Jacob
Jacob
Explore posts from servers
CDCloudflare DevelopersBABetter Auth
PostsComments
BABetter Auth
Created by Jacob on 3/23/2025 in #bug-reports
The field "teamId" does not exist in the "invitation" schema.
The public docs page needs an update to show this field in the schema for people not using the schema generation tool: https://www.better-auth.com/docs/plugins/organization
3 replies
BABetter Auth
Created by Jacob on 3/23/2025 in #help
Organization inviteMember - Not Allowed to Invite
I keep getting a 403 - "YOU_ARE_NOT_ALLOWED_TO_INVITE_USERS_TO_THIS_ORGANIZATION" This is a client component. User fills in the form to invite 
      const activeMember = await authClient.organization.getActiveMember();
      console.log("activeMember", activeMember);

      if (
        !activeMember.data?.role ||
        !["owner", "admin"].includes(activeMember.data.role)
      ) {
        toast.error("You don't have permission to invite members");
        return;
      }

      const hasPermission = await authClient.organization.hasPermission({
        permission: { member: ["invite"] },
      });
      console.log("hasPermission", hasPermission);

      if (!hasPermission.data) {
        toast.error("You don't have permission to invite members");
        return;
      }

      const response = await authClient.organization.inviteMember({
        email: emailInput.value,
        role: roleSelect.value as "admin" | "member",
        organizationId
      });
      const activeMember = await authClient.organization.getActiveMember();
      console.log("activeMember", activeMember);

      if (
        !activeMember.data?.role ||
        !["owner", "admin"].includes(activeMember.data.role)
      ) {
        toast.error("You don't have permission to invite members");
        return;
      }

      const hasPermission = await authClient.organization.hasPermission({
        permission: { member: ["invite"] },
      });
      console.log("hasPermission", hasPermission);

      if (!hasPermission.data) {
        toast.error("You don't have permission to invite members");
        return;
      }

      const response = await authClient.organization.inviteMember({
        email: emailInput.value,
        role: roleSelect.value as "admin" | "member",
        organizationId
      });
My permissions file: 
const statement = {
  organization: ["view", "update", "delete", "manage_billing"],
  app: ["view", "connect", "disconnect", "configure"],
  member: [
    "invite",
    "remove",
    "update_role",
    "manage_app_permissions",
    "manage_licenses",
  ],
} as const;

const ac = createAccessControl(statement);

// Organization owner - has full access to everything
const owner = ac.newRole({
  organization: ["view", "update", "delete", "manage_billing"],
  app: ["view", "connect", "disconnect", "configure"],
  member: [
    "invite",
    "remove",
    "update_role",
    "manage_app_permissions",
    "manage_licenses",
  ],
});
const statement = {
  organization: ["view", "update", "delete", "manage_billing"],
  app: ["view", "connect", "disconnect", "configure"],
  member: [
    "invite",
    "remove",
    "update_role",
    "manage_app_permissions",
    "manage_licenses",
  ],
} as const;

const ac = createAccessControl(statement);

// Organization owner - has full access to everything
const owner = ac.newRole({
  organization: ["view", "update", "delete", "manage_billing"],
  app: ["view", "connect", "disconnect", "configure"],
  member: [
    "invite",
    "remove",
    "update_role",
    "manage_app_permissions",
    "manage_licenses",
  ],
});
Not sure whats up. Checked user role and permissions and its good. activeMember reads out: 
activeMember:  {
  id: '123',
  organizationId: '123',
  userId: '123',
  role: 'owner',
  createdAt: 2025-03-20T03:43:43.728Z,
  user: {
    id: '123',
    name: 'scrubbed',
    email: 'scrubbed',
    image: 'scrubbed'
  }
}
activeMember:  {
  id: '123',
  organizationId: '123',
  userId: '123',
  role: 'owner',
  createdAt: 2025-03-20T03:43:43.728Z,
  user: {
    id: '123',
    name: 'scrubbed',
    email: 'scrubbed',
    image: 'scrubbed'
  }
}
4 replies
CDCloudflare Developers
Created by Jacob on 2/13/2025 in #workers-help
Worker KV Not Binding
I converted a worker from UI to use github/local to push the code. That sync process is working fine to deploy it. The issue is the KV bindings are not holding. If I manually add the KV in the UI then it works, but on next deployment it wipes out the bindings in the UI. My toml: 
name = "auth"
account_id = "123"
workers_dev = true
compatibility_date = "2025-02-10"
compatibility_flags = [ "nodejs_compat" ]

main = "./index.js"

[tail_consumers]
service = "tail"

[observability.logs]
enabled = true

kv_namespaces = [
  { binding = "CURATED_EMAIL", id = "abc", preview_id = "abc" }
]
name = "auth"
account_id = "123"
workers_dev = true
compatibility_date = "2025-02-10"
compatibility_flags = [ "nodejs_compat" ]

main = "./index.js"

[tail_consumers]
service = "tail"

[observability.logs]
enabled = true

kv_namespaces = [
  { binding = "CURATED_EMAIL", id = "abc", preview_id = "abc" }
]
I noticed when testing locally with wrangler dev it doesnt pickup these bindings either. I have setup my worker to handle multiple routes: 
//index.js
import { registration } from './registration.js';

export default {
    async fetch(request, env) {
        const url = new URL(request.url);

        if (url.pathname === '/registration') {
            return registration(request, env);
        }

        return new Response('Not Found', { status: 404 });
    },
};
//index.js
import { registration } from './registration.js';

export default {
    async fetch(request, env) {
        const url = new URL(request.url);

        if (url.pathname === '/registration') {
            return registration(request, env);
        }

        return new Response('Not Found', { status: 404 });
    },
};
And route: 
export async function registration(request, env) {
    // Convert env object to JSON-safe format
    // Changed
    const envBindings = {};
    for (const key in env) {
        envBindings[key] = typeof env[key]; // Show the type of each binding
    }

    console.log('Available Environment Bindings:', JSON.stringify(envBindings, null, 2));

    // Explicitly check if CURATED_EMAIL exists
    if (!env.CURATED_EMAIL) {
        console.error('ERROR: `CURATED_EMAIL` KV binding is missing in `env`!');
    } else {
        console.log('CURATED_EMAIL KV binding exists!');
    }
export async function registration(request, env) {
    // Convert env object to JSON-safe format
    // Changed
    const envBindings = {};
    for (const key in env) {
        envBindings[key] = typeof env[key]; // Show the type of each binding
    }

    console.log('Available Environment Bindings:', JSON.stringify(envBindings, null, 2));

    // Explicitly check if CURATED_EMAIL exists
    if (!env.CURATED_EMAIL) {
        console.error('ERROR: `CURATED_EMAIL` KV binding is missing in `env`!');
    } else {
        console.log('CURATED_EMAIL KV binding exists!');
    }
Everything works fine if I manually add the kv in the UI under worker settings. But I cant get the toml to deploy and actually work. Wipes it out every deployment 😦 Anybody got a clue?
11 replies