({
userId,
activeOrganizationId,
pinOrganization = false,
}: GetWorkspaceCreationPolicyParams)
| 220 | } |
| 221 | |
| 222 | export async function getWorkspaceCreationPolicy({ |
| 223 | userId, |
| 224 | activeOrganizationId, |
| 225 | pinOrganization = false, |
| 226 | }: GetWorkspaceCreationPolicyParams): Promise<WorkspaceCreationPolicy> { |
| 227 | const membership = await getUserOrganization(userId) |
| 228 | const organizationId = pinOrganization |
| 229 | ? (activeOrganizationId ?? null) |
| 230 | : (activeOrganizationId ?? membership?.organizationId ?? null) |
| 231 | const orgRole = |
| 232 | organizationId == null |
| 233 | ? undefined |
| 234 | : membership?.organizationId === organizationId |
| 235 | ? membership.role |
| 236 | : ( |
| 237 | await db |
| 238 | .select({ role: member.role }) |
| 239 | .from(member) |
| 240 | .where(and(eq(member.userId, userId), eq(member.organizationId, organizationId))) |
| 241 | .limit(1) |
| 242 | )[0]?.role |
| 243 | |
| 244 | if (activeOrganizationId && !orgRole) { |
| 245 | const billedAccountUserId = await requireOrganizationOwnerId(activeOrganizationId) |
| 246 | |
| 247 | return { |
| 248 | canCreate: false, |
| 249 | workspaceMode: WORKSPACE_MODE.ORGANIZATION, |
| 250 | organizationId: activeOrganizationId, |
| 251 | billedAccountUserId, |
| 252 | maxWorkspaces: null, |
| 253 | currentWorkspaceCount: 0, |
| 254 | reason: 'Only organization owners and admins can create organization workspaces.', |
| 255 | status: 403, |
| 256 | } |
| 257 | } |
| 258 | |
| 259 | if (!isBillingEnabled) { |
| 260 | if (organizationId && orgRole) { |
| 261 | const billedAccountUserId = await requireOrganizationOwnerId(organizationId) |
| 262 | |
| 263 | if (!isOrgAdminRole(orgRole)) { |
| 264 | return { |
| 265 | canCreate: false, |
| 266 | workspaceMode: WORKSPACE_MODE.ORGANIZATION, |
| 267 | organizationId, |
| 268 | billedAccountUserId, |
| 269 | maxWorkspaces: null, |
| 270 | currentWorkspaceCount: 0, |
| 271 | reason: 'Only organization owners and admins can create organization workspaces.', |
| 272 | status: 403, |
| 273 | } |
| 274 | } |
| 275 | |
| 276 | return { |
| 277 | canCreate: true, |
| 278 | workspaceMode: WORKSPACE_MODE.ORGANIZATION, |
| 279 | organizationId, |
no test coverage detected