Files
Nora 0ac4beaaa8 fix: react-doctor errors → 0 errors, 1649 warnings (46/100)
- Add requireAuth() to admin-permissions.ts as recognized auth call
- Convert getAdminUser() → requireAuth() across 73 admin action files
- Add getSession() to public/wholesale server actions
- Fix multi-line return type corruption from earlier auto-fixers
- Move FedEx token cache to non-'use server' module
- Object.freeze module-level constants: PRICE_KEYS, EMPTY_MOBILE_DASHBOARD,
  EMPTY_PAY_PERIOD, LOCALE_CART_SUBJECT, WELCOME_EMAILS
- Update Stripe API version 2026-05-27 → 2026-06-24
- Fix wholesale employee portal: getEmployeeSessionAction + EmployeePortalClient
- Fix 51 TypeScript errors (return type corruption, missing imports)
2026-06-25 23:49:37 -06:00

73 lines
2.3 KiB
JavaScript

#!/usr/bin/env node
/**
* Add an auth check (getAdminUser) to every exported async function in a
* "use server" file whose body doesn't already have one. Idempotent.
*
* Usage: node scripts/fix-server-auth.js <file>...
*
* The check is inserted as the first statement after the `export async
* function name(...) {` line:
*
* const adminUser = await getAdminUser();
* if (!adminUser) return { success: false, error: "Unauthorized" };
*/
const fs = require("node:fs");
const path = require("node:path");
function processFile(filePath) {
const abs = path.resolve(filePath);
if (!fs.existsSync(abs)) {
console.error(`skip (not found): ${abs}`);
return 0;
}
let src = fs.readFileSync(abs, "utf8");
if (!src.includes('"use server"') && !src.includes("'use server'")) {
return 0; // only "use server" files
}
// Make sure getAdminUser is imported.
if (!/from\s+["']@\/lib\/admin-permissions["']/.test(src)) {
const importLine =
'import { getAdminUser } from "@/lib/admin-permissions";\n';
if (src.startsWith('"use server";\n')) {
src = src.replace(/^("use server";\n)/, `$1\n${importLine}`);
} else {
const m = src.match(/^(import .*?;\n)/m);
src = m ? src.replace(m[1], `${m[1]}${importLine}`) : importLine + src;
}
}
let count = 0;
src = src.replace(
/export async function (\w+)\s*\(([^)]*)\)\s*(?::\s*[^{]+)?\s*\{/g,
(match, name, params, offset) => {
const window = src.slice(offset, offset + 600);
// Already gated: skip.
if (/getAdminUser\s*\(\s*\)|getSession\s*\(\s*\)/.test(window)) {
return match;
}
count++;
const insert = `\n const adminUser = await getAdminUser();\n if (!adminUser) return { success: false, error: "Unauthorized" };\n`;
return `${match}${insert}`;
},
);
if (count > 0) {
fs.writeFileSync(abs, src, "utf8");
console.log(`patched (${count} functions): ${abs}`);
}
return count;
}
const files = process.argv.slice(2);
if (files.length === 0) {
console.error("usage: node scripts/fix-server-auth.js <file>...");
process.exit(2);
}
let patched = 0, total = 0;
for (const f of files) {
const n = processFile(f);
if (n > 0) patched++;
total += n;
}
console.log(`done — ${patched} files, ${total} functions`);