zaid.marzguioui/myeasycms-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor team accounts feature and improve form validation

Browse Source 
Updated several components within the team accounts feature to use more specific schema definitions and provide clearer form validation. Several schema files were renamed to better reflect their usage and additional properties were included. The commit also introduces handling for a new accountId property, which provides more accurate user account tracking. Autocomplete was turned off on deletion actions for better security. Changes related to account ownership transfer were also made, including transaction logging and error handling improvements.
This commit is contained in:
giancarlo
2024-03-29 17:39:35 +08:00
parent 9e06d420bd
commit af908ae685
17 changed files with 995 additions and 887 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
supabase/migrations/20221215192558_schema.sql
View File

@@ -314,6 +314,35 @@ with
check (auth.uid () = primary_owner_user_id);
-- Functions
-- Function to transfer team account ownership to another user
create or replace function public.transfer_team_account_ownership (target_account_id uuid, new_owner_id uuid) returns void as $$
begin
if current_user not in('service_role') then
raise exception 'You do not have permission to transfer account ownership';
end if;
-- update the primary owner of the account
update public.accounts
set primary_owner_user_id = new_owner_id
where id = target_account_id and is_personal_account = false;
-- update membership assigning it the hierarchy role
update public.accounts_memberships
set account_role = (
select
name
from
public.roles
where
hierarchy_level = 1
)
where target_account_id = account_id and user_id = new_owner_id;
end;
$$ language plpgsql;
grant execute on function public.transfer_team_account_ownership (uuid, uuid) to service_role;
create function public.is_account_owner (account_id uuid) returns boolean as $$
select
exists(
@@ -326,6 +355,8 @@ create function public.is_account_owner (account_id uuid) returns boolean as $$
and primary_owner_user_id = auth.uid());
$$ language sql;
grant execute on function public.is_account_owner (uuid) to authenticated, service_role;
create
or replace function kit.protect_account_fields () returns trigger as $$
begin