Spaces:

gaurv007
/

ClauseGuard

Sleeping

App Files Files Community

gaurv007 commited on 15 days ago

Commit

b360975

verified ·

1 Parent(s): 7bfd66b

v4.1: Fix /api/me — Infinity → 999999 in JSON, add all capability flags

Browse files

Files changed (1) hide show

web/app/api/me/route.ts +30 -8

web/app/api/me/route.ts CHANGED Viewed

@@ -5,7 +5,7 @@ import { createClient } from "@/lib/supabase/server";
  * GET /api/me
  * Returns the current user's profile from DB.
  * Used by client components (analyze page, etc.) to determine plan, role, usage.
- * No hardcoded emails — everything comes from the database.
  */
 export async function GET(req: NextRequest) {
   try {
@@ -19,17 +19,27 @@ export async function GET(req: NextRequest) {
         role: "user",
         isAdmin: false,
         analyses_this_month: 0,
       });
     }
     const { data: profile } = await supabase
       .from("profiles")
-      .select("plan, role, is_banned, analyses_this_month, full_name, email")
       .eq("id", user.id)
       .single();
     const plan = profile?.plan || "free";
     const role = profile?.role || "user";
     return NextResponse.json({
       authenticated: true,
@@ -38,14 +48,20 @@ export async function GET(req: NextRequest) {
       full_name: profile?.full_name || "",
       plan,
       role,
-      isAdmin: role === "admin",
       is_banned: profile?.is_banned || false,
       analyses_this_month: profile?.analyses_this_month || 0,
-      // Admins get unlimited everything
-      scan_limit: role === "admin" ? Infinity : plan === "free" ? 10 : Infinity,
-      can_upload: role === "admin" || plan !== "free",
-      can_compare: role === "admin" || plan !== "free",
-      can_export_pdf: role === "admin" || plan !== "free",
     });
   } catch (error) {
     return NextResponse.json({
@@ -54,6 +70,12 @@ export async function GET(req: NextRequest) {
       role: "user",
       isAdmin: false,
       analyses_this_month: 0,
     });
   }
 }

  * GET /api/me
  * Returns the current user's profile from DB.
  * Used by client components (analyze page, etc.) to determine plan, role, usage.
+ * Admin gets FULL access to everything — no limits, no restrictions.
  */
 export async function GET(req: NextRequest) {
   try {
         role: "user",
         isAdmin: false,
         analyses_this_month: 0,
+        scan_limit: 10,
+        can_upload: false,
+        can_compare: false,
+        can_export_pdf: false,
+        can_chat: false,
+        can_redline_llm: false,
       });
     }
     const { data: profile } = await supabase
       .from("profiles")
+      .select("plan, role, is_banned, analyses_this_month, full_name, email, team_id, created_at")
       .eq("id", user.id)
       .single();
     const plan = profile?.plan || "free";
     const role = profile?.role || "user";
+    const isAdmin = role === "admin";
+    // Admin gets EVERYTHING — no limits, no restrictions, period.
+    const hasFullAccess = isAdmin || plan !== "free";
     return NextResponse.json({
       authenticated: true,
       full_name: profile?.full_name || "",
       plan,
       role,
+      isAdmin,
       is_banned: profile?.is_banned || false,
       analyses_this_month: profile?.analyses_this_month || 0,
+      team_id: profile?.team_id || null,
+      created_at: profile?.created_at || null,
+      // Use 999999 instead of Infinity (not valid JSON)
+      scan_limit: isAdmin ? 999999 : plan === "free" ? 10 : 999999,
+      can_upload: hasFullAccess,
+      can_compare: hasFullAccess,
+      can_export_pdf: hasFullAccess,
+      can_chat: hasFullAccess,
+      can_redline_llm: hasFullAccess,
+      can_api_keys: hasFullAccess,
+      can_team: isAdmin || plan === "team",
     });
   } catch (error) {
     return NextResponse.json({
       role: "user",
       isAdmin: false,
       analyses_this_month: 0,
+      scan_limit: 10,
+      can_upload: false,
+      can_compare: false,
+      can_export_pdf: false,
+      can_chat: false,
+      can_redline_llm: false,
     });
   }
 }