mirror of
https://github.com/Dokploy/dokploy.git
synced 2026-07-02 12:35:24 +02:00
refactor: simplify role management by removing unused role schema and related logic; update user role checks in context and procedures
This commit is contained in:
@@ -3,7 +3,6 @@ import {
|
||||
invitation,
|
||||
member,
|
||||
organization,
|
||||
role,
|
||||
users,
|
||||
} from "@dokploy/server/db/schema";
|
||||
import { TRPCError } from "@trpc/server";
|
||||
@@ -35,12 +34,8 @@ export const findOrganizationById = async (organizationId: string) => {
|
||||
};
|
||||
|
||||
export const isAdminPresent = async () => {
|
||||
const ownerRole = await db.query.role.findFirst({
|
||||
where: eq(role.name, "owner"),
|
||||
});
|
||||
|
||||
const admin = await db.query.member.findFirst({
|
||||
where: eq(member.roleId, ownerRole?.roleId || ""),
|
||||
where: eq(member.role, "owner"),
|
||||
});
|
||||
|
||||
if (!admin) {
|
||||
@@ -50,12 +45,8 @@ export const isAdminPresent = async () => {
|
||||
};
|
||||
|
||||
export const findOwner = async () => {
|
||||
const ownerRole = await db.query.role.findFirst({
|
||||
where: eq(role.name, "owner"),
|
||||
});
|
||||
|
||||
const owner = await db.query.member.findFirst({
|
||||
where: eq(member.roleId, ownerRole?.roleId || ""),
|
||||
where: eq(member.role, "owner"),
|
||||
with: {
|
||||
user: true,
|
||||
},
|
||||
|
||||
@@ -1,119 +1,119 @@
|
||||
import { eq } from "drizzle-orm";
|
||||
import { db } from "../db";
|
||||
import {
|
||||
type createRoleSchema,
|
||||
member,
|
||||
role,
|
||||
type updateRoleSchema,
|
||||
} from "../db/schema";
|
||||
import type { z } from "zod";
|
||||
import {
|
||||
adminPermissions,
|
||||
memberPermissions,
|
||||
ownerPermissions,
|
||||
} from "../lib/permissions";
|
||||
// import { eq } from "drizzle-orm";
|
||||
// import { db } from "../db";
|
||||
// import {
|
||||
// type createRoleSchema,
|
||||
// member,
|
||||
// role,
|
||||
// type updateRoleSchema,
|
||||
// } from "../db/schema";
|
||||
// import type { z } from "zod";
|
||||
// import {
|
||||
// adminPermissions,
|
||||
// memberPermissions,
|
||||
// ownerPermissions,
|
||||
// } from "../lib/permissions";
|
||||
|
||||
export const createRole = async (
|
||||
input: z.infer<typeof createRoleSchema>,
|
||||
organizationId: string,
|
||||
) => {
|
||||
await db.transaction(async (tx) => {
|
||||
const { ...other } = input;
|
||||
const newRole = await tx
|
||||
.insert(role)
|
||||
.values({ ...other, organizationId })
|
||||
.returning()
|
||||
.then((res) => res[0]);
|
||||
// export const createRole = async (
|
||||
// input: z.infer<typeof createRoleSchema>,
|
||||
// organizationId: string,
|
||||
// ) => {
|
||||
// await db.transaction(async (tx) => {
|
||||
// const { ...other } = input;
|
||||
// const newRole = await tx
|
||||
// .insert(role)
|
||||
// .values({ ...other, organizationId })
|
||||
// .returning()
|
||||
// .then((res) => res[0]);
|
||||
|
||||
if (!newRole) {
|
||||
throw new Error("Failed to create role");
|
||||
}
|
||||
// if (!newRole) {
|
||||
// throw new Error("Failed to create role");
|
||||
// }
|
||||
|
||||
return role;
|
||||
});
|
||||
};
|
||||
// return role;
|
||||
// });
|
||||
// };
|
||||
|
||||
const findRoleById = async (roleId: string) => {
|
||||
const result = await db.query.role.findFirst({
|
||||
where: eq(role.roleId, roleId),
|
||||
});
|
||||
// const findRoleById = async (roleId: string) => {
|
||||
// const result = await db.query.role.findFirst({
|
||||
// where: eq(role.roleId, roleId),
|
||||
// });
|
||||
|
||||
if (!result) {
|
||||
throw new Error("Role not found");
|
||||
}
|
||||
// if (!result) {
|
||||
// throw new Error("Role not found");
|
||||
// }
|
||||
|
||||
return result;
|
||||
};
|
||||
// return result;
|
||||
// };
|
||||
|
||||
export const removeRoleById = async (roleId: string) => {
|
||||
const currentRole = await findRoleById(roleId);
|
||||
// export const removeRoleById = async (roleId: string) => {
|
||||
// const currentRole = await findRoleById(roleId);
|
||||
|
||||
if (!currentRole) {
|
||||
throw new Error("Role not found");
|
||||
}
|
||||
// if (!currentRole) {
|
||||
// throw new Error("Role not found");
|
||||
// }
|
||||
|
||||
if (currentRole.isSystem) {
|
||||
throw new Error("Cannot delete system role");
|
||||
}
|
||||
// if (currentRole.isSystem) {
|
||||
// throw new Error("Cannot delete system role");
|
||||
// }
|
||||
|
||||
const members = await db.query.member.findMany({
|
||||
where: eq(member.roleId, roleId),
|
||||
});
|
||||
// const members = await db.query.member.findMany({
|
||||
// where: eq(member.roleId, roleId),
|
||||
// });
|
||||
|
||||
if (members.length > 0) {
|
||||
throw new Error("Cannot delete role with assigned members");
|
||||
}
|
||||
// if (members.length > 0) {
|
||||
// throw new Error("Cannot delete role with assigned members");
|
||||
// }
|
||||
|
||||
await db.delete(role).where(eq(role.roleId, roleId));
|
||||
// await db.delete(role).where(eq(role.roleId, roleId));
|
||||
|
||||
return currentRole;
|
||||
};
|
||||
// return currentRole;
|
||||
// };
|
||||
|
||||
export const updateRoleById = async (
|
||||
roleId: string,
|
||||
input: z.infer<typeof updateRoleSchema>,
|
||||
) => {
|
||||
const currentRole = await findRoleById(roleId);
|
||||
// export const updateRoleById = async (
|
||||
// roleId: string,
|
||||
// input: z.infer<typeof updateRoleSchema>,
|
||||
// ) => {
|
||||
// const currentRole = await findRoleById(roleId);
|
||||
|
||||
if (!currentRole) {
|
||||
throw new Error("Role not found");
|
||||
}
|
||||
// if (!currentRole) {
|
||||
// throw new Error("Role not found");
|
||||
// }
|
||||
|
||||
if (currentRole.isSystem) {
|
||||
throw new Error("Cannot update system role");
|
||||
}
|
||||
// if (currentRole.isSystem) {
|
||||
// throw new Error("Cannot update system role");
|
||||
// }
|
||||
|
||||
await db.update(role).set(input).where(eq(role.roleId, roleId));
|
||||
// await db.update(role).set(input).where(eq(role.roleId, roleId));
|
||||
|
||||
return currentRole;
|
||||
};
|
||||
// return currentRole;
|
||||
// };
|
||||
|
||||
export const createDefaultRoles = async (organizationId: string) => {
|
||||
await db.transaction(async (tx) => {
|
||||
await tx.insert(role).values({
|
||||
name: "owner",
|
||||
description: "Owner of the organization with full access to all features",
|
||||
organizationId,
|
||||
isSystem: true,
|
||||
permissions: ownerPermissions.map((permission) => permission.name),
|
||||
});
|
||||
// export const createDefaultRoles = async (organizationId: string) => {
|
||||
// await db.transaction(async (tx) => {
|
||||
// await tx.insert(role).values({
|
||||
// name: "owner",
|
||||
// description: "Owner of the organization with full access to all features",
|
||||
// organizationId,
|
||||
// isSystem: true,
|
||||
// permissions: ownerPermissions.map((permission) => permission.name),
|
||||
// });
|
||||
|
||||
await tx.insert(role).values({
|
||||
name: "admin",
|
||||
description:
|
||||
"Administrator with access to manage projects, services and configurations",
|
||||
organizationId,
|
||||
isSystem: true,
|
||||
permissions: adminPermissions.map((permission) => permission.name),
|
||||
});
|
||||
// await tx.insert(role).values({
|
||||
// name: "admin",
|
||||
// description:
|
||||
// "Administrator with access to manage projects, services and configurations",
|
||||
// organizationId,
|
||||
// isSystem: true,
|
||||
// permissions: adminPermissions.map((permission) => permission.name),
|
||||
// });
|
||||
|
||||
await tx.insert(role).values({
|
||||
name: "member",
|
||||
description:
|
||||
"Regular member with access to create projects and manage services",
|
||||
organizationId,
|
||||
isSystem: true,
|
||||
permissions: memberPermissions.map((permission) => permission.name),
|
||||
});
|
||||
});
|
||||
};
|
||||
// await tx.insert(role).values({
|
||||
// name: "member",
|
||||
// description:
|
||||
// "Regular member with access to create projects and manage services",
|
||||
// organizationId,
|
||||
// isSystem: true,
|
||||
// permissions: memberPermissions.map((permission) => permission.name),
|
||||
// });
|
||||
// });
|
||||
// };
|
||||
|
||||
Reference in New Issue
Block a user