components/create-post-dialog-defaults.test.ts +0 -43
package/tests/components/feedback/duplicate-suggestions-inline.test.tsx +0 -27
package/tests/components/feedback/embedded-feedback-form.test.tsx +0 -96
package/tests/components/feedback/feedback-detail.test.tsx +0 -25
package/tests/components/feedback/feedback-stats.test.tsx +0 -49
package/tests/components/feedback-bulk-actions.test.tsx +0 -39
package/tests/components/feedback-i18n-keys.test.ts +0 -70
package/tests/components/feedback-list-controls-compile.test.ts +0 -25
package/tests/components/feedback-list-controls.test.tsx +0 -204
package/tests/components/feedback-list-item.test.tsx +0 -67
package/tests/components/landing/hero.test.tsx +0 -46
package/tests/components/layout/language-switcher.test.tsx +0 -25
package/tests/components/layout/sidebar.test.tsx +0 -157
package/tests/components/login-form.test.ts +0 -25
package/tests/components/organization-form.test.ts +0 -32
package/tests/components/organization-switcher.test.ts +0 -25
package/tests/components/pagination.test.tsx +0 -43
package/tests/components/portal-overview.test.tsx +0 -25
package/tests/components/profile-form.test.tsx +0 -139
package/tests/components/role-selector.test.ts +0 -31
package/tests/components/status-chart.test.tsx +0 -90
package/tests/e2e/auth.e2e.ts +0 -323
package/tests/e2e/feedback-actions.e2e.ts +0 -471
package/tests/e2e/feedback-attachment.e2e.ts +0 -168
package/tests/e2e/feedback-customer.e2e.ts +0 -226
package/tests/e2e/feedback-management.e2e.ts +0 -565
package/tests/e2e/feedback-submit.e2e.ts +0 -133
package/tests/e2e/feedback-view.e2e.ts +0 -297
package/tests/e2e/fixtures/test-data.ts +0 -235
package/tests/e2e/health-check.e2e.ts +0 -230
package/tests/e2e/helpers/test-utils-helpers.test.ts +0 -43
package/tests/e2e/helpers/test-utils.ts +0 -298
package/tests/e2e/integration-placeholders.e2e.ts +0 -199
package/tests/e2e/organization.e2e.ts +0 -292
package/tests/e2e/permissions.e2e.ts +0 -424
package/tests/e2e/project-widget.e2e.ts +0 -63
package/tests/feedback/filters.test.ts +0 -29
package/tests/hooks/use-permissions.test.ts +0 -52
package/tests/lib/ai/classifier.test.ts +0 -104
package/tests/lib/ai/duplicate-detector.test.ts +0 -234
package/tests/lib/attachments-schema.test.ts +0 -30
package/tests/lib/auth/session.test.ts +0 -49
package/tests/lib/auth-client.test.ts +0 -37
package/tests/lib/auth-config.test.ts +0 -26
package/tests/lib/feedback-prefill.test.ts +0 -52
package/tests/lib/feedback-processor.test.ts +0 -41
package/tests/lib/feedback-schema.test.ts +0 -33
package/tests/lib/file-validator.test.ts +0 -48
package/tests/lib/get-feedback-by-id.test.ts +0 -37
package/tests/lib/invitations.test.ts +0 -35
package/tests/lib/login-schema.test.ts +0 -36
package/tests/lib/org-context.test.ts +0 -95
package/tests/lib/organization-access.test.ts +0 -44
package/tests/lib/organization-member-role-schema.test.ts +0 -41
package/tests/lib/permissions.test.ts +0 -88
package/tests/lib/portal-analytics.test.ts +0 -25
package/tests/lib/portal-contributors.test.ts +0 -25
package/tests/lib/portal-copy.test.ts +0 -27
package/tests/lib/portal-i18n.test.ts +0 -30
package/tests/lib/portal-leaderboard-settings.test.ts +0 -25
package/tests/lib/portal-modules.test.ts +0 -25
package/tests/lib/portal-seo.test.ts +0 -25
package/tests/lib/portal-sharing.test.ts +0 -25
package/tests/lib/portal-sorting.test.ts +0 -25
package/tests/lib/portal-theme.test.ts +0 -25
package/tests/lib/rate-limit.test.ts +0 -142
package/tests/lib/resolve-locale.test.ts +0 -34
package/tests/lib/services/backup.test.ts +0 -145
package/tests/lib/user-organizations.test.ts +0 -42
package/tests/lib/user-role-schema.test.ts +0 -33
package/tests/lib/user-schema.test.ts +0 -25
package/tests/setup.ts +0 -74
package/vercel.json +0 -4

package/docs/plans/2026-01-05-role-configuration.md DELETED Viewed

@@ -1,441 +0,0 @@
-# Role Configuration Implementation Plan
-> **For Claude:** REQUIRED SUB-SKILL: Use superpowers:executing-plans to implement this plan task-by-task.
-**Goal:** Allow organization admins to update a member's role via API + UI with validation and immediate permission effect.
-**Architecture:** Add a role schema for org members, implement a PUT handler on the existing members API route with admin/last-admin checks, and add a role selector UI in the members list that calls the API and updates local state.
-**Tech Stack:** Next.js App Router, React 19, TypeScript, Drizzle ORM, Zod, Bun test
-### Task 1: Add organization member role schema
-**Files:**
-- Modify: `lib/validations/organizations.ts`
-- Create: `tests/lib/organization-member-role-schema.test.ts`
-**Step 1: Write the failing test**
-```ts
-import { describe, expect, it } from "bun:test";
-import { organizationMemberRoleSchema } from "@/lib/validations/organizations";
-describe("organizationMemberRoleSchema", () => {
-  it("accepts known organization roles", () => {
-    expect(organizationMemberRoleSchema.safeParse("admin").success).toBe(true);
-    expect(organizationMemberRoleSchema.safeParse("product_manager").success).toBe(true);
-    expect(organizationMemberRoleSchema.safeParse("developer").success).toBe(true);
-    expect(organizationMemberRoleSchema.safeParse("customer_support").success).toBe(true);
-  });
-  it("rejects non-organization roles", () => {
-    expect(organizationMemberRoleSchema.safeParse("customer").success).toBe(false);
-    expect(organizationMemberRoleSchema.safeParse("member").success).toBe(false);
-  });
-});
-```
-**Step 2: Run test to verify it fails**
-Run: `bun test tests/lib/organization-member-role-schema.test.ts`
-Expected: FAIL with "organizationMemberRoleSchema is not exported"
-**Step 3: Write minimal implementation**
-```ts
-export const organizationMemberRoleSchema = z.enum([
-  "admin",
-  "product_manager",
-  "developer",
-  "customer_support",
-]);
-export type OrganizationMemberRoleInput = z.infer<typeof organizationMemberRoleSchema>;
-```
-**Step 4: Run test to verify it passes**
-Run: `bun test tests/lib/organization-member-role-schema.test.ts`
-Expected: PASS
-**Step 5: Commit**
-```bash
-git add lib/validations/organizations.ts tests/lib/organization-member-role-schema.test.ts
-git commit -m "test: add organization member role schema tests"
-```
-### Task 2: Add PUT role update handler + API tests
-**Files:**
-- Modify: `app/api/organizations/[orgId]/members/[memberId]/handler.ts`
-- Modify: `app/api/organizations/[orgId]/members/[memberId]/route.ts`
-- Modify: `tests/api/organization-members.test.ts`
-**Step 1: Write the failing tests**
-```ts
-import { buildUpdateMemberRoleHandler } from "@/app/api/organizations/[orgId]/members/[memberId]/handler";
-// ...keep existing helpers; add a new helper for update deps
-type UpdateReturn = {
-  set: () => {
-    where: () => {
-      returning: () => Promise<Array<{ userId: string; role: string }>>;
-    };
-  };
-};
-const makeUpdateDeps = (options: DepsOptions & { updateResultRole?: string }) => {
-  const base = makeDeps(options);
-  const updateRole = options.updateResultRole ?? "developer";
-  const update = () => ({
-    set: () => ({
-      where: () => ({
-        returning: async () => [{ userId: "user_2", role: updateRole }],
-      }),
-    }),
-  });
-  base.db.update = update as unknown as () => UpdateReturn;
-  return base;
-};
-describe("PUT /api/organizations/:orgId/members/:memberId", () => {
-  it("rejects unauthenticated requests", async () => {
-    const deps = makeUpdateDeps({});
-    deps.auth.api.getSession = async () => null;
-    const handler = buildUpdateMemberRoleHandler(deps);
-    const res = await handler(
-      new Request("http://localhost/api/organizations/org_1/members/user_2", {
-        method: "PUT",
-        body: JSON.stringify({ role: "developer" }),
-      }),
-      { params: { orgId: "org_1", memberId: "user_2" } },
-    );
-    expect(res.status).toBe(401);
-  });
-  it("rejects non-admin members", async () => {
-    const deps = makeUpdateDeps({ requesterRole: "member" });
-    const handler = buildUpdateMemberRoleHandler(deps);
-    const res = await handler(
-      new Request("http://localhost/api/organizations/org_1/members/user_2", {
-        method: "PUT",
-        body: JSON.stringify({ role: "developer" }),
-      }),
-      { params: { orgId: "org_1", memberId: "user_2" } },
-    );
-    expect(res.status).toBe(403);
-  });
-  it("returns 400 for invalid role", async () => {
-    const deps = makeUpdateDeps({});
-    const handler = buildUpdateMemberRoleHandler(deps);
-    const res = await handler(
-      new Request("http://localhost/api/organizations/org_1/members/user_2", {
-        method: "PUT",
-        body: JSON.stringify({ role: "guest" }),
-      }),
-      { params: { orgId: "org_1", memberId: "user_2" } },
-    );
-    expect(res.status).toBe(400);
-  });
-  it("returns 404 when target member missing", async () => {
-    const deps = makeUpdateDeps({ targetRole: null });
-    const handler = buildUpdateMemberRoleHandler(deps);
-    const res = await handler(
-      new Request("http://localhost/api/organizations/org_1/members/user_2", {
-        method: "PUT",
-        body: JSON.stringify({ role: "developer" }),
-      }),
-      { params: { orgId: "org_1", memberId: "user_2" } },
-    );
-    expect(res.status).toBe(404);
-  });
-  it("blocks demoting the last admin", async () => {
-    const deps = makeUpdateDeps({ targetRole: "admin", adminCount: 1 });
-    const handler = buildUpdateMemberRoleHandler(deps);
-    const res = await handler(
-      new Request("http://localhost/api/organizations/org_1/members/user_2", {
-        method: "PUT",
-        body: JSON.stringify({ role: "developer" }),
-      }),
-      { params: { orgId: "org_1", memberId: "user_2" } },
-    );
-    const json = await res.json();
-    expect(res.status).toBe(400);
-    expect(json.error).toBe("组织至少需要一个管理员");
-  });
-  it("updates role when allowed", async () => {
-    const deps = makeUpdateDeps({ targetRole: "developer", adminCount: 2, updateResultRole: "product_manager" });
-    const handler = buildUpdateMemberRoleHandler(deps);
-    const res = await handler(
-      new Request("http://localhost/api/organizations/org_1/members/user_2", {
-        method: "PUT",
-        body: JSON.stringify({ role: "product_manager" }),
-      }),
-      { params: { orgId: "org_1", memberId: "user_2" } },
-    );
-    const json = await res.json();
-    expect(res.status).toBe(200);
-    expect(json.data.role).toBe("product_manager");
-  });
-});
-```
-**Step 2: Run test to verify it fails**
-Run: `bun test tests/api/organization-members.test.ts`
-Expected: FAIL with "buildUpdateMemberRoleHandler is not exported"
-**Step 3: Write minimal implementation**
-```ts
-import { z } from "zod";
-import { organizationMemberRoleSchema } from "@/lib/validations/organizations";
-const updateRoleSchema = z.object({
-  role: organizationMemberRoleSchema,
-});
-export function buildUpdateMemberRoleHandler(deps: RemoveMemberDeps) {
-  return async function PUT(req: Request, context: RemoveMemberContext) {
-    const session = await deps.auth.api.getSession({ headers: req.headers });
-    if (!session) {
-      return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
-    }
-    let body: unknown;
-    try {
-      body = await req.json();
-    } catch {
-      return NextResponse.json({ error: "Invalid request body" }, { status: 400 });
-    }
-    const parsed = updateRoleSchema.safeParse(body);
-    if (!parsed.success) {
-      return NextResponse.json(
-        { error: "Invalid request body", details: parsed.error.issues },
-        { status: 400 },
-      );
-    }
-    const { role } = parsed.data;
-    const { orgId, memberId } = await Promise.resolve(context.params);
-    const [requester] = await deps.db
-      .select()
-      .from(organizationMembers)
-      .where(
-        and(
-          eq(organizationMembers.organizationId, orgId),
-          eq(organizationMembers.userId, session.user.id),
-        ),
-      )
-      .limit(1);
-    if (!requester || requester.role !== "admin") {
-      return NextResponse.json({ error: "Forbidden" }, { status: 403 });
-    }
-    const [target] = await deps.db
-      .select()
-      .from(organizationMembers)
-      .where(
-        and(
-          eq(organizationMembers.organizationId, orgId),
-          eq(organizationMembers.userId, memberId),
-        ),
-      )
-      .limit(1);
-    if (!target) {
-      return NextResponse.json({ error: "Member not found" }, { status: 404 });
-    }
-    const [adminCount] = await deps.db
-      .select({ count: count() })
-      .from(organizationMembers)
-      .where(
-        and(
-          eq(organizationMembers.organizationId, orgId),
-          eq(organizationMembers.role, "admin"),
-        ),
-      );
-    if (target.role === "admin" && role !== "admin" && adminCount.count === 1) {
-      return NextResponse.json(
-        { error: "组织至少需要一个管理员" },
-        { status: 400 },
-      );
-    }
-    const [updated] = await deps.db
-      .update(organizationMembers)
-      .set({ role })
-      .where(
-        and(
-          eq(organizationMembers.organizationId, orgId),
-          eq(organizationMembers.userId, memberId),
-        ),
-      )
-      .returning();
-    return NextResponse.json({ data: updated }, { status: 200 });
-  };
-}
-```
-Update the route to export PUT:
-```ts
-export const PUT = buildUpdateMemberRoleHandler({ auth, db });
-```
-**Step 4: Run test to verify it passes**
-Run: `bun test tests/api/organization-members.test.ts`
-Expected: PASS
-**Step 5: Commit**
-```bash
-git add app/api/organizations/[orgId]/members/[memberId]/handler.ts app/api/organizations/[orgId]/members/[memberId]/route.ts tests/api/organization-members.test.ts
-git commit -m "feat: add member role update API"
-```
-### Task 3: Add role selector UI
-**Files:**
-- Create: `components/settings/role-selector.tsx`
-- Modify: `components/settings/organization-members-list.tsx`
-- Create: `tests/components/role-selector.test.ts`
-**Step 1: Write the failing test**
-```ts
-import { describe, expect, it } from "bun:test";
-import { ROLE_OPTIONS } from "@/components/settings/role-selector";
-describe("ROLE_OPTIONS", () => {
-  it("includes all organization roles", () => {
-    const roles = ROLE_OPTIONS.map((option) => option.value);
-    expect(roles).toEqual([
-      "admin",
-      "product_manager",
-      "developer",
-      "customer_support",
-    ]);
-  });
-});
-```
-**Step 2: Run test to verify it fails**
-Run: `bun test tests/components/role-selector.test.ts`
-Expected: FAIL with "ROLE_OPTIONS is not exported"
-**Step 3: Write minimal implementation**
-```tsx
-import { Select, SelectContent, SelectItem, SelectTrigger, SelectValue } from "@/components/ui/select";
-export const ROLE_OPTIONS = [
-  { value: "admin", label: "管理员" },
-  { value: "product_manager", label: "产品经理" },
-  { value: "developer", label: "开发者" },
-  { value: "customer_support", label: "客服" },
-] as const;
-type RoleSelectorProps = {
-  value: string;
-  onChange: (value: string) => void;
-  disabled?: boolean;
-};
-export function RoleSelector({ value, onChange, disabled }: RoleSelectorProps) {
-  return (
-    <Select value={value} onValueChange={onChange} disabled={disabled}>
-      <SelectTrigger className="h-8 w-[140px]">
-        <SelectValue placeholder="选择角色" />
-      </SelectTrigger>
-      <SelectContent>
-        {ROLE_OPTIONS.map((option) => (
-          <SelectItem key={option.value} value={option.value}>
-            {option.label}
-          </SelectItem>
-        ))}
-      </SelectContent>
-    </Select>
-  );
-}
-```
-Update `OrganizationMembersList` to use the selector and PUT handler:
-```tsx
-const currentUserRole = members.find((member) => member.userId === currentUserId)?.role ?? null;
-const canManageRoles = currentUserRole === "admin";
-const handleRoleChange = async (memberId: string, nextRole: string) => {
-  setError(null);
-  setPendingMemberId(memberId);
-  const res = await fetch(`/api/organizations/${organizationId}/members/${memberId}`, {
-    method: "PUT",
-    headers: { "Content-Type": "application/json" },
-    body: JSON.stringify({ role: nextRole }),
-  });
-  const json = await res.json().catch(() => null);
-  if (!res.ok) {
-    setError(json?.error ?? "更新角色失败，请稍后重试");
-    setPendingMemberId(null);
-    return;
-  }
-  setMembers((prev) =>
-    prev.map((member) =>
-      member.userId === memberId ? { ...member, role: nextRole } : member,
-    ),
-  );
-  setPendingMemberId(null);
-};
-```
-Replace the role Badge in the list with `RoleSelector`, disabling it when `!canManageRoles || isPending`.
-**Step 4: Run test to verify it passes**
-Run: `bun test tests/components/role-selector.test.ts`
-Expected: PASS
-**Step 5: Commit**
-```bash
-git add components/settings/role-selector.tsx components/settings/organization-members-list.tsx tests/components/role-selector.test.ts
-git commit -m "feat: add role selector for organization members"
-```
-### Task 4: Full test pass
-**Files:**
-- N/A
-**Step 1: Run full test suite**
-Run: `bun test`
-Expected: PASS
-**Step 2: Commit (if needed)**
-```bash
-git status
-# Commit any remaining changes if necessary
-```