Proposal Invite Accept Flow (#590)

Adds a landing screen for invite links to accept an invitation. The link
autoaccepts if the invite is valid and redirects to the proposal page.
We use a common /invite link so that users can communicate a single
invite link (a la Google) and we lookup a user's invite in the DB.

Author: scazan

apps/app/src/app/[locale]/(no-header)/decisions/[slug]/proposal/[profileId]/invite/route.ts

@@ -0,0 +1,24 @@
+import { createClient } from '@op/api/serverClient';
+import { OPURLConfig } from '@op/core';
+import { NextResponse } from 'next/server';
+
+export const GET = async (
+  _request: Request,
+  {
+    params,
+  }: {
+    params: Promise<{ locale: string; slug: string; profileId: string }>;
+  },
+) => {
+  const { slug, profileId } = await params;
+  const proposalUrl = `${OPURLConfig('APP').ENV_URL}/decisions/${slug}/proposal/${profileId}/edit`;
+
+  try {
+    const client = await createClient();
+    await client.decision.acceptProposalInvite({ profileId });
+  } catch {
+    // Redirect to the proposal page and let the natural access error occur
+  }
+
+  return NextResponse.redirect(proposalUrl);
+};

apps/app/src/components/decisions/ShareProposalModal.tsx

@@ -267,7 +267,18 @@ function ShareProposalModalContent({
 
   const handleCopyLink = async () => {
     try {
-      await navigator.clipboard.writeText(window.location.href);
+      // Build the invite link from the current URL up to /proposal/{profileId}
+      const path = window.location.pathname;
+      const proposalIndex = path.indexOf(`/proposal/${proposalProfileId}`);
+      const basePath =
+        proposalIndex !== -1
+          ? path.slice(
+              0,
+              proposalIndex + `/proposal/${proposalProfileId}`.length,
+            )
+          : path;
+      const inviteUrl = `${window.location.origin}${basePath}/invite`;
+      await navigator.clipboard.writeText(inviteUrl);
       toast.success({ message: t('Link copied to clipboard') });
     } catch {
       toast.error({ message: t('Failed to copy link') });

apps/app/src/lib/i18n/dictionaries/bn.json

@@ -660,5 +660,6 @@
   "Options cannot be empty": "বিকল্পগুলি খালি হতে পারে না",
   "Minimum must be less than or equal to maximum": "সর্বনিম্ন অবশ্যই সর্বোচ্চের সমান বা কম হতে হবে",
   "These are the categories you defined in": "এগুলি আপনার সংজ্ঞায়িত বিভাগগুলি",
-  "Set maximum budget": "সর্বোচ্চ বাজেট নির্ধারণ করুন"
+  "Set maximum budget": "সর্বোচ্চ বাজেট নির্ধারণ করুন",
+  "This invite is no longer valid": "এই আমন্ত্রণটি আর বৈধ নয়"
 }

apps/app/src/lib/i18n/dictionaries/en.json

@@ -653,5 +653,6 @@
   "Options cannot be empty": "Options cannot be empty",
   "Minimum must be less than or equal to maximum": "Minimum must be less than or equal to maximum",
   "These are the categories you defined in": "These are the categories you defined in",
-  "Set maximum budget": "Set maximum budget"
+  "Set maximum budget": "Set maximum budget",
+  "This invite is no longer valid": "This invite is no longer valid"
 }

apps/app/src/lib/i18n/dictionaries/es.json

@@ -652,5 +652,6 @@
   "Options cannot be empty": "Las opciones no pueden estar vacías",
   "Minimum must be less than or equal to maximum": "El mínimo debe ser menor o igual al máximo",
   "These are the categories you defined in": "Estas son las categorías que definiste en",
-  "Set maximum budget": "Establecer presupuesto máximo"
+  "Set maximum budget": "Establecer presupuesto máximo",
+  "This invite is no longer valid": "Esta invitación ya no es válida"
 }

apps/app/src/lib/i18n/dictionaries/fr.json

@@ -652,5 +652,6 @@
   "Options cannot be empty": "Les options ne peuvent pas être vides",
   "Minimum must be less than or equal to maximum": "Le minimum doit être inférieur ou égal au maximum",
   "These are the categories you defined in": "Ce sont les catégories que vous avez définies dans",
-  "Set maximum budget": "Définir le budget maximum"
+  "Set maximum budget": "Définir le budget maximum",
+  "This invite is no longer valid": "Cette invitation n'est plus valide"
 }

apps/app/src/lib/i18n/dictionaries/pt.json

@@ -648,5 +648,6 @@
   "Options cannot be empty": "As opções não podem estar vazias",
   "Minimum must be less than or equal to maximum": "O mínimo deve ser menor ou igual ao máximo",
   "These are the categories you defined in": "Estas são as categorias que você definiu em",
-  "Set maximum budget": "Definir orçamento máximo"
+  "Set maximum budget": "Definir orçamento máximo",
+  "This invite is no longer valid": "Este convite não é mais válido"
 }

packages/common/src/services/access/index.ts

@@ -4,7 +4,7 @@ import type { Profile, ProfileUser } from '@op/db/schema';
 import { organizations, users } from '@op/db/schema';
 import type { User } from '@op/supabase/lib';
 import type { AccessZonePermission, NormalizedRole } from 'access-zones';
-import { assertAccess, checkPermission } from 'access-zones';
+import { checkPermission } from 'access-zones';
 import { z } from 'zod';
 
 import { UnauthorizedError } from '../../utils/error';
@@ -198,7 +198,9 @@ export const assertInstanceProfileAccess = async ({
       organizationId: org[0].id,
     });
 
-    assertAccess(orgFallbackPermissions, orgUser?.roles ?? []);
+    if (!checkPermission(orgFallbackPermissions, orgUser?.roles ?? [])) {
+      throw new UnauthorizedError("You don't have access to do this");
+    }
   }
 };
 

packages/common/src/services/decision/acceptProposalInvite.ts

@@ -18,10 +18,10 @@ import {
  * of the parent decision process
  */
 export const acceptProposalInvite = async ({
-  inviteId,
+  profileId: proposalProfileId,
   user,
 }: {
-  inviteId: string;
+  profileId: string;
   user: User;
 }) => {
   const email = user.email;
@@ -31,21 +31,21 @@ export const acceptProposalInvite = async ({
   }
 
   const invite = await db.query.profileInvites.findFirst({
-    where: { id: inviteId },
+    where: {
+      profileId: proposalProfileId,
+      email: email.toLowerCase(),
+      acceptedOn: { isNull: true },
+    },
   });
 
   if (!invite) {
-    throw new NotFoundError('Invite', inviteId);
+    throw new NotFoundError('No pending invite found for this proposal');
   }
 
   if (invite.acceptedOn) {
     throw new ConflictError('This invite has already been accepted');
   }
 
-  if (invite.email.toLowerCase() !== email.toLowerCase()) {
-    throw new UnauthorizedError('This invite is for a different email address');
-  }
-
   // Check user isn't already a member of the proposal profile
   const existingProposalMembership = await db.query.profileUsers.findFirst({
     where: { profileId: invite.profileId, authUserId: user.id },
@@ -140,7 +140,7 @@ export const acceptProposalInvite = async ({
       tx
         .update(profileInvites)
         .set({ acceptedOn: now })
-        .where(eq(profileInvites.id, inviteId)),
+        .where(eq(profileInvites.id, invite.id)),
     ];
 
     if (decisionProfileUser) {

packages/common/src/services/decision/getProposal.ts

@@ -7,18 +7,16 @@ import type {
 } from '@op/db/schema';
 import {
   ProfileRelationshipType,
-  organizations,
   posts,
   postsToProfiles,
-  processInstances,
   profileRelationships,
 } from '@op/db/schema';
 import type { User } from '@op/supabase/lib';
 import { createSBServiceClient } from '@op/supabase/server';
 import { checkPermission, permission } from 'access-zones';
 
 import { NotFoundError, UnauthorizedError } from '../../utils';
-import { getOrgAccessUser } from '../access';
+import { getProfileAccessUser } from '../access';
 import { assertUserByAuthId } from '../assert';
 import { generateProposalHtml } from './generateProposalHtml';
 import {
@@ -242,36 +240,17 @@ export const getPermissionsOnProposal = async ({
     }
   }
 
-  // If it's not already editable, then check admin permissions to see if we can still make it editable
-  if (
-    !isEditable &&
-    proposal.processInstance &&
-    'id' in proposal.processInstance
-  ) {
-    // Get the organization for the process instance
-    const instanceOrg = await db
-      .select({
-        id: organizations.id,
-      })
-      .from(organizations)
-      .leftJoin(
-        processInstances,
-        eq(organizations.profileId, processInstances.ownerProfileId),
-      )
-      .where(eq(processInstances.id, proposal.processInstance.id))
-      .limit(1);
+  // If it's not already editable, check profile-level edit permission
+  if (!isEditable && proposal.processInstance?.profileId) {
+    const profileUser = await getProfileAccessUser({
+      user,
+      profileId: proposal.processInstance.profileId,
+    });
 
-    if (instanceOrg[0]) {
-      const orgUser = await getOrgAccessUser({
-        user,
-        organizationId: instanceOrg[0].id,
-      });
-
-      isEditable = checkPermission(
-        { decisions: permission.ADMIN },
-        orgUser?.roles ?? [],
-      );
-    }
+    isEditable = checkPermission(
+      { profile: permission.UPDATE },
+      profileUser?.roles ?? [],
+    );
   }
 
   return isEditable;