diff --git a/components/providers/workspace-provider.tsx b/components/providers/workspace-provider.tsx index c8cd86d..88d260b 100644 --- a/components/providers/workspace-provider.tsx +++ b/components/providers/workspace-provider.tsx @@ -310,11 +310,8 @@ export const WorkspaceProvider: React.FC = ({ ); setProjects(activeProjects); - // Load current user's permissions - const me = await authApi.me(); - const membersResponse = await membersApi.list(workspaceId, { size: 100 }); - // Find member by user.id (not by member record id) - const currentMember = membersResponse.items.find((m) => m.user.id === me.id); + // Load current user's permissions using the dedicated endpoint + const currentMember = await membersApi.getCurrentMember(workspaceId); if (currentMember) { // If member found but no permissions, they're likely the creator - grant admin @@ -324,13 +321,8 @@ export const WorkspaceProvider: React.FC = ({ setPermissions(currentMember.permissions); } } else { - // User not in members list - might be creator, check if only workspace - // Grant admin access by default for workspace creators - if (membersResponse.items.length === 0) { - setPermissions([{ key: "admin_full" }]); - } else { - setPermissions([]); - } + // User is not a member of this workspace - no permissions + setPermissions([]); } // Restore selected projects from localStorage @@ -473,20 +465,15 @@ export const WorkspaceProvider: React.FC = ({ // Load permissions for the target workspace try { - const me = await authApi.me(); - const membersResponse = await membersApi.list(workspaceId, { size: 100 }); - const member = membersResponse.items.find((m) => m.user.id === me.id); + const currentMember = await membersApi.getCurrentMember(workspaceId); - if (!member) { - // Check if user is creator (members list is empty or this is first member) - if (membersResponse.items.length === 0) { - return true; - } + if (!currentMember) { + // User is not a member of this workspace return false; } // Check if has admin_full permission - return member.permissions.some((p) => p.key === "admin_full"); + return currentMember.permissions.some((p) => p.key === "admin_full"); } catch (err) { console.error("Failed to check workspace permissions:", err); return false; diff --git a/lib/api/members.ts b/lib/api/members.ts index 7409c6c..9402231 100644 --- a/lib/api/members.ts +++ b/lib/api/members.ts @@ -12,7 +12,15 @@ import type { export const membersApi = { /** - * Get list of workspace members + * Get current user's membership and permissions (any member can access) + */ + getCurrentMember: (workspaceId: string) => + api.get( + `/workspaces/${workspaceId}/members/me` + ), + + /** + * Get list of workspace members (requires ADMIN_FULL) */ list: (workspaceId: string, params?: PaginationParams) => api.get>( @@ -20,12 +28,12 @@ export const membersApi = { { params } ), -/** - * Update member permissions - * @param workspaceId - workspace id - * @param workspaceUserId - workspace_user.id (not user.id!) - * @param data - permissions to update - */ + /** + * Update member permissions + * @param workspaceId - workspace id + * @param workspaceUserId - workspace_user.id (not user.id!) + * @param data - permissions to update + */ updatePermissions: ( workspaceId: string, workspaceUserId: string,