Adjusting role actions
This commit is contained in:
+44
-2
@@ -119,6 +119,7 @@ import {
|
||||
setWorkspaceSubscriptionStatusByStripeSubscriptionId,
|
||||
updateRescueVerificationStatus,
|
||||
updateWorkspace,
|
||||
updateWorkspaceMemberRole,
|
||||
upsertWorkspaceMember,
|
||||
} from './repositories/workspaceRepository.js';
|
||||
import type {
|
||||
@@ -3388,9 +3389,51 @@ app.post('/api/workspace/members', requireAuth, requireWriteAccess, requireWorks
|
||||
}
|
||||
});
|
||||
|
||||
app.put('/api/workspace/members/:memberId', requireAuth, requireWriteAccess, requireWorkspaceRole(['owner', 'assistant']), async (req: Request, res: Response, next: NextFunction) => {
|
||||
const parsed = z.object({ role: workspaceRoleSchema.exclude(['owner']) }).safeParse(req.body);
|
||||
|
||||
if (!parsed.success) {
|
||||
res.status(400).json({ error: 'Invalid flock member role payload', details: parsed.error.flatten() });
|
||||
return;
|
||||
}
|
||||
|
||||
try {
|
||||
const billingEmail = req.auth!.workspace.billing_email ? normalizeEmail(req.auth!.workspace.billing_email) : '';
|
||||
const requesterIsBillingOwner = Boolean(billingEmail && billingEmail === normalizeEmail(req.auth!.user.email));
|
||||
const member = await updateWorkspaceMemberRole({
|
||||
memberId: req.params.memberId,
|
||||
workspaceId: req.auth!.workspace.id,
|
||||
role: parsed.data.role,
|
||||
requesterMemberId: req.auth!.membership.id,
|
||||
requesterIsBillingOwner,
|
||||
requesterRole: req.auth!.membership.role,
|
||||
billingEmail,
|
||||
});
|
||||
|
||||
if (!member) {
|
||||
res.status(404).json({ error: 'Flock member not found or cannot be changed.' });
|
||||
return;
|
||||
}
|
||||
|
||||
await writeAuditLog(req.auth!, 'workspace_member.role_updated', 'workspace_member', member.id, member.name, {
|
||||
role: member.role,
|
||||
});
|
||||
res.json({ member: normalizeWorkspaceMember(member) });
|
||||
} catch (error) {
|
||||
next(error);
|
||||
}
|
||||
});
|
||||
|
||||
app.delete('/api/workspace/members/:memberId', requireAuth, requireWriteAccess, requireWorkspaceRole(['owner', 'assistant']), async (req: Request, res: Response, next: NextFunction) => {
|
||||
try {
|
||||
const deleted = await deleteWorkspaceMember(req.params.memberId, req.auth!.workspace.id);
|
||||
const billingEmail = req.auth!.workspace.billing_email ? normalizeEmail(req.auth!.workspace.billing_email) : '';
|
||||
const requesterIsBillingOwner = Boolean(billingEmail && billingEmail === normalizeEmail(req.auth!.user.email));
|
||||
const deleted = await deleteWorkspaceMember({
|
||||
memberId: req.params.memberId,
|
||||
workspaceId: req.auth!.workspace.id,
|
||||
requesterMemberId: req.auth!.membership.id,
|
||||
requesterIsBillingOwner,
|
||||
});
|
||||
|
||||
if (!deleted) {
|
||||
res.status(404).json({ error: 'Flock member not found or cannot be removed.' });
|
||||
@@ -3398,7 +3441,6 @@ app.delete('/api/workspace/members/:memberId', requireAuth, requireWriteAccess,
|
||||
}
|
||||
|
||||
await writeAuditLog(req.auth!, 'workspace_member.deleted', 'workspace_member', req.params.memberId);
|
||||
await writeAuditLog(req.auth!, 'integration_token.revoked', 'integration_token', req.params.tokenId);
|
||||
res.status(204).send();
|
||||
} catch (error) {
|
||||
next(error);
|
||||
|
||||
Reference in New Issue
Block a user