'use server' import { createAdminClient } from '@/lib/supabase/admin' import { revalidatePath } from 'next/cache' export async function getUsers() { const admin = createAdminClient() const { data: { users }, error } = await admin.auth.admin.listUsers() if (error) throw error const { data: dbUsers, error: dbError } = await admin .from('users') .select('id, role') const roleMap: Record = {} if (!dbError && dbUsers) { dbUsers.forEach(u => { roleMap[u.id] = u.role }) } return users.map(u => ({ ...u, role: roleMap[u.id] || 'partner' })) } export async function createUser(data: { email: string; password?: string; role?: 'admin' | 'partner'; email_confirm?: boolean }) { const admin = createAdminClient() const { data: { user }, error } = await admin.auth.admin.createUser({ email: data.email, password: data.password || Math.random().toString(36).slice(-10), email_confirm: data.email_confirm ?? true, }) if (error) throw error if (!user) throw new Error('Benutzer konnte nicht erstellt werden.') // Upsert user role in public.users table const role = data.role || 'partner' const { error: dbError } = await admin .from('users') .upsert({ id: user.id, role }, { onConflict: 'id' }) if (dbError) throw dbError revalidatePath('/admin/users') return user } export async function deleteUser(id: string) { const admin = createAdminClient() const { error } = await admin.auth.admin.deleteUser(id) if (error) throw error revalidatePath('/admin/users') } export async function updateUserRole(id: string, role: 'admin' | 'partner' | 'gesperrt') { const admin = createAdminClient() const { error } = await admin .from('users') .upsert({ id, role }, { onConflict: 'id' }) if (error) throw error revalidatePath('/admin/users') } export async function updateUserStatus(id: string, ban: boolean) { const admin = createAdminClient() const { error } = await admin.auth.admin.updateUserById(id, { ban_duration: ban ? '876000h' : '0h', // 100 years or none }) if (error) throw error revalidatePath('/admin/users') } export async function resetPassword(email: string) { const admin = createAdminClient() // Generate a reset link or send email const { error } = await admin.auth.admin.generateLink({ type: 'recovery', email, }) if (error) throw error // Usually you'd send this link or let Supabase handle it via regular auth.resetPasswordForEmail } export async function getPartners() { const admin = createAdminClient() const { data: { users }, error } = await admin.auth.admin.listUsers() if (error) throw error const { data: dbUsers, error: dbError } = await admin .from('users') .select('id, role') .in('role', ['partner', 'gesperrt']) if (dbError) throw dbError const roleMap: Record = {} dbUsers.forEach(u => { roleMap[u.id] = u.role }) const partnerIds = new Set(dbUsers.map(u => u.id)) return users .filter(u => partnerIds.has(u.id)) .map(u => ({ ...u, role: roleMap[u.id] || 'partner' })) }