mirror of
https://github.com/AeThex-Corporation/AeThex-OS.git
synced 2026-04-18 06:17:21 +00:00
MrPiglr
4b84eedbd3
- Add revenue_events table to track org/project revenue with source tracking - Add Drizzle schema for revenue_events with proper org/project references - Create migration 0006_revenue_events.sql with indexes - Fix migration 0004: Remove FK constraints to profiles.id (auth schema incompatibility) - Document auth.users/profiles.id type mismatch (UUID vs VARCHAR) - Harden profile update authorization (self-update or org admin/owner only) - Complete org-scoping security audit implementation (42 gaps closed)
27 lines
697 B
TypeScript
27 lines
697 B
TypeScript
import { Request } from "express";
|
|
import { supabase } from "./supabase.js";
|
|
|
|
/**
|
|
* Get orgId from request and throw if missing
|
|
*/
|
|
export function getOrgIdOrThrow(req: Request): string {
|
|
if (!req.orgId) {
|
|
throw new Error("Organization context required but not found");
|
|
}
|
|
return req.orgId;
|
|
}
|
|
|
|
/**
|
|
* Return organization_id filter object
|
|
*/
|
|
export function orgEq(req: Request): { organization_id: string } {
|
|
return { organization_id: getOrgIdOrThrow(req) };
|
|
}
|
|
|
|
/**
|
|
* Return a Supabase query builder scoped to organization
|
|
*/
|
|
export function orgScoped(table: string, req: Request) {
|
|
const orgId = getOrgIdOrThrow(req);
|
|
return supabase.from(table).eq('organization_id', orgId);
|
|
}
|