k4rli/medreport_mrb2b
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(MED-131): check permissions for 'audit' schema

Browse Source
This commit is contained in:
Karli
2025-08-04 16:51:12 +03:00
parent 4b198cd10c
commit ff3335d331
1 changed files with 4 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
lib/services/medusaCart.service.ts
View File

@@ -2,7 +2,7 @@
import { z } from 'zod';
import { loadCurrentUserAccount } from '@/app/home/(user)/_lib/server/load-user-account';
import { getSupabaseServerClient } from '@kit/supabase/server-client';
import { getSupabaseServerAdminClient } from '@kit/supabase/server-admin-client';
import { addToCart, deleteLineItem, retrieveCart } from '@lib/data/cart';
import { StoreCartLineItem, StoreProductVariant } from '@medusajs/types';
import { MontonioOrderHandlerService } from '@/packages/billing/montonio/src';
@@ -36,7 +36,6 @@ export async function handleAddToCart({
selectedVariant: StoreProductVariant
countryCode: string
}) {
const supabase = getSupabaseServerClient();
const user = await requireUserInServerComponent();
const account = await loadCurrentUserAccount()
if (!account) {
@@ -50,7 +49,7 @@ export async function handleAddToCart({
countryCode,
});
const { error } = await supabase
const { error } = await getSupabaseServerAdminClient()
.schema('audit')
.from('cart_entries')
.insert({
@@ -68,7 +67,6 @@ export async function handleAddToCart({
}
export async function handleNavigateToPayment({ language, paymentSessionId }: { language: string, paymentSessionId: string }) {
const supabase = getSupabaseServerClient();
const user = await requireUserInServerComponent();
const account = await loadCurrentUserAccount()
if (!account) {
@@ -90,7 +88,7 @@ export async function handleNavigateToPayment({ language, paymentSessionId }: {
merchantReference: `${account.id}:${paymentSessionId}:${cart.id}`,
});
const { error } = await supabase
const { error } = await getSupabaseServerAdminClient()
.schema('audit')
.from('cart_entries')
.insert({
@@ -111,7 +109,6 @@ export async function handleLineItemTimeout({
}: {
lineItem: StoreCartLineItem
}) {
const supabase = getSupabaseServerClient();
const user = await requireUserInServerComponent();
const account = await loadCurrentUserAccount()
if (!account) {
@@ -120,7 +117,7 @@ export async function handleLineItemTimeout({
await deleteLineItem(lineItem.id);
const { error } = await supabase
const { error } = await getSupabaseServerAdminClient()
.schema('audit')
.from('cart_entries')
.insert({