feat(server): added in service script to run a crud
This commit is contained in:
57
server/services/auth/controllers/userRoles/setUserRoles.ts
Normal file
57
server/services/auth/controllers/userRoles/setUserRoles.ts
Normal file
@@ -0,0 +1,57 @@
|
||||
/*
|
||||
pass over a users uuid and return all modules they have permission too.
|
||||
in the login route we attach it to user under roles.
|
||||
*/
|
||||
|
||||
import {eq} from "drizzle-orm";
|
||||
import {db} from "../../../../../database/dbclient.js";
|
||||
import {userRoles} from "../../../../../database/schema/userRoles.js";
|
||||
import {users} from "../../../../../database/schema/users.js";
|
||||
import {modules} from "../../../../../database/schema/modules.js";
|
||||
import {roles} from "../../../../../database/schema/roles.js";
|
||||
import {setSysAdmin} from "./setSysAdmin.js";
|
||||
|
||||
export const setUserAccess = async (username: string, moduleName: string, roleName: string, override?: string) => {
|
||||
// get the user roles by the user_id
|
||||
const user = await db.select().from(users).where(eq(users.username, username));
|
||||
const module = await db.select().from(modules).where(eq(modules.name, moduleName));
|
||||
|
||||
if (process.env.SECRETOVERRIDECODE != override && roleName === "systemAdmin") {
|
||||
return {success: false, message: "The override code provided is invalid."};
|
||||
}
|
||||
|
||||
const role = await db.select().from(roles).where(eq(roles.name, roleName));
|
||||
|
||||
/**
|
||||
* For system admin we want to do a little more
|
||||
*/
|
||||
|
||||
if (roleName === "systemAdmin") {
|
||||
await setSysAdmin(user, roleName);
|
||||
return {
|
||||
success: true,
|
||||
message: `${username} has been granted access to ${moduleName} with the role ${roleName}`,
|
||||
};
|
||||
}
|
||||
//console.log(user, module, role);
|
||||
|
||||
// set the user
|
||||
try {
|
||||
const userRole = await db
|
||||
.insert(userRoles)
|
||||
.values({user_id: user[0].user_id, role_id: role[0].role_id, module_id: module[0].module_id, role: roleName});
|
||||
//.returning({user: users.username, email: users.email});
|
||||
|
||||
// return c.json({message: "User Registered", user}, 200);
|
||||
return {
|
||||
success: true,
|
||||
message: `${username} has been granted access to ${moduleName} with the role ${roleName}`,
|
||||
};
|
||||
} catch (error) {
|
||||
return {
|
||||
success: false,
|
||||
message: `There was an error granting ${username} access to ${moduleName} with the role ${roleName}`,
|
||||
data: error,
|
||||
};
|
||||
}
|
||||
};
|
||||
Reference in New Issue
Block a user