chore: remove unused profile lock migration and admin_profile_service
This commit is contained in:
@@ -1,13 +1,29 @@
|
||||
import { serve } from "https://deno.land/std@0.203.0/http/server.ts";
|
||||
import { createClient } from "https://esm.sh/@supabase/supabase-js@2";
|
||||
|
||||
// CORS: allow browser-based web clients (adjust origin in production)
|
||||
// Permit headers the supabase-js client sends (e.g. `apikey`, `x-client-info`) so
|
||||
// browser preflight requests succeed. Keep origin wide for dev; in production
|
||||
// prefer echoing the request origin and enabling credentials only when needed.
|
||||
const CORS_HEADERS: Record<string, string> = {
|
||||
"Access-Control-Allow-Origin": "*",
|
||||
"Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
|
||||
"Access-Control-Allow-Headers": "Content-Type, Authorization, apikey, x-client-info, x-requested-with, Origin, Accept",
|
||||
"Access-Control-Max-Age": "3600",
|
||||
};
|
||||
|
||||
const jsonResponse = (body: unknown, status = 200) =>
|
||||
new Response(JSON.stringify(body), {
|
||||
status,
|
||||
headers: { "Content-Type": "application/json" },
|
||||
headers: { "Content-Type": "application/json", ...CORS_HEADERS },
|
||||
});
|
||||
|
||||
serve(async (req) => {
|
||||
// Handle CORS preflight quickly so browsers can call this function from localhost/dev
|
||||
if (req.method === "OPTIONS") {
|
||||
return new Response(null, { status: 204, headers: CORS_HEADERS });
|
||||
}
|
||||
|
||||
if (req.method != "POST") {
|
||||
return jsonResponse({ error: "Method not allowed" }, 405);
|
||||
}
|
||||
@@ -54,8 +70,51 @@ serve(async (req) => {
|
||||
|
||||
const action = payload.action as string | undefined;
|
||||
const userId = payload.userId as string | undefined;
|
||||
if (!action || !userId) {
|
||||
return jsonResponse({ error: "Missing action or userId" }, 400);
|
||||
if (!action) {
|
||||
return jsonResponse({ error: "Missing action" }, 400);
|
||||
}
|
||||
// `list_users` does not require a target userId; other actions do.
|
||||
if (action !== "list_users" && !userId) {
|
||||
return jsonResponse({ error: "Missing userId" }, 400);
|
||||
}
|
||||
|
||||
if (action === "list_users") {
|
||||
const offset = Number(payload.offset ?? 0);
|
||||
const limit = Number(payload.limit ?? 50);
|
||||
const searchQuery = (payload.searchQuery ?? "").toString().trim();
|
||||
|
||||
// Fetch paginated profiles first (enforce server-side pagination)
|
||||
let profilesQuery = adminClient
|
||||
.from("profiles")
|
||||
.select("id, full_name, role")
|
||||
.order("id", { ascending: true })
|
||||
.range(offset, offset + limit - 1);
|
||||
|
||||
if (searchQuery.length > 0) {
|
||||
profilesQuery = adminClient
|
||||
.from("profiles")
|
||||
.select("id, full_name, role")
|
||||
.ilike("full_name", `%${searchQuery}%`)
|
||||
.order("id", { ascending: true })
|
||||
.range(offset, offset + limit - 1);
|
||||
}
|
||||
|
||||
const { data: profiles, error: profilesError } = await profilesQuery;
|
||||
if (profilesError) return jsonResponse({ error: profilesError.message }, 500);
|
||||
|
||||
const users = [];
|
||||
for (const p of (profiles ?? [])) {
|
||||
const { data: userResp } = await adminClient.auth.admin.getUserById(p.id);
|
||||
users.push({
|
||||
id: p.id,
|
||||
full_name: p.full_name ?? null,
|
||||
role: p.role ?? null,
|
||||
email: userResp?.user?.email ?? null,
|
||||
bannedUntil: userResp?.user?.banned_until ?? null,
|
||||
});
|
||||
}
|
||||
|
||||
return jsonResponse({ users });
|
||||
}
|
||||
|
||||
if (action == "get_user") {
|
||||
|
||||
Reference in New Issue
Block a user