feat(database): introduce member_role table and update user roles

- Created a new "member_role" table to manage user roles with associated permissions.
- Migrated existing roles from the deprecated "organization_role" table and updated member records accordingly.
- Enhanced the "member" table by adding a foreign key reference to the new "member_role" table.
- Updated SQL migration scripts to reflect changes in user and role management, ensuring data integrity and consistency.
This commit is contained in:
Mauricio Siu
2025-07-13 00:02:52 -06:00
parent d78e634cb0
commit e8475730fa
14 changed files with 327 additions and 25381 deletions

View File

@@ -92,24 +92,10 @@ export const member = pgTable("member", {
userId: text("user_id")
.notNull()
.references(() => users.id, { onDelete: "cascade" }),
role: text("role").notNull().$type<"owner" | "member" | "admin">(),
roleId: text("roleId").references(() => role.roleId, { onDelete: "cascade" }),
createdAt: timestamp("created_at").notNull(),
teamId: text("team_id"),
// Permissions
canCreateProjects: boolean("canCreateProjects").notNull().default(false),
canAccessToSSHKeys: boolean("canAccessToSSHKeys").notNull().default(false),
canCreateServices: boolean("canCreateServices").notNull().default(false),
canDeleteProjects: boolean("canDeleteProjects").notNull().default(false),
canDeleteServices: boolean("canDeleteServices").notNull().default(false),
canAccessToDocker: boolean("canAccessToDocker").notNull().default(false),
canAccessToAPI: boolean("canAccessToAPI").notNull().default(false),
canAccessToGitProviders: boolean("canAccessToGitProviders")
.notNull()
.default(false),
canAccessToTraefikFiles: boolean("canAccessToTraefikFiles")
.notNull()
.default(false),
accessedProjects: text("accesedProjects")
.array()
.notNull()

View File

@@ -110,7 +110,7 @@ export const defaultPermissions = [
},
] as const;
export const role = pgTable("organization_role", {
export const role = pgTable("member_role", {
roleId: text("roleId")
.primaryKey()
.$defaultFn(() => nanoid()),