e5db66e74a
Deploy to route.crispygoat.com / deploy (push) Successful in 4m27s
The create-user action in src/actions/admin/users.ts was written against a richer admin_users schema than the one that landed in 0001_init.sql. The 0001 schema has just `name` plus the role-derived can_manage_<X> columns; the action also references display_name, phone_number, brand_id, can_manage_pickup/messages/refunds/users, active, must_change_password, auth_provider, auth_subject, and last_login. Result: 'column "display_name" of relation "admin_users" does not exist' on any create-user submit. Migration 0043 adds the missing columns with sensible defaults (ADD COLUMN IF NOT EXISTS, so re-runnable). The four extra can_manage_* flags are vestigial — getAdminUser() in lib/admin-permissions.ts derives per-user permissions from the role via permissionsForRole() and never reads them — but they exist so the create-user form's per-user toggles persist, and the migration header documents the cleanup target. The db/schema/brands.ts Drizzle adminUsers definition is extended in lockstep so the inferred TS types stay in sync with the table. brand_id is left as a denormalized column (the link table admin_user_brands is the source of truth and is what getAdminUser() reads); getAdminUsers() in the action joins on au.brand_id so keeping the column avoids rewriting the SELECT. Gitea CI runs scripts/migrate.js before the build, so this lands on prod automatically on the next push.
147 lines
5.9 KiB
TypeScript
147 lines
5.9 KiB
TypeScript
/**
|
|
* Brands (Tenants). Source of truth: `db/migrations/0001_init.sql`.
|
|
* Multi-brand isolation: every business table has `brand_id` FK → brands.id.
|
|
*/
|
|
import {
|
|
pgTable,
|
|
uuid,
|
|
text,
|
|
integer,
|
|
boolean,
|
|
timestamp,
|
|
index,
|
|
uniqueIndex,
|
|
primaryKey,
|
|
} from "drizzle-orm/pg-core";
|
|
|
|
export const brands = pgTable(
|
|
"brands",
|
|
{
|
|
id: uuid("id").primaryKey().defaultRandom(),
|
|
name: text("name").notNull(),
|
|
slug: text("slug").notNull().unique(),
|
|
planTier: text("plan_tier", {
|
|
enum: ["starter", "farm", "enterprise"],
|
|
}).notNull().default("starter"),
|
|
maxUsers: integer("max_users").notNull().default(2),
|
|
maxProducts: integer("max_products").notNull().default(25),
|
|
maxStopsMonthly: integer("max_stops_monthly").notNull().default(10),
|
|
stripeCustomerId: text("stripe_customer_id"),
|
|
stripeSubscriptionId: text("stripe_subscription_id"),
|
|
stripeSubscriptionStatus: text("stripe_subscription_status", {
|
|
enum: [
|
|
"trialing", "active", "past_due", "canceled",
|
|
"incomplete", "incomplete_expired",
|
|
],
|
|
}),
|
|
stripeCurrentPeriodEnd: timestamp("stripe_current_period_end", {
|
|
withTimezone: true,
|
|
}),
|
|
createdAt: timestamp("created_at", { withTimezone: true })
|
|
.notNull()
|
|
.defaultNow(),
|
|
updatedAt: timestamp("updated_at", { withTimezone: true })
|
|
.notNull()
|
|
.defaultNow(),
|
|
},
|
|
(t) => ({
|
|
slugIdx: uniqueIndex("brands_slug_idx").on(t.slug),
|
|
}),
|
|
);
|
|
|
|
// ── Admin Users ──────────────────────────────────────────────────────────────
|
|
|
|
export const adminUsers = pgTable(
|
|
"admin_users",
|
|
{
|
|
id: uuid("id").primaryKey().defaultRandom(),
|
|
// FK to neon_auth.user(id) is enforced at DB level by the migration SQL.
|
|
// Drizzle can't reference tables in other schemas, so no .references() here.
|
|
userId: uuid("user_id"),
|
|
email: text("email").notNull().unique(),
|
|
name: text("name"),
|
|
// The columns below were added in migration 0043. They back the
|
|
// create-user / list-users / edit-user flows in
|
|
// `src/actions/admin/users.ts`. See that migration's header for
|
|
// notes on which of these are vestigial (the four can_manage_*
|
|
// toggles) vs. read by the UI.
|
|
displayName: text("display_name"),
|
|
phoneNumber: text("phone_number"),
|
|
brandId: uuid("brand_id"),
|
|
canManagePickup: boolean("can_manage_pickup").notNull().default(true),
|
|
canManageMessages: boolean("can_manage_messages").notNull().default(true),
|
|
canManageRefunds: boolean("can_manage_refunds").notNull().default(false),
|
|
canManageUsers: boolean("can_manage_users").notNull().default(false),
|
|
active: boolean("active").notNull().default(true),
|
|
mustChangePassword: boolean("must_change_password").notNull().default(false),
|
|
authProvider: text("auth_provider"),
|
|
authSubject: text("auth_subject"),
|
|
lastLogin: timestamp("last_login", { withTimezone: true }),
|
|
role: text("role", {
|
|
enum: ["platform_admin", "brand_admin", "store_employee"],
|
|
}).notNull().default("brand_admin"),
|
|
canManageOrders: boolean("can_manage_orders").notNull().default(true),
|
|
canManageProducts: boolean("can_manage_products").notNull().default(true),
|
|
canManageStops: boolean("can_manage_stops").notNull().default(true),
|
|
canManageCustomers: boolean("can_manage_customers").notNull().default(true),
|
|
canManageWholesale: boolean("can_manage_wholesale").notNull().default(false),
|
|
canManageBilling: boolean("can_manage_billing").notNull().default(false),
|
|
canManageSettings: boolean("can_manage_settings").notNull().default(false),
|
|
canManageWaterLog: boolean("can_manage_water_log").notNull().default(false),
|
|
canManageTimeTracking: boolean("can_manage_time_tracking").notNull().default(false),
|
|
canManageRouteTrace: boolean("can_manage_route_trace").notNull().default(false),
|
|
canManageReports: boolean("can_manage_reports").notNull().default(true),
|
|
canManageCommunications: boolean("can_manage_communications").notNull().default(false),
|
|
createdAt: timestamp("created_at", { withTimezone: true })
|
|
.notNull()
|
|
.defaultNow(),
|
|
updatedAt: timestamp("updated_at", { withTimezone: true })
|
|
.notNull()
|
|
.defaultNow(),
|
|
},
|
|
(t) => ({
|
|
userIdIdx: uniqueIndex("admin_users_user_id_idx").on(t.userId),
|
|
emailIdx: uniqueIndex("admin_users_email_idx").on(t.email),
|
|
}),
|
|
);
|
|
|
|
export const adminUserBrands = pgTable(
|
|
"admin_user_brands",
|
|
{
|
|
adminUserId: uuid("admin_user_id")
|
|
.notNull()
|
|
.references(() => adminUsers.id, { onDelete: "cascade" }),
|
|
brandId: uuid("brand_id")
|
|
.notNull()
|
|
.references(() => brands.id, { onDelete: "cascade" }),
|
|
addedAt: timestamp("added_at", { withTimezone: true })
|
|
.notNull()
|
|
.defaultNow(),
|
|
addedBy: uuid("added_by").references(() => adminUsers.id),
|
|
},
|
|
(t) => ({
|
|
pk: primaryKey({ columns: [t.adminUserId, t.brandId] }),
|
|
}),
|
|
);
|
|
|
|
// ── Neon Auth stub (for Drizzle typing only — table is managed by Neon Auth) ──
|
|
// The actual table is neon_auth.user (singular). We can't FK-reference a table
|
|
// in another schema via Drizzle, so we store userId as a plain UUID and rely on
|
|
// the DB-level FK constraint (enforced by the migration SQL).
|
|
export const authUsers = pgTable("user", {
|
|
id: uuid("id").primaryKey(),
|
|
name: text("name"),
|
|
email: text("email"),
|
|
emailVerified: boolean("email_verified"),
|
|
image: text("image"),
|
|
createdAt: timestamp("created_at", { withTimezone: true }).defaultNow(),
|
|
updatedAt: timestamp("updated_at", { withTimezone: true }).defaultNow(),
|
|
});
|
|
|
|
export type Brand = typeof brands.$inferSelect;
|
|
export type NewBrand = typeof brands.$inferInsert;
|
|
export type AdminUser = typeof adminUsers.$inferSelect;
|
|
export type NewAdminUser = typeof adminUsers.$inferInsert;
|
|
export type AdminUserBrand = typeof adminUserBrands.$inferSelect;
|
|
export type NewAdminUserBrand = typeof adminUserBrands.$inferInsert;
|