Data
Advanced
Enterprise Data Access and Authorization
Build tenant-safe server-side data access with validation, transactions, and audit logs.
40 min
2 sections
data-access
authorization
multi-tenant
audit
1
2
01. Keep data access server-only
Section 1 of 2
Enterprise applications should put database access in server-only modules. Client Components receive DTOs, not database clients, sessions, or unchecked row shapes.
typescript
// lib/tickets/data.ts
import "server-only";
export async function listTicketsForQueue(input: {
orgId: string;
queueId: string;
}) {
const viewer = await requireSession();
await requireQueueAccess(viewer.user.id, input.orgId, input.queueId);
return db.ticket.findMany({
where: {
orgId: input.orgId,
queueId: input.queueId,
deletedAt: null,
},
select: {
id: true,
subject: true,
priority: true,
status: true,
updatedAt: true,
},
orderBy: [{ priority: "desc" }, { updatedAt: "desc" }],
});
}Back to Course