mark/vibn-frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: qualify table references in design-surfaces SQL to resolve ambiguous column error

Browse Source 
Made-with: Cursor
This commit is contained in:
Mark Henderson
2026-03-01 21:30:12 -08:00
parent 62731af91f
commit 7be66f60b7
1 changed files with 67 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

117
app/api/projects/[projectId]/design-surfaces/route.ts
View File

@@ -3,37 +3,50 @@ import { getServerSession } from 'next-auth';
import { authOptions } from '@/lib/auth/authOptions'; import { authOptions } from '@/lib/auth/authOptions';
import { query } from '@/lib/db-postgres'; import { query } from '@/lib/db-postgres';
async function getProject(projectId: string, email: string) { async function verifyOwnership(projectId: string, email: string): Promise<boolean> {
const rows = await query<{ data: Record<string, unknown> }>( const rows = await query<{ id: string }>(
`SELECT p.data FROM fs_projects p `SELECT p.id FROM fs_projects p
JOIN fs_users u ON u.id = p.user_id JOIN fs_users u ON u.id = p.user_id
WHERE p.id = $1 AND u.data->>'email' = $2 LIMIT 1`, WHERE p.id = $1 AND u.data->>'email' = $2
LIMIT 1`,
[projectId, email] [projectId, email]
); );
return rows[0] ?? null; return rows.length > 0;
} }
/** /**
* GET — returns surfaces[] and surfaceThemes{} for the project. * GET — returns surfaces[] and surfaceThemes{} for the project.
* surfaces: string[] — which design surfaces are active (set by Atlas or manually)
* surfaceThemes: Record<surfaceId, themeId> — locked-in theme per surface
*/ */
export async function GET( export async function GET(
_req: Request, _req: Request,
{ params }: { params: Promise<{ projectId: string }> } { params }: { params: Promise<{ projectId: string }> }
) { ) {
const { projectId } = await params; try {
const session = await getServerSession(authOptions); const { projectId } = await params;
if (!session?.user?.email) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }); const session = await getServerSession(authOptions);
if (!session?.user?.email) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
const row = await getProject(projectId, session.user.email); const rows = await query<{ data: Record<string, unknown> }>(
if (!row) return NextResponse.json({ error: 'Project not found' }, { status: 404 }); `SELECT p.data FROM fs_projects p
JOIN fs_users u ON u.id = p.user_id
WHERE p.id = $1 AND u.data->>'email' = $2
LIMIT 1`,
[projectId, session.user.email]
);
const data = row.data ?? {}; if (rows.length === 0) {
return NextResponse.json({ return NextResponse.json({ error: 'Project not found' }, { status: 404 });
surfaces: (data.surfaces ?? []) as string[], }
surfaceThemes: (data.surfaceThemes ?? {}) as Record<string, string>,
}); const data = rows[0].data ?? {};
return NextResponse.json({
surfaces: (data.surfaces ?? []) as string[],
surfaceThemes: (data.surfaceThemes ?? {}) as Record<string, string>,
});
} catch (err) {
console.error('[design-surfaces GET]', err);
return NextResponse.json({ error: 'Internal error' }, { status: 500 });
}
} }
/** /**
@@ -45,40 +58,44 @@ export async function PATCH(
req: Request, req: Request,
{ params }: { params: Promise<{ projectId: string }> } { params }: { params: Promise<{ projectId: string }> }
) { ) {
const { projectId } = await params; try {
const session = await getServerSession(authOptions); const { projectId } = await params;
if (!session?.user?.email) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }); const session = await getServerSession(authOptions);
if (!session?.user?.email) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
const body = await req.json() as const owned = await verifyOwnership(projectId, session.user.email);
| { surfaces: string[] } if (!owned) return NextResponse.json({ error: 'Project not found' }, { status: 404 });
| { surface: string; theme: string };
if ('surfaces' in body) { const body = await req.json() as
// Save the surface list | { surfaces: string[] }
await query( | { surface: string; theme: string };
`UPDATE fs_projects p
SET data = data || jsonb_build_object('surfaces', $3::jsonb), if ('surfaces' in body) {
updated_at = NOW() await query(
FROM fs_users u `UPDATE fs_projects
WHERE p.id = $1 AND p.user_id = u.id AND u.data->>'email' = $2`, SET data = data || jsonb_build_object('surfaces', $2::jsonb),
[projectId, session.user.email, JSON.stringify(body.surfaces)] updated_at = NOW()
); WHERE id = $1`,
} else if ('surface' in body && 'theme' in body) { [projectId, JSON.stringify(body.surfaces)]
// Lock in a theme for one surface );
await query( } else if ('surface' in body && 'theme' in body) {
`UPDATE fs_projects p await query(
SET data = data || jsonb_build_object( `UPDATE fs_projects
'surfaceThemes', SET data = data || jsonb_build_object(
COALESCE(data->'surfaceThemes', '{}'::jsonb) || jsonb_build_object($3, $4) 'surfaceThemes',
), COALESCE(data->'surfaceThemes', '{}'::jsonb) || jsonb_build_object($2, $3)
updated_at = NOW() ),
FROM fs_users u updated_at = NOW()
WHERE p.id = $1 AND p.user_id = u.id AND u.data->>'email' = $2`, WHERE id = $1`,
[projectId, session.user.email, body.surface, body.theme] [projectId, body.surface, body.theme]
); );
} else { } else {
return NextResponse.json({ error: 'Invalid body' }, { status: 400 }); return NextResponse.json({ error: 'Invalid body' }, { status: 400 });
}
return NextResponse.json({ success: true });
} catch (err) {
console.error('[design-surfaces PATCH]', err);
return NextResponse.json({ error: 'Internal error' }, { status: 500 });
} }
return NextResponse.json({ success: true });
} }