Files
webshop/shop/lib/actions/users.ts
DanielS cd04309e3e
All checks were successful
Staging Build / build (push) Successful in 2m44s
feat: add user role management (admin/partner/gesperrt) with login block
2026-06-24 14:26:25 +02:00

100 lines
2.9 KiB
TypeScript

'use server'
import { createAdminClient } from '@/lib/supabase/admin'
import { revalidatePath } from 'next/cache'
export async function getUsers() {
const admin = createAdminClient()
const { data: { users }, error } = await admin.auth.admin.listUsers()
if (error) throw error
const { data: dbUsers, error: dbError } = await admin
.from('users')
.select('id, role')
const roleMap: Record<string, string> = {}
if (!dbError && dbUsers) {
dbUsers.forEach(u => {
roleMap[u.id] = u.role
})
}
return users.map(u => ({
...u,
role: roleMap[u.id] || 'partner'
}))
}
export async function createUser(data: { email: string; password?: string; role?: 'admin' | 'partner'; email_confirm?: boolean }) {
const admin = createAdminClient()
const { data: { user }, error } = await admin.auth.admin.createUser({
email: data.email,
password: data.password || Math.random().toString(36).slice(-10),
email_confirm: data.email_confirm ?? true,
})
if (error) throw error
if (!user) throw new Error('Benutzer konnte nicht erstellt werden.')
// Upsert user role in public.users table
const role = data.role || 'partner'
const { error: dbError } = await admin
.from('users')
.upsert({ id: user.id, role }, { onConflict: 'id' })
if (dbError) throw dbError
revalidatePath('/admin/users')
return user
}
export async function deleteUser(id: string) {
const admin = createAdminClient()
const { error } = await admin.auth.admin.deleteUser(id)
if (error) throw error
revalidatePath('/admin/users')
}
export async function updateUserRole(id: string, role: 'admin' | 'partner' | 'gesperrt') {
const admin = createAdminClient()
const { error } = await admin
.from('users')
.upsert({ id, role }, { onConflict: 'id' })
if (error) throw error
revalidatePath('/admin/users')
}
export async function updateUserStatus(id: string, ban: boolean) {
const admin = createAdminClient()
const { error } = await admin.auth.admin.updateUserById(id, {
ban_duration: ban ? '876000h' : '0h', // 100 years or none
})
if (error) throw error
revalidatePath('/admin/users')
}
export async function resetPassword(email: string) {
const admin = createAdminClient()
// Generate a reset link or send email
const { error } = await admin.auth.admin.generateLink({
type: 'recovery',
email,
})
if (error) throw error
// Usually you'd send this link or let Supabase handle it via regular auth.resetPasswordForEmail
}
export async function getPartners() {
const admin = createAdminClient()
const { data: { users }, error } = await admin.auth.admin.listUsers()
if (error) throw error
const { data: dbUsers, error: dbError } = await admin
.from('users')
.select('id, role')
.eq('role', 'partner')
if (dbError) throw dbError
const partnerIds = new Set(dbUsers.map(u => u.id))
return users.filter(u => partnerIds.has(u.id))
}