cal.pub0.org/packages/trpc/server/routers/viewer/teams/changeMemberRole.handler.ts

import { isTeamAdmin, isTeamOwner } from "@calcom/lib/server/queries/teams";
import { closeComUpsertTeamUser } from "@calcom/lib/sync/SyncServiceManager";
import { prisma } from "@calcom/prisma";
import { MembershipRole } from "@calcom/prisma/enums";
import type { TrpcSessionUser } from "@calcom/trpc/server/trpc";

import { TRPCError } from "@trpc/server";

import type { TChangeMemberRoleInputSchema } from "./changeMemberRole.schema";

type ChangeMemberRoleOptions = {
  ctx: {
    user: NonNullable<TrpcSessionUser>;
  };
  input: TChangeMemberRoleInputSchema;
};

export const changeMemberRoleHandler = async ({ ctx, input }: ChangeMemberRoleOptions) => {
  if (!(await isTeamAdmin(ctx.user?.id, input.teamId))) throw new TRPCError({ code: "UNAUTHORIZED" });
  // Only owners can award owner role.
  if (input.role === MembershipRole.OWNER && !(await isTeamOwner(ctx.user?.id, input.teamId)))
    throw new TRPCError({ code: "UNAUTHORIZED" });
  const memberships = await prisma.membership.findMany({
    where: {
      teamId: input.teamId,
    },
  });

  const targetMembership = memberships.find((m) => m.userId === input.memberId);
  const myMembership = memberships.find((m) => m.userId === ctx.user.id);
  const teamHasMoreThanOneOwner = memberships.some((m) => m.role === MembershipRole.OWNER);

  if (myMembership?.role === MembershipRole.ADMIN && targetMembership?.role === MembershipRole.OWNER) {
    throw new TRPCError({
      code: "FORBIDDEN",
      message: "You can not change the role of an owner if you are an admin.",
    });
  }

  if (!teamHasMoreThanOneOwner) {
    throw new TRPCError({
      code: "FORBIDDEN",
      message: "You can not change the role of the only owner of a team.",
    });
  }

  if (
    myMembership?.role === MembershipRole.ADMIN &&
    input.memberId === ctx.user.id &&
    input.role !== MembershipRole.MEMBER
  ) {
    throw new TRPCError({
      code: "FORBIDDEN",
      message: "You can not change yourself to a higher role.",
    });
  }

  const membership = await prisma.membership.update({
    where: {
      userId_teamId: { userId: input.memberId, teamId: input.teamId },
    },
    data: {
      role: input.role,
    },
    include: {
      team: true,
      user: true,
    },
  });

  // Sync Services: Close.com
  closeComUpsertTeamUser(membership.team, membership.user, membership.role);
};
perf: lazy load tRPC routes (#8167) * experiment: cold start perf * fix: update failing test * chore: add database indexes * chore: use json protocol and add query batching back * Update [status].tsx * Update [trpc].ts * Delete getSlimSession.ts * Update createContext.ts * remove trpc caller * correctly import Prisma * lazy ethRouter * replace crypto with md5 * import fixes * public event endpoint refactor * Update yarn.lock * Update yarn.lock * Using yarn.lock from main --------- Co-authored-by: Omar López <zomars@me.com> Co-authored-by: Peer Richelsen <peeroke@gmail.com> Co-authored-by: Efraín Rochín <roae.85@gmail.com> Co-authored-by: Keith Williams <keithwillcode@gmail.com> 2023-04-25 22:39:47 +00:00			`import { isTeamAdmin, isTeamOwner } from "@calcom/lib/server/queries/teams";`
			`import { closeComUpsertTeamUser } from "@calcom/lib/sync/SyncServiceManager";`
			`import { prisma } from "@calcom/prisma";`
add an enum generator, stop importing from @prisma/client (#8548) * add an enum generator and start importing from it * keep moving imports * fix remaining * Header simplified * Removed generated file from repo * Updated .gitignore to exclude enums directory * Add eslint rule to check for @prisma/client Prisma enum import * Added another enum import + exclude PrismaClient --------- Co-authored-by: Alex van Andel <me@alexvanandel.com> 2023-05-02 11:44:05 +00:00			`import { MembershipRole } from "@calcom/prisma/enums";`
perf: lazy load tRPC routes (#8167) * experiment: cold start perf * fix: update failing test * chore: add database indexes * chore: use json protocol and add query batching back * Update [status].tsx * Update [trpc].ts * Delete getSlimSession.ts * Update createContext.ts * remove trpc caller * correctly import Prisma * lazy ethRouter * replace crypto with md5 * import fixes * public event endpoint refactor * Update yarn.lock * Update yarn.lock * Using yarn.lock from main --------- Co-authored-by: Omar López <zomars@me.com> Co-authored-by: Peer Richelsen <peeroke@gmail.com> Co-authored-by: Efraín Rochín <roae.85@gmail.com> Co-authored-by: Keith Williams <keithwillcode@gmail.com> 2023-04-25 22:39:47 +00:00			`import type { TrpcSessionUser } from "@calcom/trpc/server/trpc";`

			`import { TRPCError } from "@trpc/server";`

			`import type { TChangeMemberRoleInputSchema } from "./changeMemberRole.schema";`

			`type ChangeMemberRoleOptions = {`
			`ctx: {`
			`user: NonNullable<TrpcSessionUser>;`
			`};`
			`input: TChangeMemberRoleInputSchema;`
			`};`

			`export const changeMemberRoleHandler = async ({ ctx, input }: ChangeMemberRoleOptions) => {`
			`if (!(await isTeamAdmin(ctx.user?.id, input.teamId))) throw new TRPCError({ code: "UNAUTHORIZED" });`
			`// Only owners can award owner role.`
			`if (input.role === MembershipRole.OWNER && !(await isTeamOwner(ctx.user?.id, input.teamId)))`
			`throw new TRPCError({ code: "UNAUTHORIZED" });`
			`const memberships = await prisma.membership.findMany({`
			`where: {`
			`teamId: input.teamId,`
			`},`
			`});`

			`const targetMembership = memberships.find((m) => m.userId === input.memberId);`
			`const myMembership = memberships.find((m) => m.userId === ctx.user.id);`
			`const teamHasMoreThanOneOwner = memberships.some((m) => m.role === MembershipRole.OWNER);`

			`if (myMembership?.role === MembershipRole.ADMIN && targetMembership?.role === MembershipRole.OWNER) {`
			`throw new TRPCError({`
			`code: "FORBIDDEN",`
			`message: "You can not change the role of an owner if you are an admin.",`
			`});`
			`}`

			`if (!teamHasMoreThanOneOwner) {`
			`throw new TRPCError({`
			`code: "FORBIDDEN",`
			`message: "You can not change the role of the only owner of a team.",`
			`});`
			`}`

			`if (`
			`myMembership?.role === MembershipRole.ADMIN &&`
			`input.memberId === ctx.user.id &&`
			`input.role !== MembershipRole.MEMBER`
			`) {`
			`throw new TRPCError({`
			`code: "FORBIDDEN",`
			`message: "You can not change yourself to a higher role.",`
			`});`
			`}`

			`const membership = await prisma.membership.update({`
			`where: {`
			`userId_teamId: { userId: input.memberId, teamId: input.teamId },`
			`},`
			`data: {`
			`role: input.role,`
			`},`
			`include: {`
			`team: true,`
			`user: true,`
			`},`
			`});`

			`// Sync Services: Close.com`
			`closeComUpsertTeamUser(membership.team, membership.user, membership.role);`
			`};`