feat: add POST /api/workspaces endpoint with centralized auth validation

[sidneyswift]

Note: this description was inadvertently overwritten on 2026-04-17 and has been reconstructed from the commit history and diff. Original author @sidneyswift — the original wording is not recoverable via the GitHub API. Please amend if this differs from the intent.

Summary

• Adds POST /api/workspaces endpoint backed by lib/workspaces/createWorkspacePostHandler.ts, lib/workspaces/createWorkspaceInDb.ts, and lib/workspaces/validateCreateWorkspaceBody.ts
• Introduces lib/supabase/account_workspace_ids/insertAccountWorkspaceId.ts to persist the caller's membership when a workspace is created
• Extracts validateAccountIdOverride into its own file (lib/auth/validateAccountIdOverride.ts) and wires it into lib/auth/validateAuthContext.ts, following SRP
• Updates tests: lib/auth/__tests__/validateAuthContext.test.ts, lib/artists/__tests__/{createArtistPostHandler,validateCreateArtistBody}.test.ts, lib/chat/__tests__/{handleChatGenerate,validateChatRequest}.test.ts, including mocking setupConversation to fix Supabase env errors during chat tests

Commits

• feat: add POST /api/workspaces endpoint with centralized auth validation
• refactor: extract validateAccountIdOverride to own file (SRP)
• test: mock setupConversation to fix Supabase env errors

Test plan

• New and updated unit tests pass
• Vercel preview deploys

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
recoup-api	Ready	Preview	Jan 20, 2026 7:56pm

[sweetmantech]

SRP

• actual: validateAccountIdOverride defined in file named lib/auth/validateAuthContext.ts
• required: new lib for validateAccountIdOverride

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[vercel]

Workspace accounts are being added to artist_organization_ids table instead of account_organization_ids table, causing workspace visibility and database constraint issues in organizations.

View Details

📝 Patch Details

diff --git a/lib/workspaces/createWorkspaceInDb.ts b/lib/workspaces/createWorkspaceInDb.ts
index d7684c5..ebd591e 100644
--- a/lib/workspaces/createWorkspaceInDb.ts
+++ b/lib/workspaces/createWorkspaceInDb.ts
@@ -5,7 +5,7 @@ import {
   type AccountWithSocials,
 } from "@/lib/supabase/accounts/selectAccountWithSocials";
 import { insertAccountWorkspaceId } from "@/lib/supabase/account_workspace_ids/insertAccountWorkspaceId";
-import { addArtistToOrganization } from "@/lib/supabase/artist_organization_ids/addArtistToOrganization";
+import { addAccountToOrganization } from "@/lib/supabase/account_organization_ids/addAccountToOrganization";
 
 /**
  * Result of creating a workspace in the database.
@@ -41,7 +41,7 @@ export async function createWorkspaceInDb(
     if (!linkId) return null;
 
     if (organizationId) {
-      await addArtistToOrganization(account.id, organizationId);
+      await addAccountToOrganization(account.id, organizationId);
     }
 
     return {

Analysis

Bug Explanation

The workspace creation code incorrectly uses addArtistToOrganization() which inserts workspace records into the artist_organization_ids table. This is semantically wrong because:

1. Workspace semantics: Workspaces are workspace-type accounts that should be associated with organizations at the account level (using account_organization_ids), not the artist level (using artist_organization_ids).

2. Pattern in codebase:

   • Organizations are created as accounts and use addAccountToOrganization() to insert into account_organization_ids
   • Artists are created as accounts and use addArtistToOrganization() to insert into artist_organization_ids
   • Workspaces are created as accounts but incorrectly use addArtistToOrganization() which is meant only for artist-type accounts

3. Database schema confirms the semantic difference:

   • artist_organization_ids table has column artist_id (specific to artist accounts)
   • account_organization_ids table has column account_id (generic for any account type)

4. Impact:

   • Workspaces are inserted into the wrong table (artist_organization_ids instead of account_organization_ids)
   • This breaks workspace visibility in organization views (which query account_organization_ids)
   • Violates semantic correctness - workspaces are account-level entities, not artist-level entities

Fix Explanation

The fix involved two changes to lib/workspaces/createWorkspaceInDb.ts:

1. Changed import: Replaced import { addArtistToOrganization } with import { addAccountToOrganization }

2. Changed function call at line 43: Replaced await addArtistToOrganization(account.id, organizationId) with await addAccountToOrganization(account.id, organizationId)

This ensures that when a workspace is created with an organization_id, it is correctly inserted into the account_organization_ids table, aligning with how other account-level entities (like organizations themselves) are associated with organizations. This restores proper workspace visibility within organizations and prevents database constraint issues.

[cursor]

You have run out of free Bugbot PR reviews for this billing cycle. This will reset on February 17.

To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.