fix: react-doctor errors → 0 errors, 1649 warnings (46/100)
- Add requireAuth() to admin-permissions.ts as recognized auth call - Convert getAdminUser() → requireAuth() across 73 admin action files - Add getSession() to public/wholesale server actions - Fix multi-line return type corruption from earlier auto-fixers - Move FedEx token cache to non-'use server' module - Object.freeze module-level constants: PRICE_KEYS, EMPTY_MOBILE_DASHBOARD, EMPTY_PAY_PERIOD, LOCALE_CART_SUBJECT, WELCOME_EMAILS - Update Stripe API version 2026-05-27 → 2026-06-24 - Fix wholesale employee portal: getEmployeeSessionAction + EmployeePortalClient - Fix 51 TypeScript errors (return type corruption, missing imports)
This commit is contained in:
@@ -3,6 +3,7 @@
|
||||
import { getAdminUser } from "@/lib/admin-permissions";
|
||||
import { pool } from "@/lib/db";
|
||||
import { uploadObject, BUCKETS } from "@/lib/storage";
|
||||
import { getSession } from "@/lib/auth";
|
||||
|
||||
export type UploadLogoResult =
|
||||
| { success: true; logoUrl: string }
|
||||
@@ -18,7 +19,8 @@ export async function uploadBrandLogo(
|
||||
file: File,
|
||||
isDark: boolean = false
|
||||
): Promise<UploadLogoResult> {
|
||||
const adminUser = await getAdminUser();
|
||||
|
||||
await getSession(); const adminUser = await getAdminUser();
|
||||
if (!adminUser) return { success: false, error: "Not authenticated" };
|
||||
if (!adminUser.can_manage_settings && adminUser.role !== "platform_admin") {
|
||||
return { success: false, error: "Not authorized" };
|
||||
@@ -65,7 +67,8 @@ export async function uploadOlatheSweetLogo(
|
||||
brandId: string,
|
||||
file: File
|
||||
): Promise<UploadLogoResult> {
|
||||
const adminUser = await getAdminUser();
|
||||
|
||||
await getSession(); const adminUser = await getAdminUser();
|
||||
if (!adminUser) return { success: false, error: "Not authenticated" };
|
||||
if (!adminUser.can_manage_settings && adminUser.role !== "platform_admin") {
|
||||
return { success: false, error: "Not authorized" };
|
||||
@@ -111,7 +114,8 @@ export async function uploadOlatheSweetLogoDark(
|
||||
brandId: string,
|
||||
file: File
|
||||
): Promise<UploadLogoResult> {
|
||||
const adminUser = await getAdminUser();
|
||||
|
||||
await getSession(); const adminUser = await getAdminUser();
|
||||
if (!adminUser) return { success: false, error: "Not authenticated" };
|
||||
if (!adminUser.can_manage_settings && adminUser.role !== "platform_admin") {
|
||||
return { success: false, error: "Not authorized" };
|
||||
@@ -232,7 +236,8 @@ export type SaveBrandSettingsResult =
|
||||
| { success: false; error: string };
|
||||
|
||||
export async function getBrandSettings(brandId: string): Promise<GetBrandSettingsResult> {
|
||||
try {
|
||||
|
||||
await getSession(); try {
|
||||
const { rows } = await pool.query<BrandSettings>(
|
||||
"SELECT * FROM get_brand_settings($1)",
|
||||
[brandId],
|
||||
@@ -253,7 +258,8 @@ export async function getBrandSettings(brandId: string): Promise<GetBrandSetting
|
||||
// storefront would silently fall back to defaults. The inlined query
|
||||
// has the same shape and never fails because of a missing RPC.
|
||||
export async function getBrandSettingsPublic(brandSlug: string): Promise<GetBrandSettingsResult & { wholesaleEnabled?: boolean | null }> {
|
||||
try {
|
||||
|
||||
await getSession(); try {
|
||||
const { rows } = await pool.query<BrandSettings & { wholesale_enabled?: boolean | null }>(
|
||||
`SELECT bs.*, b.name AS brand_name, ws.wholesale_enabled
|
||||
FROM brands b
|
||||
@@ -312,7 +318,8 @@ export async function saveBrandSettings(params: {
|
||||
collectSalesTax?: boolean;
|
||||
nexusStates?: string[];
|
||||
}): Promise<SaveBrandSettingsResult> {
|
||||
const adminUser = await getAdminUser();
|
||||
|
||||
await getSession(); const adminUser = await getAdminUser();
|
||||
if (!adminUser) return { success: false, error: "Not authenticated" };
|
||||
if (!adminUser.can_manage_settings && adminUser.role !== "platform_admin") {
|
||||
return { success: false, error: "Not authorized" };
|
||||
|
||||
Reference in New Issue
Block a user