fix(web): use auth context prisma instead of global import in audit and userManagement actions

brendan-kellam · claude · brendan-kellam · commit 088001ca77bc · 2026-04-01T19:02:50.000-07:00
Replace direct @/prisma imports with the prisma instance from the
withAuth callback to ensure userScopedPrismaClientExtension is applied.

Co-Authored-By: Claude Opus 4.6 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/packages/web/src/ee/features/audit/actions.ts b/packages/web/src/ee/features/audit/actions.ts
@@ -4,7 +4,6 @@ import { sew } from "@/middleware/sew";
 import { getAuditService } from "@/ee/features/audit/factory";
 import { ErrorCode } from "@/lib/errorCodes";
 import { ServiceError } from "@/lib/serviceError";
-import { prisma } from "@/prisma";
 import { withAuth } from "@/middleware/withAuth";
 import { withMinimumOrgRole } from "@/middleware/withMinimumOrgRole";
 import { createLogger } from "@sourcebot/shared";
@@ -34,7 +33,7 @@ export interface FetchAuditRecordsParams {
 }
 
 export const fetchAuditRecords = async (params: FetchAuditRecordsParams) => sew(() =>
-    withAuth(async ({ user, org, role }) =>
+    withAuth(async ({ user, org, role, prisma }) =>
         withMinimumOrgRole(role, OrgRole.OWNER, async () => {
             try {
                 const where = {
diff --git a/packages/web/src/ee/features/userManagement/actions.ts b/packages/web/src/ee/features/userManagement/actions.ts
@@ -4,7 +4,6 @@ import { sew } from "@/middleware/sew";
 import { getAuditService } from "@/ee/features/audit/factory";
 import { ErrorCode } from "@/lib/errorCodes";
 import { notFound, ServiceError } from "@/lib/serviceError";
-import { prisma } from "@/prisma";
 import { withAuth } from "@/middleware/withAuth";
 import { withMinimumOrgRole } from "@/middleware/withMinimumOrgRole";
 import { OrgRole, Prisma } from "@sourcebot/db";
@@ -20,7 +19,7 @@ const orgManagementNotAvailable = (): ServiceError => ({
 });
 
 export const promoteToOwner = async (memberId: string): Promise<{ success: boolean } | ServiceError> => sew(() =>
-    withAuth(async ({ user, org, role }) =>
+    withAuth(async ({ user, org, role, prisma }) =>
         withMinimumOrgRole(role, OrgRole.OWNER, async () => {
             if (!hasEntitlement('org-management')) {
                 return orgManagementNotAvailable();
@@ -82,7 +81,7 @@ export const promoteToOwner = async (memberId: string): Promise<{ success: boole
 );
 
 export const demoteToMember = async (memberId: string): Promise<{ success: boolean } | ServiceError> => sew(() =>
-    withAuth(async ({ user, org, role }) =>
+    withAuth(async ({ user, org, role, prisma }) =>
         withMinimumOrgRole(role, OrgRole.OWNER, async () => {
             if (!hasEntitlement('org-management')) {
                 return orgManagementNotAvailable();
