refactor(workspace): pass workspace object instead of id to service methods

- Replace workspace_id parameter with Workspace object reference in all workspace service methods
- Remove redundant find_workspace_by_id calls that were duplicated in each method
- Update all method signatures across approval, audit, billing, branding, core, settings and stats modules
- Modify SQL queries to bind ws.id instead of separate workspace_id parameter
- Add Workspace import to all affected modules
- Adjust method calls in API handlers to pass workspace object instead of id
- Consolidate workspace retrieval logic to single location per operation flow

service/workspace/integrations.rs

@@ -3,7 +3,7 @@ use uuid::Uuid;
 
 use crate::error::AppError;
 use crate::models::common::Provider;
-use crate::models::workspaces::WorkspaceIntegration;
+use crate::models::workspaces::{Workspace, WorkspaceIntegration};
 use crate::service::WorkspaceService;
 use crate::session::Session;
 
@@ -30,12 +30,11 @@ impl WorkspaceService {
     pub async fn workspace_integrations(
         &self,
         ctx: &Session,
-        workspace_id: Uuid,
+        ws: &Workspace,
         limit: i64,
         offset: i64,
     ) -> Result<Vec<WorkspaceIntegration>, AppError> {
         let user_uid = ctx.user().ok_or(AppError::Unauthorized)?;
-        let ws = self.find_workspace_by_id(workspace_id).await?;
         self.ensure_workspace_role_at_least(user_uid, &ws, crate::models::common::Role::Admin)
             .await?;
         let (limit, offset) = clamp_limit_offset(limit, offset);
@@ -44,7 +43,7 @@ impl WorkspaceService {
              installed_by, last_used_at, created_at, updated_at FROM workspace_integration \
              WHERE workspace_id = $1 ORDER BY created_at DESC LIMIT $2 OFFSET $3",
         )
-        .bind(workspace_id)
+        .bind(ws.id)
         .bind(limit)
         .bind(offset)
         .fetch_all(self.ctx.db.reader())
@@ -55,11 +54,10 @@ impl WorkspaceService {
     pub async fn workspace_create_integration(
         &self,
         ctx: &Session,
-        workspace_id: Uuid,
+        ws: &Workspace,
         params: CreateIntegrationParams,
     ) -> Result<WorkspaceIntegration, AppError> {
         let user_uid = ctx.user().ok_or(AppError::Unauthorized)?;
-        let ws = self.find_workspace_by_id(workspace_id).await?;
         self.ensure_workspace_role_at_least(user_uid, &ws, crate::models::common::Role::Admin)
             .await?;
 
@@ -95,7 +93,7 @@ impl WorkspaceService {
              installed_by, last_used_at, created_at, updated_at",
         )
         .bind(Uuid::now_v7())
-        .bind(workspace_id)
+        .bind(ws.id)
         .bind(provider)
         .bind(&name)
         .bind(params.config.map(sqlx::types::Json))
@@ -114,12 +112,11 @@ impl WorkspaceService {
     pub async fn workspace_update_integration(
         &self,
         ctx: &Session,
-        workspace_id: Uuid,
+        ws: &Workspace,
         integration_id: Uuid,
         params: UpdateIntegrationParams,
     ) -> Result<WorkspaceIntegration, AppError> {
         let user_uid = ctx.user().ok_or(AppError::Unauthorized)?;
-        let ws = self.find_workspace_by_id(workspace_id).await?;
         self.ensure_workspace_role_at_least(user_uid, &ws, crate::models::common::Role::Admin)
             .await?;
 
@@ -129,7 +126,7 @@ impl WorkspaceService {
              WHERE id = $1 AND workspace_id = $2",
         )
         .bind(integration_id)
-        .bind(workspace_id)
+        .bind(ws.id)
         .fetch_optional(self.ctx.db.reader())
         .await
         .map_err(AppError::Database)?
@@ -172,7 +169,7 @@ impl WorkspaceService {
         .bind(enabled)
         .bind(now)
         .bind(integration_id)
-        .bind(workspace_id)
+        .bind(ws.id)
         .fetch_one(&mut *txn)
         .await
         .map_err(AppError::Database)?;
@@ -184,11 +181,10 @@ impl WorkspaceService {
     pub async fn workspace_delete_integration(
         &self,
         ctx: &Session,
-        workspace_id: Uuid,
+        ws: &Workspace,
         integration_id: Uuid,
     ) -> Result<(), AppError> {
         let user_uid = ctx.user().ok_or(AppError::Unauthorized)?;
-        let ws = self.find_workspace_by_id(workspace_id).await?;
         self.ensure_workspace_role_at_least(user_uid, &ws, crate::models::common::Role::Admin)
             .await?;
 
@@ -208,7 +204,7 @@ impl WorkspaceService {
         let result =
             sqlx::query("DELETE FROM workspace_integration WHERE id = $1 AND workspace_id = $2")
                 .bind(integration_id)
-                .bind(workspace_id)
+                .bind(ws.id)
                 .execute(&mut *txn)
                 .await
                 .map_err(AppError::Database)?;