feat(admin): add credits endpoint to issue credits to users

[waleedlatif1]

Summary

• Add POST /api/v1/admin/credits endpoint to issue credits by userId or email
• Supports Pro users (user_stats.credit_balance) and Team/Enterprise users (organization.credit_balance)
• Updates usage limits accordingly using same logic as user credit purchases
• Uses existing addCredits and setUsageLimitForCredits functions for consistency

Type of Change

• New feature

Testing

Tested manually

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Review	Updated (UTC)
docs	Skipped		Jan 23, 2026 7:07pm

[greptile-apps]

Greptile Summary

Added POST /api/v1/admin/credits endpoint allowing admins to manually issue credits to users by userId or email. Supports Pro (user credits) and Team/Enterprise (organization credits) plans, using the existing addCredits and setUsageLimitForCredits functions for consistency with webhook-based purchases.

• Validates user subscription requirements (Pro/Team/Enterprise only)
• Creates userStats record if missing for Pro users
• Retrieves effective seats for Team/Enterprise organizations
• Updates credit balance and usage limits using shared billing functions
• Includes comprehensive audit logging with reason field

Issue found: The userStats creation happens after the check but before addCredits is called. Since addCredits uses an UPDATE query (balance.ts:60-62), it will silently fail if the row doesn't exist yet. The insert should include creditBalance: '0' and happen in a way that ensures it completes before addCredits executes.

Confidence Score: 3/5

• Contains a logical bug that will cause silent failures for Pro users without existing userStats
• The endpoint is well-structured with proper validation, auth, and reuses existing credit functions. However, there's a critical race condition where userStats is created but addCredits may execute before the insert completes, causing UPDATE to affect 0 rows silently. This will result in credits not being issued to Pro users who don't have userStats records yet.
• apps/sim/app/api/v1/admin/credits/route.ts - Fix userStats creation timing before addCredits call

Important Files Changed

Filename	Overview
apps/sim/app/api/v1/admin/credits/route.ts	Added admin endpoint to issue credits by userId or email, using existing credit functions with proper validation and userStats creation

Sequence Diagram

sequenceDiagram
    participant Admin
    participant Endpoint as Credits Endpoint
    participant Auth as Admin Auth
    participant DB as Database
    participant Subscription as Subscription Service
    participant Credits as Credits Service
    participant Limits as Usage Limits Service

    Admin->>Endpoint: POST request with user identifier and amount
    Endpoint->>Auth: Verify admin credentials
    Auth-->>Endpoint: Authenticated
    
    Endpoint->>Endpoint: Validate inputs
    
    alt Lookup by userId
        Endpoint->>DB: Query user by userId
    else Lookup by email
        Endpoint->>DB: Query user by email
    end
    DB-->>Endpoint: User data
    
    Endpoint->>Subscription: Get subscription for user
    Subscription->>DB: Query subscription
    DB-->>Subscription: Subscription details
    Subscription-->>Endpoint: Plan and reference info
    
    Endpoint->>Endpoint: Verify plan eligibility
    
    alt Team or Enterprise plan
        Endpoint->>DB: Verify organization exists
        DB-->>Endpoint: Organization confirmed
        Endpoint->>DB: Get seats from subscription
        DB-->>Endpoint: Seat count
        Endpoint->>Endpoint: Target is organization
    else Pro plan
        Endpoint->>DB: Check userStats exists
        DB-->>Endpoint: Status
        alt No userStats record
            Endpoint->>DB: Create userStats record
            DB-->>Endpoint: Record created
        end
        Endpoint->>Endpoint: Target is user
    end
    
    Endpoint->>Credits: Add credits to entity
    Credits->>DB: Update credit balance
    DB-->>Credits: Balance updated
    Credits-->>Endpoint: Success
    
    Endpoint->>DB: Fetch new credit balance
    DB-->>Endpoint: Current balance
    
    Endpoint->>Limits: Update usage limits
    Limits->>DB: Set limit based on plan plus credits
    DB-->>Limits: Limit updated
    Limits-->>Endpoint: Success
    
    Endpoint->>DB: Fetch new usage limit
    DB-->>Endpoint: Current limit
    
    Endpoint->>Endpoint: Log operation
    Endpoint-->>Admin: Success response with balances

Loading

[greptile-apps]

_{2 files reviewed, 3 comments}

_{Edit Code Review Agent Settings | Greptile}

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.}

[waleedlatif1]

@greptile

[greptile-apps]

_{3 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}