({ user }: { user: AuthJsUser })
| 13 | const logger = createLogger('web-auth-utils'); |
| 14 | |
| 15 | export const onCreateUser = async ({ user }: { user: AuthJsUser }) => { |
| 16 | if (!user.id) { |
| 17 | logger.error("User ID is undefined on user creation"); |
| 18 | await createAudit({ |
| 19 | action: "user.creation_failed", |
| 20 | actor: { |
| 21 | id: "undefined", |
| 22 | type: "user" |
| 23 | }, |
| 24 | target: { |
| 25 | id: "undefined", |
| 26 | type: "user" |
| 27 | }, |
| 28 | orgId: SINGLE_TENANT_ORG_ID, |
| 29 | metadata: { |
| 30 | message: "User ID is undefined on user creation" |
| 31 | } |
| 32 | }); |
| 33 | throw new Error("User ID is undefined on user creation"); |
| 34 | } |
| 35 | |
| 36 | const defaultOrg = await __unsafePrisma.org.findUnique({ |
| 37 | where: { |
| 38 | id: SINGLE_TENANT_ORG_ID, |
| 39 | }, |
| 40 | include: { |
| 41 | members: true, |
| 42 | } |
| 43 | }); |
| 44 | |
| 45 | if (defaultOrg === null) { |
| 46 | await createAudit({ |
| 47 | action: "user.creation_failed", |
| 48 | actor: { |
| 49 | id: user.id, |
| 50 | type: "user" |
| 51 | }, |
| 52 | target: { |
| 53 | id: user.id, |
| 54 | type: "user" |
| 55 | }, |
| 56 | orgId: SINGLE_TENANT_ORG_ID, |
| 57 | metadata: { |
| 58 | message: "Default org not found on single tenant user creation" |
| 59 | } |
| 60 | }); |
| 61 | throw new Error("Default org not found on single tenant user creation"); |
| 62 | } |
| 63 | |
| 64 | // First user to sign up bootstraps the org as its OWNER. This is how a |
| 65 | // fresh deployment gets its initial admin without manual setup. |
| 66 | const isFirstUser = defaultOrg.members.length === 0; |
| 67 | if (isFirstUser) { |
| 68 | await __unsafePrisma.$transaction(async (tx) => { |
| 69 | await tx.org.update({ |
| 70 | where: { |
| 71 | id: SINGLE_TENANT_ORG_ID, |
| 72 | }, |
no test coverage detected