multi tenancy stuff

2021-08-06 01:07:15 +08:00
parent b54f9ef43c
commit d20eeb0617
51 changed files with 907 additions and 2542 deletions
--- a/app/auth/mutations/login.ts
+++ b/app/auth/mutations/login.ts
@ -1,6 +1,6 @@
 import { resolver, SecurePassword, AuthenticationError } from "blitz";

-import db, { Role } from "../../../db";
+import db, { GlobalRole } from "../../../db";
 import { Login } from "../validations";

 export const authenticateUser = async (rawEmail: string, rawPassword: string) => {
@ -25,7 +25,13 @@ export default resolver.pipe(resolver.zod(Login), async ({ email, password }, ct
 	// This throws an error if credentials are invalid
 	const user = await authenticateUser(email, password);

-	await ctx.session.$create({ userId: user.id, role: user.role as Role });
+	const hasCompletedOnboarding = undefined; // TODO
+	await ctx.session.$create({
+		userId: user.id,
+		roles: [user.role],
+		hasCompletedOnboarding,
+		orgId: "user.memberships[0].organizationId",
+	});

 	return user;
 });
--- a/app/auth/mutations/signup.ts
+++ b/app/auth/mutations/signup.ts
@ -1,18 +1,35 @@
 import { resolver, SecurePassword } from "blitz";

-import db, { Role } from "../../../db";
+import db, { GlobalRole, MembershipRole } from "../../../db";
 import { Signup } from "../validations";
 import { computeEncryptionKey } from "../../../db/_encryption";

 export default resolver.pipe(resolver.zod(Signup), async ({ email, password }, ctx) => {
 	const hashedPassword = await SecurePassword.hash(password.trim());
+	const encryptionKey = computeEncryptionKey(email.toLowerCase().trim()).toString("hex");
 	const user = await db.user.create({
-		data: { email: email.toLowerCase().trim(), hashedPassword, role: Role.USER },
-		select: { id: true, name: true, email: true, role: true },
+		data: {
+			email: email.toLowerCase().trim(),
+			hashedPassword,
+			role: GlobalRole.CUSTOMER,
+			memberships: {
+				create: {
+					role: MembershipRole.OWNER,
+					organization: {
+						create: {
+							encryptionKey,
+						},
+					},
+				},
+			},
+		},
+		include: { memberships: true },
 	});
-	const encryptionKey = computeEncryptionKey(user.id).toString("hex");
-	await db.customer.create({ data: { id: user.id, encryptionKey } });

-	await ctx.session.$create({ userId: user.id, role: user.role });
+	await ctx.session.$create({
+		userId: user.id,
+		roles: [user.role, user.memberships[0]!.role],
+		orgId: user.memberships[0]!.organizationId,
+	});
 	return user;
 });
--- a/app/core/hooks/use-current-customer.ts
+++ b/app/core/hooks/use-current-customer.ts
@ -1,13 +0,0 @@
-import { useSession, useQuery } from "blitz";
-
-import getCurrentCustomer from "../../customers/queries/get-current-customer";
-
-export default function useCurrentCustomer() {
-	const session = useSession();
-	const [customer] = useQuery(getCurrentCustomer, null, { enabled: Boolean(session.userId) });
-	return {
-		customer,
-		hasFilledTwilioCredentials: Boolean(customer && customer.accountSid && customer.authToken),
-		hasCompletedOnboarding: session.hasCompletedOnboarding,
-	};
-}
--- a/app/core/hooks/use-current-phone-number.ts
+++ b/app/core/hooks/use-current-phone-number.ts
@ -0,0 +1,11 @@
+import { useQuery } from "blitz";
+
+import getCurrentPhoneNumber from "../../phone-numbers/queries/get-current-phone-number";
+import useCurrentUser from "./use-current-user";
+
+export default function useUserPhoneNumber() {
+	const { hasFilledTwilioCredentials } = useCurrentUser();
+	const [phoneNumber] = useQuery(getCurrentPhoneNumber, {}, { enabled: hasFilledTwilioCredentials });
+
+	return phoneNumber;
+}
--- a/app/core/hooks/use-current-user.ts
+++ b/app/core/hooks/use-current-user.ts
@ -0,0 +1,15 @@
+import { useSession, useQuery } from "blitz";
+
+import getCurrentUser from "../../users/queries/get-current-user";
+
+export default function useCurrentUser() {
+	const session = useSession();
+	const [user] = useQuery(getCurrentUser, null, { enabled: Boolean(session.userId) });
+	const organization = user?.memberships[0]!.organization;
+	return {
+		user,
+		organization,
+		hasFilledTwilioCredentials: Boolean(user && organization?.twilioAccountSid && organization?.twilioAuthToken),
+		hasCompletedOnboarding: session.hasCompletedOnboarding,
+	};
+}
--- a/app/core/hooks/use-customer-phone-number.ts
+++ b/app/core/hooks/use-customer-phone-number.ts
@ -1,12 +0,0 @@
-import { useQuery } from "blitz";
-
-import getCurrentCustomerPhoneNumber from "../../phone-numbers/queries/get-current-customer-phone-number";
-import useCurrentCustomer from "./use-current-customer";
-
-export default function useCustomerPhoneNumber() {
-	const { customer } = useCurrentCustomer();
-	const hasFilledTwilioCredentials = Boolean(customer && customer.accountSid && customer.authToken);
-	const [customerPhoneNumber] = useQuery(getCurrentCustomerPhoneNumber, {}, { enabled: hasFilledTwilioCredentials });
-
-	return customerPhoneNumber;
-}
--- a/app/core/hooks/use-notifications.ts
+++ b/app/core/hooks/use-notifications.ts
@ -2,6 +2,7 @@ import { getConfig, useMutation } from "blitz";
 import { useEffect, useState } from "react";

 import setNotificationSubscription from "../mutations/set-notification-subscription";
+import useCurrentPhoneNumber from "./use-current-phone-number";

 const { publicRuntimeConfig } = getConfig();

@ -9,6 +10,7 @@ export default function useNotifications() {
 	const isServiceWorkerSupported = "serviceWorker" in navigator;
 	const [subscription, setSubscription] = useState<PushSubscription | null>(null);
 	const [setNotificationSubscriptionMutation] = useMutation(setNotificationSubscription);
+	const phoneNumber = useCurrentPhoneNumber();

 	useEffect(() => {
 		(async () => {
@ -23,7 +25,7 @@ export default function useNotifications() {
 	}, [isServiceWorkerSupported]);

 	async function subscribe() {
-		if (!isServiceWorkerSupported) {
+		if (!isServiceWorkerSupported || !phoneNumber) {
 			return;
 		}

@ -33,7 +35,10 @@ export default function useNotifications() {
 			applicationServerKey: urlBase64ToUint8Array(publicRuntimeConfig.webPush.publicKey),
 		});
 		setSubscription(subscription);
-		await setNotificationSubscriptionMutation({ subscription: subscription.toJSON() as any }); // TODO remove as any
+		await setNotificationSubscriptionMutation({
+			phoneNumberId: phoneNumber.id,
+			subscription: subscription.toJSON() as any,
+		}); // TODO remove as any
 	}

 	async function unsubscribe() {
--- a/app/core/hooks/use-require-onboarding.ts
+++ b/app/core/hooks/use-require-onboarding.ts
@ -1,12 +1,12 @@
 import { Routes, useRouter } from "blitz";

-import useCurrentCustomer from "./use-current-customer";
-import useCustomerPhoneNumber from "./use-customer-phone-number";
+import useCurrentUser from "./use-current-user";
+import useCurrentPhoneNumber from "./use-current-phone-number";

 export default function useRequireOnboarding() {
 	const router = useRouter();
-	const { hasFilledTwilioCredentials, hasCompletedOnboarding } = useCurrentCustomer();
-	const customerPhoneNumber = useCustomerPhoneNumber();
+	const { hasFilledTwilioCredentials, hasCompletedOnboarding } = useCurrentUser();
+	const phoneNumber = useCurrentPhoneNumber();

 	if (hasCompletedOnboarding) {
 		return;
@ -16,12 +16,12 @@ export default function useRequireOnboarding() {
 		throw router.push(Routes.StepTwo());
 	}

-	/*if (!customer.paddleCustomerId || !customer.paddleSubscriptionId) {
+	/*if (!user.paddleCustomerId || !user.paddleSubscriptionId) {
 		throw router.push(Routes.StepTwo());
 		return;
 	}*/

-	if (!customerPhoneNumber) {
+	if (!phoneNumber) {
 		throw router.push(Routes.StepThree());
 	}
 }
--- a/app/core/layouts/layout/index.tsx
+++ b/app/core/layouts/layout/index.tsx
@ -77,6 +77,8 @@ const ErrorBoundary = withRouter(
 				// let Blitz ErrorBoundary handle this one
 				throw error;
 			}
+
+			// if network error and connection lost, display the auto-reload page with countdown
 		}

 		public render() {
--- a/app/core/mutations/set-notification-subscription.ts
+++ b/app/core/mutations/set-notification-subscription.ts
@ -3,10 +3,13 @@ import { z } from "zod";

 import db from "../../../db";
 import appLogger from "../../../integrations/logger";
+import { enforceSuperAdminIfNotCurrentOrganization, setDefaultOrganizationId } from "../utils";

 const logger = appLogger.child({ mutation: "set-notification-subscription" });

 const Body = z.object({
+	organizationId: z.string().optional(),
+	phoneNumberId: z.string(),
 	subscription: z.object({
 		endpoint: z.string(),
 		expirationTime: z.number().nullable(),
@ -17,22 +20,36 @@ const Body = z.object({
 	}),
 });

-export default resolver.pipe(resolver.zod(Body), resolver.authorize(), async ({ subscription }, context) => {
-	const customerId = context.session.userId;
-	try {
-		await db.notificationSubscription.create({
-			data: {
-				customerId,
-				endpoint: subscription.endpoint,
-				expirationTime: subscription.expirationTime,
-				keys_p256dh: subscription.keys.p256dh,
-				keys_auth: subscription.keys.auth,
-			},
+export default resolver.pipe(
+	resolver.zod(Body),
+	resolver.authorize(),
+	setDefaultOrganizationId,
+	enforceSuperAdminIfNotCurrentOrganization,
+	async ({ organizationId, phoneNumberId, subscription }) => {
+		const phoneNumber = await db.phoneNumber.findFirst({
+			where: { id: phoneNumberId, organizationId },
+			include: { organization: true },
 		});
-	} catch (error) {
-		if (error.code !== "P2002") {
-			logger.error(error);
-			// we might want to `throw error`;
+		if (!phoneNumber) {
+			return;
 		}
-	}
-});
+
+		try {
+			await db.notificationSubscription.create({
+				data: {
+					organizationId,
+					phoneNumberId,
+					endpoint: subscription.endpoint,
+					expirationTime: subscription.expirationTime,
+					keys_p256dh: subscription.keys.p256dh,
+					keys_auth: subscription.keys.auth,
+				},
+			});
+		} catch (error) {
+			if (error.code !== "P2002") {
+				logger.error(error);
+				// we might want to `throw error`;
+			}
+		}
+	},
+);
--- a/app/core/utils.ts
+++ b/app/core/utils.ts
@ -0,0 +1,35 @@
+import type { Ctx } from "blitz";
+
+import type { Prisma } from "../../db";
+import { GlobalRole } from "../../db";
+
+function assert(condition: any, message: string): asserts condition {
+	if (!condition) throw new Error(message);
+}
+
+export function setDefaultOrganizationId<T extends Record<any, any>>(
+	input: T,
+	{ session }: Ctx,
+): T & { organizationId: Prisma.StringNullableFilter | string } {
+	assert(session.orgId, "Missing session.orgId in setDefaultOrganizationId");
+	if (input.organizationId) {
+		// Pass through the input
+		return input as T & { organizationId: string };
+	} else if (session.roles?.includes(GlobalRole.SUPERADMIN)) {
+		// Allow viewing any organization
+		return { ...input, organizationId: { not: "" } };
+	} else {
+		// Set organizationId to session.orgId
+		return { ...input, organizationId: session.orgId };
+	}
+}
+
+export function enforceSuperAdminIfNotCurrentOrganization<T extends Record<any, any>>(input: T, ctx: Ctx): T {
+	assert(ctx.session.orgId, "missing session.orgId");
+	assert(input.organizationId, "missing input.organizationId");
+
+	if (input.organizationId !== ctx.session.orgId) {
+		ctx.session.$authorize(GlobalRole.SUPERADMIN);
+	}
+	return input;
+}
--- a/app/customers/queries/get-current-customer.ts
+++ b/app/customers/queries/get-current-customer.ts
@ -1,21 +0,0 @@
-import { resolver } from "blitz";
-
-import db from "../../../db";
-
-export default resolver.pipe(resolver.authorize(), async (_ = null, { session }) => {
-	if (!session.userId) return null;
-
-	return db.customer.findFirst({
-		where: { id: session.userId },
-		select: {
-			id: true,
-			encryptionKey: true,
-			accountSid: true,
-			authToken: true,
-			twimlAppSid: true,
-			paddleCustomerId: true,
-			paddleSubscriptionId: true,
-			user: true,
-		},
-	});
-});
--- a/app/messages/api/queue/fetch-messages.ts
+++ b/app/messages/api/queue/fetch-messages.ts
@ -5,21 +5,27 @@ import db from "../../../../db";
 import insertMessagesQueue from "./insert-messages";

 type Payload = {
-	customerId: string;
+	organizationId: string;
+	phoneNumberId: string;
 };

-const fetchMessagesQueue = Queue<Payload>("api/queue/fetch-messages", async ({ customerId }) => {
-	const [customer, phoneNumber] = await Promise.all([
-		db.customer.findFirst({ where: { id: customerId } }),
-		db.phoneNumber.findFirst({ where: { customerId } }),
-	]);
-	if (!customer || !customer.accountSid || !customer.authToken || !phoneNumber) {
+const fetchMessagesQueue = Queue<Payload>("api/queue/fetch-messages", async ({ organizationId, phoneNumberId }) => {
+	const phoneNumber = await db.phoneNumber.findFirst({
+		where: { id: phoneNumberId, organizationId },
+		include: { organization: true },
+	});
+	if (!phoneNumber) {
+		return;
+	}
+
+	const organization = phoneNumber.organization;
+	if (!organization.twilioAccountSid || !organization.twilioAuthToken) {
 		return;
 	}

 	const [sent, received] = await Promise.all([
-		twilio(customer.accountSid, customer.authToken).messages.list({ from: phoneNumber.phoneNumber }),
-		twilio(customer.accountSid, customer.authToken).messages.list({ to: phoneNumber.phoneNumber }),
+		twilio(organization.twilioAccountSid, organization.twilioAuthToken).messages.list({ from: phoneNumber.number }),
+		twilio(organization.twilioAccountSid, organization.twilioAuthToken).messages.list({ to: phoneNumber.number }),
 	]);
 	const messagesSent = sent.filter((message) => message.direction.startsWith("outbound"));
 	const messagesReceived = received.filter((message) => message.direction === "inbound");
@ -29,11 +35,12 @@ const fetchMessagesQueue = Queue<Payload>("api/queue/fetch-messages", async ({ c

 	await insertMessagesQueue.enqueue(
 		{
-			customerId,
+			organizationId,
+			phoneNumberId,
 			messages,
 		},
 		{
-			id: `insert-messages-${customerId}`,
+			id: `insert-messages-${organizationId}-${phoneNumberId}`,
 		},
 	);
 });
--- a/app/messages/api/queue/insert-incoming-message.ts
+++ b/app/messages/api/queue/insert-incoming-message.ts
@ -4,46 +4,49 @@ import twilio from "twilio";

 import db, { Direction, MessageStatus } from "../../../../db";
 import { encrypt } from "../../../../db/_encryption";
+import notifyIncomingMessageQueue from "./notify-incoming-message";

 type Payload = {
-	customerId: string;
+	organizationId: string;
+	phoneNumberId: string;
 	messageSid: MessageInstance["sid"];
 };

 const insertIncomingMessageQueue = Queue<Payload>(
 	"api/queue/insert-incoming-message",
-	async ({ messageSid, customerId }) => {
-		const customer = await db.customer.findFirst({ where: { id: customerId } });
-		if (!customer || !customer.accountSid || !customer.authToken) {
+	async ({ messageSid, organizationId, phoneNumberId }) => {
+		const organization = await db.organization.findFirst({
+			where: { id: organizationId },
+		});
+		if (!organization || !organization.twilioAccountSid || !organization.twilioAuthToken) {
 			return;
 		}

-		const encryptionKey = customer.encryptionKey;
-		const message = await twilio(customer.accountSid, customer.authToken).messages.get(messageSid).fetch();
+		const message = await twilio(organization.twilioAccountSid, organization.twilioAuthToken)
+			.messages.get(messageSid)
+			.fetch();
 		await db.message.create({
 			data: {
-				customerId,
+				organizationId,
+				phoneNumberId,
+				id: messageSid,
 				to: message.to,
 				from: message.from,
 				status: translateStatus(message.status),
 				direction: translateDirection(message.direction),
 				sentAt: message.dateCreated,
-				content: encrypt(message.body, customer.encryptionKey),
+				content: encrypt(message.body, organization.encryptionKey),
 			},
 		});

-		await db.message.createMany({
-			data: {
-				customerId,
-				content: encrypt(message.body, encryptionKey),
-				from: message.from,
-				to: message.to,
-				status: translateStatus(message.status),
-				direction: translateDirection(message.direction),
-				twilioSid: message.sid,
-				sentAt: new Date(message.dateCreated),
+		await notifyIncomingMessageQueue.enqueue(
+			{
+				messageSid,
+				organizationId,
+				phoneNumberId,
 			},
-		});
+			{ id: `notify-${messageSid}-${organizationId}-${phoneNumberId}` },
+		);
 	},
 );

--- a/app/messages/api/queue/insert-messages.ts
+++ b/app/messages/api/queue/insert-messages.ts
@ -5,31 +5,39 @@ import db, { Direction, Message, MessageStatus } from "../../../../db";
 import { encrypt } from "../../../../db/_encryption";

 type Payload = {
-	customerId: string;
+	organizationId: string;
+	phoneNumberId: string;
 	messages: MessageInstance[];
 };

-const insertMessagesQueue = Queue<Payload>("api/queue/insert-messages", async ({ messages, customerId }) => {
-	const customer = await db.customer.findFirst({ where: { id: customerId } });
-	if (!customer) {
-		return;
-	}
+const insertMessagesQueue = Queue<Payload>(
+	"api/queue/insert-messages",
+	async ({ messages, organizationId, phoneNumberId }) => {
+		const phoneNumber = await db.phoneNumber.findFirst({
+			where: { id: phoneNumberId, organizationId },
+			include: { organization: true },
+		});
+		if (!phoneNumber) {
+			return;
+		}

-	const sms = messages
-		.map<Omit<Message, "id">>((message) => ({
-			customerId,
-			content: encrypt(message.body, customer.encryptionKey),
-			from: message.from,
-			to: message.to,
-			status: translateStatus(message.status),
-			direction: translateDirection(message.direction),
-			twilioSid: message.sid,
-			sentAt: new Date(message.dateCreated),
-		}))
-		.sort((a, b) => a.sentAt.getTime() - b.sentAt.getTime());
+		const sms = messages
+			.map<Omit<Message, "id">>((message) => ({
+				organizationId,
+				phoneNumberId: phoneNumber.id,
+				content: encrypt(message.body, phoneNumber.organization.encryptionKey),
+				from: message.from,
+				to: message.to,
+				status: translateStatus(message.status),
+				direction: translateDirection(message.direction),
+				twilioSid: message.sid,
+				sentAt: new Date(message.dateCreated),
+			}))
+			.sort((a, b) => a.sentAt.getTime() - b.sentAt.getTime());

-	await db.message.createMany({ data: sms });
-});
+		await db.message.createMany({ data: sms });
+	},
+);

 export default insertMessagesQueue;

--- a/app/messages/api/queue/notify-incoming-message.ts
+++ b/app/messages/api/queue/notify-incoming-message.ts
@ -11,27 +11,32 @@ const { serverRuntimeConfig, publicRuntimeConfig } = getConfig();
 const logger = appLogger.child({ queue: "notify-incoming-message" });

 type Payload = {
-	customerId: string;
+	organizationId: string;
+	phoneNumberId: string;
 	messageSid: MessageInstance["sid"];
 };

 const notifyIncomingMessageQueue = Queue<Payload>(
 	"api/queue/notify-incoming-message",
-	async ({ messageSid, customerId }) => {
+	async ({ messageSid, organizationId, phoneNumberId }) => {
 		webpush.setVapidDetails(
 			"mailto:mokht@rmi.al",
 			publicRuntimeConfig.webPush.publicKey,
 			serverRuntimeConfig.webPush.privateKey,
 		);

-		const customer = await db.customer.findFirst({ where: { id: customerId } });
-		if (!customer || !customer.accountSid || !customer.authToken) {
+		const organization = await db.organization.findFirst({
+			where: { id: organizationId },
+		});
+		if (!organization || !organization.twilioAccountSid || !organization.twilioAuthToken) {
 			return;
 		}

-		const message = await twilio(customer.accountSid, customer.authToken).messages.get(messageSid).fetch();
+		const message = await twilio(organization.twilioAccountSid, organization.twilioAuthToken)
+			.messages.get(messageSid)
+			.fetch();
 		const notification = { message: `${message.from} - ${message.body}` };
-		const subscriptions = await db.notificationSubscription.findMany({ where: { customerId: customer.id } });
+		const subscriptions = await db.notificationSubscription.findMany({ where: { organizationId, phoneNumberId } });
 		await Promise.all(
 			subscriptions.map(async (subscription) => {
 				const webPushSubscription: PushSubscription = {
--- a/app/messages/api/queue/send-message.ts
+++ b/app/messages/api/queue/send-message.ts
@ -1,40 +1,46 @@
 import { Queue } from "quirrel/blitz";
 import twilio from "twilio";

-import db from "../../../../db";
+import db, { MessageStatus } from "../../../../db";

 type Payload = {
 	id: string;
-	customerId: string;
+	organizationId: string;
+	phoneNumberId: string;
 	to: string;
 	content: string;
 };

 const sendMessageQueue = Queue<Payload>(
 	"api/queue/send-message",
-	async ({ id, customerId, to, content }) => {
-		const [customer, phoneNumber] = await Promise.all([
-			db.customer.findFirst({ where: { id: customerId } }),
-			db.phoneNumber.findFirst({ where: { customerId } }),
-		]);
-		if (!customer || !customer.accountSid || !customer.authToken || !phoneNumber) {
+	async ({ id, organizationId, phoneNumberId, to, content }) => {
+		const organization = await db.organization.findFirst({
+			where: { id: organizationId },
+			include: { phoneNumbers: true },
+		});
+		const phoneNumber = organization?.phoneNumbers.find((phoneNumber) => phoneNumber.id === phoneNumberId);
+		if (!organization || !organization.twilioAccountSid || !organization.twilioAuthToken || !phoneNumber) {
 			return;
 		}

 		try {
-			const message = await twilio(customer.accountSid, customer.authToken).messages.create({
+			const message = await twilio(organization.twilioAccountSid, organization.twilioAuthToken).messages.create({
 				body: content,
 				to,
-				from: phoneNumber.phoneNumber,
+				from: phoneNumber.number,
 			});
 			await db.message.update({
-				where: { id },
-				data: { twilioSid: message.sid },
+				where: { organizationId_phoneNumberId_id: { id, organizationId, phoneNumberId } },
+				data: { id: message.sid },
 			});
 		} catch (error) {
 			// TODO: handle twilio error
 			console.log(error.code); // 21211
 			console.log(error.moreInfo); // https://www.twilio.com/docs/errors/21211
+			await db.message.update({
+				where: { id },
+				data: { status: MessageStatus.Error /*errorMessage: "Reason: failed because of"*/ },
+			});
 		}
 	},
 	{
--- a/app/messages/api/webhook/incoming-message.test.ts
+++ b/app/messages/api/webhook/incoming-message.test.ts
@ -3,31 +3,26 @@ import twilio from "twilio";

 import db from "db";
 import handler from "./incoming-message";
-import notifyIncomingMessageQueue from "../queue/notify-incoming-message";
 import insertIncomingMessageQueue from "../queue/insert-incoming-message";

 describe("/api/webhook/incoming-message", () => {
-	const mockedFindFirstPhoneNumber = db.phoneNumber.findFirst as jest.Mock<
-		ReturnType<typeof db.phoneNumber.findFirst>
-	>;
-	const mockedFindFirstCustomer = db.customer.findFirst as jest.Mock<ReturnType<typeof db.customer.findFirst>>;
-	const mockedEnqueueNotifyIncomingMessage = notifyIncomingMessageQueue.enqueue as jest.Mock<
-		ReturnType<typeof notifyIncomingMessageQueue.enqueue>
-	>;
+	const mockedFindManyPhoneNumbers = db.phoneNumber.findMany as jest.Mock<ReturnType<typeof db.phoneNumber.findMany>>;
 	const mockedEnqueueInsertIncomingMessage = insertIncomingMessageQueue.enqueue as jest.Mock<
 		ReturnType<typeof insertIncomingMessageQueue.enqueue>
 	>;
 	const mockedValidateRequest = twilio.validateRequest as jest.Mock<ReturnType<typeof twilio.validateRequest>>;

 	beforeEach(() => {
-		mockedFindFirstPhoneNumber.mockResolvedValue({ phoneNumber: "+33757592025" } as any);
-		mockedFindFirstCustomer.mockResolvedValue({ id: "9292", authToken: "twi" } as any);
+		mockedFindManyPhoneNumbers.mockResolvedValue([
+			{
+				id: "9292",
+				organization: { id: "2929", twilioAuthToken: "twi" },
+			} as any,
+		]);
 	});

 	afterEach(() => {
-		mockedFindFirstPhoneNumber.mockReset();
-		mockedFindFirstCustomer.mockReset();
-		mockedEnqueueNotifyIncomingMessage.mockReset();
+		mockedFindManyPhoneNumbers.mockReset();
 		mockedEnqueueInsertIncomingMessage.mockReset();
 		mockedValidateRequest.mockReset();
 	});
@ -50,16 +45,15 @@ describe("/api/webhook/incoming-message", () => {

 				expect(res.status).toBe(200);
 				expect(res.headers.get("content-type")).toBe("text/html");
-				[mockedEnqueueNotifyIncomingMessage, mockedEnqueueNotifyIncomingMessage].forEach((enqueue) => {
-					expect(enqueue).toHaveBeenCalledTimes(1);
-					expect(enqueue).toHaveBeenCalledWith(
-						{
-							messageSid: "SM157246f02006b80953e8c753fb68fad6",
-							customerId: "9292",
-						},
-						{ id: "notify-SM157246f02006b80953e8c753fb68fad6" },
-					);
-				});
+				expect(mockedEnqueueInsertIncomingMessage).toHaveBeenCalledTimes(1);
+				expect(mockedEnqueueInsertIncomingMessage).toHaveBeenCalledWith(
+					{
+						messageSid: "SM157246f02006b80953e8c753fb68fad6",
+						phoneNumberId: "9292",
+						organizationId: "2929",
+					},
+					{ id: "insert-SM157246f02006b80953e8c753fb68fad6-2929-9292" },
+				);
 			},
 		});
 	});
@ -107,11 +101,7 @@ describe("/api/webhook/incoming-message", () => {
 });

 jest.mock("db", () => ({
-	phoneNumber: { findFirst: jest.fn() },
-	customer: { findFirst: jest.fn() },
-}));
-jest.mock("../queue/notify-incoming-message", () => ({
-	enqueue: jest.fn(),
+	phoneNumber: { findMany: jest.fn() },
 }));
 jest.mock("../queue/insert-incoming-message", () => ({
 	enqueue: jest.fn(),
--- a/app/messages/api/webhook/incoming-message.ts
+++ b/app/messages/api/webhook/incoming-message.ts
@ -40,26 +40,25 @@ export default async function incomingMessageHandler(req: BlitzApiRequest, res:

 	const body: Body = req.body;
 	try {
-		const customerPhoneNumber = await db.phoneNumber.findFirst({
-			where: { phoneNumber: body.To },
+		const phoneNumbers = await db.phoneNumber.findMany({
+			where: { number: body.To },
+			include: { organization: true },
 		});
-		if (!customerPhoneNumber) {
-			// phone number is not registered by any of our customer
-			res.status(500).end();
-			return;
-		}
-
-		const customer = await db.customer.findFirst({
-			where: { id: customerPhoneNumber.customerId },
-		});
-		if (!customer || !customer.authToken) {
+		if (phoneNumbers.length === 0) {
+			// phone number is not registered by any organization
 			res.status(500).end();
 			return;
 		}

 		const url = `https://${serverRuntimeConfig.app.baseUrl}/api/webhook/incoming-message`;
-		const isRequestValid = twilio.validateRequest(customer.authToken, twilioSignature, url, req.body);
-		if (!isRequestValid) {
+		const phoneNumber = phoneNumbers.find((phoneNumber) => {
+			// if multiple organizations have the same number
+			// find the organization currently using that phone number
+			// maybe we shouldn't let multiple organizations use the same phone number
+			const authToken = phoneNumber.organization.twilioAuthToken ?? "";
+			return twilio.validateRequest(authToken, twilioSignature, url, req.body);
+		});
+		if (!phoneNumber) {
 			const statusCode = 400;
 			const apiError: ApiError = {
 				statusCode,
@ -72,23 +71,16 @@ export default async function incomingMessageHandler(req: BlitzApiRequest, res:
 		}

 		const messageSid = body.MessageSid;
-		const customerId = customer.id;
-		await Promise.all([
-			notifyIncomingMessageQueue.enqueue(
-				{
-					messageSid,
-					customerId,
-				},
-				{ id: `notify-${messageSid}` },
-			),
-			insertIncomingMessageQueue.enqueue(
-				{
-					messageSid,
-					customerId,
-				},
-				{ id: `insert-${messageSid}` },
-			),
-		]);
+		const organizationId = phoneNumber.organization.id;
+		const phoneNumberId = phoneNumber.id;
+		await insertIncomingMessageQueue.enqueue(
+			{
+				messageSid,
+				organizationId,
+				phoneNumberId,
+			},
+			{ id: `insert-${messageSid}-${organizationId}-${phoneNumberId}` },
+		);

 		res.setHeader("content-type", "text/html");
 		res.status(200).send("<Response></Response>");
--- a/app/messages/components/new-message-area.tsx
+++ b/app/messages/components/new-message-area.tsx
@ -1,14 +1,14 @@
+import type { FunctionComponent } from "react";
+import { useMutation, useQuery } from "blitz";
 import { FontAwesomeIcon } from "@fortawesome/react-fontawesome";
 import { faPaperPlane } from "@fortawesome/pro-regular-svg-icons";
 import { useForm } from "react-hook-form";
-import { useMutation, useQuery } from "blitz";

 import sendMessage from "../mutations/send-message";
 import { Direction, Message, MessageStatus } from "../../../db";
 import getConversationsQuery from "../queries/get-conversations";
-import useCurrentCustomer from "../../core/hooks/use-current-customer";
-import useCustomerPhoneNumber from "../../core/hooks/use-customer-phone-number";
-import { FunctionComponent } from "react";
+import useCurrentUser from "../../core/hooks/use-current-user";
+import useCurrentPhoneNumber from "../../core/hooks/use-current-phone-number";

 type Form = {
 	content: string;
@ -20,8 +20,8 @@ type Props = {
 };

 const NewMessageArea: FunctionComponent<Props> = ({ recipient, onSend }) => {
-	const { customer } = useCurrentCustomer();
-	const phoneNumber = useCustomerPhoneNumber();
+	const { organization } = useCurrentUser();
+	const phoneNumber = useCurrentPhoneNumber();
 	const sendMessageMutation = useMutation(sendMessage)[0];
 	const { setQueryData: setConversationsQueryData, refetch: refetchConversations } = useQuery(
 		getConversationsQuery,
@ -45,9 +45,9 @@ const NewMessageArea: FunctionComponent<Props> = ({ recipient, onSend }) => {
 		const id = uuidv4();
 		const message: Message = {
 			id,
-			customerId: customer!.id,
-			twilioSid: id,
-			from: phoneNumber!.phoneNumber,
+			organizationId: organization!.id,
+			phoneNumberId: phoneNumber!.id,
+			from: phoneNumber!.number,
 			to: recipient,
 			content: content,
 			direction: Direction.Outbound,
@ -63,7 +63,12 @@ const NewMessageArea: FunctionComponent<Props> = ({ recipient, onSend }) => {
 				}

 				nextConversations[recipient] = [...nextConversations[recipient]!, message];
-				return nextConversations;
+
+				return Object.fromEntries(
+					Object.entries(nextConversations).sort(
+						([, a], [, b]) => b[b.length - 1]!.sentAt.getTime() - a[a.length - 1]!.sentAt.getTime(),
+					),
+				);
 			},
 			{ refetch: false },
 		);
--- a/app/messages/mutations/send-message.ts
+++ b/app/messages/mutations/send-message.ts
@ -1,10 +1,8 @@
-import { resolver } from "blitz";
+import { NotFoundError, resolver } from "blitz";
 import { z } from "zod";
 import twilio from "twilio";

 import db, { Direction, MessageStatus } from "../../../db";
-import getCurrentCustomer from "../../customers/queries/get-current-customer";
-import getCustomerPhoneNumber from "../../phone-numbers/queries/get-customer-phone-number";
 import { encrypt } from "../../../db/_encryption";
 import sendMessageQueue from "../../messages/api/queue/send-message";
 import appLogger from "../../../integrations/logger";
@ -17,32 +15,40 @@ const Body = z.object({
 });

 export default resolver.pipe(resolver.zod(Body), resolver.authorize(), async ({ content, to }, context) => {
-	const customer = await getCurrentCustomer(null, context);
-	if (!customer || !customer.accountSid || !customer.authToken) {
+	const organizationId = context.session.orgId;
+	const organization = await db.organization.findFirst({
+		where: { id: organizationId },
+		include: { phoneNumbers: true },
+	});
+	if (!organization) {
+		throw new NotFoundError();
+	}
+	if (!organization.twilioAccountSid || !organization.twilioAuthToken) {
 		return;
 	}

 	try {
-		await twilio(customer.accountSid, customer.authToken).lookups.v1.phoneNumbers(to).fetch();
+		await twilio(organization.twilioAccountSid, organization.twilioAuthToken).lookups.v1.phoneNumbers(to).fetch();
 	} catch (error) {
 		logger.error(error);
 		return;
 	}

-	const customerId = customer.id;
-	const customerPhoneNumber = await getCustomerPhoneNumber({ customerId }, context);
-	if (!customerPhoneNumber) {
+	const phoneNumber = organization.phoneNumbers[0];
+	if (!phoneNumber) {
 		return;
 	}

+	const phoneNumberId = phoneNumber.id;
 	const message = await db.message.create({
 		data: {
-			customerId,
+			organizationId,
+			phoneNumberId,
 			to,
-			from: customerPhoneNumber.phoneNumber,
+			from: phoneNumber.number,
 			direction: Direction.Outbound,
 			status: MessageStatus.Queued,
-			content: encrypt(content, customer.encryptionKey),
+			content: encrypt(content, organization.encryptionKey),
 			sentAt: new Date(),
 		},
 	});
@ -50,12 +56,13 @@ export default resolver.pipe(resolver.zod(Body), resolver.authorize(), async ({
 	await sendMessageQueue.enqueue(
 		{
 			id: message.id,
-			customerId,
+			organizationId,
+			phoneNumberId,
 			to,
 			content,
 		},
 		{
-			id: `insert-${message.id}`,
+			id: `insert-${message.id}-${organizationId}-${phoneNumberId}`,
 		},
 	);
 });
--- a/app/messages/queries/get-conversation.ts
+++ b/app/messages/queries/get-conversation.ts
@ -3,15 +3,14 @@ import { z } from "zod";

 import db, { Prisma } from "../../../db";
 import { decrypt } from "../../../db/_encryption";
-import getCurrentCustomer from "../../customers/queries/get-current-customer";

 const GetConversations = z.object({
 	recipient: z.string(),
 });

 export default resolver.pipe(resolver.zod(GetConversations), resolver.authorize(), async ({ recipient }, context) => {
-	const customer = await getCurrentCustomer(null, context);
-	if (!customer) {
+	const organization = await db.organization.findFirst({ where: { id: context.session.orgId } });
+	if (!organization) {
 		throw new NotFoundError();
 	}

@ -23,7 +22,7 @@ export default resolver.pipe(resolver.zod(GetConversations), resolver.authorize(
 	return conversation.map((message) => {
 		return {
 			...message,
-			content: decrypt(message.content, customer.encryptionKey),
+			content: decrypt(message.content, organization.encryptionKey),
 		};
 	});
 });
--- a/app/messages/queries/get-conversations.ts
+++ b/app/messages/queries/get-conversations.ts
@ -1,45 +1,56 @@
 import { resolver, NotFoundError } from "blitz";
+import { z } from "zod";

 import db, { Direction, Message, Prisma } from "../../../db";
-import getCurrentCustomer from "../../customers/queries/get-current-customer";
 import { decrypt } from "../../../db/_encryption";
+import { enforceSuperAdminIfNotCurrentOrganization, setDefaultOrganizationId } from "../../core/utils";

-export default resolver.pipe(resolver.authorize(), async (_ = null, context) => {
-	const customer = await getCurrentCustomer(null, context);
-	if (!customer) {
-		throw new NotFoundError();
-	}
-
-	const messages = await db.message.findMany({
-		where: { customerId: customer.id },
-		orderBy: { sentAt: Prisma.SortOrder.asc },
-	});
-
-	let conversations: Record<string, Message[]> = {};
-	for (const message of messages) {
-		let recipient: string;
-		if (message.direction === Direction.Outbound) {
-			recipient = message.to;
-		} else {
-			recipient = message.from;
+export default resolver.pipe(
+	resolver.zod(z.object({ organizationId: z.string().optional() })),
+	resolver.authorize(),
+	setDefaultOrganizationId,
+	enforceSuperAdminIfNotCurrentOrganization,
+	async ({ organizationId }) => {
+		const organization = await db.organization.findFirst({
+			where: { id: organizationId },
+			include: { phoneNumbers: true },
+		});
+		if (!organization) {
+			throw new NotFoundError();
 		}

-		if (!conversations[recipient]) {
-			conversations[recipient] = [];
-		}
-
-		conversations[recipient]!.push({
-			...message,
-			content: decrypt(message.content, customer.encryptionKey),
+		const phoneNumberId = organization.phoneNumbers[0]!.id;
+		const messages = await db.message.findMany({
+			where: { organizationId, phoneNumberId },
+			orderBy: { sentAt: Prisma.SortOrder.asc },
 		});

-		conversations[recipient]!.sort((a, b) => a.sentAt.getTime() - b.sentAt.getTime());
-	}
-	conversations = Object.fromEntries(
-		Object.entries(conversations).sort(
-			([, a], [, b]) => b[b.length - 1]!.sentAt.getTime() - a[a.length - 1]!.sentAt.getTime(),
-		),
-	);
+		let conversations: Record<string, Message[]> = {};
+		for (const message of messages) {
+			let recipient: string;
+			if (message.direction === Direction.Outbound) {
+				recipient = message.to;
+			} else {
+				recipient = message.from;
+			}

-	return conversations;
-});
+			if (!conversations[recipient]) {
+				conversations[recipient] = [];
+			}
+
+			conversations[recipient]!.push({
+				...message,
+				content: decrypt(message.content, organization.encryptionKey),
+			});
+
+			conversations[recipient]!.sort((a, b) => a.sentAt.getTime() - b.sentAt.getTime());
+		}
+		conversations = Object.fromEntries(
+			Object.entries(conversations).sort(
+				([, a], [, b]) => b[b.length - 1]!.sentAt.getTime() - a[a.length - 1]!.sentAt.getTime(),
+			),
+		);
+
+		return conversations;
+	},
+);
--- a/app/onboarding/api/queue/set-twilio-webhooks.ts
+++ b/app/onboarding/api/queue/set-twilio-webhooks.ts
@ -5,23 +5,31 @@ import twilio from "twilio";
 import db from "../../../../db";

 type Payload = {
-	customerId: string;
+	organizationId: string;
+	phoneNumberId: string;
 };

 const { serverRuntimeConfig } = getConfig();

-const setTwilioWebhooks = Queue<Payload>("api/queue/set-twilio-webhooks", async ({ customerId }) => {
-	const [customer, phoneNumber] = await Promise.all([
-		db.customer.findFirst({ where: { id: customerId } }),
-		db.phoneNumber.findFirst({ where: { customerId } }),
-	]);
-	if (!customer || !customer.accountSid || !customer.authToken || !phoneNumber) {
+const setTwilioWebhooks = Queue<Payload>("api/queue/set-twilio-webhooks", async ({ organizationId, phoneNumberId }) => {
+	const phoneNumber = await db.phoneNumber.findFirst({
+		where: { id: phoneNumberId, organizationId },
+		include: { organization: true },
+	});
+	if (!phoneNumber) {
 		return;
 	}

-	const twimlApp = customer.twimlAppSid
-		? await twilio(customer.accountSid, customer.authToken).applications.get(customer.twimlAppSid).fetch()
-		: await twilio(customer.accountSid, customer.authToken).applications.create({
+	const organization = phoneNumber.organization;
+	if (!organization.twilioAccountSid || !organization.twilioAuthToken) {
+		return;
+	}
+
+	const twimlApp = organization.twimlAppSid
+		? await twilio(organization.twilioAccountSid, organization.twilioAuthToken)
+				.applications.get(organization.twimlAppSid)
+				.fetch()
+		: await twilio(organization.twilioAccountSid, organization.twilioAuthToken).applications.create({
 				friendlyName: "Shellphone",
 				smsUrl: `https://${serverRuntimeConfig.app.baseUrl}/api/webhook/incoming-message`,
 				smsMethod: "POST",
@ -31,14 +39,16 @@ const setTwilioWebhooks = Queue<Payload>("api/queue/set-twilio-webhooks", async
 	const twimlAppSid = twimlApp.sid;

 	await Promise.all([
-		db.customer.update({
-			where: { id: customerId },
+		db.organization.update({
+			where: { id: organizationId },
 			data: { twimlAppSid },
 		}),
-		twilio(customer.accountSid, customer.authToken).incomingPhoneNumbers.get(phoneNumber.phoneNumberSid).update({
-			smsApplicationSid: twimlAppSid,
-			voiceApplicationSid: twimlAppSid,
-		}),
+		twilio(organization.twilioAccountSid, organization.twilioAuthToken)
+			.incomingPhoneNumbers.get(phoneNumber.id)
+			.update({
+				smsApplicationSid: twimlAppSid,
+				voiceApplicationSid: twimlAppSid,
+			}),
 	]);
 });

--- a/app/onboarding/mutations/set-phone-number.ts
+++ b/app/onboarding/mutations/set-phone-number.ts
@ -3,7 +3,7 @@ import { z } from "zod";
 import twilio from "twilio";

 import db from "../../../db";
-import getCurrentCustomer from "../../customers/queries/get-current-customer";
+import getCurrentUser from "../../users/queries/get-current-user";
 import fetchMessagesQueue from "../../messages/api/queue/fetch-messages";
 import fetchCallsQueue from "../../phone-calls/api/queue/fetch-calls";
 import setTwilioWebhooks from "../api/queue/set-twilio-webhooks";
@ -13,26 +13,40 @@ const Body = z.object({
 });

 export default resolver.pipe(resolver.zod(Body), resolver.authorize(), async ({ phoneNumberSid }, context) => {
-	const customer = await getCurrentCustomer(null, context);
-	if (!customer || !customer.accountSid || !customer.authToken) {
+	const user = await getCurrentUser(null, context);
+	const organization = user?.memberships[0]!.organization;
+	if (!user || !organization || !organization.twilioAccountSid || !organization.twilioAuthToken) {
 		return;
 	}

-	const customerId = customer.id;
-	const phoneNumbers = await twilio(customer.accountSid, customer.authToken).incomingPhoneNumbers.list();
+	const phoneNumbers = await twilio(
+		organization.twilioAccountSid,
+		organization.twilioAuthToken,
+	).incomingPhoneNumbers.list();
 	const phoneNumber = phoneNumbers.find((phoneNumber) => phoneNumber.sid === phoneNumberSid)!;
+	const organizationId = organization.id;
 	await db.phoneNumber.create({
 		data: {
-			customerId,
-			phoneNumberSid,
-			phoneNumber: phoneNumber.phoneNumber,
+			organizationId,
+			id: phoneNumberSid,
+			number: phoneNumber.phoneNumber,
 		},
 	});
 	context.session.$setPrivateData({ hasCompletedOnboarding: true });

+	const phoneNumberId = phoneNumberSid;
 	await Promise.all([
-		fetchMessagesQueue.enqueue({ customerId }, { id: `fetch-messages-${customerId}` }),
-		fetchCallsQueue.enqueue({ customerId }, { id: `fetch-messages-${customerId}` }),
-		setTwilioWebhooks.enqueue({ customerId }, { id: `set-twilio-webhooks-${customerId}` }),
+		fetchMessagesQueue.enqueue(
+			{ organizationId, phoneNumberId },
+			{ id: `fetch-messages-${organizationId}-${phoneNumberId}` },
+		),
+		fetchCallsQueue.enqueue(
+			{ organizationId, phoneNumberId },
+			{ id: `fetch-messages-${organizationId}-${phoneNumberId}` },
+		),
+		setTwilioWebhooks.enqueue(
+			{ organizationId, phoneNumberId },
+			{ id: `set-twilio-webhooks-${organizationId}-${phoneNumberId}` },
+		),
 	]);
 });
--- a/app/onboarding/mutations/set-twilio-api-fields.ts
+++ b/app/onboarding/mutations/set-twilio-api-fields.ts
@ -2,7 +2,7 @@ import { resolver } from "blitz";
 import { z } from "zod";

 import db from "../../../db";
-import getCurrentCustomer from "../../customers/queries/get-current-customer";
+import getCurrentUser from "../../users/queries/get-current-user";

 const Body = z.object({
 	twilioAccountSid: z.string(),
@ -13,16 +13,17 @@ export default resolver.pipe(
 	resolver.zod(Body),
 	resolver.authorize(),
 	async ({ twilioAccountSid, twilioAuthToken }, context) => {
-		const customer = await getCurrentCustomer(null, context);
-		if (!customer) {
+		const user = await getCurrentUser(null, context);
+		if (!user) {
 			return;
 		}

-		await db.customer.update({
-			where: { id: customer.id },
+		const organizationId = user.memberships[0]!.id;
+		await db.organization.update({
+			where: { id: organizationId },
 			data: {
-				accountSid: twilioAccountSid,
-				authToken: twilioAuthToken,
+				twilioAccountSid: twilioAccountSid,
+				twilioAuthToken: twilioAuthToken,
 			},
 		});
 	},
--- a/app/onboarding/pages/welcome/step-one.tsx
+++ b/app/onboarding/pages/welcome/step-one.tsx
@ -2,11 +2,11 @@ import type { BlitzPage, GetServerSideProps } from "blitz";
 import { getSession, Routes } from "blitz";

 import OnboardingLayout from "../../components/onboarding-layout";
-import useCurrentCustomer from "../../../core/hooks/use-current-customer";
+import useCurrentUser from "../../../core/hooks/use-current-user";
 import db from "../../../../db";

 const StepOne: BlitzPage = () => {
-	useCurrentCustomer(); // preload for step two
+	useCurrentUser(); // preload for step two

 	return (
 		<div className="flex flex-col space-y-4 items-center">
@ -35,7 +35,7 @@ export const getServerSideProps: GetServerSideProps = async ({ req, res }) => {
 		};
 	}

-	const phoneNumber = await db.phoneNumber.findFirst({ where: { customerId: session.userId } });
+	const phoneNumber = await db.phoneNumber.findFirst({ where: { organizationId: session.orgId } });
 	if (phoneNumber) {
 		await session.$setPublicData({ hasCompletedOnboarding: true });
 		return {
--- a/app/onboarding/pages/welcome/step-three.tsx
+++ b/app/onboarding/pages/welcome/step-three.tsx
@ -100,7 +100,7 @@ export const getServerSideProps: GetServerSideProps<Props> = async ({ req, res }
 		};
 	}

-	const phoneNumber = await db.phoneNumber.findFirst({ where: { customerId: session.userId } });
+	const phoneNumber = await db.phoneNumber.findFirst({ where: { organizationId: session.orgId } });
 	if (phoneNumber) {
 		await session.$setPublicData({ hasCompletedOnboarding: true });
 		return {
@ -111,8 +111,8 @@ export const getServerSideProps: GetServerSideProps<Props> = async ({ req, res }
 		};
 	}

-	const customer = await db.customer.findFirst({ where: { id: session.userId } });
-	if (!customer) {
+	const organization = await db.organization.findFirst({ where: { id: session.orgId } });
+	if (!organization) {
 		return {
 			redirect: {
 				destination: Routes.StepOne().pathname,
@ -121,7 +121,7 @@ export const getServerSideProps: GetServerSideProps<Props> = async ({ req, res }
 		};
 	}

-	if (!customer.accountSid || !customer.authToken) {
+	if (!organization.twilioAccountSid || !organization.twilioAuthToken) {
 		return {
 			redirect: {
 				destination: Routes.StepTwo().pathname,
@ -130,7 +130,10 @@ export const getServerSideProps: GetServerSideProps<Props> = async ({ req, res }
 		};
 	}

-	const incomingPhoneNumbers = await twilio(customer.accountSid, customer.authToken).incomingPhoneNumbers.list();
+	const incomingPhoneNumbers = await twilio(
+		organization.twilioAccountSid,
+		organization.twilioAuthToken,
+	).incomingPhoneNumbers.list();
 	const phoneNumbers = incomingPhoneNumbers.map(({ phoneNumber, sid }) => ({ phoneNumber, sid }));

 	return {
--- a/app/onboarding/pages/welcome/step-two.tsx
+++ b/app/onboarding/pages/welcome/step-two.tsx
@ -11,7 +11,7 @@ import db from "db";
 import setTwilioApiFields from "../../mutations/set-twilio-api-fields";
 import OnboardingLayout from "../../components/onboarding-layout";
 import HelpModal from "../../components/help-modal";
-import useCurrentCustomer from "../../../core/hooks/use-current-customer";
+import useCurrentUser from "../../../core/hooks/use-current-user";

 type Form = {
 	twilioAccountSid: string;
@ -26,14 +26,14 @@ const StepTwo: BlitzPage = () => {
 		formState: { isSubmitting },
 	} = useForm<Form>();
 	const router = useRouter();
-	const { customer } = useCurrentCustomer();
+	const { organization } = useCurrentUser();
 	const [setTwilioApiFieldsMutation] = useMutation(setTwilioApiFields);
 	const [isHelpModalOpen, setIsHelpModalOpen] = useState(false);

 	useEffect(() => {
-		setValue("twilioAuthToken", customer?.authToken ?? "");
-		setValue("twilioAccountSid", customer?.accountSid ?? "");
-	}, [setValue, customer?.authToken, customer?.accountSid]);
+		setValue("twilioAuthToken", organization?.twilioAuthToken ?? "");
+		setValue("twilioAccountSid", organization?.twilioAccountSid ?? "");
+	}, [setValue, organization?.twilioAuthToken, organization?.twilioAccountSid]);

 	const onSubmit = handleSubmit(async ({ twilioAccountSid, twilioAuthToken }) => {
 		if (isSubmitting) {
@ -105,9 +105,9 @@ StepTwo.getLayout = (page) => {
 };

 const StepTwoLayout: FunctionComponent = ({ children }) => {
-	const { customer } = useCurrentCustomer();
-	const initialAuthToken = customer?.authToken ?? "";
-	const initialAccountSid = customer?.accountSid ?? "";
+	const { organization } = useCurrentUser();
+	const initialAuthToken = organization?.twilioAuthToken ?? "";
+	const initialAccountSid = organization?.twilioAccountSid ?? "";
 	const hasTwilioCredentials = initialAccountSid.length > 0 && initialAuthToken.length > 0;

 	return (
@ -135,7 +135,7 @@ export const getServerSideProps: GetServerSideProps = async ({ req, res }) => {
 		};
 	}

-	const phoneNumber = await db.phoneNumber.findFirst({ where: { customerId: session.userId } });
+	const phoneNumber = await db.phoneNumber.findFirst({ where: { organizationId: session.orgId } });
 	if (phoneNumber) {
 		await session.$setPublicData({ hasCompletedOnboarding: true });
 		return {
--- a/app/pages/index.test.tsx
+++ b/app/pages/index.test.tsx
@ -1,9 +1,10 @@
+import { GlobalRole } from "db";
 import { render } from "../../test/utils";
 import Home from "./index";
-import useCurrentCustomer from "../core/hooks/use-current-customer";
+import useCurrentUser from "../core/hooks/use-current-user";

-jest.mock("../core/hooks/use-current-customer");
-const mockUseCurrentCustomer = useCurrentCustomer as jest.MockedFunction<typeof useCurrentCustomer>;
+jest.mock("../core/hooks/use-current-user");
+const mockUseCurrentUser = useCurrentUser as jest.MockedFunction<typeof useCurrentUser>;

 test.skip("renders blitz documentation link", () => {
 	// This is an example of how to ensure a specific item is in the document
@ -11,16 +12,14 @@ test.skip("renders blitz documentation link", () => {
 	// when you remove the the default content from the page

 	// This is an example on how to mock api hooks when testing
-	mockUseCurrentCustomer.mockReturnValue({
-		customer: {
+	mockUseCurrentUser.mockReturnValue({
+		organization: undefined,
+		user: {
 			id: uuidv4(),
-			encryptionKey: "",
-			accountSid: null,
-			authToken: null,
-			twimlAppSid: null,
-			paddleCustomerId: null,
-			paddleSubscriptionId: null,
-			user: {} as any,
+			name: "name",
+			email: "email@test.com",
+			role: GlobalRole.CUSTOMER,
+			memberships: [],
 		},
 		hasFilledTwilioCredentials: false,
 		hasCompletedOnboarding: undefined,
--- a/app/pages/index.tsx
+++ b/app/pages/index.tsx
@ -4,7 +4,7 @@ import { Link, useMutation, Routes } from "blitz";

 import BaseLayout from "../core/layouts/base-layout";
 import logout from "../auth/mutations/logout";
-import useCurrentCustomer from "../core/hooks/use-current-customer";
+import useCurrentUser from "../core/hooks/use-current-user";

 /*
 * This file is just for a pleasant getting started page for your new app.
@ -12,10 +12,10 @@ import useCurrentCustomer from "../core/hooks/use-current-customer";
 */

 const UserInfo = () => {
-	const { customer } = useCurrentCustomer();
+	const { user } = useCurrentUser();
 	const [logoutMutation] = useMutation(logout);

-	if (customer) {
+	if (user) {
 		return (
 			<>
 				<button
@ -27,9 +27,9 @@ const UserInfo = () => {
 					Logout
 				</button>
 				<div>
-					User id: <code>{customer.id}</code>
+					User id: <code>{user.id}</code>
 					<br />
-					User role: <code>{customer.encryptionKey}</code>
+					User role: <code>{user.role}</code>
 				</div>
 			</>
 		);
--- a/app/phone-calls/api/queue/fetch-calls.ts
+++ b/app/phone-calls/api/queue/fetch-calls.ts
@ -5,35 +5,42 @@ import db from "../../../../db";
 import insertCallsQueue from "./insert-calls";

 type Payload = {
-	customerId: string;
+	organizationId: string;
+	phoneNumberId: string;
 };

-const fetchCallsQueue = Queue<Payload>("api/queue/fetch-calls", async ({ customerId }) => {
-	const [customer, phoneNumber] = await Promise.all([
-		db.customer.findFirst({ where: { id: customerId } }),
-		db.phoneNumber.findFirst({ where: { customerId } }),
-	]);
-	if (!customer || !customer.accountSid || !customer.authToken || !phoneNumber) {
+const fetchCallsQueue = Queue<Payload>("api/queue/fetch-calls", async ({ organizationId, phoneNumberId }) => {
+	const phoneNumber = await db.phoneNumber.findFirst({
+		where: { id: phoneNumberId, organizationId },
+		include: { organization: true },
+	});
+	if (!phoneNumber) {
+		return;
+	}
+
+	const organization = phoneNumber.organization;
+	if (!organization.twilioAccountSid || !organization.twilioAuthToken) {
 		return;
 	}

 	const [callsSent, callsReceived] = await Promise.all([
-		twilio(customer.accountSid, customer.authToken).calls.list({
-			from: phoneNumber.phoneNumber,
+		twilio(organization.twilioAccountSid, organization.twilioAuthToken).calls.list({
+			from: phoneNumber.number,
 		}),
-		twilio(customer.accountSid, customer.authToken).calls.list({
-			to: phoneNumber.phoneNumber,
+		twilio(organization.twilioAccountSid, organization.twilioAuthToken).calls.list({
+			to: phoneNumber.number,
 		}),
 	]);
 	const calls = [...callsSent, ...callsReceived].sort((a, b) => a.dateCreated.getTime() - b.dateCreated.getTime());

 	await insertCallsQueue.enqueue(
 		{
-			customerId,
+			organizationId,
+			phoneNumberId,
 			calls,
 		},
 		{
-			id: `insert-calls-${customerId}`,
+			id: `insert-calls-${organizationId}-${phoneNumberId}`,
 		},
 	);
 });
--- a/app/phone-calls/api/queue/insert-calls.ts
+++ b/app/phone-calls/api/queue/insert-calls.ts
@ -4,15 +4,25 @@ import type { CallInstance } from "twilio/lib/rest/api/v2010/account/call";
 import db, { Direction, CallStatus } from "../../../../db";

 type Payload = {
-	customerId: string;
+	organizationId: string;
+	phoneNumberId: string;
 	calls: CallInstance[];
 };

-const insertCallsQueue = Queue<Payload>("api/queue/insert-calls", async ({ calls, customerId }) => {
+const insertCallsQueue = Queue<Payload>("api/queue/insert-calls", async ({ calls, organizationId, phoneNumberId }) => {
+	const phoneNumber = await db.phoneNumber.findFirst({
+		where: { id: phoneNumberId, organizationId },
+		include: { organization: true },
+	});
+	if (!phoneNumber) {
+		return;
+	}
+
 	const phoneCalls = calls
 		.map((call) => ({
-			customerId,
-			twilioSid: call.sid,
+			organizationId,
+			phoneNumberId,
+			id: call.sid,
 			from: call.from,
 			to: call.to,
 			direction: translateDirection(call.direction),
--- a/app/phone-calls/components/phone-calls-list.tsx
+++ b/app/phone-calls/components/phone-calls-list.tsx
@ -2,7 +2,7 @@ import { Direction } from "../../../db";
 import usePhoneCalls from "../hooks/use-phone-calls";

 export default function PhoneCallsList() {
-	const phoneCalls = usePhoneCalls();
+	const phoneCalls = usePhoneCalls()[0];

 	if (phoneCalls.length === 0) {
 		return <div>empty state</div>;
@ -13,7 +13,7 @@ export default function PhoneCallsList() {
 			{phoneCalls.map((phoneCall) => {
 				const recipient = Direction.Outbound ? phoneCall.to : phoneCall.from;
 				return (
-					<li key={phoneCall.twilioSid} className="flex flex-row justify-between py-2">
+					<li key={phoneCall.id} className="flex flex-row justify-between py-2">
 						<div>{recipient}</div>
 						<div>{new Date(phoneCall.createdAt).toLocaleString("fr-FR")}</div>
 					</li>
--- a/app/phone-calls/hooks/use-phone-calls.ts
+++ b/app/phone-calls/hooks/use-phone-calls.ts
@ -1,15 +1,13 @@
 import { NotFoundError, useQuery } from "blitz";

-import useCurrentCustomer from "../../core/hooks/use-current-customer";
+import useCurrentPhoneNumber from "../..//core/hooks/use-current-phone-number";
 import getPhoneCalls from "../queries/get-phone-calls";

 export default function usePhoneCalls() {
-	const { customer } = useCurrentCustomer();
-	if (!customer) {
+	const phoneNumber = useCurrentPhoneNumber();
+	if (!phoneNumber) {
 		throw new NotFoundError();
 	}

-	const { phoneCalls } = useQuery(getPhoneCalls, { customerId: customer.id })[0];
-
-	return phoneCalls;
+	return useQuery(getPhoneCalls, { phoneNumberId: phoneNumber.id });
 }
--- a/app/phone-calls/queries/get-phone-calls.ts
+++ b/app/phone-calls/queries/get-phone-calls.ts
@ -1,31 +1,16 @@
-import { paginate, resolver } from "blitz";
-import db, { Prisma, Customer } from "db";
+import { resolver } from "blitz";
+import { z } from "zod";
+import db, { Prisma } from "db";

-interface GetPhoneCallsInput extends Pick<Prisma.PhoneCallFindManyArgs, "where" | "orderBy" | "skip" | "take"> {
-	customerId: Customer["id"];
-}
+const Body = z.object({
+	phoneNumberId: z.string(),
+});

-export default resolver.pipe(
-	resolver.authorize(),
-	async ({ where, orderBy, skip = 0, take = 100 }: GetPhoneCallsInput) => {
-		// TODO: in multi-tenant app, you must add validation to ensure correct tenant
-		const {
-			items: phoneCalls,
-			hasMore,
-			nextPage,
-			count,
-		} = await paginate({
-			skip,
-			take,
-			count: () => db.phoneCall.count({ where }),
-			query: (paginateArgs) => db.phoneCall.findMany({ ...paginateArgs, where, orderBy }),
-		});
+export default resolver.pipe(resolver.zod(Body), resolver.authorize(), async ({ phoneNumberId }, context) => {
+	const organizationId = context.session.orgId;

-		return {
-			phoneCalls,
-			nextPage,
-			hasMore,
-			count,
-		};
-	},
-);
+	return db.phoneCall.findMany({
+		where: { organizationId, phoneNumberId },
+		orderBy: { createdAt: Prisma.SortOrder.asc },
+	});
+});
--- a/app/phone-numbers/queries/get-current-customer-phone-number.ts
+++ b/app/phone-numbers/queries/get-current-customer-phone-number.ts
@ -1,20 +0,0 @@
-import { NotFoundError, resolver } from "blitz";
-
-import db from "db";
-import getCurrentCustomer from "../../customers/queries/get-current-customer";
-
-export default resolver.pipe(resolver.authorize(), async (_ = null, context) => {
-	const customer = await getCurrentCustomer(null, context);
-	if (!customer) {
-		throw new NotFoundError();
-	}
-
-	return db.phoneNumber.findFirst({
-		where: { customerId: customer.id },
-		select: {
-			id: true,
-			phoneNumber: true,
-			phoneNumberSid: true,
-		},
-	});
-});
--- a/app/phone-numbers/queries/get-current-phone-number.ts
+++ b/app/phone-numbers/queries/get-current-phone-number.ts
@ -0,0 +1,21 @@
+import { resolver } from "blitz";
+import { z } from "zod";
+
+import db from "db";
+import { enforceSuperAdminIfNotCurrentOrganization, setDefaultOrganizationId } from "../../core/utils";
+
+export default resolver.pipe(
+	resolver.zod(z.object({ organizationId: z.string().optional() })),
+	resolver.authorize(),
+	setDefaultOrganizationId,
+	enforceSuperAdminIfNotCurrentOrganization,
+	async ({ organizationId }) => {
+		return db.phoneNumber.findFirst({
+			where: { organizationId },
+			select: {
+				id: true,
+				number: true,
+			},
+		});
+	},
+);
--- a/app/phone-numbers/queries/get-customer-phone-number.ts
+++ b/app/phone-numbers/queries/get-customer-phone-number.ts
@ -1,19 +0,0 @@
-import { resolver } from "blitz";
-import db from "db";
-import { z } from "zod";
-
-const GetCustomerPhoneNumber = z.object({
-	// This accepts type of undefined, but is required at runtime
-	customerId: z.string().optional().refine(Boolean, "Required"),
-});
-
-export default resolver.pipe(resolver.zod(GetCustomerPhoneNumber), async ({ customerId }) =>
-	db.phoneNumber.findFirst({
-		where: { customerId },
-		select: {
-			id: true,
-			phoneNumber: true,
-			phoneNumberSid: true,
-		},
-	}),
-);
--- a/app/settings/components/danger-zone.tsx
+++ b/app/settings/components/danger-zone.tsx
@ -4,10 +4,8 @@ import clsx from "clsx";
 import Button from "./button";
 import SettingsSection from "./settings-section";
 import Modal, { ModalTitle } from "./modal";
-import useCurrentCustomer from "../../core/hooks/use-current-customer";

 export default function DangerZone() {
-	const customer = useCurrentCustomer();
 	const [isDeletingUser, setIsDeletingUser] = useState(false);
 	const [isConfirmationModalOpen, setIsConfirmationModalOpen] = useState(false);
 	const modalCancelButtonRef = useRef<HTMLButtonElement>(null);
--- a/app/settings/components/profile-informations.tsx
+++ b/app/settings/components/profile-informations.tsx
@ -6,7 +6,7 @@ import { useForm } from "react-hook-form";
 import Alert from "./alert";
 import Button from "./button";
 import SettingsSection from "./settings-section";
-import useCurrentCustomer from "../../core/hooks/use-current-customer";
+import useCurrentUser from "../../core/hooks/use-current-user";

 import appLogger from "../../../integrations/logger";

@ -18,7 +18,7 @@ type Form = {
 const logger = appLogger.child({ module: "profile-settings" });

 const ProfileInformations: FunctionComponent = () => {
-	const { customer } = useCurrentCustomer();
+	const { user } = useCurrentUser();
 	const router = useRouter();
 	const {
 		register,
@ -29,9 +29,9 @@ const ProfileInformations: FunctionComponent = () => {
 	const [errorMessage, setErrorMessage] = useState("");

 	useEffect(() => {
-		setValue("name", customer?.user.name ?? "");
-		setValue("email", customer?.user.email ?? "");
-	}, [setValue, customer]);
+		setValue("name", user?.name ?? "");
+		setValue("email", user?.email ?? "");
+	}, [setValue, user]);

 	const onSubmit = handleSubmit(async ({ name, email }) => {
 		if (isSubmitting) {
@ -40,7 +40,7 @@ const ProfileInformations: FunctionComponent = () => {

 		try {
 			// TODO
-			// await customer.updateUser({ email, data: { name } });
+			// await updateUser({ email, data: { name } });
 		} catch (error) {
 			logger.error(error.response, "error updating user infos");

--- a/app/settings/components/update-password.tsx
+++ b/app/settings/components/update-password.tsx
@ -6,7 +6,6 @@ import { useForm } from "react-hook-form";
 import Alert from "./alert";
 import Button from "./button";
 import SettingsSection from "./settings-section";
-import useCurrentCustomer from "../../core/hooks/use-current-customer";

 import appLogger from "../../../integrations/logger";

@ -18,7 +17,6 @@ type Form = {
 };

 const UpdatePassword: FunctionComponent = () => {
-	const customer = useCurrentCustomer();
 	const router = useRouter();
 	const {
 		register,
--- a/app/users/queries/get-current-user.ts
+++ b/app/users/queries/get-current-user.ts
@ -0,0 +1,32 @@
+import { Ctx } from "blitz";
+
+import db from "db";
+
+export default async function getCurrentUser(_ = null, { session }: Ctx) {
+	if (!session.userId) return null;
+
+	return db.user.findFirst({
+		where: { id: session.userId },
+		select: {
+			id: true,
+			name: true,
+			email: true,
+			role: true,
+			memberships: {
+				include: {
+					organization: {
+						select: {
+							id: true,
+							encryptionKey: true,
+							paddleCustomerId: true,
+							paddleSubscriptionId: true,
+							twilioAccountSid: true,
+							twilioAuthToken: true,
+							twimlAppSid: true,
+						},
+					},
+				},
+			},
+		},
+	});
+}