From 6fc77e0e4e48dea4bc7d14ddca3ecedce69b4495 Mon Sep 17 00:00:00 2001
From: Nithin <10778861+darthnithin@users.noreply.github.com>
Date: Wed, 18 Mar 2026 23:00:26 -0700
Subject: [PATCH] Restore admin claim deletion

---
 .../app/api/claims/[action]/route.ts          | 28 ++++++++++++++-----
 1 file changed, 21 insertions(+), 7 deletions(-)

diff --git a/apps/dashboard/app/api/claims/[action]/route.ts b/apps/dashboard/app/api/claims/[action]/route.ts
index 586685f..d42d295 100644
--- a/apps/dashboard/app/api/claims/[action]/route.ts
+++ b/apps/dashboard/app/api/claims/[action]/route.ts
@@ -6,6 +6,7 @@ import * as schema from "@/lib/server/schema";
 import {
   fetchLiveClaimCodeFromGet,
 } from "@/lib/server/claims/get-claim-code";
+import { getAdminIdentityFromRequest } from "@/lib/server/admin-auth";
 import {
   getDonorUsageForDonor,
   rankDonorCandidatesForClaim,
@@ -655,15 +656,11 @@ async function handleDelete(req: NextRequest) {
   }
 
   try {
-    const auth = await authenticateAppUser(req);
-    if ("response" in auth) {
-      return auth.response;
-    }
-
-    const { claimCodeId } = (await req.json()) as {
+    const adminIdentity = getAdminIdentityFromRequest(req);
+    const { userId: requestedUserId, claimCodeId } = (await req.json()) as {
+      userId?: string;
       claimCodeId?: string;
     };
-    const userId = auth.user.id;
 
     if (!claimCodeId) {
       return NextResponse.json(
@@ -672,6 +669,23 @@ async function handleDelete(req: NextRequest) {
       );
     }
 
+    let userId: string;
+    if (adminIdentity) {
+      if (!requestedUserId) {
+        return NextResponse.json(
+          { error: "Missing userId" },
+          { status: 400 }
+        );
+      }
+      userId = requestedUserId;
+    } else {
+      const auth = await authenticateAppUser(req);
+      if ("response" in auth) {
+        return auth.response;
+      }
+      userId = auth.user.id;
+    }
+
     // Fetch the claim to verify ownership and get amount
     const claim = await db
       .select()