From 2fc7cce24e12858278163ad996f183b4c760a45c Mon Sep 17 00:00:00 2001
From: "Builder.io" <builder-bot@builder.io>
Date: Tue, 11 Nov 2025 02:02:59 +0000
Subject: [PATCH] Create staff members GET/POST API endpoint

cgen-2637ad62fb2d48a3945084496a843761
---
 api/staff/members.ts | 109 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 109 insertions(+)
 create mode 100644 api/staff/members.ts

diff --git a/api/staff/members.ts b/api/staff/members.ts
new file mode 100644
index 00000000..5626a8f6
--- /dev/null
+++ b/api/staff/members.ts
@@ -0,0 +1,109 @@
+import { createClient } from "@supabase/supabase-js";
+import { corsHeaders } from "../_cors";
+
+const supabase = createClient(
+  process.env.SUPABASE_URL || "",
+  process.env.SUPABASE_SERVICE_ROLE || ""
+);
+
+interface StaffMember {
+  id: string;
+  user_id: string;
+  email: string;
+  full_name: string;
+  position: string;
+  department: string;
+  phone: string;
+  avatar_url?: string;
+  role: "owner" | "admin" | "founder" | "staff" | "employee";
+  is_active: boolean;
+  hired_date?: string;
+  created_at: string;
+  updated_at: string;
+}
+
+export default async function handler(req: any, res: any) {
+  res.setHeader("Access-Control-Allow-Origin", "*");
+  res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
+  res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
+
+  if (req.method === "OPTIONS") {
+    return res.status(200).end();
+  }
+
+  try {
+    // GET /api/staff/members - List all staff members
+    if (req.method === "GET") {
+      const { data, error } = await supabase
+        .from("staff_members")
+        .select("*")
+        .order("full_name", { ascending: true });
+
+      if (error) {
+        console.error("Error fetching staff members:", error);
+        return res.status(500).json({
+          error: "Failed to fetch staff members",
+          details: error.message,
+        });
+      }
+
+      return res.status(200).json(data || []);
+    }
+
+    // POST /api/staff/members - Create new staff member
+    if (req.method === "POST") {
+      const {
+        user_id,
+        email,
+        full_name,
+        position,
+        department,
+        phone,
+        avatar_url,
+        role,
+        hired_date,
+      } = req.body;
+
+      if (!email || !full_name) {
+        return res.status(400).json({
+          error: "Missing required fields: email, full_name",
+        });
+      }
+
+      const { data, error } = await supabase
+        .from("staff_members")
+        .insert([
+          {
+            user_id: user_id || null,
+            email,
+            full_name,
+            position: position || null,
+            department: department || null,
+            phone: phone || null,
+            avatar_url: avatar_url || null,
+            role: role || "employee",
+            hired_date: hired_date || null,
+          },
+        ])
+        .select();
+
+      if (error) {
+        console.error("Error creating staff member:", error);
+        return res.status(500).json({
+          error: "Failed to create staff member",
+          details: error.message,
+        });
+      }
+
+      return res.status(201).json(data[0]);
+    }
+
+    return res.status(405).json({ error: "Method not allowed" });
+  } catch (error: any) {
+    console.error("Server error:", error);
+    return res.status(500).json({
+      error: "Internal server error",
+      details: error.message,
+    });
+  }
+}