refactor(roles): streamline role permissions handling

- Refactored role permissions management by importing specific permissions directly instead of querying the database. - Updated the `getDefaultRoles` method to return predefined permissions for owner, admin, and member roles. - Simplified the permissions structure in the RBAC schema for better clarity and maintainability.
2026-06-26 17:45:49 +02:00 · 2025-07-09 01:45:41 -06:00
parent d6e8653839
commit 8b8dc8c94f
2 changed files with 20 additions and 18 deletions
--- a/apps/dokploy/server/api/routers/role.ts
+++ b/apps/dokploy/server/api/routers/role.ts
@@ -6,7 +6,14 @@ import {
 	role,
 	updateRoleSchema,
 } from "@/server/db/schema";
-import { createRole, removeRoleById, updateRoleById } from "@dokploy/server";
+import {
+	adminPermissions,
+	createRole,
+	memberPermissions,
+	ownerPermissions,
+	removeRoleById,
+	updateRoleById,
+} from "@dokploy/server";
 import { TRPCError } from "@trpc/server";
 import { and, eq } from "drizzle-orm";

@@ -59,17 +66,10 @@ export const roleRouter = createTRPCRouter({
 			return await updateRoleById(input.roleId, input);
 		}),
 	getDefaultRoles: protectedProcedure.query(async ({ ctx }) => {
-		const result = await db.query.role.findMany({
-			where: and(
-				eq(role.organizationId, ctx.session.activeOrganizationId),
-				eq(role.isSystem, true),
-			),
-		});
-
 		return {
-			owner: result.find((r) => r.name === "owner"),
-			admin: result.find((r) => r.name === "admin"),
-			member: result.find((r) => r.name === "member"),
+			owner: ownerPermissions,
+			admin: adminPermissions,
+			member: memberPermissions,
 		};
 	}),
 });
--- a/packages/server/src/db/schema/rbac.ts
+++ b/packages/server/src/db/schema/rbac.ts
@@ -54,13 +54,15 @@ export const PERMISSIONS = {
 	},
 } as const;

-const getAllPermissionNames = () => {
-	return Object.values(PERMISSIONS).flatMap((category) =>
-		Object.values(category).map((permission) => permission.name),
-	);
-};
-
-export const ownerPermissions = getAllPermissionNames();
+export const ownerPermissions = [
+	PERMISSIONS.PROJECT.VIEW.name,
+	PERMISSIONS.PROJECT.CREATE.name,
+	PERMISSIONS.PROJECT.DELETE.name,
+	PERMISSIONS.SERVICE.VIEW.name,
+	PERMISSIONS.SERVICE.CREATE.name,
+	PERMISSIONS.SERVICE.DELETE.name,
+	PERMISSIONS.TRAEFIK.ACCESS.name,
+];

 export const adminPermissions = [
 	PERMISSIONS.PROJECT.VIEW.name,