admin/acmcc
1
0
Fork 0
mirror of https://github.com/renee-png/acmcc.git synced 2026-06-21 01:40:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
183fe0a93c03d56740e28e8bf9a2f4e7e1c271f3
acmcc/supabase/functions/zoho-config/index.ts
T
admin 183fe0a93c Add ACMCC app source, Supabase backend, and project config 
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-01 20:19:26 -04:00

78 lines
2.5 KiB
TypeScript
Raw Blame History

import { createClient } from "https://esm.sh/@supabase/supabase-js@2";
const corsHeaders = {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Headers":
"authorization, x-client-info, apikey, content-type, x-supabase-client-platform, x-supabase-client-platform-version, x-supabase-client-runtime, x-supabase-client-runtime-version",
};
function getServiceClient() {
return createClient(
Deno.env.get("SUPABASE_URL")!,
Deno.env.get("SUPABASE_SERVICE_ROLE_KEY")!
);
}
async function verifyAdmin(req: Request) {
const authHeader = req.headers.get("Authorization");
if (!authHeader) throw new Error("Not authenticated");
const token = authHeader.replace("Bearer ", "");
const supabase = createClient(
Deno.env.get("SUPABASE_URL")!,
Deno.env.get("SUPABASE_ANON_KEY")!
);
const { data: { user }, error } = await supabase.auth.getUser(token);
if (error || !user) throw new Error("Invalid session");
const db = getServiceClient();
const { data: roles } = await db
.from("user_roles")
.select("role")
.eq("user_id", user.id);
const isAdmin = (roles || []).some((r: any) => r.role === "admin" || r.role === "manager");
if (!isAdmin) throw new Error("Insufficient permissions");
return user;
}
Deno.serve(async (req) => {
if (req.method === "OPTIONS") {
return new Response(null, { headers: corsHeaders });
}
try {
await verifyAdmin(req);
const { action } = await req.json();
if (action === "get_config") {
// Return masked values so the UI can show what's configured
const keys = ["ZOHO_CLIENT_ID", "ZOHO_CLIENT_SECRET", "ZOHO_REFRESH_TOKEN", "ZOHO_ORGANIZATION_ID"];
const config: Record<string, { set: boolean; masked: string }> = {};
for (const key of keys) {
const val = Deno.env.get(key) || "";
config[key] = {
set: val.length > 0,
masked: val.length > 4 ? "••••" + val.slice(-4) : val.length > 0 ? "••••" : "",
};
}
return new Response(JSON.stringify({ data: config }), {
headers: { ...corsHeaders, "Content-Type": "application/json" },
});
}
return new Response(JSON.stringify({ error: "Unknown action" }), {
status: 400,
headers: { ...corsHeaders, "Content-Type": "application/json" },
});
} catch (e: any) {
return new Response(JSON.stringify({ error: e.message }), {
status: 401,
headers: { ...corsHeaders, "Content-Type": "application/json" },
});
}
});
Reference in New Issue View Git Blame Copy Permalink