fix(end-customers): allow admin to create end customers without company_id
All checks were successful
Staging Build / build (push) Successful in 2m38s

This commit is contained in:
DanielS
2026-07-07 12:32:11 +02:00
parent 8e91b3e810
commit 98c030cd82

View File

@@ -74,26 +74,32 @@ export async function getEndCustomer(id: string): Promise<EndCustomer | null> {
* Legt einen neuen Endkunden für den eingeloggten Partner an.
* partner_id wird serverseitig aus der Session gesetzt (kein Client-Trust).
*/
export async function createEndCustomer(formData: EndCustomerFormData): Promise<EndCustomer> {
export async function createEndCustomer(formData: EndCustomerFormData, companyId?: string): Promise<EndCustomer> {
const supabase = await createClient()
const { data: { user } } = await supabase.auth.getUser()
if (!user) throw new Error('Not authenticated')
const { data: dbUser, error: dbUserError } = await supabase
const { data: dbUser } = await supabase
.from('users')
.select('company_id')
.select('role, company_id')
.eq('id', user.id)
.single()
if (dbUserError || !dbUser || !dbUser.company_id) {
const isAdmin = dbUser?.role === 'admin'
const resolvedCompanyId = dbUser?.company_id || companyId
if (!isAdmin && !resolvedCompanyId) {
throw new Error('Kein Unternehmen zugewiesen.')
}
const { data, error } = await supabase
// Admin ohne company_id braucht adminClient (RLS erlaubt kein INSERT ohne passende partner_id)
const client = (!dbUser?.company_id && isAdmin) ? createAdminClient() : supabase
const { data, error } = await client
.from('end_customers')
.insert([{
partner_id: dbUser.company_id,
partner_id: resolvedCompanyId || user.id,
company_name: formData.company_name,
vat_id: formData.vat_id || null,
first_name: formData.first_name || null,