sourcebot/packages/web/src/actions.ts

'use server';

import Ajv from "ajv";
import { getUser } from "./data/user";
import { auth } from "./auth";
import { notAuthenticated, notFound, ServiceError, unexpectedError } from "./lib/serviceError";
import { prisma } from "@/prisma";
import { StatusCodes } from "http-status-codes";
import { ErrorCode } from "./lib/errorCodes";
import { githubSchema } from "@sourcebot/schemas/v3/github.schema";
import { encrypt } from "@sourcebot/crypto"

const ajv = new Ajv({
    validateFormats: false,
});

export const createSecret = async (key: string, value: string): Promise<{ success: boolean } | ServiceError> => {
    const session = await auth();
    if (!session) {
        return notAuthenticated();
    }

    const user = await getUser(session.user.id);
    if (!user) {
        return unexpectedError("User not found");
    }
    const orgId = user.activeOrgId;
    if (!orgId) {
        return unexpectedError("User has no active org");
    }

    // @todo: refactor this into a shared function
    const membership = await prisma.userToOrg.findUnique({
        where: {
            orgId_userId: {
                userId: session.user.id,
                orgId,
            }
        },
    });
    if (!membership) {
        return notFound();
    }

    try {
        const encrypted = encrypt(value);
        await prisma.secret.create({
            data: {
                orgId,
                key,
                encryptedValue: encrypted.encryptedData,
                iv: encrypted.iv,
            }
        });
    } catch (e) {
        return unexpectedError(`Failed to create secret`);
    }

    return {
        success: true,
    }
}

export const getSecrets = async (): Promise<{ createdAt: Date; key: string; }[] | ServiceError> => {
    const session = await auth();
    if (!session) {
        return notAuthenticated();
    }

    const user = await getUser(session.user.id);
    if (!user) {
        return unexpectedError("User not found");
    }
    const orgId = user.activeOrgId;
    if (!orgId) {
        return unexpectedError("User has no active org");
    }

    const membership = await prisma.userToOrg.findUnique({
        where: {
            orgId_userId: {
                userId: session.user.id,
                orgId,
            }
        },
    });
    if (!membership) {
        return notFound();
    }

    const secrets = await prisma.secret.findMany({
        where: {
            orgId,
        },
        select: {
            key: true,
            createdAt: true
        }
    });

    return secrets.map((secret) => ({
        key: secret.key,
        createdAt: secret.createdAt,
    }));
}

export const deleteSecret = async (key: string): Promise<{ success: boolean } | ServiceError> => {
    const session = await auth();
    if (!session) {
        return notAuthenticated();
    }

    const user = await getUser(session.user.id);
    if (!user) {
        return unexpectedError("User not found");
    }
    const orgId = user.activeOrgId;
    if (!orgId) {
        return unexpectedError("User has no active org");
    }

    const membership = await prisma.userToOrg.findUnique({
        where: {
            orgId_userId: {
                userId: session.user.id,
                orgId,
            }
        },
    });
    if (!membership) {
        return notFound();
    }

    await prisma.secret.delete({
        where: {
            orgId_key: {
                orgId,
                key,
            }
        }
    });

    return {
        success: true,
    }
}


export const createOrg = async (name: string): Promise<{ id: number } | ServiceError> => {
    const session = await auth();
    if (!session) {
        return notAuthenticated();
    }

    // Create the org
    const org = await prisma.org.create({
        data: {
            name,
            members: {
                create: {
                    userId: session.user.id,
                    role: "OWNER",
                },
            },
        }
    });

    return {
        id: org.id,
    }
}

export const switchActiveOrg = async (orgId: number): Promise<{ id: number } | ServiceError> => {
    const session = await auth();
    if (!session) {
        return notAuthenticated();
    }

    // Check to see if the user is a member of the org
    // @todo: refactor this into a shared function
    const membership = await prisma.userToOrg.findUnique({
        where: {
            orgId_userId: {
                userId: session.user.id,
                orgId,
            }
        },
    });
    if (!membership) {
        return notFound();
    }

    // Update the user's active org
    await prisma.user.update({
        where: {
            id: session.user.id,
        },
        data: {
            activeOrgId: orgId,
        }
    });

    return {
        id: orgId,
    }
}

export const createConnection = async (config: string): Promise<{ id: number } | ServiceError> => {
    const session = await auth();
    if (!session) {
        return notAuthenticated();
    }

    const user = await getUser(session.user.id);
    if (!user) {
        return unexpectedError("User not found");
    }
    const orgId = user.activeOrgId;
    if (!orgId) {
        return unexpectedError("User has no active org");
    }

    // @todo: refactor this into a shared function
    const membership = await prisma.userToOrg.findUnique({
        where: {
            orgId_userId: {
                userId: session.user.id,
                orgId,
            }
        },
    });
    if (!membership) {
        return notFound();
    }

    let parsedConfig;
    try {
        parsedConfig = JSON.parse(config);
    } catch (e) {
        return {
            statusCode: StatusCodes.BAD_REQUEST,
            errorCode: ErrorCode.INVALID_REQUEST_BODY,
            message: "config must be a valid JSON object."
        } satisfies ServiceError;
    }

    // @todo: we will need to validate the config against different schemas based on the type of connection.
    const isValidConfig = ajv.validate(githubSchema, parsedConfig);
    if (!isValidConfig) {
        return {
            statusCode: StatusCodes.BAD_REQUEST,
            errorCode: ErrorCode.INVALID_REQUEST_BODY,
            message: `config schema validation failed with errors: ${ajv.errorsText(ajv.errors)}`,
        } satisfies ServiceError;
    }

    const connection = await prisma.connection.create({
        data: {
            orgId: orgId,
            config: parsedConfig,
        }
    });

    return {
        id: connection.id,
    }
}
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`'use server';`

Connection creation form (#175) 2025-01-23 18:26:41 +00:00			`import Ajv from "ajv";`
			`import { getUser } from "./data/user";`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`import { auth } from "./auth";`
Connection creation form (#175) 2025-01-23 18:26:41 +00:00			`import { notAuthenticated, notFound, ServiceError, unexpectedError } from "./lib/serviceError";`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`import { prisma } from "@/prisma";`
Connection creation form (#175) 2025-01-23 18:26:41 +00:00			`import { StatusCodes } from "http-status-codes";`
			`import { ErrorCode } from "./lib/errorCodes";`
Add `@sourcebot/schemas` package (#177) 2025-01-24 18:51:49 +00:00			`import { githubSchema } from "@sourcebot/schemas/v3/github.schema";`
add concept of secrets (#180) * add @sourcebot/schemas package * migrate things to use the schemas package * Dockerfile support * add secret table to schema * Add concept of connection manager * Rename Config->Connection * Handle job failures * Add join table between repo and connection * nits * create first version of crypto package * add crypto package as deps to others * forgot to add package changes * add server action for adding and listing secrets, create test page for it * add secrets page to nav menu * add secret to config and support fetching it in backend * reset secret form on successful submission * add toast feedback for secrets form * add instructions for adding encryption key to dev instructions * add encryption key support in docker file * add delete secret button * fix nits from pr review --------- Co-authored-by: bkellam <bshizzle1234@gmail.com> 2025-01-27 22:07:07 +00:00			`import { encrypt } from "@sourcebot/crypto"`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00
Connection creation form (#175) 2025-01-23 18:26:41 +00:00			`const ajv = new Ajv({`
			`validateFormats: false,`
			`});`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00
add concept of secrets (#180) * add @sourcebot/schemas package * migrate things to use the schemas package * Dockerfile support * add secret table to schema * Add concept of connection manager * Rename Config->Connection * Handle job failures * Add join table between repo and connection * nits * create first version of crypto package * add crypto package as deps to others * forgot to add package changes * add server action for adding and listing secrets, create test page for it * add secrets page to nav menu * add secret to config and support fetching it in backend * reset secret form on successful submission * add toast feedback for secrets form * add instructions for adding encryption key to dev instructions * add encryption key support in docker file * add delete secret button * fix nits from pr review --------- Co-authored-by: bkellam <bshizzle1234@gmail.com> 2025-01-27 22:07:07 +00:00			`export const createSecret = async (key: string, value: string): Promise<{ success: boolean } \| ServiceError> => {`
			`const session = await auth();`
			`if (!session) {`
			`return notAuthenticated();`
			`}`

			`const user = await getUser(session.user.id);`
			`if (!user) {`
			`return unexpectedError("User not found");`
			`}`
			`const orgId = user.activeOrgId;`
			`if (!orgId) {`
			`return unexpectedError("User has no active org");`
			`}`

			`// @todo: refactor this into a shared function`
			`const membership = await prisma.userToOrg.findUnique({`
			`where: {`
			`orgId_userId: {`
			`userId: session.user.id,`
			`orgId,`
			`}`
			`},`
			`});`
			`if (!membership) {`
			`return notFound();`
			`}`

			`try {`
			`const encrypted = encrypt(value);`
			`await prisma.secret.create({`
			`data: {`
			`orgId,`
			`key,`
			`encryptedValue: encrypted.encryptedData,`
			`iv: encrypted.iv,`
			`}`
			`});`
			`} catch (e) {`
			return unexpectedError(`Failed to create secret`);
			`}`

			`return {`
			`success: true,`
			`}`
			`}`

			`export const getSecrets = async (): Promise<{ createdAt: Date; key: string; }[] \| ServiceError> => {`
			`const session = await auth();`
			`if (!session) {`
			`return notAuthenticated();`
			`}`

			`const user = await getUser(session.user.id);`
			`if (!user) {`
			`return unexpectedError("User not found");`
			`}`
			`const orgId = user.activeOrgId;`
			`if (!orgId) {`
			`return unexpectedError("User has no active org");`
			`}`

			`const membership = await prisma.userToOrg.findUnique({`
			`where: {`
			`orgId_userId: {`
			`userId: session.user.id,`
			`orgId,`
			`}`
			`},`
			`});`
			`if (!membership) {`
			`return notFound();`
			`}`

			`const secrets = await prisma.secret.findMany({`
			`where: {`
			`orgId,`
			`},`
			`select: {`
			`key: true,`
			`createdAt: true`
			`}`
			`});`

			`return secrets.map((secret) => ({`
			`key: secret.key,`
			`createdAt: secret.createdAt,`
			`}));`
			`}`

			`export const deleteSecret = async (key: string): Promise<{ success: boolean } \| ServiceError> => {`
			`const session = await auth();`
			`if (!session) {`
			`return notAuthenticated();`
			`}`

			`const user = await getUser(session.user.id);`
			`if (!user) {`
			`return unexpectedError("User not found");`
			`}`
			`const orgId = user.activeOrgId;`
			`if (!orgId) {`
			`return unexpectedError("User has no active org");`
			`}`

			`const membership = await prisma.userToOrg.findUnique({`
			`where: {`
			`orgId_userId: {`
			`userId: session.user.id,`
			`orgId,`
			`}`
			`},`
			`});`
			`if (!membership) {`
			`return notFound();`
			`}`

			`await prisma.secret.delete({`
			`where: {`
			`orgId_key: {`
			`orgId,`
			`key,`
			`}`
			`}`
			`});`

			`return {`
			`success: true,`
			`}`
			`}`


Connection creation form (#175) 2025-01-23 18:26:41 +00:00			`export const createOrg = async (name: string): Promise<{ id: number } \| ServiceError> => {`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`const session = await auth();`
			`if (!session) {`
			`return notAuthenticated();`
			`}`

			`// Create the org`
			`const org = await prisma.org.create({`
			`data: {`
			`name,`
			`members: {`
			`create: {`
			`userId: session.user.id,`
			`role: "OWNER",`
			`},`
			`},`
			`}`
			`});`

			`return {`
			`id: org.id,`
			`}`
			`}`

Connection creation form (#175) 2025-01-23 18:26:41 +00:00			`export const switchActiveOrg = async (orgId: number): Promise<{ id: number } \| ServiceError> => {`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`const session = await auth();`
			`if (!session) {`
			`return notAuthenticated();`
			`}`

			`// Check to see if the user is a member of the org`
Connection creation form (#175) 2025-01-23 18:26:41 +00:00			`// @todo: refactor this into a shared function`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`const membership = await prisma.userToOrg.findUnique({`
			`where: {`
			`orgId_userId: {`
			`userId: session.user.id,`
			`orgId,`
			`}`
			`},`
			`});`
			`if (!membership) {`
			`return notFound();`
			`}`

			`// Update the user's active org`
			`await prisma.user.update({`
			`where: {`
			`id: session.user.id,`
			`},`
			`data: {`
			`activeOrgId: orgId,`
			`}`
			`});`

			`return {`
			`id: orgId,`
			`}`
Connection creation form (#175) 2025-01-23 18:26:41 +00:00			`}`

			`export const createConnection = async (config: string): Promise<{ id: number } \| ServiceError> => {`
			`const session = await auth();`
			`if (!session) {`
			`return notAuthenticated();`
			`}`

			`const user = await getUser(session.user.id);`
			`if (!user) {`
			`return unexpectedError("User not found");`
			`}`
			`const orgId = user.activeOrgId;`
			`if (!orgId) {`
			`return unexpectedError("User has no active org");`
			`}`

			`// @todo: refactor this into a shared function`
			`const membership = await prisma.userToOrg.findUnique({`
			`where: {`
			`orgId_userId: {`
			`userId: session.user.id,`
			`orgId,`
			`}`
			`},`
			`});`
			`if (!membership) {`
			`return notFound();`
			`}`

			`let parsedConfig;`
			`try {`
			`parsedConfig = JSON.parse(config);`
			`} catch (e) {`
			`return {`
			`statusCode: StatusCodes.BAD_REQUEST,`
			`errorCode: ErrorCode.INVALID_REQUEST_BODY,`
			`message: "config must be a valid JSON object."`
			`} satisfies ServiceError;`
			`}`

			`// @todo: we will need to validate the config against different schemas based on the type of connection.`
			`const isValidConfig = ajv.validate(githubSchema, parsedConfig);`
			`if (!isValidConfig) {`
			`return {`
			`statusCode: StatusCodes.BAD_REQUEST,`
			`errorCode: ErrorCode.INVALID_REQUEST_BODY,`
			message: `config schema validation failed with errors: ${ajv.errorsText(ajv.errors)}`,
			`} satisfies ServiceError;`
			`}`

Connection management (#178) 2025-01-24 21:16:08 +00:00			`const connection = await prisma.connection.create({`
Connection creation form (#175) 2025-01-23 18:26:41 +00:00			`data: {`
			`orgId: orgId,`
Connection management (#178) 2025-01-24 21:16:08 +00:00			`config: parsedConfig,`
Connection creation form (#175) 2025-01-23 18:26:41 +00:00			`}`
			`});`

			`return {`
			`id: connection.id,`
			`}`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`}`