From e48615e7130f0c6a41345db3ace8dcaa4acd847f Mon Sep 17 00:00:00 2001
From: hailin <hailin.zhao@gdzx.xyz>
Date: Sat, 7 Mar 2026 05:39:52 -0800
Subject: [PATCH] fix(auth): fix listMembers response shape and updateMember
 role sync

- listMembers was returning { data, total } but frontend expects TenantMember[]
  directly, causing members.map is not a function crash on the detail page.
- updateMember now also syncs role changes to public.users so the new role
  takes effect the next time the user logs in (JWT is generated from public.users).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .../interfaces/rest/controllers/tenant.controller.ts   | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/packages/services/auth-service/src/interfaces/rest/controllers/tenant.controller.ts b/packages/services/auth-service/src/interfaces/rest/controllers/tenant.controller.ts
index 5552158..ce2aee2 100644
--- a/packages/services/auth-service/src/interfaces/rest/controllers/tenant.controller.ts
+++ b/packages/services/auth-service/src/interfaces/rest/controllers/tenant.controller.ts
@@ -170,14 +170,13 @@ export class TenantController {
       const rows = await qr.query(
         `SELECT id, email, name, roles, is_active, created_at FROM users ORDER BY created_at ASC`,
       );
-      const data = rows.map((row: any) => ({
+      return rows.map((row: any) => ({
         id: row.id,
         email: row.email,
         name: row.name,
         role: this.parseRole(row.roles),
         joinedAt: row.created_at,
       }));
-      return { data, total: data.length };
     } finally {
       await qr.release();
     }
@@ -230,6 +229,13 @@ export class TenantController {
           `UPDATE users SET ${updates.join(', ')} WHERE id = $${idx}`,
           params,
         );
+        // Sync role change to public.users so it takes effect on next login
+        if (body.role) {
+          await this.dataSource.query(
+            `UPDATE public.users SET roles = $1, updated_at = NOW() WHERE id = $2`,
+            [[body.role], memberId],
+          );
+        }
       }
 
       const updated = await qr.query(