From 74b98bc267fd2709f7132c59d2a51fe4292bcb4c Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Fri, 25 Jul 2025 15:38:00 -0400
Subject: [PATCH 1/8] fix: update S3 bucket name environment variable

- Changed the S3 bucket name environment variable from AWS_BUCKET_NAME to APP_AWS_BUCKET_NAME for consistency with the new naming conventions.
- Ensured that all required AWS environment variables are validated properly.
---
 apps/app/src/app/s3.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/app/src/app/s3.ts b/apps/app/src/app/s3.ts
index 7b942ba5d..0c519803a 100644
--- a/apps/app/src/app/s3.ts
+++ b/apps/app/src/app/s3.ts
@@ -4,7 +4,7 @@ const APP_AWS_REGION = process.env.APP_AWS_REGION;
 const APP_AWS_ACCESS_KEY_ID = process.env.APP_AWS_ACCESS_KEY_ID;
 const APP_AWS_SECRET_ACCESS_KEY = process.env.APP_AWS_SECRET_ACCESS_KEY;
 
-export const BUCKET_NAME = process.env.AWS_BUCKET_NAME;
+export const BUCKET_NAME = process.env.APP_AWS_BUCKET_NAME;
 
 if (!APP_AWS_ACCESS_KEY_ID || !APP_AWS_SECRET_ACCESS_KEY || !BUCKET_NAME || !APP_AWS_REGION) {
   // Log the error in production environments

From 03508136534baa97427650a74ddf36d1dce9f07a Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Fri, 25 Jul 2025 15:40:20 -0400
Subject: [PATCH 2/8] chore: clean up Next.js configuration in app and portal

- Removed unnecessary comment from the output configuration in next.config.ts files for both app and portal.
- Ensured consistency in configuration across both applications.
---
 apps/app/next.config.ts    | 2 +-
 apps/portal/next.config.ts | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/apps/app/next.config.ts b/apps/app/next.config.ts
index 0a6e9d691..184203a4f 100644
--- a/apps/app/next.config.ts
+++ b/apps/app/next.config.ts
@@ -49,7 +49,7 @@ const config: NextConfig = {
 };
 
 if (process.env.VERCEL !== '1') {
-  config.output = 'standalone'; // Required for Docker builds
+  config.output = 'standalone';
 }
 
 export default config;
diff --git a/apps/portal/next.config.ts b/apps/portal/next.config.ts
index 6f6638895..db30680e1 100644
--- a/apps/portal/next.config.ts
+++ b/apps/portal/next.config.ts
@@ -30,7 +30,7 @@ const config: NextConfig = {
 };
 
 if (process.env.VERCEL !== '1') {
-  config.output = 'standalone'; // Required for Docker builds
+  config.output = 'standalone';
 }
 
 export default config;

From d8dca528e378a8e06947fb2eaa6be01f24d3e191 Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Thu, 31 Jul 2025 10:58:39 -0400
Subject: [PATCH 3/8] chore: update .gitignore and remove unused environment
 variable

- Updated .gitignore to include playground directory and remove redundant entries.
- Removed NEXT_PUBLIC_VERCEL_URL from environment variables in env.mjs as it is no longer needed.
---
 .gitignore           | 7 +++----
 apps/app/src/env.mjs | 2 --
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/.gitignore b/.gitignore
index f9ddfb236..e11ebeace 100644
--- a/.gitignore
+++ b/.gitignore
@@ -56,8 +56,9 @@ tailwind.css
 # Trigger
 .trigger
 
-# Playground (for local testing)
-/playground
+# Playground
+playground/
+.playground/
 .venv
 
 # Ignore lock files to prevent conflicts between different package managers
@@ -76,8 +77,6 @@ playwright-report/
 playwright/.cache/
 debug-setup-page.png
 
-.playground/
-
 packages/*/dist
 
 # Generated Prisma Client
diff --git a/apps/app/src/env.mjs b/apps/app/src/env.mjs
index 248dba987..a127af704 100644
--- a/apps/app/src/env.mjs
+++ b/apps/app/src/env.mjs
@@ -46,7 +46,6 @@ export const env = createEnv({
   client: {
     NEXT_PUBLIC_POSTHOG_KEY: z.string().optional(),
     NEXT_PUBLIC_POSTHOG_HOST: z.string().optional(),
-    NEXT_PUBLIC_VERCEL_URL: z.string().optional(),
     NEXT_PUBLIC_IS_DUB_ENABLED: z.string().optional(),
     NEXT_PUBLIC_GTM_ID: z.string().optional(),
     NEXT_PUBLIC_LINKEDIN_PARTNER_ID: z.string().optional(),
@@ -76,7 +75,6 @@ export const env = createEnv({
     VERCEL_TEAM_ID: process.env.VERCEL_TEAM_ID,
     VERCEL_PROJECT_ID: process.env.VERCEL_PROJECT_ID,
     TRUST_PORTAL_PROJECT_ID: process.env.TRUST_PORTAL_PROJECT_ID,
-    NEXT_PUBLIC_VERCEL_URL: process.env.NEXT_PUBLIC_VERCEL_URL,
     NODE_ENV: process.env.NODE_ENV,
     APP_AWS_ACCESS_KEY_ID: process.env.APP_AWS_ACCESS_KEY_ID,
     APP_AWS_SECRET_ACCESS_KEY: process.env.APP_AWS_SECRET_ACCESS_KEY,

From 50817b52470160473f0d075c703df981070936c3 Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Thu, 31 Jul 2025 11:42:59 -0400
Subject: [PATCH 4/8] refactor: enhance logging and update file upload handling

- Replaced simple logger calls with structured logging methods (info, warn, error) for better clarity and debugging.
- Refactored the uploadFile action to utilize the new logger and improved error handling.
- Updated file upload logic in TaskBody and CommentItem components to use the new action client pattern, enhancing maintainability and readability.
- Increased maximum file size limit from 5MB to 10MB for uploads.
---
 apps/app/src/actions/files/upload-file.ts     | 143 +++++------
 apps/app/src/actions/safe-action.ts           |  16 +-
 .../tasks/[taskId]/components/TaskBody.tsx    | 120 ++++-----
 .../app/(app)/[orgId]/tasks/[taskId]/page.tsx |  40 ++-
 .../src/components/comments/CommentItem.tsx   | 228 ++++++------------
 apps/app/src/utils/logger.ts                  |  12 +-
 6 files changed, 218 insertions(+), 341 deletions(-)

diff --git a/apps/app/src/actions/files/upload-file.ts b/apps/app/src/actions/files/upload-file.ts
index 6b5e3d377..0aea6a67a 100644
--- a/apps/app/src/actions/files/upload-file.ts
+++ b/apps/app/src/actions/files/upload-file.ts
@@ -1,13 +1,13 @@
 'use server';
 
 import { BUCKET_NAME, s3Client } from '@/app/s3';
-import { auth } from '@/utils/auth';
+import { logger } from '@/utils/logger';
 import { GetObjectCommand, PutObjectCommand } from '@aws-sdk/client-s3';
 import { getSignedUrl } from '@aws-sdk/s3-request-presigner';
 import { AttachmentEntityType, AttachmentType, db } from '@db';
 import { revalidatePath } from 'next/cache';
-import { headers } from 'next/headers';
 import { z } from 'zod';
+import { authActionClient } from '../safe-action';
 
 function mapFileTypeToAttachmentType(fileType: string): AttachmentType {
   const type = fileType.split('/')[0];
@@ -34,94 +34,79 @@ const uploadAttachmentSchema = z.object({
   pathToRevalidate: z.string().optional(),
 });
 
-export const uploadFile = async (input: z.infer<typeof uploadAttachmentSchema>) => {
-  const { fileName, fileType, fileData, entityId, entityType, pathToRevalidate } = input;
-  const session = await auth.api.getSession({ headers: await headers() });
-  const organizationId = session?.session.activeOrganizationId;
+export const uploadFile = authActionClient
+  .inputSchema(uploadAttachmentSchema)
+  .metadata({
+    name: 'uploadFile',
+    track: {
+      event: 'File Uploaded',
+      channel: 'server',
+    },
+  })
+  .action(async ({ parsedInput, ctx }) => {
+    const { fileName, fileType, fileData, entityId, entityType, pathToRevalidate } = parsedInput;
+    const { session } = ctx;
+    const organizationId = session.activeOrganizationId;
+
+    logger.info(`[uploadFile] Starting upload for ${fileName} in org ${organizationId}`);
 
-  if (!organizationId) {
-    return {
-      success: false,
-      error: 'Not authorized - no organization found',
-      data: null,
-    };
-  }
-
-  try {
     const fileBuffer = Buffer.from(fileData, 'base64');
 
-    const MAX_FILE_SIZE_MB = 5;
+    const MAX_FILE_SIZE_MB = 10;
     const MAX_FILE_SIZE_BYTES = MAX_FILE_SIZE_MB * 1024 * 1024;
     if (fileBuffer.length > MAX_FILE_SIZE_BYTES) {
-      return {
-        success: false,
-        error: `File exceeds the ${MAX_FILE_SIZE_MB}MB limit.`,
-        data: null,
-      };
+      throw new Error(`File exceeds the ${MAX_FILE_SIZE_MB}MB limit.`);
     }
 
     const timestamp = Date.now();
     const sanitizedFileName = fileName.replace(/[^a-zA-Z0-9.-]/g, '_');
     const key = `${organizationId}/attachments/${entityType}/${entityId}/${timestamp}-${sanitizedFileName}`;
 
-    const putCommand = new PutObjectCommand({
-      Bucket: BUCKET_NAME,
-      Key: key,
-      Body: fileBuffer,
-      ContentType: fileType,
-    });
-
-    await s3Client.send(putCommand);
-
-    console.log('Creating attachment...');
-    console.log({
-      name: fileName,
-      url: key,
-      type: mapFileTypeToAttachmentType(fileType),
-      entityId: entityId,
-      entityType: entityType,
-      organizationId: organizationId,
-    });
-
-    const attachment = await db.attachment.create({
-      data: {
-        name: fileName,
-        url: key,
-        type: mapFileTypeToAttachmentType(fileType),
-        entityId: entityId,
-        entityType: entityType,
-        organizationId: organizationId,
-      },
-    });
-
-    const getCommand = new GetObjectCommand({
-      Bucket: BUCKET_NAME,
-      Key: key,
-    });
+    try {
+      logger.info(`[uploadFile] Uploading to S3 with key: ${key}`);
+      const putCommand = new PutObjectCommand({
+        Bucket: BUCKET_NAME,
+        Key: key,
+        Body: fileBuffer,
+        ContentType: fileType,
+      });
+      await s3Client.send(putCommand);
+      logger.info(`[uploadFile] S3 upload successful for key: ${key}`);
+
+      logger.info(`[uploadFile] Creating attachment record in DB for key: ${key}`);
+      const attachment = await db.attachment.create({
+        data: {
+          name: fileName,
+          url: key,
+          type: mapFileTypeToAttachmentType(fileType),
+          entityId: entityId,
+          entityType: entityType,
+          organizationId: organizationId,
+        },
+      });
+      logger.info(`[uploadFile] DB record created with id: ${attachment.id}`);
+
+      logger.info(`[uploadFile] Generating signed URL for key: ${key}`);
+      const getCommand = new GetObjectCommand({
+        Bucket: BUCKET_NAME,
+        Key: key,
+      });
+      const signedUrl = await getSignedUrl(s3Client, getCommand, {
+        expiresIn: 900,
+      });
+      logger.info(`[uploadFile] Signed URL generated for key: ${key}`);
+
+      if (pathToRevalidate) {
+        revalidatePath(pathToRevalidate);
+      }
 
-    const signedUrl = await getSignedUrl(s3Client, getCommand, {
-      expiresIn: 900,
-    });
-
-    if (pathToRevalidate) {
-      revalidatePath(pathToRevalidate);
-    }
-
-    return {
-      success: true,
-      data: {
+      return {
         ...attachment,
         signedUrl,
-      },
-      error: null,
-    } as const;
-  } catch (error) {
-    console.error('Upload file action error:', error);
-
-    return {
-      success: false,
-      error: 'Failed to process file upload.',
-      data: null,
-    } as const;
-  }
-};
+      };
+    } catch (error) {
+      logger.error(`[uploadFile] Error during upload process for key ${key}:`, error);
+      // Re-throw the error to be handled by the safe action client
+      throw error;
+    }
+  });
diff --git a/apps/app/src/actions/safe-action.ts b/apps/app/src/actions/safe-action.ts
index 44e935b67..71230f4ac 100644
--- a/apps/app/src/actions/safe-action.ts
+++ b/apps/app/src/actions/safe-action.ts
@@ -22,7 +22,7 @@ if (env.UPSTASH_REDIS_REST_URL && env.UPSTASH_REDIS_REST_TOKEN) {
 export const actionClientWithMeta = createSafeActionClient({
   handleServerError(e) {
     // Log the error for debugging
-    logger('Server error:', e);
+    logger.error('Server error:', e);
 
     // Throw the error instead of returning it
     if (e instanceof Error) {
@@ -69,12 +69,12 @@ export const authActionClient = actionClientWithMeta
     });
 
     if (process.env.NODE_ENV === 'development') {
-      logger('Input ->', JSON.stringify(clientInput, null, 2));
-      logger('Result ->', JSON.stringify(result.data, null, 2));
+      logger.info('Input ->', JSON.stringify(clientInput, null, 2));
+      logger.info('Result ->', JSON.stringify(result.data, null, 2));
 
       // Also log validation errors if they exist
       if (result.validationErrors) {
-        logger('Validation Errors ->', JSON.stringify(result.validationErrors, null, 2));
+        logger.warn('Validation Errors ->', JSON.stringify(result.validationErrors, null, 2));
       }
 
       return result;
@@ -212,7 +212,7 @@ export const authActionClient = actionClientWithMeta
         },
       });
     } catch (error) {
-      logger('Audit log error:', error);
+      logger.error('Audit log error:', error);
     }
 
     // Add revalidation logic based on the cursor rules
@@ -274,12 +274,12 @@ export const authActionClientWithoutOrg = actionClientWithMeta
     });
 
     if (process.env.NODE_ENV === 'development') {
-      logger('Input ->', JSON.stringify(clientInput, null, 2));
-      logger('Result ->', JSON.stringify(result.data, null, 2));
+      logger.info('Input ->', JSON.stringify(clientInput, null, 2));
+      logger.info('Result ->', JSON.stringify(result.data, null, 2));
 
       // Also log validation errors if they exist
       if (result.validationErrors) {
-        logger('Validation Errors ->', JSON.stringify(result.validationErrors, null, 2));
+        logger.warn('Validation Errors ->', JSON.stringify(result.validationErrors, null, 2));
       }
 
       return result;
diff --git a/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx b/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx
index 226df8ea6..8ba31c860 100644
--- a/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx
+++ b/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx
@@ -7,6 +7,7 @@ import { Textarea } from '@comp/ui/textarea';
 import type { Attachment } from '@db';
 import { AttachmentEntityType } from '@db';
 import { Loader2, Paperclip, Plus } from 'lucide-react';
+import { useAction } from 'next-safe-action/hooks';
 import { useRouter } from 'next/navigation';
 import type React from 'react';
 import { useCallback, useRef, useState } from 'react';
@@ -37,76 +38,59 @@ export function TaskBody({
   onAttachmentsChange,
 }: TaskBodyProps) {
   const fileInputRef = useRef<HTMLInputElement>(null);
-  const [isUploading, setIsUploading] = useState(false);
   const [busyAttachmentId, setBusyAttachmentId] = useState<string | null>(null);
   const router = useRouter();
-
-  const resetState = () => {
-    setIsUploading(false);
-    if (fileInputRef.current) {
-      fileInputRef.current.value = '';
-    }
-  };
+  const { execute, isExecuting } = useAction(uploadFile, {
+    onSuccess: () => {
+      onAttachmentsChange?.();
+      router.refresh();
+      toast.success('File uploaded successfully');
+    },
+    onError: ({ error }) => {
+      toast.error(error.serverError || 'Failed to upload file.');
+    },
+    onSettled: () => {
+      if (fileInputRef.current) {
+        fileInputRef.current.value = '';
+      }
+    },
+  });
 
   const handleFileSelect = useCallback(
     async (event: React.ChangeEvent<HTMLInputElement>) => {
       const files = event.target.files;
       if (!files || files.length === 0) return;
-      setIsUploading(true);
-      try {
-        const uploadedAttachments = [];
-        for (const file of Array.from(files)) {
-          const MAX_FILE_SIZE_MB = 5;
-          const MAX_FILE_SIZE_BYTES = MAX_FILE_SIZE_MB * 1024 * 1024;
-          if (file.size > MAX_FILE_SIZE_BYTES) {
-            toast.error(`File "${file.name}" exceeds the ${MAX_FILE_SIZE_MB}MB limit.`);
-            continue;
-          }
 
-          const reader = new FileReader();
-          reader.onloadend = async () => {
-            const base64Data = (reader.result as string)?.split(',')[1];
-            if (!base64Data) {
-              toast.error('Failed to read file data.');
-              resetState();
-              return;
-            }
-            const { success, data, error } = await uploadFile({
-              fileName: file.name,
-              fileType: file.type,
-              fileData: base64Data,
-              entityId: taskId,
-              entityType: AttachmentEntityType.task,
-            });
+      for (const file of Array.from(files)) {
+        const MAX_FILE_SIZE_MB = 10;
+        const MAX_FILE_SIZE_BYTES = MAX_FILE_SIZE_MB * 1024 * 1024;
+        if (file.size > MAX_FILE_SIZE_BYTES) {
+          toast.error(`File "${file.name}" exceeds the ${MAX_FILE_SIZE_MB}MB limit.`);
+          continue;
+        }
 
-            if (success && data) {
-              uploadedAttachments.push(data);
-            } else {
-              const errorMessage = error || 'Failed to process attachment after upload.';
-              toast.error(String(errorMessage));
-            }
-          };
-          reader.onerror = () => {
-            toast.error('Error reading file.');
-            resetState();
-          };
-          reader.readAsDataURL(file);
-          await new Promise<void>((resolve) => {
-            const intervalId = setInterval(() => {
-              if (reader.readyState === FileReader.DONE) {
-                clearInterval(intervalId);
-                resolve(undefined);
-              }
-            }, 100);
+        const reader = new FileReader();
+        reader.onloadend = async () => {
+          const base64Data = (reader.result as string)?.split(',')[1];
+          if (!base64Data) {
+            toast.error('Failed to read file data.');
+            return;
+          }
+          execute({
+            fileName: file.name,
+            fileType: file.type,
+            fileData: base64Data,
+            entityId: taskId,
+            entityType: AttachmentEntityType.task,
           });
-        }
-        onAttachmentsChange?.();
-        router.refresh();
-      } finally {
-        setIsUploading(false);
+        };
+        reader.onerror = () => {
+          toast.error('Error reading file.');
+        };
+        reader.readAsDataURL(file);
       }
     },
-    [taskId, onAttachmentsChange, router],
+    [execute, taskId, onAttachmentsChange, router],
   );
 
   const triggerFileInput = () => {
@@ -144,8 +128,6 @@ export function TaskBody({
     [onAttachmentsChange, router],
   );
 
-  const isUploadingFile = isUploading;
-
   return (
     <div className="flex flex-col gap-4">
       <input
@@ -153,21 +135,21 @@ export function TaskBody({
         onChange={onTitleChange}
         className="h-auto shrink-0 border-none bg-transparent p-0 md:text-lg font-semibold tracking-tight shadow-none focus-visible:ring-0"
         placeholder="Task Title"
-        disabled={disabled || isUploadingFile || !!busyAttachmentId}
+        disabled={disabled || isExecuting || !!busyAttachmentId}
       />
       <Textarea
         value={description}
         onChange={onDescriptionChange}
         placeholder="Add description..."
         className="text-muted-foreground text-md min-h-[80px] resize-none border-none p-0 shadow-none focus-visible:ring-0"
-        disabled={disabled || isUploadingFile || !!busyAttachmentId}
+        disabled={disabled || isExecuting || !!busyAttachmentId}
       />
       <input
         type="file"
         ref={fileInputRef}
         onChange={handleFileSelect}
         className="hidden"
-        disabled={isUploadingFile || !!busyAttachmentId}
+        disabled={isExecuting || !!busyAttachmentId}
         multiple
       />
       <div className="space-y-3">
@@ -178,11 +160,11 @@ export function TaskBody({
               variant="ghost"
               size="icon"
               onClick={triggerFileInput}
-              disabled={isUploadingFile || !!busyAttachmentId}
+              disabled={isExecuting || !!busyAttachmentId}
               className="text-muted-foreground hover:text-foreground flex h-7 w-7 items-center justify-center"
               aria-label="Add attachment"
             >
-              {isUploadingFile ? (
+              {isExecuting ? (
                 <Loader2 className="h-4 w-4 animate-spin" />
               ) : (
                 <Paperclip className="h-4 w-4" />
@@ -202,13 +184,13 @@ export function TaskBody({
                   onClickFilename={handleDownloadClick}
                   onDelete={handleDeleteAttachment}
                   isBusy={isBusy}
-                  isParentBusy={isUploadingFile}
+                  isParentBusy={isExecuting}
                 />
               );
             })}
           </div>
         ) : (
-          !isUploadingFile && (
+          !isExecuting && (
             <p className="text-muted-foreground pt-1 text-sm italic">
               No attachments yet. Click the <Paperclip className="inline h-4 w-4" /> icon above to
               add one.
@@ -220,11 +202,11 @@ export function TaskBody({
           <Button
             variant="outline"
             onClick={triggerFileInput}
-            disabled={isUploadingFile || !!busyAttachmentId}
+            disabled={isExecuting || !!busyAttachmentId}
             className="mt-2 w-full justify-center gap-2"
             aria-label="Add attachment"
           >
-            {isUploadingFile ? (
+            {isExecuting ? (
               <Loader2 className="h-4 w-4 animate-spin" />
             ) : (
               <Plus className="h-4 w-4" />
diff --git a/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/page.tsx b/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/page.tsx
index 45c031452..8028907a4 100644
--- a/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/page.tsx
+++ b/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/page.tsx
@@ -6,16 +6,24 @@ import { redirect } from 'next/navigation';
 import { CommentWithAuthor } from '../../../../../components/comments/Comments';
 import { SingleTask } from './components/SingleTask';
 
+type Session = Awaited<ReturnType<typeof auth.api.getSession>>;
+
 export default async function TaskPage({
   params,
 }: {
   params: Promise<{ taskId: string; orgId: string; locale: string }>;
 }) {
   const { taskId, orgId } = await params;
-  const task = await getTask(taskId);
-  const members = await getMembers(orgId);
-  const comments = await getComments(taskId);
-  const attachments = await getAttachments(taskId);
+  const session = await auth.api.getSession({
+    headers: headers(),
+  });
+
+  const [task, members, comments, attachments] = await Promise.all([
+    getTask(taskId, session),
+    getMembers(orgId, session),
+    getComments(taskId, session),
+    getAttachments(taskId, session),
+  ]);
 
   if (!task) {
     redirect(`/${orgId}/tasks`);
@@ -24,11 +32,7 @@ export default async function TaskPage({
   return <SingleTask task={task} members={members} comments={comments} attachments={attachments} />;
 }
 
-const getTask = async (taskId: string) => {
-  const session = await auth.api.getSession({
-    headers: await headers(),
-  });
-
+const getTask = async (taskId: string, session: Session) => {
   const activeOrgId = session?.session.activeOrganizationId;
 
   if (!activeOrgId) {
@@ -46,11 +50,7 @@ const getTask = async (taskId: string) => {
   return task;
 };
 
-const getComments = async (taskId: string): Promise<CommentWithAuthor[]> => {
-  const session = await auth.api.getSession({
-    headers: await headers(),
-  });
-
+const getComments = async (taskId: string, session: Session): Promise<CommentWithAuthor[]> => {
   const activeOrgId = session?.session.activeOrganizationId;
 
   if (!activeOrgId) {
@@ -95,11 +95,7 @@ const getComments = async (taskId: string): Promise<CommentWithAuthor[]> => {
   return commentsWithAttachments;
 };
 
-const getAttachments = async (taskId: string): Promise<Attachment[]> => {
-  const session = await auth.api.getSession({
-    headers: await headers(),
-  });
-
+const getAttachments = async (taskId: string, session: Session): Promise<Attachment[]> => {
   const activeOrgId = session?.session.activeOrganizationId;
 
   if (!activeOrgId) {
@@ -119,11 +115,7 @@ const getAttachments = async (taskId: string): Promise<Attachment[]> => {
   return attachments;
 };
 
-const getMembers = async (orgId: string) => {
-  const session = await auth.api.getSession({
-    headers: await headers(),
-  });
-
+const getMembers = async (orgId: string, session: Session) => {
   const activeOrgId = orgId ?? session?.session.activeOrganizationId;
   if (!activeOrgId) {
     console.warn('Could not determine active organization ID in getMembers');
diff --git a/apps/app/src/components/comments/CommentItem.tsx b/apps/app/src/components/comments/CommentItem.tsx
index e0b0bcc10..57045f4ad 100644
--- a/apps/app/src/components/comments/CommentItem.tsx
+++ b/apps/app/src/components/comments/CommentItem.tsx
@@ -16,7 +16,6 @@ import {
 } from '@comp/ui/dropdown-menu';
 import { Label } from '@comp/ui/label';
 import { Textarea } from '@comp/ui/textarea';
-import type { AttachmentType } from '@db';
 import { AttachmentEntityType } from '@db'; // Import AttachmentEntityType
 import {
   Loader2, // Import Loader2
@@ -25,6 +24,7 @@ import {
   Plus,
   Trash2,
 } from 'lucide-react';
+import { useAction } from 'next-safe-action/hooks';
 import { useRouter } from 'next/navigation';
 import type React from 'react';
 import { useCallback, useRef, useState } from 'react';
@@ -33,46 +33,48 @@ import { AttachmentItem } from '../../app/(app)/[orgId]/tasks/[taskId]/component
 import { formatRelativeTime } from '../../app/(app)/[orgId]/tasks/[taskId]/components/commentUtils'; // Revert import path
 import type { CommentWithAuthor } from './Comments';
 
-// Local helper to map fileType to AttachmentType
-function mapFileTypeToAttachmentType(fileType: string): AttachmentType {
-  const type = fileType.split('/')[0];
-  switch (type) {
-    case 'image':
-      return 'image' as AttachmentType;
-    case 'video':
-      return 'video' as AttachmentType;
-    case 'audio':
-      return 'audio' as AttachmentType;
-    case 'application':
-      if (fileType === 'application/pdf') return 'document' as AttachmentType;
-      return 'document' as AttachmentType;
-    default:
-      return 'other' as AttachmentType;
-  }
-}
+type PendingAttachment = {
+  id: string;
+  name: string;
+  fileType: string;
+  signedUrl: string;
+};
 
 export function CommentItem({ comment }: { comment: CommentWithAuthor }) {
   const [isEditing, setIsEditing] = useState(false);
   const [editedContent, setEditedContent] = useState(comment.content);
-  const [currentAttachments, setCurrentAttachments] = useState(
-    [...comment.attachments], // Create a mutable copy
-  );
+  const [currentAttachments, setCurrentAttachments] = useState([...comment.attachments]);
   const [attachmentsToRemove, setAttachmentsToRemove] = useState<string[]>([]);
-  // Minimal type for pending attachments during editing.
-  type PendingAttachment = {
-    id: string;
-    name: string;
-    fileType: string;
-    signedUrl: string;
-  };
-  // Store pending attachments including fileType and signedUrl
   const [pendingAttachmentsToAdd, setPendingAttachmentsToAdd] = useState<PendingAttachment[]>([]);
-  const [isUploading, setIsUploading] = useState(false);
   const fileInputRef = useRef<HTMLInputElement>(null);
   const router = useRouter();
-
   const [deletingAttachmentIds, setDeletingAttachmentIds] = useState<string[]>([]);
 
+  const { execute: executeUpload, isExecuting: isUploading } = useAction(uploadFile, {
+    onSuccess: ({ data }) => {
+      if (data) {
+        setPendingAttachmentsToAdd((prev) => [
+          ...prev,
+          {
+            id: data.id,
+            name: data.name,
+            fileType: data.type,
+            signedUrl: data.signedUrl,
+          },
+        ]);
+        toast.success(`File "${data.name}" ready for attachment.`);
+      }
+    },
+    onError: ({ error }) => {
+      toast.error(error.serverError || 'Failed to upload file.');
+    },
+    onSettled: () => {
+      if (fileInputRef.current) {
+        fileInputRef.current.value = '';
+      }
+    },
+  });
+
   const handleEditToggle = () => {
     if (!isEditing) {
       setEditedContent(comment.content);
@@ -98,72 +100,35 @@ export function CommentItem({ comment }: { comment: CommentWithAuthor }) {
       return;
     }
 
-    // Call the update action
     try {
-      // --- Deletion Phase ---
-      // Call the delete action for all attachments marked for removal
       if (attachmentsToRemove.length > 0) {
         await Promise.all(
           attachmentsToRemove.map((attachmentId) => deleteCommentAttachment({ attachmentId })),
         );
-        // Optionally: Add error handling for individual deletions if needed
       }
 
-      // --- Update Phase ---
-      const { success, error } = await updateComment({
+      await updateComment({
         commentId: comment.id,
         content: contentChanged ? editedContent : undefined,
         attachmentIdsToAdd: attachmentsAdded ? pendingAttachmentsToAdd.map((a) => a.id) : undefined,
-        attachmentIdsToRemove: attachmentsRemoved ? attachmentsToRemove : undefined,
       });
 
-      if (success) {
-        toast.success('Comment updated successfully.');
-
-        // Optimistically add new attachments to currentAttachments for immediate UI update
-        setCurrentAttachments((prev) => [
-          // Remove attachments marked for removal
-          ...prev.filter((att) => !attachmentsToRemove.includes(att.id)),
-          // Add new attachments (promote PendingAttachment to minimal Attachment shape)
-          ...pendingAttachmentsToAdd.map((pending) => ({
-            id: pending.id,
-            name: pending.name,
-            fileType: pending.fileType,
-            url: pending.signedUrl, // Use signedUrl as url for now
-            type: mapFileTypeToAttachmentType(pending.fileType),
-            entityId: comment.entityId,
-            entityType: AttachmentEntityType.comment,
-            createdAt: new Date(),
-            updatedAt: new Date(),
-            organizationId: comment.organizationId,
-            commentId: comment.id,
-          })),
-        ]);
-
-        setEditedContent(contentChanged ? editedContent : comment.content);
-        setPendingAttachmentsToAdd([]);
-        setAttachmentsToRemove([]);
-        router.refresh();
-      } else {
-        toast.error(String(error || 'Failed to update comment.'));
-      }
+      toast.success('Comment updated successfully.');
+      router.refresh();
+      setIsEditing(false);
     } catch (error) {
       toast.error('Failed to save comment changes.');
       console.error('Save changes error:', error);
-    } finally {
-      setIsEditing(false);
     }
   };
 
   const handleDeleteComment = async () => {
     if (window.confirm('Are you sure you want to delete this comment?')) {
-      console.log('Deleting comment:', comment.id);
       await deleteComment({ commentId: comment.id });
       router.refresh();
     }
   };
 
-  // Handler for AttachmentItem to mark for removal
   const handleMarkForRemoval = (attachmentId: string) => {
     setAttachmentsToRemove((prev) => [...prev, attachmentId]);
     setCurrentAttachments((prev) => prev.filter((att) => att.id !== attachmentId));
@@ -190,79 +155,38 @@ export function CommentItem({ comment }: { comment: CommentWithAuthor }) {
       const files = event.target.files;
       if (!files || files.length === 0) return;
 
-      setIsUploading(true);
-
-      // Helper to process a single file
-      const processFile = (file: File) => {
-        return new Promise<void>((resolve) => {
-          // Add file size check here
-          const MAX_FILE_SIZE_MB = 5;
-          const MAX_FILE_SIZE_BYTES = MAX_FILE_SIZE_MB * 1024 * 1024;
-          if (file.size > MAX_FILE_SIZE_BYTES) {
-            toast.error(`File "${file.name}" exceeds the ${MAX_FILE_SIZE_MB}MB limit.`);
-            return resolve(); // Skip processing this file
-          }
+      for (const file of Array.from(files)) {
+        const MAX_FILE_SIZE_MB = 10;
+        const MAX_FILE_SIZE_BYTES = MAX_FILE_SIZE_MB * 1024 * 1024;
+        if (file.size > MAX_FILE_SIZE_BYTES) {
+          toast.error(`File "${file.name}" exceeds the ${MAX_FILE_SIZE_MB}MB limit.`);
+          continue;
+        }
 
-          if (!file.type.startsWith('image/')) {
-            toast.info('Only image previews are shown before submitting.');
+        const reader = new FileReader();
+        reader.onloadend = async () => {
+          const base64Data = (reader.result as string)?.split(',')[1];
+          if (!base64Data) {
+            toast.error(`Failed to read file data for ${file.name}`);
+            return;
           }
-          const reader = new FileReader();
-          reader.onloadend = async () => {
-            const dataUrlResult = reader.result as string;
-            const base64Data = dataUrlResult?.split(',')[1];
-            if (!base64Data) {
-              toast.error(`Failed to read file data for ${file.name}`);
-              return resolve();
-            }
-            const { success, data, error } = await uploadFile({
-              fileName: file.name,
-              fileType: file.type,
-              fileData: base64Data,
-              entityId: comment.entityId,
-              entityType: 'comment',
-            });
-            if (error) {
-              console.error('Upload file action error occurred:', error);
-              toast.error(`Failed to upload "${file.name}": ${error}`);
-            } else if (success && data?.id && data.signedUrl) {
-              setPendingAttachmentsToAdd((prev) => [
-                ...prev,
-                {
-                  id: data?.id ?? '',
-                  name: data?.name ?? '',
-                  fileType: file.type,
-                  signedUrl: data.signedUrl,
-                } as PendingAttachment,
-              ]);
-              toast.success(`File "${data?.name ?? 'unknown'}" ready for attachment.`);
-            } else {
-              console.error('Upload succeeded but missing data:', data);
-              toast.error(`Failed to process "${file.name}" after upload.`);
-            }
-            resolve();
-          };
-          reader.onerror = () => {
-            toast.error(`Error reading file: ${file.name}`);
-            resolve();
-          };
-          reader.readAsDataURL(file);
-        });
-      };
-
-      // Process all files sequentially
-      (async () => {
-        for (const file of Array.from(files)) {
-          await processFile(file);
-        }
-        setIsUploading(false);
-        if (fileInputRef.current) fileInputRef.current.value = '';
-      })();
+          executeUpload({
+            fileName: file.name,
+            fileType: file.type,
+            fileData: base64Data,
+            entityId: comment.id,
+            entityType: AttachmentEntityType.comment,
+          });
+        };
+        reader.onerror = () => {
+          toast.error(`Error reading file: ${file.name}`);
+        };
+        reader.readAsDataURL(file);
+      }
     },
-    [comment.entityId],
+    [executeUpload, comment.id],
   );
 
-  const isProcessing = isUploading;
-
   const [busyAttachmentId, setBusyAttachmentId] = useState<string | null>(null);
 
   const handleDownloadClick = async (attachmentId: string) => {
@@ -284,19 +208,15 @@ export function CommentItem({ comment }: { comment: CommentWithAuthor }) {
     }
   };
 
-  // Handler to open pre-signed URL for PENDING attachments (already available)
   const handlePendingAttachmentClick = (attachmentId: string) => {
     const pendingAttachment = pendingAttachmentsToAdd.find((att) => att.id === attachmentId);
     if (pendingAttachment?.signedUrl) {
-      // Use signedUrl
-      window.open(pendingAttachment.signedUrl, '_blank'); // Use signedUrl
+      window.open(pendingAttachment.signedUrl, '_blank');
     } else {
       toast.error('Preview URL not available for this pending attachment.');
-      console.warn('Could not find pending attachment or signedUrl for ID:', attachmentId); // Use signedUrl
     }
   };
 
-  // Handler to remove a PENDING attachment from the list before saving
   const handleRemovePendingAttachment = (attachmentId: string) => {
     setPendingAttachmentsToAdd((prev) => prev.filter((att) => att.id !== attachmentId));
   };
@@ -372,20 +292,17 @@ export function CommentItem({ comment }: { comment: CommentWithAuthor }) {
                   <div className="flex flex-col gap-2">
                     <Label className="block text-xs font-medium">Attachments</Label>
                     <div className="flex flex-col gap-2">
-                      {/* Combined attachments row */}
                       <div className="flex flex-wrap gap-2">
-                        {/* Pending attachments first */}
                         {pendingAttachmentsToAdd.map((att: PendingAttachment) => (
                           <AttachmentItem
                             key={att.id}
                             pendingAttachment={att}
                             onClickFilename={handlePendingAttachmentClick}
                             onDelete={handleRemovePendingAttachment}
-                            isParentBusy={isProcessing}
+                            isParentBusy={isUploading}
                             canDelete={true}
                           />
                         ))}
-                        {/* Existing attachments second */}
                         {currentAttachments.map((att) => (
                           <AttachmentItem
                             key={att.id}
@@ -435,7 +352,6 @@ export function CommentItem({ comment }: { comment: CommentWithAuthor }) {
                     </div>
                   </div>
                 ) : (
-                  // Display mode: only show attachments if not editing
                   <div className="flex flex-wrap gap-2">
                     {currentAttachments.map((att) => (
                       <AttachmentItem
@@ -456,19 +372,13 @@ export function CommentItem({ comment }: { comment: CommentWithAuthor }) {
               </div>
             )}
 
-            {/* Edit Mode Buttons */}
             {isEditing && (
               <div className="flex justify-end gap-2 pt-3">
-                <Button
-                  variant="ghost"
-                  size="sm"
-                  onClick={handleCancelEdit}
-                  disabled={isProcessing} // Disable only when saving
-                >
+                <Button variant="ghost" size="sm" onClick={handleCancelEdit} disabled={isUploading}>
                   Cancel
                 </Button>
-                <Button size="sm" onClick={handleSaveEdit} disabled={isProcessing}>
-                  {isProcessing ? 'Saving...' : 'Save Changes'}
+                <Button size="sm" onClick={handleSaveEdit} disabled={isUploading}>
+                  {isUploading ? 'Saving...' : 'Save Changes'}
                 </Button>
               </div>
             )}
diff --git a/apps/app/src/utils/logger.ts b/apps/app/src/utils/logger.ts
index 6f6c07a57..8d8bd883c 100644
--- a/apps/app/src/utils/logger.ts
+++ b/apps/app/src/utils/logger.ts
@@ -1,3 +1,11 @@
-export const logger = (message: string, params?: unknown) => {
-  console.log(message, params);
+export const logger = {
+  info: (message: string, params?: unknown) => {
+    console.log(`[INFO] ${message}`, params || '');
+  },
+  warn: (message: string, params?: unknown) => {
+    console.warn(`[WARN] ${message}`, params || '');
+  },
+  error: (message: string, params?: unknown) => {
+    console.error(`[ERROR] ${message}`, params || '');
+  },
 };

From af52289e4bb71752f915d96f74f542ada14ea293 Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Thu, 31 Jul 2025 12:27:27 -0400
Subject: [PATCH 5/8] fix: improve error handling in file upload processes

- Enhanced error logging in TaskBody and CommentItem components by adding console error messages for failed uploads.
- Updated user feedback to include a note to check the console for details on upload failures.
---
 .../app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx   | 3 ++-
 apps/app/src/components/comments/CommentItem.tsx               | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx b/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx
index 8ba31c860..436b4797c 100644
--- a/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx
+++ b/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx
@@ -47,7 +47,8 @@ export function TaskBody({
       toast.success('File uploaded successfully');
     },
     onError: ({ error }) => {
-      toast.error(error.serverError || 'Failed to upload file.');
+      console.error('File upload failed:', error);
+      toast.error(error.serverError || 'Failed to upload file. Check console for details.');
     },
     onSettled: () => {
       if (fileInputRef.current) {
diff --git a/apps/app/src/components/comments/CommentItem.tsx b/apps/app/src/components/comments/CommentItem.tsx
index 57045f4ad..5fb1a1278 100644
--- a/apps/app/src/components/comments/CommentItem.tsx
+++ b/apps/app/src/components/comments/CommentItem.tsx
@@ -66,7 +66,8 @@ export function CommentItem({ comment }: { comment: CommentWithAuthor }) {
       }
     },
     onError: ({ error }) => {
-      toast.error(error.serverError || 'Failed to upload file.');
+      console.error('File upload failed:', error);
+      toast.error(error.serverError || 'Failed to upload file. Check console for details.');
     },
     onSettled: () => {
       if (fileInputRef.current) {

From e1f309f95f8565f63b82c92f90e9f5e91aa19d4e Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Thu, 31 Jul 2025 12:29:08 -0400
Subject: [PATCH 6/8] refactor: update input handling for audit log in
 authActionClient

- Modified the input structure for the audit log by excluding file data from client input, improving data privacy and clarity in logging.
- Ensured that only relevant user and action information is captured in the audit log.
---
 apps/app/src/actions/safe-action.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/apps/app/src/actions/safe-action.ts b/apps/app/src/actions/safe-action.ts
index 71230f4ac..2fdbf2ed5 100644
--- a/apps/app/src/actions/safe-action.ts
+++ b/apps/app/src/actions/safe-action.ts
@@ -154,13 +154,15 @@ export const authActionClient = actionClientWithMeta
       throw new Error('Member not found');
     }
 
+    const { fileData: _, ...inputForAuditLog } = clientInput as any;
+
     const data = {
       userId: session.user.id,
       email: session.user.email,
       name: session.user.name,
       organizationId: session.session.activeOrganizationId,
       action: metadata.name,
-      input: clientInput,
+      input: inputForAuditLog,
       ipAddress: headersList.get('x-forwarded-for') || null,
       userAgent: headersList.get('user-agent') || null,
     };

From bb2addc710190ad570d508f1eabebfe04868b9af Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Thu, 31 Jul 2025 13:45:31 -0400
Subject: [PATCH 7/8] refactor: streamline logging in authActionClient by
 excluding file data

- Updated logging in authActionClient and authActionClientWithoutOrg to exclude file data from client input, enhancing data privacy.
- Improved clarity in logs by focusing on relevant user and action information while maintaining validation error logging.
---
 apps/app/src/actions/safe-action.ts | 30 ++++++++++++-----------------
 1 file changed, 12 insertions(+), 18 deletions(-)

diff --git a/apps/app/src/actions/safe-action.ts b/apps/app/src/actions/safe-action.ts
index 2fdbf2ed5..3814b4f65 100644
--- a/apps/app/src/actions/safe-action.ts
+++ b/apps/app/src/actions/safe-action.ts
@@ -68,16 +68,13 @@ export const authActionClient = actionClientWithMeta
       },
     });
 
-    if (process.env.NODE_ENV === 'development') {
-      logger.info('Input ->', JSON.stringify(clientInput, null, 2));
-      logger.info('Result ->', JSON.stringify(result.data, null, 2));
+    const { fileData: _, ...inputForLog } = clientInput as any;
+    logger.info('Input ->', JSON.stringify(inputForLog, null, 2));
+    logger.info('Result ->', JSON.stringify(result.data, null, 2));
 
-      // Also log validation errors if they exist
-      if (result.validationErrors) {
-        logger.warn('Validation Errors ->', JSON.stringify(result.validationErrors, null, 2));
-      }
-
-      return result;
+    // Also log validation errors if they exist
+    if (result.validationErrors) {
+      logger.warn('Validation Errors ->', JSON.stringify(result.validationErrors, null, 2));
     }
 
     return result;
@@ -275,16 +272,13 @@ export const authActionClientWithoutOrg = actionClientWithMeta
       },
     });
 
-    if (process.env.NODE_ENV === 'development') {
-      logger.info('Input ->', JSON.stringify(clientInput, null, 2));
-      logger.info('Result ->', JSON.stringify(result.data, null, 2));
-
-      // Also log validation errors if they exist
-      if (result.validationErrors) {
-        logger.warn('Validation Errors ->', JSON.stringify(result.validationErrors, null, 2));
-      }
+    const { fileData: _, ...inputForLog } = clientInput as any;
+    logger.info('Input ->', JSON.stringify(inputForLog, null, 2));
+    logger.info('Result ->', JSON.stringify(result.data, null, 2));
 
-      return result;
+    // Also log validation errors if they exist
+    if (result.validationErrors) {
+      logger.warn('Validation Errors ->', JSON.stringify(result.validationErrors, null, 2));
     }
 
     return result;

From 89a6d16daef5e7b67dcc9496c1d2d0e70f865661 Mon Sep 17 00:00:00 2001
From: Mariano Fuentes <marfuen98@gmail.com>
Date: Thu, 31 Jul 2025 13:46:00 -0400
Subject: [PATCH 8/8] feat: add API endpoint to delete users for QA team

- Implemented a new POST endpoint at /api/qa/delete-user to allow the QA team to delete users and their associated data.
- Added error handling for authorization, missing userId, and user existence checks.
- Returns appropriate success and error responses based on the request outcome.
---
 apps/app/src/app/api/qa/delete-user/route.ts | 112 +++++++++++++++++++
 1 file changed, 112 insertions(+)
 create mode 100644 apps/app/src/app/api/qa/delete-user/route.ts

diff --git a/apps/app/src/app/api/qa/delete-user/route.ts b/apps/app/src/app/api/qa/delete-user/route.ts
new file mode 100644
index 000000000..ec02d4139
--- /dev/null
+++ b/apps/app/src/app/api/qa/delete-user/route.ts
@@ -0,0 +1,112 @@
+import { db } from '@db';
+import { type NextRequest, NextResponse } from 'next/server';
+
+/**
+ * POST /api/qa/delete-user
+ *
+ * Deletes a user and all associated data.
+ * This is an internal endpoint for QA team.
+ *
+ * Headers:
+ * - Authorization: Bearer {QA_SECRET}
+ *
+ * Body:
+ * - userId: string - The ID of the user to delete.
+ *
+ * Returns:
+ * - 200: { success: true, message: "User deleted successfully", userId: string }
+ * - 400: { success: false, error: "Missing userId in request body" }
+ * - 401: { success: false, error: "Unauthorized" }
+ * - 500: { success: false, error: "Failed to delete user" }
+ */
+export async function POST(request: NextRequest) {
+  const authHeader = request.headers.get('authorization');
+  const qaSecret = process.env.QA_SECRET;
+
+  if (!qaSecret) {
+    console.error('QA_SECRET is not set in environment variables.');
+    return NextResponse.json(
+      {
+        success: false,
+        error: 'Internal server configuration error.',
+      },
+      { status: 500 },
+    );
+  }
+
+  const token = authHeader?.split(' ')[1];
+
+  if (!token || token !== qaSecret) {
+    return NextResponse.json(
+      {
+        success: false,
+        error: 'Unauthorized',
+      },
+      { status: 401 },
+    );
+  }
+
+  let body;
+  try {
+    body = await request.json();
+  } catch (error) {
+    return NextResponse.json(
+      {
+        success: false,
+        error: 'Invalid JSON in request body',
+      },
+      { status: 400 },
+    );
+  }
+
+  const { userId } = body;
+
+  if (!userId) {
+    return NextResponse.json(
+      {
+        success: false,
+        error: 'Missing userId in request body',
+      },
+      { status: 400 },
+    );
+  }
+
+  try {
+    // Check if user exists
+    const existingUser = await db.user.findUnique({
+      where: { id: userId },
+    });
+
+    if (!existingUser) {
+      return NextResponse.json(
+        {
+          success: false,
+          error: 'Failed to delete user',
+        },
+        { status: 500 },
+      );
+    }
+
+    // Delete the user (cascading deletes will handle related records)
+    await db.user.delete({
+      where: { id: userId },
+    });
+
+    console.log(`QA: User ${userId} deleted successfully`);
+
+    return NextResponse.json({
+      success: true,
+      message: 'User deleted successfully',
+      userId: userId,
+    });
+  } catch (error) {
+    console.error('Error deleting user:', error);
+    return NextResponse.json(
+      {
+        success: false,
+        error: 'Failed to delete user',
+      },
+      { status: 500 },
+    );
+  }
+}