From 5f0934acc0f7dde119be9f0a42a42742ec128377 Mon Sep 17 00:00:00 2001
From: Mohamed Bassem <me@mbassem.com>
Date: Sun, 23 Nov 2025 00:54:38 +0000
Subject: feat: Add invitation approval for shared lists (#2152)

* feat: Add invitation approval system for collaborative lists

- Add database schema changes to support pending invitations
  - Add status field (pending/accepted/declined) to listCollaborators
  - Add invitedAt and invitedEmail fields for tracking
  - Add index on status for efficient queries

- Update List model with invitation workflow methods
  - Modify addCollaboratorByEmail to create pending invitations
  - Add acceptInvitation() for users to accept invites
  - Add declineInvitation() for users to decline invites
  - Add revokeInvitation() for owners to revoke pending invites
  - Add getPendingInvitations() to get user's pending invites

- Implement privacy protection for pending invitations
  - Mask user names as "Pending User" until invitation is accepted
  - Only show email to list owner for pending invitations

- Update getSharedWithUser to only include accepted collaborations
  - Ensures lists only appear after invitation is accepted

* feat: Add tRPC procedures and email notifications for list invitations

- Add new tRPC procedures for invitation workflow
  - acceptInvitation: Allow users to accept pending invitations
  - declineInvitation: Allow users to decline invitations
  - revokeInvitation: Allow owners to revoke pending invitations
  - getPendingInvitations: Get all pending invitations for current user

- Update getCollaborators output schema
  - Add status, invitedAt fields to collaborator objects
  - Support privacy-masked user info for pending invitations

- Add sendListInvitationEmail function
  - Email notification when user is invited to collaborate
  - Includes list name, inviter name, and link to view invitation
  - Gracefully handles missing SMTP configuration

- Integrate email sending into invitation workflow
  - Send email when new invitation is created
  - Send email when declined invitation is renewed
  - Catch and log errors without failing the invitation

* feat: Add UI for list invitation approval workflow

- Update ManageCollaboratorsModal to support pending invitations
  - Show "Pending" badge for pending invitations
  - Add revoke button for owners to cancel pending invitations
  - Update success message to reflect invitation sent
  - Disable role change and remove buttons for pending invitations

- Create PendingInvitationsCard component
  - Display all pending invitations for the current user
  - Show list name, description, inviter, and role
  - Provide Accept and Decline buttons
  - Auto-hide when no pending invitations exist

- Add PendingInvitationsCard to lists page
  - Show at the top of the lists page
  - Only renders when user has pending invitations

* fix: Add missing translation keys and fix TypeScript errors

- Add translation keys for invitation system
  - lists.collaborators.invitation_sent
  - lists.collaborators.pending
  - lists.collaborators.revoke
  - lists.collaborators.invitation_revoked
  - lists.collaborators.failed_to_revoke
  - lists.invitations.* (all invitation-related keys)

- Fix TypeScript errors in email sending
  - Handle optional user.name with fallback to 'A user'

* wip

* fixes

* more fixes

* fix revoke

* more improvements

* comment fix

* fix email url

* fix schemas

* split pending invites into components

* more fixes

* test

* test fixes

---------

Co-authored-by: Claude <noreply@anthropic.com>
---
 packages/trpc/routers/lists.ts | 92 +++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 91 insertions(+), 1 deletion(-)

(limited to 'packages/trpc/routers/lists.ts')

diff --git a/packages/trpc/routers/lists.ts b/packages/trpc/routers/lists.ts
index c9a19f30..5eb0baff 100644
--- a/packages/trpc/routers/lists.ts
+++ b/packages/trpc/routers/lists.ts
@@ -10,6 +10,7 @@ import {
 
 import type { AuthedContext } from "../index";
 import { authedProcedure, createRateLimitMiddleware, router } from "../index";
+import { ListInvitation } from "../models/listInvitations";
 import { List } from "../models/lists";
 import { ensureBookmarkOwnership } from "./bookmarks";
 
@@ -47,6 +48,22 @@ export const ensureListAtLeastOwner = experimental_trpcMiddleware<{
   });
 });
 
+export const ensureInvitationAccess = experimental_trpcMiddleware<{
+  ctx: AuthedContext;
+  input: { invitationId: string };
+}>().create(async (opts) => {
+  const invitation = await ListInvitation.fromId(
+    opts.ctx,
+    opts.input.invitationId,
+  );
+  return opts.next({
+    ctx: {
+      ...opts.ctx,
+      invitation,
+    },
+  });
+});
+
 export const listsAppRouter = router({
   create: authedProcedure
     .input(zNewBookmarkListSchema)
@@ -218,6 +235,11 @@ export const listsAppRouter = router({
         role: z.enum(["viewer", "editor"]),
       }),
     )
+    .output(
+      z.object({
+        invitationId: z.string(),
+      }),
+    )
     .use(
       createRateLimitMiddleware({
         name: "lists.addCollaborator",
@@ -228,7 +250,12 @@ export const listsAppRouter = router({
     .use(ensureListAtLeastViewer)
     .use(ensureListAtLeastOwner)
     .mutation(async ({ input, ctx }) => {
-      await ctx.list.addCollaboratorByEmail(input.email, input.role);
+      return {
+        invitationId: await ctx.list.addCollaboratorByEmail(
+          input.email,
+          input.role,
+        ),
+      };
     }),
   removeCollaborator: authedProcedure
     .input(
@@ -268,7 +295,9 @@ export const listsAppRouter = router({
             id: z.string(),
             userId: z.string(),
             role: z.enum(["viewer", "editor"]),
+            status: z.enum(["pending", "accepted", "declined"]),
             addedAt: z.date(),
+            invitedAt: z.date(),
             user: z.object({
               id: z.string(),
               name: z.string(),
@@ -290,6 +319,67 @@ export const listsAppRouter = router({
       return await ctx.list.getCollaborators();
     }),
 
+  acceptInvitation: authedProcedure
+    .input(
+      z.object({
+        invitationId: z.string(),
+      }),
+    )
+    .use(ensureInvitationAccess)
+    .mutation(async ({ ctx }) => {
+      await ctx.invitation.accept();
+    }),
+
+  declineInvitation: authedProcedure
+    .input(
+      z.object({
+        invitationId: z.string(),
+      }),
+    )
+    .use(ensureInvitationAccess)
+    .mutation(async ({ ctx }) => {
+      await ctx.invitation.decline();
+    }),
+
+  revokeInvitation: authedProcedure
+    .input(
+      z.object({
+        invitationId: z.string(),
+      }),
+    )
+    .use(ensureInvitationAccess)
+    .mutation(async ({ ctx }) => {
+      await ctx.invitation.revoke();
+    }),
+
+  getPendingInvitations: authedProcedure
+    .output(
+      z.array(
+        z.object({
+          id: z.string(),
+          listId: z.string(),
+          role: z.enum(["viewer", "editor"]),
+          invitedAt: z.date(),
+          list: z.object({
+            id: z.string(),
+            name: z.string(),
+            icon: z.string(),
+            description: z.string().nullable(),
+            owner: z
+              .object({
+                id: z.string(),
+                name: z.string(),
+                email: z.string(),
+              })
+              .nullable(),
+          }),
+        }),
+      ),
+    )
+    .query(async ({ ctx }) => {
+      return ListInvitation.pendingForUser(ctx);
+    }),
+
   leaveList: authedProcedure
     .input(
       z.object({
-- 
cgit v1.2.3-70-g09d2