From 8b8dc8c94f114e1ed0d755bcf5c06b96c1c69342 Mon Sep 17 00:00:00 2001
From: Mauricio Siu <47042324+Siumauricio@users.noreply.github.com>
Date: Wed, 9 Jul 2025 01:45:41 -0600
Subject: [PATCH] refactor(roles): streamline role permissions handling

- Refactored role permissions management by importing specific permissions directly instead of querying the database.
- Updated the `getDefaultRoles` method to return predefined permissions for owner, admin, and member roles.
- Simplified the permissions structure in the RBAC schema for better clarity and maintainability.
---
 apps/dokploy/server/api/routers/role.ts | 22 +++++++++++-----------
 packages/server/src/db/schema/rbac.ts   | 16 +++++++++-------
 2 files changed, 20 insertions(+), 18 deletions(-)

diff --git a/apps/dokploy/server/api/routers/role.ts b/apps/dokploy/server/api/routers/role.ts
index cc4e8f4cf..1d5234c62 100644
--- a/apps/dokploy/server/api/routers/role.ts
+++ b/apps/dokploy/server/api/routers/role.ts
@@ -6,7 +6,14 @@ import {
 	role,
 	updateRoleSchema,
 } from "@/server/db/schema";
-import { createRole, removeRoleById, updateRoleById } from "@dokploy/server";
+import {
+	adminPermissions,
+	createRole,
+	memberPermissions,
+	ownerPermissions,
+	removeRoleById,
+	updateRoleById,
+} from "@dokploy/server";
 import { TRPCError } from "@trpc/server";
 import { and, eq } from "drizzle-orm";
 
@@ -59,17 +66,10 @@ export const roleRouter = createTRPCRouter({
 			return await updateRoleById(input.roleId, input);
 		}),
 	getDefaultRoles: protectedProcedure.query(async ({ ctx }) => {
-		const result = await db.query.role.findMany({
-			where: and(
-				eq(role.organizationId, ctx.session.activeOrganizationId),
-				eq(role.isSystem, true),
-			),
-		});
-
 		return {
-			owner: result.find((r) => r.name === "owner"),
-			admin: result.find((r) => r.name === "admin"),
-			member: result.find((r) => r.name === "member"),
+			owner: ownerPermissions,
+			admin: adminPermissions,
+			member: memberPermissions,
 		};
 	}),
 });
diff --git a/packages/server/src/db/schema/rbac.ts b/packages/server/src/db/schema/rbac.ts
index e3284fc8e..0ab564766 100644
--- a/packages/server/src/db/schema/rbac.ts
+++ b/packages/server/src/db/schema/rbac.ts
@@ -54,13 +54,15 @@ export const PERMISSIONS = {
 	},
 } as const;
 
-const getAllPermissionNames = () => {
-	return Object.values(PERMISSIONS).flatMap((category) =>
-		Object.values(category).map((permission) => permission.name),
-	);
-};
-
-export const ownerPermissions = getAllPermissionNames();
+export const ownerPermissions = [
+	PERMISSIONS.PROJECT.VIEW.name,
+	PERMISSIONS.PROJECT.CREATE.name,
+	PERMISSIONS.PROJECT.DELETE.name,
+	PERMISSIONS.SERVICE.VIEW.name,
+	PERMISSIONS.SERVICE.CREATE.name,
+	PERMISSIONS.SERVICE.DELETE.name,
+	PERMISSIONS.TRAEFIK.ACCESS.name,
+];
 
 export const adminPermissions = [
 	PERMISSIONS.PROJECT.VIEW.name,