use serde::{Deserialize, Serialize}; use uuid::Uuid; use crate::error::AppError; use crate::models::common::Role; use crate::models::repos::RepoMember; use crate::service::RepoService; use crate::session::Session; use super::util::{clamp_limit_offset, ensure_affected, role_level}; #[derive(Deserialize, Serialize, Clone, Debug, utoipa::ToSchema)] pub struct AddRepoMemberParams { pub user_id: Uuid, pub role: Option, } #[derive(Deserialize, Serialize, Clone, Debug, utoipa::ToSchema)] pub struct UpdateRepoMemberRoleParams { pub role: String, } impl RepoService { pub async fn repo_members( &self, ctx: &Session, wk_name: &str, repo_name: &str, limit: i64, offset: i64, ) -> Result, AppError> { let user_uid = ctx.user().ok_or(AppError::Unauthorized)?; let repo = self.resolve_repo(wk_name, repo_name).await?; let repo_id = repo.id; self.ensure_repo_readable(user_uid, &repo).await?; let (limit, offset) = clamp_limit_offset(limit, offset); sqlx::query_as::<_, RepoMember>( "SELECT id, repo_id, user_id, role, status, invited_by, joined_at, last_active_at, created_at, updated_at FROM repo_member WHERE repo_id = $1 AND status = 'active' ORDER BY created_at ASC LIMIT $2 OFFSET $3", ) .bind(repo_id) .bind(limit) .bind(offset) .fetch_all(self.ctx.db.reader()) .await .map_err(AppError::Database) } pub async fn repo_add_member( &self, ctx: &Session, wk_name: &str, repo_name: &str, params: AddRepoMemberParams, ) -> Result { let user_uid = ctx.user().ok_or(AppError::Unauthorized)?; let repo = self.resolve_repo(wk_name, repo_name).await?; let repo_id = repo.id; let actor_role = self .ensure_repo_role_at_least(user_uid, &repo, Role::Admin) .await?; let target_workspace_member = sqlx::query_scalar::<_, bool>( "SELECT EXISTS(SELECT 1 FROM workspace_member WHERE workspace_id = $1 AND user_id = $2 AND status = 'active')", ) .bind(repo.workspace_id) .bind(params.user_id) .fetch_one(self.ctx.db.reader()) .await .map_err(AppError::Database)?; if !target_workspace_member { return Err(AppError::BadRequest( "user must be a workspace member".into(), )); } let existing = sqlx::query_scalar::<_, bool>( "SELECT EXISTS(SELECT 1 FROM repo_member WHERE repo_id = $1 AND user_id = $2)", ) .bind(repo_id) .bind(params.user_id) .fetch_one(self.ctx.db.reader()) .await .map_err(AppError::Database)?; if existing { return Err(AppError::Conflict("user is already a member".into())); } let role = params .role .as_deref() .and_then(|r| r.parse::().ok()) .unwrap_or_else(|| "member".to_string().parse().unwrap_or(Role::Member)); if role == Role::Owner { return Err(AppError::BadRequest("cannot add member as owner".into())); } if role == Role::Unknown { return Err(AppError::BadRequest("invalid role".into())); } if role_level(actor_role) < role_level(Role::Owner) && role_level(role) >= role_level(actor_role) { return Err(AppError::BadRequest( "cannot assign role equal or higher than your own".into(), )); } let now = chrono::Utc::now(); let mut txn = self .ctx .db .writer() .begin() .await .map_err(|_| AppError::TxnError)?; sqlx::query("SET LOCAL app.current_user_id = $1") .bind(user_uid) .execute(&mut *txn) .await .map_err(AppError::Database)?; let member = sqlx::query_as::<_, RepoMember>( "INSERT INTO repo_member (id, repo_id, user_id, role, status, invited_by, joined_at, created_at, updated_at) \ VALUES ($1, $2, $3, $4, 'active', $5, $6, $6, $6) RETURNING id, repo_id, user_id, role, status, invited_by, joined_at, last_active_at, created_at, updated_at", ) .bind(Uuid::now_v7()) .bind(repo_id) .bind(params.user_id) .bind(role.to_string()) .bind(user_uid) .bind(now) .fetch_one(&mut *txn) .await .map_err(AppError::Database)?; txn.commit().await.map_err(|_| AppError::TxnError)?; Ok(member) } pub async fn repo_update_member_role( &self, ctx: &Session, wk_name: &str, repo_name: &str, member_id: Uuid, params: UpdateRepoMemberRoleParams, ) -> Result { let user_uid = ctx.user().ok_or(AppError::Unauthorized)?; let repo = self.resolve_repo(wk_name, repo_name).await?; let repo_id = repo.id; let actor_role = self .ensure_repo_role_at_least(user_uid, &repo, Role::Admin) .await?; let new_role = params .role .parse::() .map_err(|_| AppError::BadRequest("invalid role".into()))?; if new_role == Role::Owner { return Err(AppError::BadRequest( "use repo_transfer_owner to change owner".into(), )); } if new_role == Role::Unknown { return Err(AppError::BadRequest("invalid role".into())); } let target = sqlx::query_as::<_, RepoMember>( "SELECT id, repo_id, user_id, role, status, invited_by, joined_at, last_active_at, created_at, updated_at FROM repo_member WHERE id = $1 AND repo_id = $2", ) .bind(member_id) .bind(repo_id) .fetch_optional(self.ctx.db.reader()) .await .map_err(AppError::Database)? .ok_or(AppError::NotFound("member not found".into()))?; if target.role == Role::Owner { return Err(AppError::BadRequest("cannot change owner role".into())); } if role_level(actor_role) <= role_level(target.role) && actor_role != Role::Owner { return Err(AppError::BadRequest( "cannot change role of member with equal or higher role".into(), )); } let now = chrono::Utc::now(); let mut txn = self .ctx .db .writer() .begin() .await .map_err(|_| AppError::TxnError)?; sqlx::query("SET LOCAL app.current_user_id = $1") .bind(user_uid) .execute(&mut *txn) .await .map_err(AppError::Database)?; let result = sqlx::query_as::<_, RepoMember>( "UPDATE repo_member SET role = $1, updated_at = $2 WHERE id = $3 AND repo_id = $4 RETURNING id, repo_id, user_id, role, status, invited_by, joined_at, last_active_at, created_at, updated_at", ) .bind(new_role.to_string()) .bind(now) .bind(member_id) .bind(repo_id) .fetch_one(&mut *txn) .await .map_err(AppError::Database)?; txn.commit().await.map_err(|_| AppError::TxnError)?; Ok(result) } pub async fn repo_remove_member( &self, ctx: &Session, wk_name: &str, repo_name: &str, member_id: Uuid, ) -> Result<(), AppError> { let user_uid = ctx.user().ok_or(AppError::Unauthorized)?; let repo = self.resolve_repo(wk_name, repo_name).await?; let repo_id = repo.id; let actor_role = self .ensure_repo_role_at_least(user_uid, &repo, Role::Admin) .await?; let target = sqlx::query_as::<_, RepoMember>( "SELECT id, repo_id, user_id, role, status, invited_by, joined_at, last_active_at, created_at, updated_at FROM repo_member WHERE id = $1 AND repo_id = $2", ) .bind(member_id) .bind(repo_id) .fetch_optional(self.ctx.db.reader()) .await .map_err(AppError::Database)? .ok_or(AppError::NotFound("member not found".into()))?; if target.role == Role::Owner { return Err(AppError::BadRequest( "cannot remove owner; transfer ownership first".into(), )); } if role_level(actor_role) <= role_level(target.role) && actor_role != Role::Owner { return Err(AppError::BadRequest( "cannot remove a member with equal or higher role".into(), )); } let mut txn = self .ctx .db .writer() .begin() .await .map_err(|_| AppError::TxnError)?; sqlx::query("SET LOCAL app.current_user_id = $1") .bind(user_uid) .execute(&mut *txn) .await .map_err(AppError::Database)?; let result = sqlx::query("DELETE FROM repo_member WHERE id = $1 AND repo_id = $2") .bind(member_id) .bind(repo_id) .execute(&mut *txn) .await .map_err(AppError::Database)?; ensure_affected(result.rows_affected(), "member not found")?; txn.commit().await.map_err(|_| AppError::TxnError)?; Ok(()) } pub async fn repo_leave( &self, ctx: &Session, wk_name: &str, repo_name: &str, ) -> Result<(), AppError> { let user_uid = ctx.user().ok_or(AppError::Unauthorized)?; let repo = self.resolve_repo(wk_name, repo_name).await?; let repo_id = repo.id; if repo.owner_id == user_uid { return Err(AppError::BadRequest( "owner cannot leave; transfer ownership first".into(), )); } let mut txn = self .ctx .db .writer() .begin() .await .map_err(|_| AppError::TxnError)?; sqlx::query("SET LOCAL app.current_user_id = $1") .bind(user_uid) .execute(&mut *txn) .await .map_err(AppError::Database)?; let result = sqlx::query("DELETE FROM repo_member WHERE repo_id = $1 AND user_id = $2") .bind(repo_id) .bind(user_uid) .execute(&mut *txn) .await .map_err(AppError::Database)?; ensure_affected(result.rows_affected(), "not a member")?; txn.commit().await.map_err(|_| AppError::TxnError)?; Ok(()) } }