(workspaceId: string)
| 16 | * members are seeded only for use access (the owner plus permission holders). |
| 17 | */ |
| 18 | export async function getWorkspaceMembership(workspaceId: string): Promise<WorkspaceMembership> { |
| 19 | const [workspaceRows, permissionRows] = await Promise.all([ |
| 20 | db |
| 21 | .select({ ownerId: workspace.ownerId }) |
| 22 | .from(workspace) |
| 23 | .where(eq(workspace.id, workspaceId)) |
| 24 | .limit(1), |
| 25 | db |
| 26 | .select({ userId: permissions.userId }) |
| 27 | .from(permissions) |
| 28 | .where(and(eq(permissions.entityType, 'workspace'), eq(permissions.entityId, workspaceId))), |
| 29 | ]) |
| 30 | |
| 31 | const ownerId = workspaceRows[0]?.ownerId ?? null |
| 32 | const memberUserIds = new Set<string>(permissionRows.map((row) => row.userId)) |
| 33 | if (ownerId) { |
| 34 | memberUserIds.add(ownerId) |
| 35 | } |
| 36 | |
| 37 | return { ownerId, memberUserIds: Array.from(memberUserIds) } |
| 38 | } |
| 39 | |
| 40 | export interface WorkspaceEnvKeyAdminAccess { |
| 41 | /** Keys for which the caller is an active credential admin. */ |
no test coverage detected