task-f
This commit is contained in:
43
src/app/api/crm/approvals/[id]/approve/route.ts
Normal file
43
src/app/api/crm/approvals/[id]/approve/route.ts
Normal file
@@ -0,0 +1,43 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import { z } from 'zod';
|
||||
import { approveApproval } from '@/features/foundation/approval/server/service';
|
||||
import { PERMISSIONS } from '@/lib/auth/rbac';
|
||||
import { AuthError, requireOrganizationAccess } from '@/lib/auth/session';
|
||||
|
||||
type Params = {
|
||||
params: Promise<{ id: string }>;
|
||||
};
|
||||
|
||||
const actionSchema = z.object({
|
||||
remark: z.string().optional()
|
||||
});
|
||||
|
||||
export async function POST(request: NextRequest, { params }: Params) {
|
||||
try {
|
||||
const { id } = await params;
|
||||
const { organization, session } = await requireOrganizationAccess({
|
||||
permission: PERMISSIONS.crmApprovalApprove
|
||||
});
|
||||
const payload = actionSchema.parse(await request.json());
|
||||
await approveApproval(id, organization.id, session.user.id, payload.remark);
|
||||
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
message: 'Approval completed for current step'
|
||||
});
|
||||
} catch (error) {
|
||||
if (error instanceof AuthError) {
|
||||
return NextResponse.json({ message: error.message }, { status: error.status });
|
||||
}
|
||||
if (error instanceof z.ZodError) {
|
||||
return NextResponse.json(
|
||||
{ message: error.issues[0]?.message ?? 'Invalid payload' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
if (error instanceof Error) {
|
||||
return NextResponse.json({ message: error.message }, { status: 400 });
|
||||
}
|
||||
return NextResponse.json({ message: 'Unable to approve request' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
43
src/app/api/crm/approvals/[id]/reject/route.ts
Normal file
43
src/app/api/crm/approvals/[id]/reject/route.ts
Normal file
@@ -0,0 +1,43 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import { z } from 'zod';
|
||||
import { rejectApproval } from '@/features/foundation/approval/server/service';
|
||||
import { PERMISSIONS } from '@/lib/auth/rbac';
|
||||
import { AuthError, requireOrganizationAccess } from '@/lib/auth/session';
|
||||
|
||||
type Params = {
|
||||
params: Promise<{ id: string }>;
|
||||
};
|
||||
|
||||
const actionSchema = z.object({
|
||||
remark: z.string().optional()
|
||||
});
|
||||
|
||||
export async function POST(request: NextRequest, { params }: Params) {
|
||||
try {
|
||||
const { id } = await params;
|
||||
const { organization, session } = await requireOrganizationAccess({
|
||||
permission: PERMISSIONS.crmApprovalReject
|
||||
});
|
||||
const payload = actionSchema.parse(await request.json());
|
||||
await rejectApproval(id, organization.id, session.user.id, payload.remark);
|
||||
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
message: 'Approval request rejected'
|
||||
});
|
||||
} catch (error) {
|
||||
if (error instanceof AuthError) {
|
||||
return NextResponse.json({ message: error.message }, { status: error.status });
|
||||
}
|
||||
if (error instanceof z.ZodError) {
|
||||
return NextResponse.json(
|
||||
{ message: error.issues[0]?.message ?? 'Invalid payload' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
if (error instanceof Error) {
|
||||
return NextResponse.json({ message: error.message }, { status: 400 });
|
||||
}
|
||||
return NextResponse.json({ message: 'Unable to reject approval request' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
43
src/app/api/crm/approvals/[id]/return/route.ts
Normal file
43
src/app/api/crm/approvals/[id]/return/route.ts
Normal file
@@ -0,0 +1,43 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import { z } from 'zod';
|
||||
import { returnApproval } from '@/features/foundation/approval/server/service';
|
||||
import { PERMISSIONS } from '@/lib/auth/rbac';
|
||||
import { AuthError, requireOrganizationAccess } from '@/lib/auth/session';
|
||||
|
||||
type Params = {
|
||||
params: Promise<{ id: string }>;
|
||||
};
|
||||
|
||||
const actionSchema = z.object({
|
||||
remark: z.string().optional()
|
||||
});
|
||||
|
||||
export async function POST(request: NextRequest, { params }: Params) {
|
||||
try {
|
||||
const { id } = await params;
|
||||
const { organization, session } = await requireOrganizationAccess({
|
||||
permission: PERMISSIONS.crmApprovalReturn
|
||||
});
|
||||
const payload = actionSchema.parse(await request.json());
|
||||
await returnApproval(id, organization.id, session.user.id, payload.remark);
|
||||
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
message: 'Approval request returned for change'
|
||||
});
|
||||
} catch (error) {
|
||||
if (error instanceof AuthError) {
|
||||
return NextResponse.json({ message: error.message }, { status: error.status });
|
||||
}
|
||||
if (error instanceof z.ZodError) {
|
||||
return NextResponse.json(
|
||||
{ message: error.issues[0]?.message ?? 'Invalid payload' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
if (error instanceof Error) {
|
||||
return NextResponse.json({ message: error.message }, { status: 400 });
|
||||
}
|
||||
return NextResponse.json({ message: 'Unable to return approval request' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
56
src/app/api/crm/approvals/[id]/route.ts
Normal file
56
src/app/api/crm/approvals/[id]/route.ts
Normal file
@@ -0,0 +1,56 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import { cancelApproval, getApprovalRequest } from '@/features/foundation/approval/server/service';
|
||||
import { PERMISSIONS } from '@/lib/auth/rbac';
|
||||
import { AuthError, requireOrganizationAccess } from '@/lib/auth/session';
|
||||
|
||||
type Params = {
|
||||
params: Promise<{ id: string }>;
|
||||
};
|
||||
|
||||
export async function GET(_request: NextRequest, { params }: Params) {
|
||||
try {
|
||||
const { id } = await params;
|
||||
const { organization } = await requireOrganizationAccess({
|
||||
permission: PERMISSIONS.crmApprovalRead
|
||||
});
|
||||
const approval = await getApprovalRequest(id, organization.id);
|
||||
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
time: new Date().toISOString(),
|
||||
message: 'Approval detail loaded successfully',
|
||||
approval
|
||||
});
|
||||
} catch (error) {
|
||||
if (error instanceof AuthError) {
|
||||
return NextResponse.json({ message: error.message }, { status: error.status });
|
||||
}
|
||||
if (error instanceof Error) {
|
||||
return NextResponse.json({ message: error.message }, { status: 400 });
|
||||
}
|
||||
return NextResponse.json({ message: 'Unable to load approval detail' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
|
||||
export async function DELETE(_request: NextRequest, { params }: Params) {
|
||||
try {
|
||||
const { id } = await params;
|
||||
const { organization, session } = await requireOrganizationAccess({
|
||||
permission: PERMISSIONS.crmApprovalSubmit
|
||||
});
|
||||
await cancelApproval(id, organization.id, session.user.id);
|
||||
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
message: 'Approval request cancelled successfully'
|
||||
});
|
||||
} catch (error) {
|
||||
if (error instanceof AuthError) {
|
||||
return NextResponse.json({ message: error.message }, { status: error.status });
|
||||
}
|
||||
if (error instanceof Error) {
|
||||
return NextResponse.json({ message: error.message }, { status: 400 });
|
||||
}
|
||||
return NextResponse.json({ message: 'Unable to cancel approval request' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
88
src/app/api/crm/approvals/route.ts
Normal file
88
src/app/api/crm/approvals/route.ts
Normal file
@@ -0,0 +1,88 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import { z } from 'zod';
|
||||
import { listApprovalRequests, submitForApproval } from '@/features/foundation/approval/server/service';
|
||||
import { PERMISSIONS } from '@/lib/auth/rbac';
|
||||
import { AuthError, requireOrganizationAccess } from '@/lib/auth/session';
|
||||
|
||||
const submitApprovalSchema = z.object({
|
||||
workflowCode: z.string().optional(),
|
||||
entityType: z.string().min(1, 'Entity type is required'),
|
||||
entityId: z.string().min(1, 'Entity id is required'),
|
||||
remark: z.string().optional()
|
||||
});
|
||||
|
||||
export async function GET(request: NextRequest) {
|
||||
try {
|
||||
const { organization } = await requireOrganizationAccess({
|
||||
permission: PERMISSIONS.crmApprovalRead
|
||||
});
|
||||
const { searchParams } = request.nextUrl;
|
||||
const page = Number(searchParams.get('page') ?? 1);
|
||||
const limit = Number(searchParams.get('limit') ?? 10);
|
||||
const search = searchParams.get('search') ?? undefined;
|
||||
const status = searchParams.get('status') ?? undefined;
|
||||
const entityType = searchParams.get('entityType') ?? undefined;
|
||||
const entityId = searchParams.get('entityId') ?? undefined;
|
||||
const sort = searchParams.get('sort') ?? undefined;
|
||||
const result = await listApprovalRequests(organization.id, {
|
||||
page,
|
||||
limit,
|
||||
search,
|
||||
status,
|
||||
entityType,
|
||||
entityId,
|
||||
sort
|
||||
});
|
||||
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
time: new Date().toISOString(),
|
||||
message: 'Approvals loaded successfully',
|
||||
totalItems: result.totalItems,
|
||||
offset: (page - 1) * limit,
|
||||
limit,
|
||||
items: result.items
|
||||
});
|
||||
} catch (error) {
|
||||
if (error instanceof AuthError) {
|
||||
return NextResponse.json({ message: error.message }, { status: error.status });
|
||||
}
|
||||
if (error instanceof Error) {
|
||||
return NextResponse.json({ message: error.message }, { status: 400 });
|
||||
}
|
||||
return NextResponse.json({ message: 'Unable to load approvals' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
try {
|
||||
const { organization, session } = await requireOrganizationAccess({
|
||||
permission: PERMISSIONS.crmApprovalSubmit
|
||||
});
|
||||
const payload = submitApprovalSchema.parse(await request.json());
|
||||
const created = await submitForApproval(organization.id, session.user.id, payload);
|
||||
|
||||
return NextResponse.json(
|
||||
{
|
||||
success: true,
|
||||
message: 'Approval request submitted successfully',
|
||||
approvalRequest: created
|
||||
},
|
||||
{ status: 201 }
|
||||
);
|
||||
} catch (error) {
|
||||
if (error instanceof AuthError) {
|
||||
return NextResponse.json({ message: error.message }, { status: error.status });
|
||||
}
|
||||
if (error instanceof z.ZodError) {
|
||||
return NextResponse.json(
|
||||
{ message: error.issues[0]?.message ?? 'Invalid payload' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
if (error instanceof Error) {
|
||||
return NextResponse.json({ message: error.message }, { status: 400 });
|
||||
}
|
||||
return NextResponse.json({ message: 'Unable to submit approval request' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
48
src/app/api/crm/quotations/[id]/submit-approval/route.ts
Normal file
48
src/app/api/crm/quotations/[id]/submit-approval/route.ts
Normal file
@@ -0,0 +1,48 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import { z } from 'zod';
|
||||
import { submitForApproval } from '@/features/foundation/approval/server/service';
|
||||
import { PERMISSIONS } from '@/lib/auth/rbac';
|
||||
import { AuthError, requireOrganizationAccess } from '@/lib/auth/session';
|
||||
|
||||
type Params = {
|
||||
params: Promise<{ id: string }>;
|
||||
};
|
||||
|
||||
const submitSchema = z.object({
|
||||
remark: z.string().optional()
|
||||
});
|
||||
|
||||
export async function POST(request: NextRequest, { params }: Params) {
|
||||
try {
|
||||
const { id } = await params;
|
||||
const { organization, session } = await requireOrganizationAccess({
|
||||
permission: PERMISSIONS.crmApprovalSubmit
|
||||
});
|
||||
const payload = submitSchema.parse(await request.json());
|
||||
await submitForApproval(organization.id, session.user.id, {
|
||||
workflowCode: 'quotation_standard_approval',
|
||||
entityType: 'quotation',
|
||||
entityId: id,
|
||||
remark: payload.remark
|
||||
});
|
||||
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
message: 'Quotation submitted for approval successfully'
|
||||
});
|
||||
} catch (error) {
|
||||
if (error instanceof AuthError) {
|
||||
return NextResponse.json({ message: error.message }, { status: error.status });
|
||||
}
|
||||
if (error instanceof z.ZodError) {
|
||||
return NextResponse.json(
|
||||
{ message: error.issues[0]?.message ?? 'Invalid payload' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
if (error instanceof Error) {
|
||||
return NextResponse.json({ message: error.message }, { status: 400 });
|
||||
}
|
||||
return NextResponse.json({ message: 'Unable to submit quotation for approval' }, { status: 500 });
|
||||
}
|
||||
}
|
||||
76
src/app/dashboard/crm/approvals/[id]/page.tsx
Normal file
76
src/app/dashboard/crm/approvals/[id]/page.tsx
Normal file
@@ -0,0 +1,76 @@
|
||||
import { auth } from '@/auth';
|
||||
import { HydrationBoundary, dehydrate } from '@tanstack/react-query';
|
||||
import PageContainer from '@/components/layout/page-container';
|
||||
import { ApprovalDetail } from '@/features/foundation/approval/components/approval-detail';
|
||||
import { approvalByIdOptions } from '@/features/foundation/approval/queries';
|
||||
import { PERMISSIONS } from '@/lib/auth/rbac';
|
||||
import { getQueryClient } from '@/lib/query-client';
|
||||
|
||||
type PageProps = {
|
||||
params: Promise<{ id: string }>;
|
||||
};
|
||||
|
||||
export default async function ApprovalDetailRoute({ params }: PageProps) {
|
||||
const { id } = await params;
|
||||
const session = await auth();
|
||||
const canRead =
|
||||
session?.user?.systemRole === 'super_admin' ||
|
||||
(!!session?.user?.activeOrganizationId &&
|
||||
(session.user.activeMembershipRole === 'admin' ||
|
||||
session.user.activePermissions.includes(PERMISSIONS.crmApprovalRead)));
|
||||
const canApprove =
|
||||
session?.user?.systemRole === 'super_admin' ||
|
||||
(!!session?.user?.activeOrganizationId &&
|
||||
(session.user.activeMembershipRole === 'admin' ||
|
||||
session.user.activePermissions.includes(PERMISSIONS.crmApprovalApprove)));
|
||||
const canReject =
|
||||
session?.user?.systemRole === 'super_admin' ||
|
||||
(!!session?.user?.activeOrganizationId &&
|
||||
(session.user.activeMembershipRole === 'admin' ||
|
||||
session.user.activePermissions.includes(PERMISSIONS.crmApprovalReject)));
|
||||
const canReturn =
|
||||
session?.user?.systemRole === 'super_admin' ||
|
||||
(!!session?.user?.activeOrganizationId &&
|
||||
(session.user.activeMembershipRole === 'admin' ||
|
||||
session.user.activePermissions.includes(PERMISSIONS.crmApprovalReturn)));
|
||||
const canCancel =
|
||||
session?.user?.systemRole === 'super_admin' ||
|
||||
(!!session?.user?.activeOrganizationId &&
|
||||
(session.user.activeMembershipRole === 'admin' ||
|
||||
session.user.activePermissions.includes(PERMISSIONS.crmApprovalSubmit)));
|
||||
const isOrgAdmin =
|
||||
session?.user?.systemRole === 'super_admin' || session?.user?.activeMembershipRole === 'admin';
|
||||
const queryClient = getQueryClient();
|
||||
|
||||
if (canRead) {
|
||||
void queryClient.prefetchQuery(approvalByIdOptions(id));
|
||||
}
|
||||
|
||||
return (
|
||||
<PageContainer
|
||||
pageTitle='Approval Detail'
|
||||
pageDescription='Workflow steps, current approver, and timeline for a production approval request.'
|
||||
access={canRead}
|
||||
accessFallback={
|
||||
<div className='text-muted-foreground rounded-lg border border-dashed p-8 text-center'>
|
||||
You do not have access to this approval request.
|
||||
</div>
|
||||
}
|
||||
>
|
||||
{canRead && session?.user ? (
|
||||
<HydrationBoundary state={dehydrate(queryClient)}>
|
||||
<ApprovalDetail
|
||||
approvalId={id}
|
||||
canApprove={canApprove}
|
||||
canReject={canReject}
|
||||
canReturn={canReturn}
|
||||
canCancel={canCancel}
|
||||
activeBusinessRole={session.user.activeBusinessRole}
|
||||
isOrgAdmin={isOrgAdmin}
|
||||
currentUserId={session.user.id}
|
||||
/>
|
||||
</HydrationBoundary>
|
||||
) : null}
|
||||
</PageContainer>
|
||||
);
|
||||
}
|
||||
@@ -1,28 +1,41 @@
|
||||
import { auth } from '@/auth';
|
||||
import PageContainer from '@/components/layout/page-container';
|
||||
import { CrmProductionPlaceholder } from '@/features/foundation/components/crm-production-placeholder';
|
||||
import ApprovalListing from '@/features/foundation/approval/components/approval-listing';
|
||||
import { PERMISSIONS } from '@/lib/auth/rbac';
|
||||
import { searchParamsCache } from '@/lib/searchparams';
|
||||
import type { SearchParams } from 'nuqs/server';
|
||||
|
||||
export const metadata = {
|
||||
title: 'Dashboard: CRM Approvals'
|
||||
};
|
||||
|
||||
export default function ApprovalsRoute() {
|
||||
type PageProps = {
|
||||
searchParams: Promise<SearchParams>;
|
||||
};
|
||||
|
||||
export default async function ApprovalsRoute(props: PageProps) {
|
||||
const searchParams = await props.searchParams;
|
||||
const session = await auth();
|
||||
const canRead =
|
||||
session?.user?.systemRole === 'super_admin' ||
|
||||
(!!session?.user?.activeOrganizationId &&
|
||||
(session.user.activeMembershipRole === 'admin' ||
|
||||
session.user.activePermissions.includes(PERMISSIONS.crmApprovalRead)));
|
||||
|
||||
searchParamsCache.parse(searchParams);
|
||||
|
||||
return (
|
||||
<PageContainer
|
||||
pageTitle='Approvals'
|
||||
pageDescription='Production approval workflow has not started yet. This route no longer imports demo approval state.'
|
||||
pageDescription='Production approval queue for quotations, with real workflow routing and action history.'
|
||||
access={canRead}
|
||||
accessFallback={
|
||||
<div className='text-muted-foreground rounded-lg border border-dashed p-8 text-center'>
|
||||
You do not have access to CRM approvals.
|
||||
</div>
|
||||
}
|
||||
>
|
||||
<CrmProductionPlaceholder
|
||||
title='Approval workflow pending'
|
||||
summary='The old pending approvals mock list now lives only under crm-demo.'
|
||||
foundationItems={[
|
||||
'Permission checks',
|
||||
'Business-role-aware access helpers',
|
||||
'Branch validation',
|
||||
'Audit log helper'
|
||||
]}
|
||||
nextStep='Implement production approval workflow only after quotation persistence and routing are in place.'
|
||||
demoHref='/dashboard/crm-demo/approvals'
|
||||
/>
|
||||
{canRead ? <ApprovalListing /> : null}
|
||||
</PageContainer>
|
||||
);
|
||||
}
|
||||
|
||||
@@ -12,6 +12,7 @@ import {
|
||||
} from '@/features/crm/quotations/api/queries';
|
||||
import { QuotationDetail } from '@/features/crm/quotations/components/quotation-detail';
|
||||
import { getQuotationReferenceData } from '@/features/crm/quotations/server/service';
|
||||
import { approvalsQueryOptions } from '@/features/foundation/approval/queries';
|
||||
import { PERMISSIONS } from '@/lib/auth/rbac';
|
||||
import { getQueryClient } from '@/lib/query-client';
|
||||
|
||||
@@ -62,6 +63,28 @@ export default async function QuotationDetailRoute({ params }: PageProps) {
|
||||
(!!session?.user?.activeOrganizationId &&
|
||||
(session.user.activeMembershipRole === 'admin' ||
|
||||
session.user.activePermissions.includes(PERMISSIONS.crmQuotationRevisionCreate)));
|
||||
const canSubmitApproval =
|
||||
session?.user?.systemRole === 'super_admin' ||
|
||||
(!!session?.user?.activeOrganizationId &&
|
||||
(session.user.activeMembershipRole === 'admin' ||
|
||||
session.user.activePermissions.includes(PERMISSIONS.crmApprovalSubmit)));
|
||||
const canApproveApproval =
|
||||
session?.user?.systemRole === 'super_admin' ||
|
||||
(!!session?.user?.activeOrganizationId &&
|
||||
(session.user.activeMembershipRole === 'admin' ||
|
||||
session.user.activePermissions.includes(PERMISSIONS.crmApprovalApprove)));
|
||||
const canRejectApproval =
|
||||
session?.user?.systemRole === 'super_admin' ||
|
||||
(!!session?.user?.activeOrganizationId &&
|
||||
(session.user.activeMembershipRole === 'admin' ||
|
||||
session.user.activePermissions.includes(PERMISSIONS.crmApprovalReject)));
|
||||
const canReturnApproval =
|
||||
session?.user?.systemRole === 'super_admin' ||
|
||||
(!!session?.user?.activeOrganizationId &&
|
||||
(session.user.activeMembershipRole === 'admin' ||
|
||||
session.user.activePermissions.includes(PERMISSIONS.crmApprovalReturn)));
|
||||
const isOrgAdmin =
|
||||
session?.user?.systemRole === 'super_admin' || session?.user?.activeMembershipRole === 'admin';
|
||||
const queryClient = getQueryClient();
|
||||
|
||||
if (canRead) {
|
||||
@@ -72,6 +95,13 @@ export default async function QuotationDetailRoute({ params }: PageProps) {
|
||||
void queryClient.prefetchQuery(quotationFollowupsOptions(id));
|
||||
void queryClient.prefetchQuery(quotationAttachmentsOptions(id));
|
||||
void queryClient.prefetchQuery(quotationRevisionsOptions(id));
|
||||
void queryClient.prefetchQuery(
|
||||
approvalsQueryOptions({
|
||||
entityType: 'quotation',
|
||||
entityId: id,
|
||||
limit: 20
|
||||
})
|
||||
);
|
||||
}
|
||||
|
||||
const referenceData =
|
||||
@@ -102,6 +132,13 @@ export default async function QuotationDetailRoute({ params }: PageProps) {
|
||||
canManageFollowups={canManageFollowups}
|
||||
canManageAttachments={canManageAttachments}
|
||||
canCreateRevision={canCreateRevision}
|
||||
canSubmitApproval={canSubmitApproval}
|
||||
canApproveApproval={canApproveApproval}
|
||||
canRejectApproval={canRejectApproval}
|
||||
canReturnApproval={canReturnApproval}
|
||||
activeBusinessRole={session?.user?.activeBusinessRole ?? null}
|
||||
isOrgAdmin={isOrgAdmin}
|
||||
currentUserId={session?.user?.id ?? ''}
|
||||
/>
|
||||
</HydrationBoundary>
|
||||
) : null}
|
||||
|
||||
Reference in New Issue
Block a user