feat(auth): finally better auth working as i wanted it to

2025-09-22 22:40:44 -05:00
parent 4ab43d91b9
commit 8f1375ab7b
50 changed files with 7939 additions and 5909 deletions
--- a/app/src/internal/admin/controller/systemAdminRole.ts
+++ b/app/src/internal/admin/controller/systemAdminRole.ts
@@ -0,0 +1,75 @@
+import { db } from "../../../pkg/db/db.js";
+import { userRoles } from "../../../pkg/db/schema/user_roles.js";
+import { createLogger } from "../../../pkg/logger/logger.js";
+import { tryCatch } from "../../../pkg/utils/tryCatch.js";
+
+export const systemAdminRole = async (userId: string) => {
+    const log = createLogger({
+        module: "admin",
+        subModule: "systemAdminSetup",
+    });
+    const systemAdminRoles = [
+        {
+            userId: userId,
+            module: "users",
+            role: "systemAdmin",
+        },
+        {
+            userId: userId,
+            module: "system",
+            role: "systemAdmin",
+        },
+        {
+            userId: userId,
+            module: "ocp",
+            role: "systemAdmin",
+        },
+        {
+            userId: userId,
+            module: "siloAdjustments",
+            role: "systemAdmin",
+        },
+        {
+            userId: userId,
+            module: "demandManagement",
+            role: "systemAdmin",
+        },
+        {
+            userId: userId,
+            module: "logistics",
+            role: "systemAdmin",
+        },
+        {
+            userId: userId,
+            module: "production",
+            role: "systemAdmin",
+        },
+        {
+            userId: userId,
+            module: "quality",
+            role: "systemAdmin",
+        },
+        {
+            userId: userId,
+            module: "eom",
+            role: "systemAdmin",
+        },
+        {
+            userId: userId,
+            module: "forklifts",
+            role: "systemAdmin",
+        },
+    ];
+    const { data, error } = await tryCatch(
+        db.insert(userRoles).values(systemAdminRoles).onConflictDoNothing()
+    );
+
+    if (error) {
+        log.error(
+            { stack: { error: error } },
+            "There was an error creating the system admin roles"
+        );
+    }
+
+    log.info({ data }, "New system admin roles created");
+};
--- a/app/src/internal/admin/routes.ts
+++ b/app/src/internal/admin/routes.ts
@@ -0,0 +1,19 @@
+import type { Express, Request, Response } from "express";
+import { requireAuth } from "../../pkg/middleware/authMiddleware.js";
+
+//admin routes
+import users from "./routes/getUserRoles.js";
+import grantRoles from "./routes/grantRole.js";
+
+export const setupAdminRoutes = (app: Express, basePath: string) => {
+    app.use(
+        basePath + "/api/admin/users",
+        requireAuth("user", ["systemAdmin"]), // will pass bc system admin but this is just telling us we need this
+        users
+    );
+    app.use(
+        basePath + "/api/admin",
+        requireAuth("user", ["systemAdmin", "admin"]), // will pass bc system admin but this is just telling us we need this
+        grantRoles
+    );
+};
--- a/app/src/internal/admin/routes/getUserRoles.ts
+++ b/app/src/internal/admin/routes/getUserRoles.ts
@@ -0,0 +1,52 @@
+import { Router } from "express";
+import type { Request, Response } from "express";
+import { tryCatch } from "../../../pkg/utils/tryCatch.js";
+import { db } from "../../../pkg/db/db.js";
+import { user } from "../../../pkg/db/schema/auth-schema.js";
+import { userRoles } from "../../../pkg/db/schema/user_roles.js";
+
+const router = Router();
+
+router.post("/", async (req: Request, res: Response) => {
+    // should get all users
+    const { data: users, error: userError } = await tryCatch(
+        db.select().from(user)
+    );
+
+    if (userError) {
+        return res.status(500).json({
+            success: false,
+            message: "Failed to get users",
+            error: userError,
+        });
+    }
+    // should get all roles
+
+    const { data: userRole, error: userRoleError } = await tryCatch(
+        db.select().from(userRoles)
+    );
+
+    if (userRoleError) {
+        return res.status(500).json({
+            success: false,
+            message: "Failed to get userRoless",
+            error: userRoleError,
+        });
+    }
+
+    // add the roles and return
+
+    const usersWithRoles = users.map((user) => {
+        const roles = userRole
+            .filter((ur) => ur.userId === user.id)
+            .map((ur) => ({ module: ur.module, role: ur.role }));
+
+        return { ...user, roles };
+    });
+
+    return res
+        .status(200)
+        .json({ success: true, message: "User data", data: usersWithRoles });
+});
+
+export default router;
--- a/app/src/internal/admin/routes/grantRole.ts
+++ b/app/src/internal/admin/routes/grantRole.ts
@@ -0,0 +1,74 @@
+import { Router } from "express";
+import type { Request, Response } from "express";
+import { tryCatch } from "../../../pkg/utils/tryCatch.js";
+import { db } from "../../../pkg/db/db.js";
+import z from "zod";
+import { userRoles } from "../../../pkg/db/schema/user_roles.js";
+import { createLogger } from "../../../pkg/logger/logger.js";
+
+const roleSchema = z.object({
+    module: z.enum([
+        "users",
+        "system",
+        "ocp",
+        "siloAdjustments",
+        "demandManagement",
+        "logistics",
+        "production",
+        "quality",
+        "eom",
+        "forklifts",
+    ]),
+    role: z.enum(["admin", "manager", "supervisor", "test,", "viewer"]),
+});
+
+const router = Router();
+
+router.post("/:userId/grant", async (req: Request, res: Response) => {
+    const log = createLogger({
+        module: "admin",
+        subModule: "grantRoles",
+    });
+    const userId = req.params.userId;
+    console.log(userId);
+
+    try {
+        const validated = roleSchema.parse(req.body);
+
+        const data = await db
+            .insert(userRoles)
+            .values({
+                userId,
+                module: validated.module,
+                role: validated.role,
+            })
+            .onConflictDoUpdate({
+                target: [userRoles.userId, userRoles.module],
+                set: { module: validated.module, role: validated.role },
+            });
+        log.info(
+            {},
+            `Module: ${validated.module}, Role: ${validated.role} as was just granted to userID: ${userId}`
+        );
+        return res.status(200).json({
+            success: true,
+            message: `Module: ${validated.module}, Role: ${validated.role} as was just granted`,
+            data,
+        });
+    } catch (err) {
+        if (err instanceof z.ZodError) {
+            const flattened = z.flattenError(err);
+            return res.status(400).json({
+                error: "Validation failed",
+                details: flattened,
+            });
+        }
+
+        return res.status(400).json({
+            success: false,
+            message: "Invalid input please try again.",
+        });
+    }
+});
+
+export default router;