pacnpal/thrilltrack-explorer
1
0
Fork 0
mirror of https://github.com/pacnpal/thrilltrack-explorer.git synced 2025-12-22 01:31:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix email reply access and threading

Browse Source
This commit is contained in:
gpt-engineer-app[bot]
2025-10-28 18:38:57 +00:00
parent adbb4e5813
commit 6af788d406
2 changed files with 25 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
supabase/functions/send-admin-email-reply/index.ts
View File

@@ -38,12 +38,16 @@ const handler = async (req: Request): Promise<Response> => {
return createErrorResponse({ message: 'Unauthorized' }, 401, corsHeaders);
}
// Verify admin role
const { data: isAdmin, error: roleError } = await supabase
// Verify admin, moderator, or superuser role
const { data: isSuperuser } = await supabase
.rpc('has_role', { _user_id: user.id, _role: 'superuser' });
const { data: isAdmin } = await supabase
.rpc('has_role', { _user_id: user.id, _role: 'admin' });
const { data: isModerator } = await supabase
.rpc('has_role', { _user_id: user.id, _role: 'moderator' });
if (roleError || !isAdmin) {
edgeLogger.warn('Non-admin attempted email reply', {
if (!isSuperuser && !isAdmin && !isModerator) {
edgeLogger.warn('Non-privileged user attempted email reply', {
requestId: tracking.requestId,
userId: user.id
});