simstudioai
diff --git a/‎apps/sim/app/api/credential-sets/[id]/invite/[invitationId]/route.ts‎
Lines changed: 146 additions & 0 deletions b/‎apps/sim/app/api/credential-sets/[id]/invite/[invitationId]/route.ts‎
Lines changed: 146 additions & 0 deletions
diff --git a/‎apps/sim/app/api/organizations/[id]/invitations/[invitationId]/route.ts‎
Lines changed: 99 additions & 0 deletions b/‎apps/sim/app/api/organizations/[id]/invitations/[invitationId]/route.ts‎
Lines changed: 99 additions & 0 deletions
@@ -0,0 +1,146 @@
+import { db } from '@sim/db'
+import { credentialSet, credentialSetInvitation, member, organization, user } from '@sim/db/schema'
+import { createLogger } from '@sim/logger'
+import { and, eq } from 'drizzle-orm'
+import { type NextRequest, NextResponse } from 'next/server'
+import { getEmailSubject, renderPollingGroupInvitationEmail } from '@/components/emails'
+import { getSession } from '@/lib/auth'
+import { getBaseUrl } from '@/lib/core/utils/urls'
+import { sendEmail } from '@/lib/messaging/email/mailer'
+
+const logger = createLogger('CredentialSetInviteResend')
+
+async function getCredentialSetWithAccess(credentialSetId: string, userId: string) {
+  const [set] = await db
+    .select({
+      id: credentialSet.id,
+      organizationId: credentialSet.organizationId,
+      name: credentialSet.name,
+      providerId: credentialSet.providerId,
+    })
+    .from(credentialSet)
+    .where(eq(credentialSet.id, credentialSetId))
+    .limit(1)
+
+  if (!set) return null
+
+  const [membership] = await db
+    .select({ role: member.role })
+    .from(member)
+    .where(and(eq(member.userId, userId), eq(member.organizationId, set.organizationId)))
+    .limit(1)
+
+  if (!membership) return null
+
+  return { set, role: membership.role }
+}
+
+export async function POST(
+  req: NextRequest,
+  { params }: { params: Promise<{ id: string; invitationId: string }> }
+) {
+  const session = await getSession()
+
+  if (!session?.user?.id) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+
+  const { id, invitationId } = await params
+
+  try {
+    const result = await getCredentialSetWithAccess(id, session.user.id)
+
+    if (!result) {
+      return NextResponse.json({ error: 'Credential set not found' }, { status: 404 })
+    }
+
+    if (result.role !== 'admin' && result.role !== 'owner') {
+      return NextResponse.json({ error: 'Admin or owner permissions required' }, { status: 403 })
+    }
+
+    const [invitation] = await db
+      .select()
+      .from(credentialSetInvitation)
+      .where(
+        and(
+          eq(credentialSetInvitation.id, invitationId),
+          eq(credentialSetInvitation.credentialSetId, id)
+        )
+      )
+      .limit(1)
+
+    if (!invitation) {
+      return NextResponse.json({ error: 'Invitation not found' }, { status: 404 })
+    }
+
+    if (invitation.status !== 'pending') {
+      return NextResponse.json({ error: 'Only pending invitations can be resent' }, { status: 400 })
+    }
+
+    // Update expiration
+    const newExpiresAt = new Date()
+    newExpiresAt.setDate(newExpiresAt.getDate() + 7)
+
+    await db
+      .update(credentialSetInvitation)
+      .set({ expiresAt: newExpiresAt })
+      .where(eq(credentialSetInvitation.id, invitationId))
+
+    const inviteUrl = `${getBaseUrl()}/credential-account/${invitation.token}`
+
+    // Send email if email address exists
+    if (invitation.email) {
+      try {
+        const [inviter] = await db
+          .select({ name: user.name })
+          .from(user)
+          .where(eq(user.id, session.user.id))
+          .limit(1)
+
+        const [org] = await db
+          .select({ name: organization.name })
+          .from(organization)
+          .where(eq(organization.id, result.set.organizationId))
+          .limit(1)
+
+        const provider = (result.set.providerId as 'google-email' | 'outlook') || 'google-email'
+        const emailHtml = await renderPollingGroupInvitationEmail({
+          inviterName: inviter?.name || 'A team member',
+          organizationName: org?.name || 'your organization',
+          pollingGroupName: result.set.name,
+          provider,
+          inviteLink: inviteUrl,
+        })
+
+        const emailResult = await sendEmail({
+          to: invitation.email,
+          subject: getEmailSubject('polling-group-invitation'),
+          html: emailHtml,
+          emailType: 'transactional',
+        })
+
+        if (!emailResult.success) {
+          logger.warn('Failed to resend invitation email', {
+            email: invitation.email,
+            error: emailResult.message,
+          })
+          return NextResponse.json({ error: 'Failed to send email' }, { status: 500 })
+        }
+      } catch (emailError) {
+        logger.error('Error sending invitation email', emailError)
+        return NextResponse.json({ error: 'Failed to send email' }, { status: 500 })
+      }
+    }
+
+    logger.info('Resent credential set invitation', {
+      credentialSetId: id,
+      invitationId,
+      userId: session.user.id,
+    })
+
+    return NextResponse.json({ success: true })
+  } catch (error) {
+    logger.error('Error resending invitation', error)
+    return NextResponse.json({ error: 'Failed to resend invitation' }, { status: 500 })
+  }
+}
@@ -15,8 +15,11 @@ import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { getEmailSubject, renderInvitationEmail } from '@/components/emails'
 import { getSession } from '@/lib/auth'
 import { requireStripeClient } from '@/lib/billing/stripe-client'
+import { getBaseUrl } from '@/lib/core/utils/urls'
+import { sendEmail } from '@/lib/messaging/email/mailer'
 
 const logger = createLogger('OrganizationInvitation')
 
@@ -69,6 +72,102 @@ export async function GET(
   }
 }
 
+// Resend invitation
+export async function POST(
+  _request: NextRequest,
+  { params }: { params: Promise<{ id: string; invitationId: string }> }
+) {
+  const { id: organizationId, invitationId } = await params
+  const session = await getSession()
+
+  if (!session?.user?.id) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+
+  try {
+    // Verify user is admin/owner
+    const memberEntry = await db
+      .select()
+      .from(member)
+      .where(and(eq(member.organizationId, organizationId), eq(member.userId, session.user.id)))
+      .limit(1)
+
+    if (memberEntry.length === 0 || !['owner', 'admin'].includes(memberEntry[0].role)) {
+      return NextResponse.json({ error: 'Forbidden - Admin access required' }, { status: 403 })
+    }
+
+    const orgInvitation = await db
+      .select()
+      .from(invitation)
+      .where(and(eq(invitation.id, invitationId), eq(invitation.organizationId, organizationId)))
+      .then((rows) => rows[0])
+
+    if (!orgInvitation) {
+      return NextResponse.json({ error: 'Invitation not found' }, { status: 404 })
+    }
+
+    if (orgInvitation.status !== 'pending') {
+      return NextResponse.json({ error: 'Can only resend pending invitations' }, { status: 400 })
+    }
+
+    const org = await db
+      .select({ name: organization.name })
+      .from(organization)
+      .where(eq(organization.id, organizationId))
+      .then((rows) => rows[0])
+
+    const inviter = await db
+      .select({ name: user.name })
+      .from(user)
+      .where(eq(user.id, session.user.id))
+      .limit(1)
+
+    // Update expiration date
+    const newExpiresAt = new Date(Date.now() + 7 * 24 * 60 * 60 * 1000) // 7 days
+    await db
+      .update(invitation)
+      .set({ expiresAt: newExpiresAt })
+      .where(eq(invitation.id, invitationId))
+
+    // Send email
+    const emailHtml = await renderInvitationEmail(
+      inviter[0]?.name || 'Someone',
+      org?.name || 'organization',
+      `${getBaseUrl()}/invite/${invitationId}`
+    )
+
+    const emailResult = await sendEmail({
+      to: orgInvitation.email,
+      subject: getEmailSubject('invitation'),
+      html: emailHtml,
+      emailType: 'transactional',
+    })
+
+    if (!emailResult.success) {
+      logger.error('Failed to resend invitation email', {
+        email: orgInvitation.email,
+        error: emailResult.message,
+      })
+      return NextResponse.json({ error: 'Failed to send invitation email' }, { status: 500 })
+    }
+
+    logger.info('Organization invitation resent', {
+      organizationId,
+      invitationId,
+      resentBy: session.user.id,
+      email: orgInvitation.email,
+    })
+
+    return NextResponse.json({
+      success: true,
+      message: 'Invitation resent successfully',
+    })
+  } catch (error) {
+    logger.error('Error resending organization invitation:', error)
+    return NextResponse.json({ error: 'Failed to resend invitation' }, { status: 500 })
+  }
+}
+
 export async function PUT(
   req: NextRequest,
   { params }: { params: Promise<{ id: string; invitationId: string }> }