ability to remove user from org

2026-02-23 21:36:37 +00:00 · 2024-11-03 17:28:12 -05:00
parent 2852d62258
commit fadfaf1f0b
28 changed files with 718 additions and 264 deletions
--- a/server/routers/auth/verifyOrgAccess.ts
+++ b/server/routers/auth/verifyOrgAccess.ts
@@ -1,21 +1,29 @@
-import { Request, Response, NextFunction } from 'express';
-import { db } from '@server/db';
-import { userOrgs } from '@server/db/schema';
-import { and, eq } from 'drizzle-orm';
-import createHttpError from 'http-errors';
-import HttpCode from '@server/types/HttpCode';
-import { AuthenticatedRequest } from '@server/types/Auth';
+import { Request, Response, NextFunction } from "express";
+import { db } from "@server/db";
+import { userOrgs } from "@server/db/schema";
+import { and, eq } from "drizzle-orm";
+import createHttpError from "http-errors";
+import HttpCode from "@server/types/HttpCode";
+import { AuthenticatedRequest } from "@server/types/Auth";

-export function verifyOrgAccess(req: Request, res: Response, next: NextFunction) {
+export function verifyOrgAccess(
+    req: Request,
+    res: Response,
+    next: NextFunction
+) {
    const userId = req.user!.userId; // Assuming you have user information in the request
    const orgId = req.params.orgId;

    if (!userId) {
-        return next(createHttpError(HttpCode.UNAUTHORIZED, 'User not authenticated'));
+        return next(
+            createHttpError(HttpCode.UNAUTHORIZED, "User not authenticated")
+        );
    }

    if (!orgId) {
-        return next(createHttpError(HttpCode.BAD_REQUEST, 'Invalid organization ID'));
+        return next(
+            createHttpError(HttpCode.BAD_REQUEST, "Invalid organization ID")
+        );
    }

    db.select()
@@ -23,7 +31,12 @@ export function verifyOrgAccess(req: Request, res: Response, next: NextFunction)
        .where(and(eq(userOrgs.userId, userId), eq(userOrgs.orgId, orgId)))
        .then((result) => {
            if (result.length === 0) {
-                next(createHttpError(HttpCode.FORBIDDEN, 'User does not have access to this organization'));
+                next(
+                    createHttpError(
+                        HttpCode.FORBIDDEN,
+                        "User does not have access to this organization"
+                    )
+                );
            } else {
                // User has access, attach the user's role to the request for potential future use
                req.userOrgRoleId = result[0].roleId;
@@ -32,6 +45,11 @@ export function verifyOrgAccess(req: Request, res: Response, next: NextFunction)
            }
        })
        .catch((error) => {
-            next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, 'Error verifying organization access'));
+            next(
+                createHttpError(
+                    HttpCode.INTERNAL_SERVER_ERROR,
+                    "Error verifying organization access"
+                )
+            );
        });
 }