apps/web/app/(ee)/partners.dub.co/(dashboard)/profile/members/page-client.tsx (1)

56-68: Consider stricter typing for query parameters.

Line 62 uses as Record<string, any>, which is too permissive. Since URLSearchParams accepts strings, use Record<string, string> instead.

Apply this diff to improve type safety:

     } as Record<string, any>,
+    } as Record<string, string>,

apps/web/ui/layout/sidebar/partners-sidebar-nav.tsx (1)

296-308: Approve the currentArea logic; consider simplifying dependencies.

The currentArea resolution correctly maps /profile paths to the profile area and maintains proper precedence order.

However, the programSlug dependency is redundant since isEnrolledProgramPage already captures changes to programSlug. This causes unnecessary re-computation but does not affect correctness.

Apply this diff to simplify the dependencies:

 const currentArea = useMemo(() => {
   return pathname.startsWith("/account/settings")
     ? "userSettings"
     : pathname.startsWith("/settings")
       ? "partnerSettings"
       : pathname.startsWith("/profile")
         ? "profile"
         : ["/payouts", "/messages"].some((p) => pathname.startsWith(p))
           ? null
           : isEnrolledProgramPage
             ? "program"
             : "programs";
-}, [pathname, programSlug, isEnrolledProgramPage]);
+}, [pathname, isEnrolledProgramPage]);

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Learnt from: steven-tey
PR: dubinc/dub#2958
File: apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx:432-457
Timestamp: 2025-10-15T01:05:43.230Z
Learning: In apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx, defer refactoring the custom MenuItem component (lines 432-457) to use the shared dub/ui MenuItem component to a future PR, as requested by steven-tey.

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Learnt from: TWilson023
PR: dubinc/dub#2935
File: apps/web/lib/actions/partners/invite-partner-from-network.ts:21-28
Timestamp: 2025-10-06T15:48:14.205Z
Learning: For the network invites limit check in apps/web/lib/actions/partners/invite-partner-from-network.ts, the team accepts that concurrent invites may bypass the limit due to race conditions. Perfect atomicity is not required for this feature.

apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx (1)

13-13: Use schema-derived type instead of Prisma enum for role annotations.

Importing PartnerRole directly from @dub/prisma/client can cause type incompatibility issues if the workspace schema uses a different enum definition from @prisma/client. This was flagged in a previous review, and the issue remains unresolved.

Apply this diff to use the schema-derived type:

-import { PartnerRole } from "@dub/prisma/client";
 import {
   Avatar,
   Button,

Then update the type annotations on lines 58, 303, and 338:

-  const roleFilter = searchParams.get("role") as PartnerRole | null;
+  const roleFilter = searchParams.get("role") as WorkspaceUserProps["role"] | null;

-  const [role, setRole] = useState<PartnerRole>(user.role);
+  const [role, setRole] = useState<WorkspaceUserProps["role"]>(user.role);

-          const newRole = e.target.value as PartnerRole;
+          const newRole = e.target.value as WorkspaceUserProps["role"];

Also applies to: 58-58, 303-303, 338-338

apps/web/app/(ee)/partners.dub.co/(dashboard)/profile/members/page-client.tsx (1)

278-283: Reset role on modal cancel by forwarding onClose
Pass an onClose: () => setRole(user.role) to useUpdatePartnerUserModal, extend its signature to accept onClose, and ensure UpdatePartnerUserModal invokes onClose on dismiss.

apps/web/app/(ee)/partners.dub.co/(dashboard)/profile/members/page-client.tsx (4)

23-31: Import Icon as a type-only import to avoid bundling a non-value export

Icon is a type; importing it as a value may bloat bundles. Use a type-only import.

Apply this diff:

-import {
-  CircleCheck,
-  CircleDotted,
-  Dots,
-  EnvelopeArrowRight,
-  Icon,
-  User,
-  UserCrown,
-} from "@dub/ui/icons";
+import {
+  CircleCheck,
+  CircleDotted,
+  Dots,
+  EnvelopeArrowRight,
+  User,
+  UserCrown,
+} from "@dub/ui/icons";

Then add this import (type-only):

import type { Icon } from "@dub/ui/icons";

---

200-206: Reset pagination when filters change

Changing filters while keeping the old page can show empty results. Clear "page" on filter select.

  const onSelect = (key: string, value: any) => {
    queryParams({
      set: {
        [key]: value,
      },
+     del: ["page"],
    });
  };

---

95-105: Minor: Remove conflicting bg- classes on status icons*

bg-green-100/bg-blue-100 are overridden by bg-transparent. Drop the redundant class.

-  icon: (
-    <CircleCheck className="size-4 bg-green-100 bg-transparent text-green-600" />
-  ),
+  icon: <CircleCheck className="size-4 text-green-600" />,

-  icon: (
-    <EnvelopeArrowRight className="size-4 bg-blue-100 bg-transparent text-blue-600" />
-  ),
+  icon: <EnvelopeArrowRight className="size-4 text-blue-600" />,

---

377-383: Add accessible label to the row actions button

Provide an aria-label/title for screen readers.

 <Button
   type="button"
   className="h-8 whitespace-nowrap px-2 disabled:border-transparent disabled:bg-transparent"
   variant="outline"
+  aria-label="Member actions"
+  title="Member actions"
   icon={<Dots className="h-4 w-4 shrink-0" />}
 />

apps/web/app/api/workspaces/[idOrSlug]/invites/route.ts (1)

24-26: Make email search case-insensitive

Improve UX and consistency by adding mode: "insensitive".

-        ...(search && {
-          email: { contains: search },
-        }),
+        ...(search && {
+          email: { contains: search, mode: "insensitive" },
+        }),

apps/web/app/api/workspaces/[idOrSlug]/users/route.ts (2)

23-27: Use case-insensitive search for name/email

Add mode: "insensitive" to both conditions.

-              { name: { contains: search } },
-              { email: { contains: search } },
+              { name: { contains: search, mode: "insensitive" } },
+              { email: { contains: search, mode: "insensitive" } },

---

51-58: Avoid hard-coded role names in validation message

The errorMap text (“owner”/“member”) will drift if WorkspaceRole changes. Either derive from enum values or use a generic message.

Example:

-  role: z.nativeEnum(WorkspaceRole, {
-    errorMap: () => ({
-      message: `Role must be either "owner" or "member".`,
-    }),
-  }),
+  role: z.nativeEnum(WorkspaceRole, {
+    errorMap: (_issue, _ctx) => ({
+      // Keep generic to avoid drift; or compute from Object.values(WorkspaceRole)
+      message: "Invalid role.",
+    }),
+  }),

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Learnt from: steven-tey
PR: dubinc/dub#2958
File: apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx:432-457
Timestamp: 2025-10-15T01:05:43.230Z
Learning: In apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx, defer refactoring the custom MenuItem component (lines 432-457) to use the shared dub/ui MenuItem component to a future PR, as requested by steven-tey.

Learnt from: steven-tey
PR: dubinc/dub#2958
File: apps/web/app/(ee)/partners.dub.co/(dashboard)/profile/members/page-client.tsx:270-303
Timestamp: 2025-10-15T01:52:37.030Z
Learning: In React components with dropdowns or form controls that show modals for confirmation (e.g., role selection, delete confirmation), local state should be reverted to match the prop value when the modal is cancelled. This prevents the UI from showing an unconfirmed change. The solution is to either: (1) pass an onClose callback to the modal that resets the local state, or (2) observe modal visibility state and reset on close. Example context: RoleCell component in apps/web/app/(ee)/partners.dub.co/(dashboard)/profile/members/page-client.tsx where role dropdown should revert to user.role when UpdateUserModal is cancelled.

apps/web/lib/api/partners/invite-partner-user.ts (1)

25-41: Re-throw non-P2002 Prisma errors to prevent broken invites.

The catch block only handles the unique-constraint error (P2002) but silently swallows all other Prisma errors. If prisma.partnerInvite.create fails for any other reason (connection loss, constraint violation, etc.), the code will still create a verification token and send the email, leaving the recipient with a broken invite link.

Apply this diff to safely check the error type and re-throw unexpected errors:

   } catch (error) {
-    if (error.code === "P2002") {
+    if (error && typeof error === "object" && "code" in error && error.code === "P2002") {
       throw new DubApiError({
         code: "conflict",
         message: "User has already been invited to this partner profile.",
       });
     }
+    // Re-throw unexpected errors to abort the operation
+    throw error;
   }

apps/web/ui/partners/online-presence-form.tsx (1)

104-108: The partner/currentPartner inconsistency remains unresolved.

This concern was raised in a previous review: the component receives a partner prop (used for form defaults) but fetches currentPartner separately (used for permissions). If these refer to different entities, the permission check and form data will be out of sync.

Consider using a single source of truth:

• Option A: Remove the partner prop and use only currentPartner throughout
• Option B: Assert partner.id === currentPartner.id at mount and throw/warn if they differ
• Option C: Document why both are needed if this is intentional

apps/web/app/(ee)/api/partner-profile/invites/accept/route.ts (1)

68-68: Use loose equality to handle both null and undefined.

NextAuth sessions may have defaultPartnerId set to undefined rather than null. This strict equality check (=== null) will not trigger the update when defaultPartnerId is undefined, leaving the user without a default partner ID after accepting the invite.

Apply this diff:

-    if (session.user["defaultPartnerId"] === null) {
+    if (session.user["defaultPartnerId"] == null) {
       const currentUser = await tx.user.findUnique({

apps/web/ui/modals/update-partner-user-modal.tsx (1)

60-61: Add type guard for error handling.

The caught error might not be an Error instance, so accessing .message directly can fail at runtime.

Apply this diff to add proper type checking:

     } catch (error) {
-      toast.error(error.message || "Failed to update role.");
+      toast.error(error instanceof Error ? error.message : "Failed to update role.");
     } finally {

apps/web/lib/api/get-workspace-users.ts (1)

2-2: Verify that all callers use WorkspaceRole enum values.

The type changes from Role to WorkspaceRole are correct. However, a previous review identified that apps/web/app/(ee)/api/stripe/integration/webhook/coupon-deleted.ts (line 96) uses a string literal "owner" instead of WorkspaceRole.owner. Ensure all callers have been updated to use the enum.

Also applies to: 10-10, 16-16

apps/web/lib/zod/schemas/workspaces.ts (1)

3-3: Address enum identity and coupling concerns from previous review.

Previous reviews identified two issues that remain unaddressed:

1. Enum identity split: Importing WorkspaceRole from @prisma/client instead of @dub/prisma/client can cause TypeScript assignability issues if other files import from the latter.

2. Prisma coupling: Using z.nativeEnum(WorkspaceRole) couples these schemas to Prisma enums. The previous review suggested using roleSchema for better decoupling and consistency.

Please review and apply the previously suggested fixes to avoid these issues.

Based on past review comments, consider this refactor:

-import { WorkspaceRole } from "@prisma/client";
+// Use @dub/prisma/client for consistent enum identity, or use roleSchema for decoupling

 export const getWorkspaceUsersQuerySchema = z.object({
   search: z.string().optional(),
-  role: z.nativeEnum(WorkspaceRole).optional(),
+  role: roleSchema.optional(),
 });

 export const workspaceUserSchema = z.object({
   id: z.string(),
   name: z.string(),
   email: z.string().nullish(),
   image: z.string().nullish(),
-  role: z.nativeEnum(WorkspaceRole),
+  role: roleSchema,
   isMachine: z.boolean().default(false),
   createdAt: z.date(),
 });

Also applies to: 200-203, 205-213

apps/web/app/(ee)/partners.dub.co/(auth)/invite/page.tsx (2)

22-40: Propagate the invite token to the accept API

The backend cannot verify the invite without the URL token, so the acceptance POST will fail for email flows. Thread the token through the request and guard the button until it exists.

-import { useRouter } from "next/navigation";
+import { useRouter, useSearchParams } from "next/navigation";
@@
 export default function AcceptPartnerInvitePage() {
   const router = useRouter();
+  const searchParams = useSearchParams();
+  const token = searchParams.get("token");
@@
     try {
-      const response = await fetch("/api/partner-profile/invites/accept", {
+      const acceptUrl = token
+        ? `/api/partner-profile/invites/accept?token=${encodeURIComponent(
+            token,
+          )}`
+        : "/api/partner-profile/invites/accept";
+      const response = await fetch(acceptUrl, {
         method: "POST",
         headers: {
           "Content-Type": "application/json",
         },
       });
@@
         <div className="mt-8">
           <Button
             text="Accept invite"
             onClick={acceptInvite}
             loading={accepting}
-            className="w-full"
+            disabled={!token}
+            className="w-full"
           />
         </div>

---

38-41: Handle unknown errors in catch properly

error is unknown, so this block fails TypeScript checks and never resets state if a non-Error is thrown. Guard the type and move the reset into a finally.

-    } catch (error) {
-      setAccepting(false);
-      toast.error(error.message || "Failed to accept invite.");
-    }
+    } catch (err) {
+      toast.error(
+        err instanceof Error ? err.message : "Failed to accept invite.",
+      );
+    } finally {
+      setAccepting(false);
+    }

apps/web/ui/modals/accept-partner-invite-modal.tsx (1)

25-48: Reset loading and harden error handling for invite acceptance

accepting never resets after a successful accept, so the modal reopens stuck in a loading state. On top of that, we assume the error body is JSON with .message and that caught values are always Error, so non‑JSON responses or thrown strings crash the handler and mask the real failure. Please move the state reset into a finally branch and narrow the caught error while parsing the response defensively.

   const handleAcceptInvite = async () => {
     setAccepting(true);

     try {
       const response = await fetch(`/api/partner-profile/invites/accept`, {
         method: "POST",
         headers: {
           "Content-Type": "application/json",
         },
       });

       if (!response.ok) {
-        const error = await response.json();
-        throw new Error(error.message);
+        const data = await response.json().catch(() => null);
+        throw new Error(data?.message ?? response.statusText);
       }

       await mutatePrefix("/api/partner-profile");
       router.replace("/programs");
       setShowAcceptPartnerInviteModal(false);
       toast.success("You are now a member of this partner profile!");
-    } catch (error) {
-      setAccepting(false);
-      toast.error(error.message || "Failed to accept invite.");
-    }
+    } catch (error: unknown) {
+      const message =
+        error instanceof Error ? error.message : "Failed to accept invite.";
+      toast.error(message);
+    } finally {
+      setAccepting(false);
+    }
   };

apps/web/ui/modals/update-workspace-user-role.tsx (2)

118-145: Expose an onClose hook to revert parent state

RoleCell updates its local selection before opening this modal; without an onClose callback it cannot revert the value when the user cancels, so the dropdown stays on an unconfirmed role. Please extend useWorkspaceUserRoleModal to accept an optional onClose, track when the modal closes, and invoke the callback so parents can reset their local state.
Based on learnings

-export function useWorkspaceUserRoleModal({
-  user,
-  role,
-}: {
-  user: UserProps;
-  role: "owner" | "member";
-}) {
+export function useWorkspaceUserRoleModal({
+  user,
+  role,
+  onClose,
+}: {
+  user: UserProps;
+  role: "owner" | "member";
+  onClose?: () => void;
+}) {
   const [showWorkspaceUserRoleModal, setShowWorkspaceUserRoleModal] =
     useState(false);
+  const wasOpen = useRef(false);
+
+  useEffect(() => {
+    if (showWorkspaceUserRoleModal) {
+      wasOpen.current = true;
+      return;
+    }
+
+    if (wasOpen.current) {
+      wasOpen.current = false;
+      onClose?.();
+    }
+  }, [showWorkspaceUserRoleModal, onClose]);

---

128-137: Fix stale props in modal callback

useCallback omits user and role, so the memoised component keeps rendering stale data when its inputs change. Add both to the dependency list to ensure the modal reflects the latest subject and patch payload.

-  }, [showWorkspaceUserRoleModal, setShowWorkspaceUserRoleModal]);
+  }, [showWorkspaceUserRoleModal, setShowWorkspaceUserRoleModal, user, role]);

apps/web/ui/modals/invite-partner-member-modal.tsx (2)

46-75: Trim outgoing emails before validation

Filtering with email.trim() keeps whitespace-only rows out of the payload, but you still send the original, untrimmed strings—so leading/trailing spaces hit the API and fail Zod validation. Map the entries to trimmed values before filtering so the server always receives clean addresses.

-    const invites = data.invites.filter(({ email }) => email.trim());
+    const invites = data.invites
+      .map(({ email, role }) => ({ email: email.trim(), role }))
+      .filter(({ email }) => email);

---

55-75: Make error handling resilient to non-JSON failures

We still assume the response body is JSON with { error: { message } } and that the caught value is an Error. When the backend returns plain text or throws something else, this path crashes and hides the real failure. Please guard the JSON parsing and narrow the caught value before accessing .message.

-      if (!response.ok) {
-        const { error } = await response.json();
-        throw new Error(error.message);
-      }
+      if (!response.ok) {
+        const fallback = "Failed to send invitations.";
+        const data = await response.json().catch(() => null);
+        throw new Error(
+          data?.error?.message ?? response.statusText ?? fallback,
+        );
+      }
@@
-    } catch (error) {
-      toast.error(error.message || "Failed to send invitations.");
+    } catch (error: unknown) {
+      const message =
+        error instanceof Error ? error.message : "Failed to send invitations.";
+      toast.error(message);
     } finally {
       setIsSubmitting(false);
     }

apps/web/app/(ee)/api/partner-profile/invites/route.ts (1)

215-247: Handle missing invite deletes gracefully

prisma.partnerInvite.delete throws P2025 when the invite was already removed (double-click, concurrent revoke). The uncaught error bubbles as a 500, making the route non-idempotent. Catch that case, convert it to a DubApiError with code: "not_found", and skip token deletion when nothing remains to delete.

-import { PartnerRole } from "@dub/prisma/client";
+import { PartnerRole, Prisma } from "@dub/prisma/client";
@@
-    await prisma.$transaction([
-      prisma.partnerInvite.delete({
-        where: {
-          email_partnerId: {
-            email,
-            partnerId: partner.id,
-          },
-        },
-      }),
-
-      prisma.verificationToken.deleteMany({
-        where: {
-          identifier: email,
-        },
-      }),
-    ]);
+    try {
+      await prisma.$transaction([
+        prisma.partnerInvite.delete({
+          where: {
+            email_partnerId: {
+              email,
+              partnerId: partner.id,
+            },
+          },
+        }),
+        prisma.verificationToken.deleteMany({
+          where: {
+            identifier: email,
+          },
+        }),
+      ]);
+    } catch (error) {
+      if (
+        error instanceof Prisma.PrismaClientKnownRequestError &&
+        error.code === "P2025"
+      ) {
+        throw new DubApiError({
+          code: "not_found",
+          message: "The invitation you're trying to revoke was not found.",
+        });
+      }
+      throw error;
+    }

apps/web/app/api/workspaces/[idOrSlug]/users/route.ts (1)

36-41: Map the membership payload explicitly.

Spreading user back onto rest still pulls every field from the account record into the response and relies on the trailing createdAt override to fix the timestamp. This reintroduces the leakage we flagged earlier—consumers will see unrelated properties (and the next edit may again overwrite createdAt). Please revert to explicit mapping of the allowed fields (id, name, email, image, isMachine, plus the membership role/createdAt).

Apply this diff:

-    const parsedUsers = users.map(({ user, ...rest }) =>
-      workspaceUserSchema.parse({
-        ...rest,
-        ...user,
-        createdAt: rest.createdAt, // preserve the createdAt field from ProjectUsers
-      }),
-    );
+    const parsedUsers = users.map(({ user, role, createdAt }) =>
+      workspaceUserSchema.parse({
+        id: user.id,
+        name: user.name,
+        email: user.email,
+        image: user.image,
+        isMachine: user.isMachine,
+        role,
+        createdAt,
+      }),
+    );

apps/web/app/(ee)/partners.dub.co/(dashboard)/profile/members/page-client.tsx (1)

278-305: Reset the RoleCell state when the modal closes.

After selecting a different role, canceling the confirmation modal leaves the dropdown showing the unconfirmed value. This mismatch hangs around until SWR revalidates, which confuses users. Wire the modal’s close/cancel path to setRole(user.role) (e.g., via an onClose callback or by watching the modal’s visibility) so the UI always reflects the confirmed backend state.
Based on learnings

apps/web/app/(ee)/partners.dub.co/(dashboard)/auth.tsx (1)

6-6: Remove unused pathname or implement its intended logic.

The usePathname hook is imported and called, but the resulting pathname variable is never used in the component. This adds unnecessary code and a small runtime cost.

If pathname is needed for future redirect or conditional logic (e.g., invite flows), please complete the implementation. Otherwise, remove both the import and the variable declaration to keep the code clean.

Apply this diff to remove the unused code:

-import { redirect, usePathname, useSearchParams } from "next/navigation";
+import { redirect, useSearchParams } from "next/navigation";

 export function PartnerProfileAuth({ children }: { children: ReactNode }) {
-  const pathname = usePathname();
   const searchParams = useSearchParams();

Also applies to: 21-21

packages/email/src/templates/partner-user-invited.tsx (1)

18-22: Consider using more obviously fake default values.

The default values contain realistic-looking email addresses and a token string. For better security hygiene and to avoid confusion, consider using:

• Standard test email formats (e.g., [email protected])
• Clearly placeholder token values (e.g., EXAMPLE_TOKEN_HERE)

Example:

 export default function PartnerUserInvited({
-  email = "[email protected]",
-  url = "http://localhost:8888/api/auth/callback/email?callbackUrl=http%3A%2F%2Fapp.localhost%3A3000%2Flogin&token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&[email protected]",
+  email = "[email protected]",
+  url = "http://localhost:8888/api/auth/callback/email?callbackUrl=http%3A%2F%2Fapp.localhost%3A3000%2Flogin&token=EXAMPLE_TOKEN&[email protected]",
   partnerName = "Acme",
   partnerUser = "Brendon Urie",
-  partnerUserEmail = "[email protected]",
+  partnerUserEmail = "[email protected]",
 }: {

apps/web/ui/modals/remove-partner-user-modal.tsx (2)

40-40: Encode the userId query parameter.

Line 40 constructs the query string with user.id directly. While isInvite guards against null, encoding is still required for safe URL construction.

Apply this diff:

-          : `/api/partner-profile/users?userId=${user.id}`,
+          : `/api/partner-profile/users?userId=${encodeURIComponent(user.id!)}`,

---

47-50: Defensive error parsing could prevent runtime failures.

The error response parsing assumes the JSON structure includes error.message. If the response doesn't match this shape, line 49 will throw a TypeError.

Consider this more defensive approach:

       if (!response.ok) {
-        const { error } = await response.json();
-        throw new Error(error.message);
+        let message = response.statusText;
+        try {
+          const data = await response.json();
+          message = data?.error?.message ?? data?.message ?? message;
+        } catch {}
+        throw new Error(message || "Operation failed");
       }

apps/web/lib/middleware/partners.ts (1)

23-23: Refine the partner invite detection logic.

The current check req.nextUrl.pathname.endsWith("/invite") may match unintended paths like /some/other/invite. Consider using a more precise check such as path === "/invite" or a regex pattern to ensure it only matches the intended partner invite route.

Apply this diff to make the check more precise:

-  const isPartnerInvite = req.nextUrl.pathname.endsWith("/invite");
+  const isPartnerInvite = path === "/invite";

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Learnt from: TWilson023
PR: dubinc/dub#2936
File: apps/web/app/app.dub.co/(dashboard)/[slug]/(ee)/settings/analytics/add-hostname-modal.tsx:28-34
Timestamp: 2025-10-08T21:33:23.531Z
Learning: In the dub/ui Button component, when the `disabledTooltip` prop is set to a non-undefined value (e.g., a string), the button is automatically disabled. Therefore, it's not necessary to also add the same condition to the `disabled` prop—setting `disabledTooltip={permissionsError || undefined}` is sufficient to disable the button when there's a permissions error.

Learnt from: steven-tey
PR: dubinc/dub#2958
File: apps/web/app/(ee)/partners.dub.co/(dashboard)/profile/members/page-client.tsx:270-303
Timestamp: 2025-10-15T01:52:37.030Z
Learning: In React components with dropdowns or form controls that show modals for confirmation (e.g., role selection, delete confirmation), local state should be reverted to match the prop value when the modal is cancelled. This prevents the UI from showing an unconfirmed change. The solution is to either: (1) pass an onClose callback to the modal that resets the local state, or (2) observe modal visibility state and reset on close. Example context: RoleCell component in apps/web/app/(ee)/partners.dub.co/(dashboard)/profile/members/page-client.tsx where role dropdown should revert to user.role when UpdateUserModal is cancelled.

Learnt from: TWilson023
PR: dubinc/dub#2935
File: apps/web/lib/actions/partners/invite-partner-from-network.ts:21-28
Timestamp: 2025-10-06T15:48:14.205Z
Learning: For the network invites limit check in apps/web/lib/actions/partners/invite-partner-from-network.ts, the team accepts that concurrent invites may bypass the limit due to race conditions. Perfect atomicity is not required for this feature.

Learnt from: TWilson023
PR: dubinc/dub#2872
File: packages/prisma/schema/partner.prisma:151-153
Timestamp: 2025-09-24T16:13:00.387Z
Learning: In the Dub codebase, Prisma schemas use single-column indexes without brackets (e.g., `@index(partnerId)`) and multi-column indexes with brackets (e.g., `@index([programId, partnerId])`). This syntax pattern is consistently used throughout their schema files and works correctly with their Prisma version.

Learnt from: steven-tey
PR: dubinc/dub#2958
File: apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx:432-457
Timestamp: 2025-10-15T01:05:43.230Z
Learning: In apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx, defer refactoring the custom MenuItem component (lines 432-457) to use the shared dub/ui MenuItem component to a future PR, as requested by steven-tey.

apps/web/app/(ee)/partners.dub.co/(dashboard)/profile/members/page-client.tsx (1)

302-306: Revert dropdown state when update modal closes.

After canceling the role-change modal, the select keeps the new value even though nothing was saved. That desynchronizes the UI from the real user.role and confuses users. Please reset the local role state when the modal closes—e.g., have useUpdatePartnerUserModal invoke an onClose callback that calls setRole(user.role), or wrap the setter so setShowUpdateUserModal(false) also restores the prop value. Based on learnings

apps/web/ui/modals/update-workspace-user-role.tsx (1)

15-145: Handle modal cancellation via onClose.

Without an onClose pathway the parent has no signal to revert its local role selection when the modal is dismissed, so the dropdown keeps showing an unconfirmed value. Please reintroduce the optional onClose callback and invoke it whenever the modal closes without saving, while preventing it from firing after a confirmed update.

-import {
-  Dispatch,
-  SetStateAction,
-  useCallback,
-  useMemo,
-  useState,
-} from "react";
+import {
+  Dispatch,
+  SetStateAction,
+  useCallback,
+  useEffect,
+  useMemo,
+  useRef,
+  useState,
+} from "react";
…
-function WorkspaceUserRoleModal({
-  showWorkspaceUserRoleModal,
-  setShowWorkspaceUserRoleModal,
-  user,
-  role,
-}: {
-  showWorkspaceUserRoleModal: boolean;
-  setShowWorkspaceUserRoleModal: Dispatch<SetStateAction<boolean>>;
-  user: UserProps;
-  role: "owner" | "member";
-}) {
+function WorkspaceUserRoleModal({
+  showWorkspaceUserRoleModal,
+  setShowWorkspaceUserRoleModal,
+  user,
+  role,
+  onClose,
+}: {
+  showWorkspaceUserRoleModal: boolean;
+  setShowWorkspaceUserRoleModal: Dispatch<SetStateAction<boolean>>;
+  user: UserProps;
+  role: "owner" | "member";
+  onClose?: () => void;
+}) {
   const [editing, setEditing] = useState(false);
+  const lastActionRef = useRef<"confirm" | null>(null);
…
-      await mutatePrefix(
-        `/api/workspaces/${id}/${isInvite ? "invites" : "users"}`,
-      );
-      setShowWorkspaceUserRoleModal(false);
+      await mutatePrefix(
+        `/api/workspaces/${id}/${isInvite ? "invites" : "users"}`,
+      );
+      lastActionRef.current = "confirm";
+      setShowWorkspaceUserRoleModal(false);
       toast.success(`Successfully updated the role to ${role}.`);
     } catch (error) {
       toast.error(error instanceof Error ? error.message : "An error occurred");
     } finally {
       setEditing(false);
+      lastActionRef.current = null;
     }
   };
 
+  useEffect(() => {
+    if (!showWorkspaceUserRoleModal) {
+      if (lastActionRef.current === "confirm") {
+        lastActionRef.current = null;
+        return;
+      }
+      onClose?.();
+    }
+  }, [showWorkspaceUserRoleModal, onClose]);
…
-export function useWorkspaceUserRoleModal({
-  user,
-  role,
-}: {
-  user: UserProps;
-  role: "owner" | "member";
-}) {
+export function useWorkspaceUserRoleModal({
+  user,
+  role,
+  onClose,
+}: {
+  user: UserProps;
+  role: "owner" | "member";
+  onClose?: () => void;
+}) {
…
-      <WorkspaceUserRoleModal
+      <WorkspaceUserRoleModal
         showWorkspaceUserRoleModal={showWorkspaceUserRoleModal}
         setShowWorkspaceUserRoleModal={setShowWorkspaceUserRoleModal}
         user={user}
         role={role}
+        onClose={onClose}
       />
     );
-  }, [showWorkspaceUserRoleModal, setShowWorkspaceUserRoleModal, user, role]);
+  }, [
+    showWorkspaceUserRoleModal,
+    setShowWorkspaceUserRoleModal,
+    user,
+    role,
+    onClose,
+  ]);
 
   return useMemo(
     () => ({
       setShowWorkspaceUserRoleModal,
       WorkspaceUserRoleModal: WorkspaceUserRoleModalCallback,
     }),
-    [setShowWorkspaceUserRoleModal, WorkspaceUserRoleModalCallback],
+    [setShowWorkspaceUserRoleModal, WorkspaceUserRoleModalCallback],
   );
 }

This keeps the dropdown in sync with confirmed roles while letting the parent reset on cancellation. Based on learnings.

apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx (1)

193-207: Remove filter state from getRowId to maintain stable row identity.

The getRowId function includes status and roleFilter in the row ID computation (line 199). This causes all row IDs to change whenever filters are modified, which defeats the purpose of stable row identities and leads to unnecessary component remounts and re-renders.

Row IDs should be based solely on the row's intrinsic identity.

Apply this diff:

     getRowId: (row) =>
-      `${row.id || row.email}-${status}-${roleFilter || "all"}`,
+      row.id || row.email,

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Learnt from: steven-tey
PR: dubinc/dub#2958
File: apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx:432-457
Timestamp: 2025-10-15T01:05:43.230Z
Learning: In apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx, defer refactoring the custom MenuItem component (lines 432-457) to use the shared dub/ui MenuItem component to a future PR, as requested by steven-tey.

Learnt from: steven-tey
PR: dubinc/dub#2958
File: apps/web/app/(ee)/partners.dub.co/(dashboard)/profile/members/page-client.tsx:270-303
Timestamp: 2025-10-15T01:52:37.030Z
Learning: In React components with dropdowns or form controls that show modals for confirmation (e.g., role selection, delete confirmation), local state should be reverted to match the prop value when the modal is cancelled. This prevents the UI from showing an unconfirmed change. The solution is to either: (1) pass an onClose callback to the modal that resets the local state, or (2) observe modal visibility state and reset on close. Example context: RoleCell component in apps/web/app/(ee)/partners.dub.co/(dashboard)/profile/members/page-client.tsx where role dropdown should revert to user.role when UpdateUserModal is cancelled.

apps/web/ui/modals/invite-partner-user-modal.tsx (1)

46-76: The issues flagged in the previous review remain unaddressed.

The submit handler still has the following problems:

1. Email trimming: Line 47 filters based on email.trim() but doesn't actually trim the email values in the invite objects being sent
2. Unsafe error parsing: Lines 61-64 don't handle non-JSON responses or missing error.message
3. Type-unsafe catch: Lines 71-73 access error.message without verifying error is an Error instance

Apply the previously suggested fix:

-  const onSubmit = async (data: FormData) => {
-    const invites = data.invites.filter(({ email }) => email.trim());
+  const onSubmit = async (data: FormData) => {
+    const invites = data.invites
+      .map(({ email, role }) => ({ email: email.trim(), role }))
+      .filter(({ email }) => email);
     setIsSubmitting(true);
 
     try {
       if (invites.length === 0) {
         throw new Error("Please enter at least one email address.");
       }
 
       const response = await fetch("/api/partner-profile/invites", {
         method: "POST",
         headers: { "Content-Type": "application/json" },
         body: JSON.stringify(invites),
       });
 
       if (!response.ok) {
-        const { error } = await response.json();
-        throw new Error(error.message);
+        let message = response.statusText || "Failed to send invitations.";
+        try {
+          const data = await response.json();
+          message = data?.error?.message ?? message;
+        } catch {
+          // ignore non‑JSON error bodies
+        }
+        throw new Error(message);
       }
 
       await mutatePrefix("/api/partner-profile/invites");
       toast.success(
         `${pluralize("Invitation", invites.length)} sent successfully!`,
       );
       setShowInvitePartnerUserModal(false);
-    } catch (error) {
-      toast.error(error.message || "Failed to send invitations.");
+    } catch (error: unknown) {
+      const message =
+        error instanceof Error ? error.message : "Failed to send invitations.";
+      toast.error(message);
     } finally {
       setIsSubmitting(false);
     }
   };

apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx (1)

244-262: Consider extracting the permission check pattern.

The clientAccessCheck pattern with disabledTooltip is duplicated for both buttons. While not critical, extracting this could improve maintainability.

Example helper:

const getPermissionTooltip = (action: string, description: string) => {
  return clientAccessCheck({
    action: action as PermissionAction,
    role,
    customPermissionDescription: description,
  }).error || undefined;
};

Then use:

                 disabledTooltip={
-                  clientAccessCheck({
-                    action: "workspaces.write",
-                    role,
-                    customPermissionDescription: "invite new teammates",
-                  }).error || undefined
+                  getPermissionTooltip("workspaces.write", "invite new teammates")
                 }

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Learnt from: steven-tey
PR: dubinc/dub#2958
File: apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx:432-457
Timestamp: 2025-10-15T01:05:43.230Z
Learning: In apps/web/app/app.dub.co/(dashboard)/[slug]/settings/members/page-client.tsx, defer refactoring the custom MenuItem component (lines 432-457) to use the shared dub/ui MenuItem component to a future PR, as requested by steven-tey.