2024-11-05 22:38:57 -05:00
import { Request , Response , NextFunction } from "express" ;
import { z } from "zod" ;
import { db } from "@server/db" ;
import { eq } from "drizzle-orm" ;
import { orgs , userOrgs } from "@server/db/schema" ;
2024-10-01 21:34:07 -04:00
import response from "@server/utils/response" ;
2024-11-05 22:38:57 -05:00
import HttpCode from "@server/types/HttpCode" ;
import createHttpError from "http-errors" ;
import logger from "@server/logger" ;
import { createAdminRole } from "@server/db/ensureActions" ;
2024-11-05 23:55:46 -05:00
import config from "@server/config" ;
2024-11-05 22:38:57 -05:00
import { fromError } from "zod-validation-error" ;
2024-10-01 21:53:49 -04:00
const createOrgSchema = z . object ( {
2024-10-14 19:30:38 -04:00
orgId : z.string ( ) ,
2024-10-06 18:05:20 -04:00
name : z.string ( ) . min ( 1 ) . max ( 255 ) ,
2024-10-14 19:30:38 -04:00
// domain: z.string().min(1).max(255).optional(),
2024-10-01 21:53:49 -04:00
} ) ;
2024-10-01 21:34:07 -04:00
2024-10-03 22:31:20 -04:00
const MAX_ORGS = 5 ;
2024-11-05 22:38:57 -05:00
export async function createOrg (
req : Request ,
res : Response ,
next : NextFunction
) : Promise < any > {
2024-10-06 18:05:20 -04:00
try {
const parsedBody = createOrgSchema . safeParse ( req . body ) ;
if ( ! parsedBody . success ) {
return next (
createHttpError (
HttpCode . BAD_REQUEST ,
2024-11-03 13:57:51 -05:00
fromError ( parsedBody . error ) . toString ( )
2024-10-06 18:05:20 -04:00
)
) ;
}
2024-10-01 21:53:49 -04:00
2024-10-06 18:05:20 -04:00
const userOrgIds = req . userOrgIds ;
if ( userOrgIds && userOrgIds . length > MAX_ORGS ) {
return next (
createHttpError (
HttpCode . FORBIDDEN ,
` Maximum number of organizations reached. `
)
) ;
}
2024-10-03 22:31:20 -04:00
2024-10-14 19:30:38 -04:00
// TODO: we cant do this when they create an org because they are not in an org yet... maybe we need to make the org id optional on the userActions table
2024-11-05 22:38:57 -05:00
// Check if the user has permission
2024-10-14 19:30:38 -04:00
// const hasPermission = await checkUserActionPermission(ActionsEnum.createOrg, req);
// if (!hasPermission) {
// return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to perform this action'));
// }
const { orgId , name } = parsedBody . data ;
2024-10-06 16:43:59 -04:00
2024-10-14 19:30:38 -04:00
// make sure the orgId is unique
2024-11-05 22:38:57 -05:00
const orgExists = await db
. select ( )
2024-10-14 19:30:38 -04:00
. from ( orgs )
. where ( eq ( orgs . orgId , orgId ) )
. limit ( 1 ) ;
2024-11-05 22:38:57 -05:00
2024-10-14 19:30:38 -04:00
if ( orgExists . length > 0 ) {
return next (
createHttpError (
HttpCode . CONFLICT ,
` Organization with ID ${ orgId } already exists `
)
) ;
}
2024-10-01 21:53:49 -04:00
2024-10-26 12:15:03 -04:00
// create a url from config.app.base_url and get the hostname
const domain = new URL ( config . app . base_url ) . hostname ;
2024-11-05 22:38:57 -05:00
const newOrg = await db
. insert ( orgs )
. values ( {
orgId ,
name ,
domain ,
} )
. returning ( ) ;
2024-10-01 21:53:49 -04:00
2024-11-05 22:38:57 -05:00
const roleId = await createAdminRole ( newOrg [ 0 ] . orgId ) ;
2024-10-14 19:30:38 -04:00
if ( ! roleId ) {
return next (
createHttpError (
HttpCode . INTERNAL_SERVER_ERROR ,
2024-11-05 22:38:57 -05:00
` Error creating Admin role `
2024-10-14 19:30:38 -04:00
)
) ;
}
2024-11-05 22:38:57 -05:00
await db
. insert ( userOrgs )
. values ( {
userId : req.user ! . userId ,
orgId : newOrg [ 0 ] . orgId ,
roleId : roleId ,
} )
. execute ( ) ;
2024-10-10 21:59:30 -04:00
2024-10-06 18:05:20 -04:00
return response ( res , {
data : newOrg [ 0 ] ,
success : true ,
error : false ,
message : "Organization created successfully" ,
status : HttpCode.CREATED ,
} ) ;
} catch ( error ) {
logger . error ( error ) ;
2024-11-05 22:38:57 -05:00
return next (
createHttpError (
HttpCode . INTERNAL_SERVER_ERROR ,
"An error occurred..."
)
) ;
2024-10-06 18:05:20 -04:00
}
2024-10-02 00:04:40 -04:00
}
