spine-framework 0.3.61 → 0.3.63

package/.framework/cli/commands/install-app.ts

@@ -301,6 +301,8 @@ interface RegistrationConfig {
   enabled: boolean
   default_role: string
   redirect_path: string
+  account_strategy?: 'existing' | 'new' | 'choice'
+  target_account?: string
 }
 
 interface SpineConfig {
@@ -313,6 +315,8 @@ interface SpineConfig {
       default_role: string
       path: string
       enabled: boolean
+      account_strategy: 'existing' | 'new' | 'choice'
+      target_account?: string
     }>
   }
 }
@@ -360,12 +364,14 @@ function updateRegistrationConfig(appSlug: string, regConfig: RegistrationConfig
     console.log(`  ⚠️  Could not load roles from seed data, using default role only`)
   }
 
-  // Add/update this app's registration entry with multi-role support
+  // Add/update this app's registration entry with multi-role and account strategy support
   config.registration.apps[appSlug] = {
     roles: availableRoles,
     default_role: regConfig.default_role,
     path: regConfig.redirect_path,
     enabled: regConfig.enabled,
+    account_strategy: regConfig.account_strategy || 'new',
+    target_account: regConfig.target_account,
   }
 
   // If this is the first registration-enabled app, make it the default

package/.framework/functions/invites.ts

@@ -213,12 +213,79 @@ export const validateToken = createHandler(async (_ctx, _body) => {
  *   (invite path is handled entirely in the DB trigger)
  */
 export const completeRegistration = createHandler(async (ctx, body) => {
-  const { path, account_name, email, role_slug } = body
+  const { path, account_name, email, role_slug, target_account } = body
 
   if (!path || !email) {
     throw new Error('path and email are required')
   }
 
+  if (path === 'existing_account') {
+    if (!target_account) throw new Error('target_account is required for existing_account path')
+
+    // Resolve the target account
+    const { data: targetAccount } = await adminDb
+      .from('accounts')
+      .select('id, slug')
+      .eq('slug', target_account)
+      .single()
+
+    if (!targetAccount) {
+      throw new Error(`Target account '${target_account}' not found`)
+    }
+
+    // Resolve person type_id
+    const { data: personType } = await adminDb
+      .from('types')
+      .select('id, design_schema, validation_schema')
+      .eq('kind', 'person')
+      .eq('slug', 'person')
+      .single()
+
+    // Resolve role from role_slug param
+    const targetRoleSlug = role_slug || 'member'
+    
+    let { data: roles } = await adminDb
+      .from('roles')
+      .select('id, slug')
+      .eq('slug', targetRoleSlug)
+      .limit(1)
+
+    let role = roles?.[0]
+
+    // If specific role not found, try member_admin or member as fallback
+    if (!role) {
+      const { data: fallbackRoles } = await adminDb
+        .from('roles')
+        .select('id, slug')
+        .in('slug', ['member_admin', 'member'])
+        .order('slug')
+        .limit(1)
+      role = fallbackRoles?.[0]
+    }
+
+    // Update the walk-up shell to be an active user on the target account
+    const { error: updateErr } = await adminDb
+      .from('people')
+      .update({
+        account_id: targetAccount.id,
+        role_id: role?.id ?? null,
+        status: 'active',
+        type_id: personType.id,
+        data: {},
+        updated_at: new Date().toISOString(),
+      })
+      .eq('email', email)
+      .eq('status', 'active')
+      .is('role_id', null)
+
+    if (updateErr) throw new Error('Failed to assign user to existing account: ' + updateErr.message)
+
+    return { 
+      status: 'active',
+      account_slug: targetAccount.slug 
+    }
+  }
+
   if (path === 'new_account') {
     if (!account_name) throw new Error('account_name is required for new_account path')
 

package/.framework/src/pages/auth/RegisterPage.tsx

@@ -57,6 +57,8 @@ interface RegistrationConfig {
     default_role: string
     path: string
     enabled: boolean
+    account_strategy: 'existing' | 'new' | 'choice'
+    target_account?: string
   }>
 }
 
@@ -153,6 +155,9 @@ export function RegisterPage() {
   const [domainMatchChoice, setDomainMatchChoice] = useState<DomainMatchChoice>(null)
   const [domainCheckLoading, setDomainCheckLoading] = useState(false)
 
+  // Account strategy state
+  const [accountStrategy, setAccountStrategy] = useState<'existing' | 'new'>('new')
+
   const [error, setError] = useState('')
   const [isLoading, setIsLoading] = useState(false)
 
@@ -235,26 +240,44 @@ export function RegisterPage() {
       // 4. Walk-up paths — call complete-registration
       const resolvedEmail = email
 
-      // Determine role from URL params or config
+      // Determine role and account strategy from URL params or config
       const urlRole = searchParams.get('role')
       const urlApp = searchParams.get('app')
       
       let effectiveRole = regConfig?.default_role || 'member'
+      let effectiveAccountStrategy: 'existing' | 'new' | 'choice' = 'new'
+      let targetAccount: string | undefined
       
-      // If app is specified, use app's default role
+      // If app is specified, use app's configuration
       if (urlApp && regConfig?.apps[urlApp]) {
         const appConfig = regConfig.apps[urlApp]
         
-        // If URL role is provided, validate it against app's available roles
+        console.log('App config found:', appConfig)
+        
+        // Determine role
         if (urlRole && appConfig.roles.includes(urlRole)) {
           effectiveRole = urlRole
         } else {
           effectiveRole = appConfig.default_role
         }
+        
+        // Determine account strategy
+        effectiveAccountStrategy = appConfig.account_strategy
+        targetAccount = appConfig.target_account
+        
+        console.log('Account strategy resolved:', { effectiveAccountStrategy, targetAccount })
       }
-      // If only URL role is specified (no app), use it directly
+      // If only URL role is specified (no app), use it directly with default strategy
       else if (urlRole) {
         effectiveRole = urlRole
+        effectiveAccountStrategy = 'new'
+      }
+      
+      // For 'existing' strategy, always use the target account
+      if (effectiveAccountStrategy === 'existing') {
+        setAccountStrategy('existing')
+      } else {
+        setAccountStrategy('new')
       }
 
       if (domainMatchChoice === 'join') {
@@ -273,17 +296,33 @@ export function RegisterPage() {
         return
       }
 
-      // New account (personal or company create_new)
-      const accountName = useType === 'personal' ? fullName : companyName
-      const newResult = await callInvitesApi('complete-registration', {
-        path: 'new_account',
-        email: resolvedEmail,
-        account_name: accountName,
-        role_slug: effectiveRole,
-      }, 'POST')
-
-      if (newResult.error) {
-        setError(newResult.error)
+      // Handle account creation vs existing account assignment
+      let registrationResult
+      console.log('Registration decision:', { accountStrategy, targetAccount, effectiveRole })
+      
+      if (accountStrategy === 'existing' && targetAccount) {
+        // Assign to existing account
+        console.log('Using existing_account path')
+        registrationResult = await callInvitesApi('complete-registration', {
+          path: 'existing_account',
+          email: resolvedEmail,
+          target_account: targetAccount,
+          role_slug: effectiveRole,
+        }, 'POST')
+      } else {
+        // Create new account (personal or company)
+        console.log('Using new_account path')
+        const accountName = useType === 'personal' ? fullName : companyName
+        registrationResult = await callInvitesApi('complete-registration', {
+          path: 'new_account',
+          email: resolvedEmail,
+          account_name: accountName,
+          role_slug: effectiveRole,
+        }, 'POST')
+      }
+
+      if (registrationResult.error) {
+        setError(registrationResult.error)
         return
       }
 
@@ -325,7 +364,7 @@ export function RegisterPage() {
   const isInvite = !!inviteToken && !!invitePreview
   const showDomainMatchPrompt = domainMatchAccountId && domainMatchChoice === null && useType === 'company' && !isFirstUser
   const effectiveEmail = isInvite ? invitePreview.email : email
-  const showUseTypeToggle = !isInvite && !isFirstUser
+  const showUseTypeToggle = !isInvite && !isFirstUser && accountStrategy === 'new'
 
   // Header text based on scenario
   let headerTitle = 'Create your account'
@@ -478,8 +517,8 @@ export function RegisterPage() {
               </div>
             )}
 
-            {/* Company name — shown for company type when not joining existing */}
-            {!isInvite && useType === 'company' && domainMatchChoice !== 'join' && !isFirstUser && (
+            {/* Company name — shown for company type when not joining existing and using new account strategy */}
+            {!isInvite && useType === 'company' && domainMatchChoice !== 'join' && !isFirstUser && accountStrategy === 'new' && (
               <div>
                 <label htmlFor="companyName" className="block text-sm font-medium text-slate-700">
                   Company name

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "spine-framework",
-  "version": "0.3.61",
+  "version": "0.3.63",
   "description": "Multi-tenant, modular application platform for modern SaaS systems",
   "type": "module",
   "bin": {

package/spine.config.json

@@ -9,13 +9,16 @@
         "roles": ["member"],
         "default_role": "member",
         "path": "/portal",
-        "enabled": true
+        "enabled": true,
+        "account_strategy": "new"
       },
       "cortex": {
         "roles": ["support", "support_admin"],
         "default_role": "support",
         "path": "/cortex",
-        "enabled": true
+        "enabled": true,
+        "account_strategy": "existing",
+        "target_account": "spine-system"
       }
     }
   }