mirror of
https://github.com/renee-png/acmcc.git
synced 2026-06-21 09:50:01 +00:00
Add ACMCC app source, Supabase backend, and project config
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,77 @@
|
||||
import { createClient } from "https://esm.sh/@supabase/supabase-js@2";
|
||||
|
||||
const corsHeaders = {
|
||||
"Access-Control-Allow-Origin": "*",
|
||||
"Access-Control-Allow-Headers":
|
||||
"authorization, x-client-info, apikey, content-type, x-supabase-client-platform, x-supabase-client-platform-version, x-supabase-client-runtime, x-supabase-client-runtime-version",
|
||||
};
|
||||
|
||||
function getServiceClient() {
|
||||
return createClient(
|
||||
Deno.env.get("SUPABASE_URL")!,
|
||||
Deno.env.get("SUPABASE_SERVICE_ROLE_KEY")!
|
||||
);
|
||||
}
|
||||
|
||||
async function verifyAdmin(req: Request) {
|
||||
const authHeader = req.headers.get("Authorization");
|
||||
if (!authHeader) throw new Error("Not authenticated");
|
||||
|
||||
const token = authHeader.replace("Bearer ", "");
|
||||
const supabase = createClient(
|
||||
Deno.env.get("SUPABASE_URL")!,
|
||||
Deno.env.get("SUPABASE_ANON_KEY")!
|
||||
);
|
||||
const { data: { user }, error } = await supabase.auth.getUser(token);
|
||||
if (error || !user) throw new Error("Invalid session");
|
||||
|
||||
const db = getServiceClient();
|
||||
const { data: roles } = await db
|
||||
.from("user_roles")
|
||||
.select("role")
|
||||
.eq("user_id", user.id);
|
||||
|
||||
const isAdmin = (roles || []).some((r: any) => r.role === "admin" || r.role === "manager");
|
||||
if (!isAdmin) throw new Error("Insufficient permissions");
|
||||
|
||||
return user;
|
||||
}
|
||||
|
||||
Deno.serve(async (req) => {
|
||||
if (req.method === "OPTIONS") {
|
||||
return new Response(null, { headers: corsHeaders });
|
||||
}
|
||||
|
||||
try {
|
||||
await verifyAdmin(req);
|
||||
const { action } = await req.json();
|
||||
|
||||
if (action === "get_config") {
|
||||
// Return masked values so the UI can show what's configured
|
||||
const keys = ["ZOHO_CLIENT_ID", "ZOHO_CLIENT_SECRET", "ZOHO_REFRESH_TOKEN", "ZOHO_ORGANIZATION_ID"];
|
||||
const config: Record<string, { set: boolean; masked: string }> = {};
|
||||
|
||||
for (const key of keys) {
|
||||
const val = Deno.env.get(key) || "";
|
||||
config[key] = {
|
||||
set: val.length > 0,
|
||||
masked: val.length > 4 ? "••••" + val.slice(-4) : val.length > 0 ? "••••" : "",
|
||||
};
|
||||
}
|
||||
|
||||
return new Response(JSON.stringify({ data: config }), {
|
||||
headers: { ...corsHeaders, "Content-Type": "application/json" },
|
||||
});
|
||||
}
|
||||
|
||||
return new Response(JSON.stringify({ error: "Unknown action" }), {
|
||||
status: 400,
|
||||
headers: { ...corsHeaders, "Content-Type": "application/json" },
|
||||
});
|
||||
} catch (e: any) {
|
||||
return new Response(JSON.stringify({ error: e.message }), {
|
||||
status: 401,
|
||||
headers: { ...corsHeaders, "Content-Type": "application/json" },
|
||||
});
|
||||
}
|
||||
});
|
||||
Reference in New Issue
Block a user