129 lines
4.7 KiB
TypeScript
129 lines
4.7 KiB
TypeScript
"use server";
|
|
|
|
import { getAdminUser } from "@/lib/admin-permissions";
|
|
import { svcHeaders } from "@/lib/svc-headers";
|
|
import { logAuditEvent } from "@/actions/audit";
|
|
|
|
export type UpdateOrderResult =
|
|
| { success: true }
|
|
| { success: false; error: string };
|
|
|
|
export async function updateOrder(
|
|
orderId: string,
|
|
brandId: string | null,
|
|
data: {
|
|
customer_name?: string;
|
|
customer_email?: string | null;
|
|
customer_phone?: string | null;
|
|
status?: string;
|
|
discount_amount?: number | null;
|
|
discount_reason?: string | null;
|
|
internal_notes?: string | null;
|
|
pickup_complete?: boolean;
|
|
pickup_completed_at?: string | null;
|
|
subtotal?: number;
|
|
// Payment fields
|
|
payment_processor?: string | null;
|
|
payment_status?: string | null;
|
|
payment_transaction_id?: string | null;
|
|
}
|
|
): Promise<UpdateOrderResult> {
|
|
const adminUser = await getAdminUser();
|
|
if (!adminUser) return { success: false, error: "Not authenticated" };
|
|
if (!adminUser.can_manage_orders) return { success: false, error: "Not authorized" };
|
|
|
|
if (adminUser.role === "brand_admin" && adminUser.brand_id && adminUser.brand_id !== brandId) {
|
|
return { success: false, error: "Not authorized for this brand" };
|
|
}
|
|
|
|
const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL!;
|
|
const supabaseKey = process.env.SUPABASE_SERVICE_ROLE_KEY!;
|
|
|
|
const patchData: Record<string, unknown> = {};
|
|
if (data.customer_name !== undefined) patchData.customer_name = data.customer_name;
|
|
if (data.customer_email !== undefined) patchData.customer_email = data.customer_email;
|
|
if (data.customer_phone !== undefined) patchData.customer_phone = data.customer_phone;
|
|
if (data.status !== undefined) patchData.status = data.status;
|
|
if (data.discount_amount !== undefined) patchData.discount_amount = data.discount_amount;
|
|
if (data.discount_reason !== undefined) patchData.discount_reason = data.discount_reason;
|
|
if (data.internal_notes !== undefined) patchData.internal_notes = data.internal_notes;
|
|
if (data.pickup_complete !== undefined) patchData.pickup_complete = data.pickup_complete;
|
|
if (data.pickup_completed_at !== undefined) patchData.pickup_completed_at = data.pickup_completed_at;
|
|
if (data.subtotal !== undefined) patchData.subtotal = data.subtotal;
|
|
if (data.payment_processor !== undefined) patchData.payment_processor = data.payment_processor;
|
|
if (data.payment_status !== undefined) patchData.payment_status = data.payment_status;
|
|
if (data.payment_transaction_id !== undefined) patchData.payment_transaction_id = data.payment_transaction_id;
|
|
|
|
const res = await fetch(`${supabaseUrl}/rest/v1/orders?id=eq.${orderId}`, {
|
|
method: "PATCH",
|
|
headers: { ...svcHeaders(supabaseKey), "Content-Type": "application/json" },
|
|
body: JSON.stringify(patchData),
|
|
});
|
|
|
|
if (!res.ok) {
|
|
const err = await res.text();
|
|
return { success: false, error: `Failed: ${err}` };
|
|
}
|
|
|
|
logAuditEvent({
|
|
table_name: "orders",
|
|
record_id: orderId,
|
|
action: "UPDATE",
|
|
old_data: {},
|
|
new_data: patchData,
|
|
brand_id: brandId,
|
|
});
|
|
|
|
return { success: true };
|
|
}
|
|
|
|
export async function updateOrderItem(
|
|
itemId: string,
|
|
data: { quantity?: number; price?: number }
|
|
): Promise<UpdateOrderResult> {
|
|
const adminUser = await getAdminUser();
|
|
if (!adminUser) return { success: false, error: "Not authenticated" };
|
|
if (!adminUser.can_manage_orders) return { success: false, error: "Not authorized" };
|
|
|
|
const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL!;
|
|
const supabaseKey = process.env.SUPABASE_SERVICE_ROLE_KEY!;
|
|
|
|
const patchData: Record<string, unknown> = {};
|
|
if (data.quantity !== undefined) patchData.quantity = data.quantity;
|
|
if (data.price !== undefined) patchData.price = data.price;
|
|
|
|
const res = await fetch(`${supabaseUrl}/rest/v1/order_items?id=eq.${itemId}`, {
|
|
method: "PATCH",
|
|
headers: { ...svcHeaders(supabaseKey), "Content-Type": "application/json" },
|
|
body: JSON.stringify(patchData),
|
|
});
|
|
|
|
if (!res.ok) {
|
|
const err = await res.text();
|
|
return { success: false, error: `Failed: ${err}` };
|
|
}
|
|
|
|
return { success: true };
|
|
}
|
|
|
|
export async function deleteOrderItem(itemId: string): Promise<UpdateOrderResult> {
|
|
const adminUser = await getAdminUser();
|
|
if (!adminUser) return { success: false, error: "Not authenticated" };
|
|
if (!adminUser.can_manage_orders) return { success: false, error: "Not authorized" };
|
|
|
|
const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL!;
|
|
const supabaseKey = process.env.SUPABASE_SERVICE_ROLE_KEY!;
|
|
|
|
const res = await fetch(`${supabaseUrl}/rest/v1/order_items?id=eq.${itemId}`, {
|
|
method: "DELETE",
|
|
headers: { ...svcHeaders(supabaseKey) },
|
|
});
|
|
|
|
if (!res.ok) {
|
|
const err = await res.text();
|
|
return { success: false, error: `Failed: ${err}` };
|
|
}
|
|
|
|
return { success: true };
|
|
}
|