diff --git a/supabase/functions/send-admin-email-reply/index.ts b/supabase/functions/send-admin-email-reply/index.ts index 761f57d0..54130540 100644 --- a/supabase/functions/send-admin-email-reply/index.ts +++ b/supabase/functions/send-admin-email-reply/index.ts @@ -38,12 +38,16 @@ const handler = async (req: Request): Promise => { return createErrorResponse({ message: 'Unauthorized' }, 401, corsHeaders); } - // Verify admin role - const { data: isAdmin, error: roleError } = await supabase + // Verify admin, moderator, or superuser role + const { data: isSuperuser } = await supabase + .rpc('has_role', { _user_id: user.id, _role: 'superuser' }); + const { data: isAdmin } = await supabase .rpc('has_role', { _user_id: user.id, _role: 'admin' }); + const { data: isModerator } = await supabase + .rpc('has_role', { _user_id: user.id, _role: 'moderator' }); - if (roleError || !isAdmin) { - edgeLogger.warn('Non-admin attempted email reply', { + if (!isSuperuser && !isAdmin && !isModerator) { + edgeLogger.warn('Non-privileged user attempted email reply', { requestId: tracking.requestId, userId: user.id }); diff --git a/supabase/functions/send-contact-message/index.ts b/supabase/functions/send-contact-message/index.ts index a037e6bb..258f20be 100644 --- a/supabase/functions/send-contact-message/index.ts +++ b/supabase/functions/send-contact-message/index.ts @@ -177,6 +177,23 @@ const handler = async (req: Request): Promise => { const ticketNumber = submission.ticket_number || 'PENDING'; const messageId = `<${ticketNumber}.${submission.id}@thrillwiki.com>`; + // Insert initial message into email thread + await supabase + .from('contact_email_threads') + .insert({ + submission_id: submission.id, + direction: 'inbound', + from_email: email.trim().toLowerCase(), + to_email: adminEmail, + subject: subject.trim(), + body_text: message.trim(), + message_id: messageId, + metadata: { + category: category, + name: name.trim() + } + }); + if (forwardEmailKey) { // Send admin notification fetch('https://api.forwardemail.net/v1/emails', {