users route.ts

77.77% Statements 21/27

80% Branches 8/10

50% Functions 2/4

76.92% Lines 20/26

Press n or j to go to the next uncovered block, b, p or k for the previous block.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71

1x 1x 1x 1x 1x 1x 4x 4x 4x 4x 1x 3x 3x 3x 3x 3x 2x 1x 2x 1x

/**
 * GET /api/org/users
 * List users in the current user's organisation
 */
import { NextResponse } from "next/server";
import { cookies } from "next/headers";
import { getCurrentUser, fetchAuthSession } from "aws-amplify/auth/server";
import { runWithAmplifyServerContext } from "@/lib/amplify-server-utils";
import { listUsersByTenant } from "@/lib/cognito-admin";
 
export async function GET() {
  try {
    // Get current user's session
    const cookieStore = await cookies();
 
    const session = await runWithAmplifyServerContext({
      nextServerContext: { cookies: async () => cookieStore },
      operation: async (context) => {
        const user = await getCurrentUser(context);
        const session = await fetchAuthSession(context);
        return { user, session };
      },
    });
 
    if (!session.session.tokens?.idToken) {
      return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
    }
 
    const idToken = session.session.tokens.idToken;
    const userType = idToken.payload["custom:user_type"] as string | undefined;
    const tenantId = idToken.payload["custom:tenant_id"] as string | undefined;
    const role = idToken.payload["custom:role"] as string | undefined;
 
    // Only org users can access this
    if (userType !== "org" || !tenantId) {
      return NextResponse.json(
        { error: "Only organisation users can access this" },
        { status: 403 }
      );
    }
 
    // Get all users in this tenant
    const users = await listUsersByTenant(tenantId);
 
    // Transform to response format
    const orgUsers = users.map((user) => ({
      id: user.id,
      email: user.email,
      name: user.email.split("@")[0], // Use email prefix as name for now
      role: user.role || "member",
      status: user.emailVerified ? "Active" : "Pending",
      joinedAt: new Date(user.createdAt).toLocaleDateString("en-GB", {
        month: "short",
        day: "numeric",
        year: "numeric",
      }),
    }));
 
    return NextResponse.json({
      users: orgUsers,
      currentUserRole: role,
    });
  } catch (error) {
    console.error("Error listing org users:", error);
    return NextResponse.json(
      { error: "Failed to list users" },
      { status: 500 }
    );
  }
}