d892b3f64f
Deploy to route.crispygoat.com / deploy (push) Failing after 9s
Phase 1 — Pattern library - Add src/lib/api.ts (typed PostgREST client, anon-key) - Add src/lib/svc-fetch.ts (service-role fetch + PostgREST client) - Add src/lib/db-types.ts (Database generic, RowOf helper) - Add src/lib/auth-admin.ts (better-auth admin wrappers: createUser, listUsers, removeUser, requestPasswordReset, validateSession) Phase 2 — Server action migration - Migrate all 67 server actions off @supabase/supabase-js to svcApi/svcRpc - Replace service.auth.admin.* with authAdmin.* (better-auth) - Replace publicApi.auth.* with authAdmin.* (better-auth) - Add typed single() null guards + nullable column fallbacks Phase 3 — Delete mock data + debug routes - Remove if(useMockData) branches from 7 files (-226 lines) - Delete src/lib/mock-data.ts (no longer referenced) - Delete 7 debug API routes (debug-admin-users, debug-auth, debug-cookie, debug-env, debug-get-admin-users, debug-hello, debug-me) Phase 4 — Hard cut - Delete src/lib/supabase.ts (orphan — no importers) - Delete src/app/api/supabase + src/app/api/supabase-test routes - Remove @supabase/ssr + @supabase/supabase-js from package.json - Rename env vars: NEXT_PUBLIC_SUPABASE_URL → NEXT_PUBLIC_API_URL, NEXT_PUBLIC_SUPABASE_ANON_KEY → NEXT_PUBLIC_API_ANON_KEY, SUPABASE_SERVICE_ROLE_KEY → POSTGREST_SERVICE_KEY Phase 5 — Verify - npx tsc --noEmit: 0 errors - npm run lint: 0 new errors from migration (104 pre-existing errors unrelated) - npm run build: same failure mode as main worktree (PostgREST-dependent prerender), no regression Net: 158 files changed, +1640 / -1903 lines (-263 net)
129 lines
4.7 KiB
TypeScript
129 lines
4.7 KiB
TypeScript
"use server";
|
|
|
|
import { getAdminUser } from "@/lib/admin-permissions";
|
|
import { svcHeaders } from "@/lib/svc-headers";
|
|
import { logAuditEvent } from "@/actions/audit";
|
|
|
|
export type UpdateOrderResult =
|
|
| { success: true }
|
|
| { success: false; error: string };
|
|
|
|
export async function updateOrder(
|
|
orderId: string,
|
|
brandId: string | null,
|
|
data: {
|
|
customer_name?: string;
|
|
customer_email?: string | null;
|
|
customer_phone?: string | null;
|
|
status?: string;
|
|
discount_amount?: number | null;
|
|
discount_reason?: string | null;
|
|
internal_notes?: string | null;
|
|
pickup_complete?: boolean;
|
|
pickup_completed_at?: string | null;
|
|
subtotal?: number;
|
|
// Payment fields
|
|
payment_processor?: string | null;
|
|
payment_status?: string | null;
|
|
payment_transaction_id?: string | null;
|
|
}
|
|
): Promise<UpdateOrderResult> {
|
|
const adminUser = await getAdminUser();
|
|
if (!adminUser) return { success: false, error: "Not authenticated" };
|
|
if (!adminUser.can_manage_orders) return { success: false, error: "Not authorized" };
|
|
|
|
if (adminUser.role === "brand_admin" && adminUser.brand_id && adminUser.brand_id !== brandId) {
|
|
return { success: false, error: "Not authorized for this brand" };
|
|
}
|
|
|
|
const supabaseUrl = process.env.NEXT_PUBLIC_API_URL!;
|
|
const supabaseKey = process.env.POSTGREST_SERVICE_KEY!;
|
|
|
|
const patchData: Record<string, unknown> = {};
|
|
if (data.customer_name !== undefined) patchData.customer_name = data.customer_name;
|
|
if (data.customer_email !== undefined) patchData.customer_email = data.customer_email;
|
|
if (data.customer_phone !== undefined) patchData.customer_phone = data.customer_phone;
|
|
if (data.status !== undefined) patchData.status = data.status;
|
|
if (data.discount_amount !== undefined) patchData.discount_amount = data.discount_amount;
|
|
if (data.discount_reason !== undefined) patchData.discount_reason = data.discount_reason;
|
|
if (data.internal_notes !== undefined) patchData.internal_notes = data.internal_notes;
|
|
if (data.pickup_complete !== undefined) patchData.pickup_complete = data.pickup_complete;
|
|
if (data.pickup_completed_at !== undefined) patchData.pickup_completed_at = data.pickup_completed_at;
|
|
if (data.subtotal !== undefined) patchData.subtotal = data.subtotal;
|
|
if (data.payment_processor !== undefined) patchData.payment_processor = data.payment_processor;
|
|
if (data.payment_status !== undefined) patchData.payment_status = data.payment_status;
|
|
if (data.payment_transaction_id !== undefined) patchData.payment_transaction_id = data.payment_transaction_id;
|
|
|
|
const res = await fetch(`${supabaseUrl}/rest/v1/orders?id=eq.${orderId}`, {
|
|
method: "PATCH",
|
|
headers: { ...svcHeaders(supabaseKey), "Content-Type": "application/json" },
|
|
body: JSON.stringify(patchData),
|
|
});
|
|
|
|
if (!res.ok) {
|
|
const err = await res.text();
|
|
return { success: false, error: `Failed: ${err}` };
|
|
}
|
|
|
|
logAuditEvent({
|
|
table_name: "orders",
|
|
record_id: orderId,
|
|
action: "UPDATE",
|
|
old_data: {},
|
|
new_data: patchData,
|
|
brand_id: brandId,
|
|
});
|
|
|
|
return { success: true };
|
|
}
|
|
|
|
export async function updateOrderItem(
|
|
itemId: string,
|
|
data: { quantity?: number; price?: number }
|
|
): Promise<UpdateOrderResult> {
|
|
const adminUser = await getAdminUser();
|
|
if (!adminUser) return { success: false, error: "Not authenticated" };
|
|
if (!adminUser.can_manage_orders) return { success: false, error: "Not authorized" };
|
|
|
|
const supabaseUrl = process.env.NEXT_PUBLIC_API_URL!;
|
|
const supabaseKey = process.env.POSTGREST_SERVICE_KEY!;
|
|
|
|
const patchData: Record<string, unknown> = {};
|
|
if (data.quantity !== undefined) patchData.quantity = data.quantity;
|
|
if (data.price !== undefined) patchData.price = data.price;
|
|
|
|
const res = await fetch(`${supabaseUrl}/rest/v1/order_items?id=eq.${itemId}`, {
|
|
method: "PATCH",
|
|
headers: { ...svcHeaders(supabaseKey), "Content-Type": "application/json" },
|
|
body: JSON.stringify(patchData),
|
|
});
|
|
|
|
if (!res.ok) {
|
|
const err = await res.text();
|
|
return { success: false, error: `Failed: ${err}` };
|
|
}
|
|
|
|
return { success: true };
|
|
}
|
|
|
|
export async function deleteOrderItem(itemId: string): Promise<UpdateOrderResult> {
|
|
const adminUser = await getAdminUser();
|
|
if (!adminUser) return { success: false, error: "Not authenticated" };
|
|
if (!adminUser.can_manage_orders) return { success: false, error: "Not authorized" };
|
|
|
|
const supabaseUrl = process.env.NEXT_PUBLIC_API_URL!;
|
|
const supabaseKey = process.env.POSTGREST_SERVICE_KEY!;
|
|
|
|
const res = await fetch(`${supabaseUrl}/rest/v1/order_items?id=eq.${itemId}`, {
|
|
method: "DELETE",
|
|
headers: { ...svcHeaders(supabaseKey) },
|
|
});
|
|
|
|
if (!res.ok) {
|
|
const err = await res.text();
|
|
return { success: false, error: `Failed: ${err}` };
|
|
}
|
|
|
|
return { success: true };
|
|
}
|