import { createElement } from 'react'; import { msg } from '@lingui/core/macro'; import type { Organisation, OrganisationGlobalSettings, Prisma } from '@prisma/client'; import { OrganisationMemberInviteStatus } from '@prisma/client'; import { nanoid } from 'nanoid'; import { mailer } from '@documenso/email/mailer'; import { OrganisationInviteEmailTemplate } from '@documenso/email/templates/organisation-invite'; import { NEXT_PUBLIC_WEBAPP_URL } from '@documenso/lib/constants/app'; import { FROM_ADDRESS, FROM_NAME } from '@documenso/lib/constants/email'; import { ORGANISATION_MEMBER_ROLE_PERMISSIONS_MAP } from '@documenso/lib/constants/organisations'; import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error'; import { isOrganisationRoleWithinUserHierarchy } from '@documenso/lib/utils/organisations'; import { prisma } from '@documenso/prisma'; import type { TCreateOrganisationMemberInvitesRequestSchema } from '@documenso/trpc/server/organisation-router/create-organisation-member-invites.types'; import { getI18nInstance } from '../../client-only/providers/i18n-server'; import { buildOrganisationWhereQuery, getHighestOrganisationRoleInGroup, } from '../../utils/organisations'; import { renderEmailWithI18N } from '../../utils/render-email-with-i18n'; import { organisationGlobalSettingsToBranding } from '../../utils/team-global-settings-to-branding'; export type CreateOrganisationMemberInvitesOptions = { userId: number; userName: string; organisationId: string; invitations: TCreateOrganisationMemberInvitesRequestSchema['invitations']; }; /** * Invite organisation members via email to join a organisation. */ export const createOrganisationMemberInvites = async ({ userId, userName, organisationId, invitations, }: CreateOrganisationMemberInvitesOptions): Promise => { const organisation = await prisma.organisation.findFirst({ where: buildOrganisationWhereQuery( organisationId, userId, ORGANISATION_MEMBER_ROLE_PERMISSIONS_MAP['MANAGE_ORGANISATION'], ), include: { members: { select: { user: { select: { id: true, email: true, }, }, }, }, invites: true, organisationGlobalSettings: true, }, }); if (!organisation) { throw new AppError(AppErrorCode.NOT_FOUND); } const currentOrganisationMember = await prisma.organisationMember.findFirst({ where: { userId, organisationId, }, include: { organisationGroupMembers: { include: { group: true, }, }, }, }); if (!currentOrganisationMember) { throw new AppError(AppErrorCode.UNAUTHORIZED); } const currentOrganisationMemberRole = getHighestOrganisationRoleInGroup( currentOrganisationMember.organisationGroupMembers.map((member) => member.group), ); const organisationMemberEmails = organisation.members.map((member) => member.user.email); const organisationMemberInviteEmails = organisation.invites .filter((invite) => invite.status === OrganisationMemberInviteStatus.PENDING) .map((invite) => invite.email); if (!currentOrganisationMember) { throw new AppError(AppErrorCode.UNAUTHORIZED, { message: 'User not part of organisation.', }); } const usersToInvite = invitations.filter((invitation) => { // Filter out users that are already members of the organisation. if (organisationMemberEmails.includes(invitation.email)) { return false; } // Filter out users that have already been invited to the organisation. if (organisationMemberInviteEmails.includes(invitation.email)) { return false; } return true; }); const unauthorizedRoleAccess = usersToInvite.some( ({ organisationRole }) => !isOrganisationRoleWithinUserHierarchy(currentOrganisationMemberRole, organisationRole), ); if (unauthorizedRoleAccess) { throw new AppError(AppErrorCode.UNAUTHORIZED, { message: 'User does not have permission to set high level roles', }); } // Todo: (orgs) const organisationMemberInvites: Prisma.OrganisationMemberInviteCreateManyInput[] = usersToInvite.map(({ email, organisationRole }) => ({ email, organisationId, organisationRole, token: nanoid(32), })); console.log({ organisationMemberInvites, }); await prisma.organisationMemberInvite.createMany({ data: organisationMemberInvites, }); const sendEmailResult = await Promise.allSettled( organisationMemberInvites.map(async ({ email, token }) => sendOrganisationMemberInviteEmail({ email, token, organisation, senderName: userName, }), ), ); const sendEmailResultErrorList = sendEmailResult.filter( (result): result is PromiseRejectedResult => result.status === 'rejected', ); if (sendEmailResultErrorList.length > 0) { console.error(JSON.stringify(sendEmailResultErrorList)); throw new AppError('EmailDeliveryFailed', { message: 'Failed to send invite emails to one or more users.', userMessage: `Failed to send invites to ${sendEmailResultErrorList.length}/${organisationMemberInvites.length} users.`, }); } }; type SendOrganisationMemberInviteEmailOptions = { email: string; senderName: string; token: string; organisation: Organisation & { organisationGlobalSettings: OrganisationGlobalSettings; }; }; /** * Send an email to a user inviting them to join a organisation. */ export const sendOrganisationMemberInviteEmail = async ({ email, senderName, token, organisation, }: SendOrganisationMemberInviteEmailOptions) => { const template = createElement(OrganisationInviteEmailTemplate, { assetBaseUrl: NEXT_PUBLIC_WEBAPP_URL(), baseUrl: NEXT_PUBLIC_WEBAPP_URL(), senderName, token, organisationName: organisation.name, }); const branding = organisationGlobalSettingsToBranding( organisation.organisationGlobalSettings, organisation.id, ); const [html, text] = await Promise.all([ renderEmailWithI18N(template, { lang: organisation.organisationGlobalSettings.documentLanguage, branding, }), renderEmailWithI18N(template, { lang: organisation.organisationGlobalSettings.documentLanguage, branding, plainText: true, }), ]); const i18n = await getI18nInstance(organisation.organisationGlobalSettings.documentLanguage); await mailer.sendMail({ to: email, from: { name: FROM_NAME, address: FROM_ADDRESS, }, subject: i18n._(msg`You have been invited to join ${organisation.name} on Documenso`), html, text, }); };