7cd0603cfb
BREAKING: dev_session cookie bypass removed. Admin access now requires a real Auth.js v5 session (Google OAuth in production). Provision users by inserting into users + tenant_users tables. New in this commit: - db/migrations/0001_init.sql: 18-table SaaS schema with RLS (tenants, users, tenant_users, plans, add_ons, subscriptions, tenant_add_ons, products, product_images, stops, customers, orders, order_items, brand_settings, email_templates, campaigns, files, audit_log) - db/schema/: Drizzle TypeScript mirror of every table - db/client.ts: withTenant() / withPlatformAdmin() query wrappers that set Postgres GUCs (app.current_tenant_id, app.platform_admin) for RLS enforcement. Never query a tenant-scoped table without one. - db/seed.ts: seeds 3 plans, 6 add-ons, 2 tenants (Tuxedo, Indian River Direct), brand_settings, sample products/stops/customers - scripts/migrate.js: applies migrations in lexical order with tracking - scripts/db-reset.js: drops + recreates DB, runs migrate + seed - DATABASE_URL now uses rc_app (non-superuser, NOBYPASSRLS). RLS is enforced even for the app user. DATABASE_ADMIN_URL for migrations. - src/lib/admin-permissions.ts: getAdminUser() reads Auth.js session, looks up user + tenant in Postgres. brand_id kept as alias for backward compat. - src/middleware.ts: Auth.js-only route protection, dev_session gone - src/app/login/LoginClient.tsx: Google OAuth only, no demo mode - src/components/admin/AdminSidebar.tsx + AdminHeader.tsx: signOutAction replaces supabase signout - @/db/* path aliases in tsconfig.json + vitest.config.ts - drizzle.config.ts added - db/auth_schema.sql removed (was a stub; replaced by real schema) - src/app/api/dev-login/route.ts deleted - tests: updated to remove dev_session coverage
68 lines
2.1 KiB
TypeScript
68 lines
2.1 KiB
TypeScript
/**
|
|
* Orders + order_items. Source of truth: `db/migrations/0001_init.sql`.
|
|
*/
|
|
import {
|
|
pgTable,
|
|
uuid,
|
|
text,
|
|
integer,
|
|
timestamp,
|
|
index,
|
|
} from "drizzle-orm/pg-core";
|
|
import { orderStatusEnum, fulfillmentEnum, itemFulfillmentEnum } from "./enums";
|
|
import { tenants } from "./tenants";
|
|
import { customers } from "./customers";
|
|
import { products } from "./products";
|
|
|
|
export const orders = pgTable(
|
|
"orders",
|
|
{
|
|
id: uuid("id").primaryKey().defaultRandom(),
|
|
tenantId: uuid("tenant_id")
|
|
.notNull()
|
|
.references(() => tenants.id, { onDelete: "cascade" }),
|
|
customerId: uuid("customer_id").references(() => customers.id, {
|
|
onDelete: "set null",
|
|
}),
|
|
totalCents: integer("total_cents").notNull().default(0),
|
|
status: text("status", { enum: orderStatusEnum }).notNull().default("pending"),
|
|
fulfillment: text("fulfillment", { enum: fulfillmentEnum }).notNull(),
|
|
notes: text("notes"),
|
|
placedAt: timestamp("placed_at", { withTimezone: true })
|
|
.notNull()
|
|
.defaultNow(),
|
|
updatedAt: timestamp("updated_at", { withTimezone: true })
|
|
.notNull()
|
|
.defaultNow(),
|
|
},
|
|
(t) => ({
|
|
tenantIdx: index("orders_tenant_idx").on(t.tenantId),
|
|
customerIdx: index("orders_customer_idx").on(t.customerId),
|
|
statusIdx: index("orders_status_idx").on(t.tenantId, t.status),
|
|
}),
|
|
);
|
|
|
|
export const orderItems = pgTable(
|
|
"order_items",
|
|
{
|
|
id: uuid("id").primaryKey().defaultRandom(),
|
|
orderId: uuid("order_id")
|
|
.notNull()
|
|
.references(() => orders.id, { onDelete: "cascade" }),
|
|
productId: uuid("product_id").references(() => products.id, {
|
|
onDelete: "set null",
|
|
}),
|
|
quantity: integer("quantity").notNull(),
|
|
priceCents: integer("price_cents").notNull(),
|
|
fulfillment: text("fulfillment", { enum: itemFulfillmentEnum }).notNull(),
|
|
},
|
|
(t) => ({
|
|
orderIdx: index("order_items_order_idx").on(t.orderId),
|
|
}),
|
|
);
|
|
|
|
export type Order = typeof orders.$inferSelect;
|
|
export type NewOrder = typeof orders.$inferInsert;
|
|
export type OrderItem = typeof orderItems.$inferSelect;
|
|
export type NewOrderItem = typeof orderItems.$inferInsert;
|