improvement(admin-routes): cleanup code that could accidentally desync stripe and DB

apps/sim/app/api/v1/admin/index.ts

@@ -35,19 +35,18 @@
  *   GET    /api/v1/admin/organizations/:id                  - Get organization details
  *   PATCH  /api/v1/admin/organizations/:id                  - Update organization
  *   GET    /api/v1/admin/organizations/:id/members          - List organization members
- *   POST   /api/v1/admin/organizations/:id/members          - Add/update member in organization
+ *   POST   /api/v1/admin/organizations/:id/members          - Add/update member (validates seat availability)
  *   GET    /api/v1/admin/organizations/:id/members/:mid     - Get member details
  *   PATCH  /api/v1/admin/organizations/:id/members/:mid     - Update member role
  *   DELETE /api/v1/admin/organizations/:id/members/:mid     - Remove member
  *   GET    /api/v1/admin/organizations/:id/billing          - Get org billing summary
  *   PATCH  /api/v1/admin/organizations/:id/billing          - Update org usage limit
  *   GET    /api/v1/admin/organizations/:id/seats            - Get seat analytics
- *   PATCH  /api/v1/admin/organizations/:id/seats            - Update seat count
  *
  *   Subscriptions:
  *   GET    /api/v1/admin/subscriptions                      - List all subscriptions
  *   GET    /api/v1/admin/subscriptions/:id                  - Get subscription details
- *   PATCH  /api/v1/admin/subscriptions/:id                  - Update subscription
+ *   DELETE /api/v1/admin/subscriptions/:id                  - Cancel subscription (?atPeriodEnd=true for scheduled)
  */
 
 export type { AdminAuthFailure, AdminAuthResult, AdminAuthSuccess } from '@/app/api/v1/admin/auth'

apps/sim/app/api/v1/admin/organizations/[id]/members/route.ts

@@ -12,6 +12,9 @@
  * POST /api/v1/admin/organizations/[id]/members
  *
  * Add a user to an organization with full billing logic.
+ * Validates seat availability before adding (uses same logic as invitation flow):
+ *   - Team plans: checks seats column
+ *   - Enterprise plans: checks metadata.seats
  * Handles Pro usage snapshot and subscription cancellation like the invitation flow.
  * If user is already a member, updates their role if different.
  *
@@ -29,6 +32,7 @@ import { db } from '@sim/db'
 import { member, organization, user, userStats } from '@sim/db/schema'
 import { count, eq } from 'drizzle-orm'
 import { addUserToOrganization } from '@/lib/billing/organizations/membership'
+import { requireStripeClient } from '@/lib/billing/stripe-client'
 import { createLogger } from '@/lib/logs/console/logger'
 import { withAdminAuthParams } from '@/app/api/v1/admin/middleware'
 import {
@@ -223,6 +227,29 @@ export const POST = withAdminAuthParams<RouteParams>(async (request, context) =>
       return badRequestResponse(result.error || 'Failed to add member')
     }
 
+    // Sync Pro subscription cancellation with Stripe (same as invitation flow)
+    if (result.billingActions.proSubscriptionToCancel?.stripeSubscriptionId) {
+      try {
+        const stripe = requireStripeClient()
+        await stripe.subscriptions.update(
+          result.billingActions.proSubscriptionToCancel.stripeSubscriptionId,
+          { cancel_at_period_end: true }
+        )
+        logger.info('Admin API: Synced Pro cancellation with Stripe', {
+          userId: body.userId,
+          subscriptionId: result.billingActions.proSubscriptionToCancel.subscriptionId,
+          stripeSubscriptionId: result.billingActions.proSubscriptionToCancel.stripeSubscriptionId,
+        })
+      } catch (stripeError) {
+        logger.error('Admin API: Failed to sync Pro cancellation with Stripe', {
+          userId: body.userId,
+          subscriptionId: result.billingActions.proSubscriptionToCancel.subscriptionId,
+          stripeSubscriptionId: result.billingActions.proSubscriptionToCancel.stripeSubscriptionId,
+          error: stripeError,
+        })
+      }
+    }
+
     const data: AdminMember = {
       id: result.memberId!,
       userId: body.userId,

apps/sim/app/api/v1/admin/organizations/[id]/seats/route.ts

@@ -4,26 +4,12 @@
  * Get organization seat analytics including member activity.
  *
  * Response: AdminSingleResponse<AdminSeatAnalytics>
- *
- * PATCH /api/v1/admin/organizations/[id]/seats
- *
- * Update organization seat count with Stripe sync (matches user flow).
- *
- * Body:
- *   - seats: number - New seat count (positive integer)
- *
- * Response: AdminSingleResponse<{ success: true, seats: number, plan: string, stripeUpdated?: boolean }>
  */
 
-import { db } from '@sim/db'
-import { organization, subscription } from '@sim/db/schema'
-import { and, eq } from 'drizzle-orm'
-import { requireStripeClient } from '@/lib/billing/stripe-client'
 import { getOrganizationSeatAnalytics } from '@/lib/billing/validation/seat-management'
 import { createLogger } from '@/lib/logs/console/logger'
 import { withAdminAuthParams } from '@/app/api/v1/admin/middleware'
 import {
-  badRequestResponse,
   internalErrorResponse,
   notFoundResponse,
   singleResponse,
@@ -75,122 +61,3 @@ export const GET = withAdminAuthParams<RouteParams>(async (_, context) => {
     return internalErrorResponse('Failed to get organization seats')
   }
 })
-
-export const PATCH = withAdminAuthParams<RouteParams>(async (request, context) => {
-  const { id: organizationId } = await context.params
-
-  try {
-    const body = await request.json()
-
-    if (typeof body.seats !== 'number' || body.seats < 1 || !Number.isInteger(body.seats)) {
-      return badRequestResponse('seats must be a positive integer')
-    }
-
-    const [orgData] = await db
-      .select({ id: organization.id })
-      .from(organization)
-      .where(eq(organization.id, organizationId))
-      .limit(1)
-
-    if (!orgData) {
-      return notFoundResponse('Organization')
-    }
-
-    const [subData] = await db
-      .select()
-      .from(subscription)
-      .where(and(eq(subscription.referenceId, organizationId), eq(subscription.status, 'active')))
-      .limit(1)
-
-    if (!subData) {
-      return notFoundResponse('Subscription')
-    }
-
-    const newSeatCount = body.seats
-    let stripeUpdated = false
-
-    if (subData.plan === 'enterprise') {
-      const currentMetadata = (subData.metadata as Record<string, unknown>) || {}
-      const newMetadata = {
-        ...currentMetadata,
-        seats: newSeatCount,
-      }
-
-      await db
-        .update(subscription)
-        .set({ metadata: newMetadata })
-        .where(eq(subscription.id, subData.id))
-
-      logger.info(`Admin API: Updated enterprise seats for organization ${organizationId}`, {
-        seats: newSeatCount,
-      })
-    } else if (subData.plan === 'team') {
-      if (subData.stripeSubscriptionId) {
-        const stripe = requireStripeClient()
-
-        const stripeSubscription = await stripe.subscriptions.retrieve(subData.stripeSubscriptionId)
-
-        if (stripeSubscription.status !== 'active') {
-          return badRequestResponse('Stripe subscription is not active')
-        }
-
-        const subscriptionItem = stripeSubscription.items.data[0]
-        if (!subscriptionItem) {
-          return internalErrorResponse('No subscription item found in Stripe subscription')
-        }
-
-        const currentSeats = subData.seats || 1
-
-        logger.info('Admin API: Updating Stripe subscription quantity', {
-          organizationId,
-          stripeSubscriptionId: subData.stripeSubscriptionId,
-          subscriptionItemId: subscriptionItem.id,
-          currentSeats,
-          newSeatCount,
-        })
-
-        await stripe.subscriptions.update(subData.stripeSubscriptionId, {
-          items: [
-            {
-              id: subscriptionItem.id,
-              quantity: newSeatCount,
-            },
-          ],
-          proration_behavior: 'create_prorations',
-        })
-
-        stripeUpdated = true
-      }
-
-      await db
-        .update(subscription)
-        .set({ seats: newSeatCount })
-        .where(eq(subscription.id, subData.id))
-
-      logger.info(`Admin API: Updated team seats for organization ${organizationId}`, {
-        seats: newSeatCount,
-        stripeUpdated,
-      })
-    } else {
-      await db
-        .update(subscription)
-        .set({ seats: newSeatCount })
-        .where(eq(subscription.id, subData.id))
-
-      logger.info(`Admin API: Updated seats for organization ${organizationId}`, {
-        seats: newSeatCount,
-        plan: subData.plan,
-      })
-    }
-
-    return singleResponse({
-      success: true,
-      seats: newSeatCount,
-      plan: subData.plan,
-      stripeUpdated,
-    })
-  } catch (error) {
-    logger.error('Admin API: Failed to update organization seats', { error, organizationId })
-    return internalErrorResponse('Failed to update organization seats')
-  }
-})