Enable admin user removals and invitation UX polish

2025-10-13 15:08:51 -03:00 · 2025-10-13 15:08:51 -03:00 · 05f5af5ba6
commit 05f5af5ba6
parent aa12ebfe0a
5 changed files with 288 additions and 17 deletions
--- a/src/app/api/admin/machines/delete/route.ts
+++ b/src/app/api/admin/machines/delete/route.ts
@ -5,6 +5,7 @@ import { ConvexHttpClient } from "convex/browser"
 import { assertAuthenticatedSession } from "@/lib/auth-server"
 import { DEFAULT_TENANT_ID } from "@/lib/constants"
 import { api } from "@/convex/_generated/api"
+import { prisma } from "@/lib/prisma"

 export const runtime = "nodejs"

@ -52,6 +53,9 @@ export async function POST(request: Request) {
      actorId,
    })

+    const machineEmail = `machine-${parsed.data.machineId}@machines.local`
+    await prisma.authUser.deleteMany({ where: { email: machineEmail } })
+
    return NextResponse.json({ ok: true })
  } catch (error) {
    console.error("[machines.delete] Falha ao excluir", error)
--- a/src/app/api/admin/users/[id]/route.ts
+++ b/src/app/api/admin/users/[id]/route.ts
@ -207,3 +207,68 @@ export async function PATCH(request: Request, { params }: { params: Promise<{ id
    },
  })
 }
+
+export async function DELETE(_: Request, { params }: { params: Promise<{ id: string }> }) {
+  const { id } = await params
+  const session = await assertAdminSession()
+  if (!session) {
+    return NextResponse.json({ error: "Não autorizado" }, { status: 401 })
+  }
+
+  const target = await prisma.authUser.findUnique({
+    where: { id },
+    select: { id: true, email: true, role: true, tenantId: true },
+  })
+
+  if (!target) {
+    return NextResponse.json({ error: "Usuário não encontrado" }, { status: 404 })
+  }
+
+  if (target.role === "machine") {
+    return NextResponse.json({ error: "Os agentes de máquina devem ser removidos via módulo de máquinas." }, { status: 400 })
+  }
+
+  if (target.email === session.user.email) {
+    return NextResponse.json({ error: "Você não pode remover o usuário atualmente autenticado." }, { status: 400 })
+  }
+
+  const convexUrl = process.env.NEXT_PUBLIC_CONVEX_URL
+  const tenantId = target.tenantId ?? session.user.tenantId ?? DEFAULT_TENANT_ID
+
+  if (convexUrl) {
+    try {
+      const convex = new ConvexHttpClient(convexUrl)
+      const ensured = await convex.mutation(api.users.ensureUser, {
+        tenantId,
+        email: session.user.email,
+        name: session.user.name ?? session.user.email,
+        avatarUrl: session.user.avatarUrl ?? undefined,
+        role: session.user.role.toUpperCase(),
+      })
+
+      const actorId = ensured?._id
+      if (!actorId) {
+        throw new Error("Falha ao identificar o administrador no Convex")
+      }
+
+      const convexUser = await convex.query(api.users.findByEmail, {
+        tenantId,
+        email: target.email,
+      })
+
+      if (convexUser?._id) {
+        await convex.mutation(api.users.deleteUser, {
+          userId: convexUser._id,
+          actorId,
+        })
+      }
+    } catch (error) {
+      const message = error instanceof Error ? error.message : "Falha ao remover usuário na base de dados"
+      return NextResponse.json({ error: message }, { status: 400 })
+    }
+  }
+
+  await prisma.authUser.delete({ where: { id: target.id } })
+
+  return NextResponse.json({ ok: true })
+}