Fixed a number of issues

2026-01-01 00:51:00 -07:00
parent 4616645939
commit 756ab2a38f
14 changed files with 648 additions and 141 deletions
--- a/src/pages/api/organizations/update-name.ts
+++ b/src/pages/api/organizations/update-name.ts
@@ -1,47 +1,59 @@
-import type { APIRoute } from 'astro';
-import { db } from '../../../db';
-import { organizations, members } from '../../../db/schema';
-import { eq } from 'drizzle-orm';
+import type { APIRoute } from "astro";
+import { db } from "../../../db";
+import { organizations, members } from "../../../db/schema";
+import { eq, and } from "drizzle-orm";

 export const POST: APIRoute = async ({ request, locals, redirect }) => {
  const user = locals.user;
  if (!user) {
-    return redirect('/login');
+    return redirect("/login");
  }

  const formData = await request.formData();
-  const organizationId = formData.get('organizationId') as string;
-  const name = formData.get('name') as string;
+  const organizationId = formData.get("organizationId") as string;
+  const name = formData.get("name") as string;

  if (!organizationId || !name || name.trim().length === 0) {
-    return new Response('Organization ID and name are required', { status: 400 });
+    return new Response("Organization ID and name are required", {
+      status: 400,
+    });
  }

  try {
    // Verify user is admin/owner of this organization
-    const membership = await db.select()
+    const membership = await db
+      .select()
      .from(members)
-      .where(eq(members.userId, user.id))
+      .where(
+        and(
+          eq(members.userId, user.id),
+          eq(members.organizationId, organizationId),
+        ),
+      )
      .get();

-    if (!membership || membership.organizationId !== organizationId) {
-      return new Response('Not authorized', { status: 403 });
+    if (!membership) {
+      return new Response("Not authorized", { status: 403 });
    }

-    const isAdmin = membership.role === 'owner' || membership.role === 'admin';
+    const isAdmin = membership.role === "owner" || membership.role === "admin";
    if (!isAdmin) {
-      return new Response('Only owners and admins can update organization settings', { status: 403 });
+      return new Response(
+        "Only owners and admins can update organization settings",
+        { status: 403 },
+      );
    }

    // Update organization name
-    await db.update(organizations)
+    await db
+      .update(organizations)
      .set({ name: name.trim() })
      .where(eq(organizations.id, organizationId))
      .run();

-    return redirect('/dashboard/team/settings?success=org-name');
+    return redirect("/dashboard/team/settings?success=org-name");
  } catch (error) {
-    console.error('Error updating organization name:', error);
-    return new Response('Failed to update organization name', { status: 500 });
+    console.error("Error updating organization name:", error);
+    return new Response("Failed to update organization name", { status: 500 });
  }
 };