Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.auction-rise.com/llms.txt

Use this file to discover all available pages before exploring further.

Workspaces

Workspaces are the top-level multi-tenant containers in the template. Each workspace has its own members, settings, and data — all isolated from other workspaces via Supabase Row Level Security (RLS).

Creating a Workspace

  1. Click the workspace switcher in the sidebar header.
  2. Select Create Workspace.
  3. Enter a name — the URL slug is generated automatically.
  4. Click Create.
You become the Owner of any workspace you create.

Switching Workspaces

The SidebarWorkspaceSwitcher component persists your active workspace to a cookie (active_workspace_id). All navigation and data fetches are scoped to the active workspace.

Role Hierarchy

Three roles are supported: Owner, Admin, and Member.
PermissionOwnerAdminMember
View workspaceYesYesYes
View membersYesYesYes
Update workspace settingsYesYesNo
Delete workspaceYesNoNo
Invite membersYesYesNo
Remove membersYesAdmins only*No
Change rolesYesMembers only**No
Transfer ownershipYesNoNo
Leave workspaceNo***YesYes
* Admins can only remove members, not other admins or owners. ** Admins can only promote/demote members, not admin or owner roles. *** Owners must transfer ownership before they can leave.

Server Actions

All workspace operations live in @/lib/workspaces/actions: 
import {
  createWorkspace,
  getWorkspaces,
  getWorkspace,
  updateWorkspace,
  deleteWorkspace,
  getWorkspaceMembers,
  updateMemberRole,
  removeMember,
  leaveWorkspace,
  transferOwnership,
} from "@/lib/workspaces/actions";
Permission checks live in @/lib/workspaces/role-utils (pure functions, safe for client-side use) and @/lib/workspaces/roles (server actions that query the database).

Workspace Context

Access the active workspace in any Client Component: 
import { useWorkspace } from "@/lib/workspaces/context";

export function MyComponent() {
  const { activeWorkspace, workspaces, setActiveWorkspace, isLoading } = useWorkspace();
  return <p>Active: {activeWorkspace?.name}</p>;
}

RLS Enforcement

All workspace-scoped tables use RLS policies that call the is_workspace_member(workspace_id) SQL helper. No data is accessible without a valid session and matching membership row.
Never use the admin Supabase client to fetch workspace-scoped user data in a context where cross-workspace leakage would be a problem — the admin client bypasses RLS.

Settings

Owners and admins can navigate to Workspace Settings to update the workspace name. The Danger Zone (delete workspace) is visible only to owners. The Members tab exposes the MembersManagement component for role changes, removal, and ownership transfer.