Skip to content

[comp] Production Deploy #1393

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Marfuen merged 18 commits into from
Aug 25, 2025
Merged

[comp] Production Deploy #1393

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
260131d
fix: Restrict member management actions to Owner/Admin roles
Dhanus3133 Aug 23, 2025
3848a65
fix: Update member role check
Dhanus3133 Aug 23, 2025
1024b67
chore: Remove unused code
Dhanus3133 Aug 23, 2025
194b462
fix: Validate user role for adding employee
Dhanus3133 Aug 23, 2025
2a9b769
chore: Formatting
Dhanus3133 Aug 23, 2025
5c0d3e2
chore: Remove unused
Dhanus3133 Aug 23, 2025
7263791
fix: Validate user role when revoking invitation
Dhanus3133 Aug 23, 2025
70f544c
chore: Formatting
Dhanus3133 Aug 23, 2025
ec77b2f
fix: Type errors
Dhanus3133 Aug 23, 2025
1a2b9d2
fix: Member edit only for owner/admin
Dhanus3133 Aug 23, 2025
e98926a
feat: Vendor delete button
Dhanus3133 Aug 23, 2025
bcf4434
feat: Add sorting options for organization list
Dhanus3133 Aug 23, 2025
3cb06d6
feat: Update tasks on top level
Dhanus3133 Aug 23, 2025
07e93b4
Merge pull request #1392 from Dhanus3133/feat/tasks-status-update-top
Marfuen Aug 25, 2025
ebffd26
Merge branch 'main' into feat/org-list-sorting
Marfuen Aug 25, 2025
36901eb
Merge pull request #1391 from Dhanus3133/feat/org-list-sorting
Marfuen Aug 25, 2025
54acb16
Merge pull request #1390 from Dhanus3133/feat/vendor-delete-button
Marfuen Aug 25, 2025
ddb4bb2
Merge pull request #1388 from Dhanus3133/fix/restrict-member-management
Marfuen Aug 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
69 changes: 0 additions & 69 deletions apps/app/src/app/(app)/[orgId]/people/[employeeId]/actions/get-employee-details.ts
View file
Open in desktop

This file was deleted.

80 changes: 0 additions & 80 deletions apps/app/src/app/(app)/[orgId]/people/[employeeId]/actions/update-department.ts
View file
Open in desktop

This file was deleted.

91 changes: 0 additions & 91 deletions apps/app/src/app/(app)/[orgId]/people/[employeeId]/actions/update-employee-details.ts
View file
Open in desktop

This file was deleted.

85 changes: 0 additions & 85 deletions apps/app/src/app/(app)/[orgId]/people/[employeeId]/actions/update-employee-status.ts
View file
Open in desktop

This file was deleted.

46 changes: 43 additions & 3 deletions apps/app/src/app/(app)/[orgId]/people/[employeeId]/actions/update-employee.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,35 @@ export const updateEmployee = authActionClient
const { employeeId, name, email, department, isActive, createdAt } = parsedInput;

const organizationId = ctx.session.activeOrganizationId;
if (!organizationId) throw new Error(appErrors.UNAUTHORIZED.message);
if (!organizationId) {
return {
success: false,
error: {
code: appErrors.UNAUTHORIZED,
message: appErrors.UNAUTHORIZED.message,
},
};
}

const currentUserMember = await db.member.findFirst({
where: {
organizationId: organizationId,
userId: ctx.user.id,
},
});

if (
!currentUserMember ||
(!currentUserMember.role.includes('admin') && !currentUserMember.role.includes('owner'))
) {
return {
success: false,
error: {
code: appErrors.UNAUTHORIZED,
message: "You don't have permission to update members.",
},
};
}

const member = await db.member.findUnique({
where: {
Expand All @@ -40,7 +68,13 @@ export const updateEmployee = authActionClient
});

if (!member || !member.user) {
throw new Error(appErrors.NOT_FOUND.message);
return {
success: false,
error: {
code: appErrors.NOT_FOUND,
message: appErrors.NOT_FOUND.message,
},
};
}

const memberUpdateData: {
Expand Down Expand Up @@ -110,7 +144,13 @@ export const updateEmployee = authActionClient
if (error.code === 'P2002') {
const targetFields = error.meta?.target as string[] | undefined;
if (targetFields?.includes('email')) {
throw new Error('Email address is already in use.');
return {
success: false,
error: {
code: appErrors.UNEXPECTED_ERROR,
message: 'Email address is already in use.',
},
};
}
}
}
Expand Down
Loading
Loading