zaid.marzguioui/myeasycms-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4bc8448a1dd75f2a608d993abae67c8fa43045ec
myeasycms-v2/packages/features/team-accounts/src/server/actions/delete-team-account-server-actions.ts
Giancarlo Buomprisco 4bc8448a1d Unify workspace dropdowns; Update layouts (#458) 
Unified Account and Workspace drop-downs; Layout updates, now header lives within the PageBody component; Sidebars now use floating variant
2026-03-11 14:45:42 +08:00

90 lines
2.5 KiB
TypeScript
Raw Blame History

'use server';
import { redirect } from 'next/navigation';
import type { SupabaseClient } from '@supabase/supabase-js';
import { authActionClient } from '@kit/next/safe-action';
import { createOtpApi } from '@kit/otp';
import { getLogger } from '@kit/shared/logger';
import type { Database } from '@kit/supabase/database';
import { getSupabaseServerClient } from '@kit/supabase/server-client';
import { DeleteTeamAccountSchema } from '../../schema/delete-team-account.schema';
import { createDeleteTeamAccountService } from '../services/delete-team-account.service';
const enableTeamAccountDeletion =
process.env.NEXT_PUBLIC_ENABLE_TEAM_ACCOUNTS_DELETION === 'true';
export const deleteTeamAccountAction = authActionClient
.schema(DeleteTeamAccountSchema)
.action(async ({ parsedInput: params, ctx: { user } }) => {
const logger = await getLogger();
const otpService = createOtpApi(getSupabaseServerClient());
const otpResult = await otpService.verifyToken({
purpose: `delete-team-account-${params.accountId}`,
userId: user.id,
token: params.otp,
});
if (!otpResult.valid) {
throw new Error('Invalid OTP code');
}
const ctx = {
name: 'team-accounts.delete',
userId: user.id,
accountId: params.accountId,
};
if (!enableTeamAccountDeletion) {
logger.warn(ctx, `Team account deletion is not enabled`);
throw new Error('Team account deletion is not enabled');
}
logger.info(ctx, `Deleting team account...`);
await deleteTeamAccount({
accountId: params.accountId,
userId: user.id,
});
logger.info(ctx, `Team account request successfully sent`);
redirect('/home');
});
async function deleteTeamAccount(params: {
accountId: string;
userId: string;
}) {
const client = getSupabaseServerClient();
const service = createDeleteTeamAccountService();
// verify that the user has the necessary permissions to delete the team account
await assertUserPermissionsToDeleteTeamAccount(client, params.accountId);
// delete the team account
await service.deleteTeamAccount(client, params);
}
async function assertUserPermissionsToDeleteTeamAccount(
client: SupabaseClient<Database>,
accountId: string,
) {
const { data: isOwner, error } = await client
.rpc('is_account_owner', {
account_id: accountId,
})
.single();
if (error || !isOwner) {
throw new Error('You do not have permission to delete this account');
}
return isOwner;
}
Reference in New Issue View Git Blame Copy Permalink