/* pass over a users uuid and return all modules they have permission too. in the login route we attach it to user under roles. */ import {eq} from "drizzle-orm"; import {db} from "../../../../../database/dbclient.js"; import {userRoles} from "../../../../../database/schema/userRoles.js"; import {users} from "../../../../../database/schema/users.js"; import {modules} from "../../../../../database/schema/modules.js"; import {roles} from "../../../../../database/schema/roles.js"; import {setSysAdmin} from "./setSysAdmin.js"; export const setUserAccess = async (username: string, moduleName: string, roleName: string, override?: string) => { // get the user roles by the user_id const user = await db.select().from(users).where(eq(users.username, username)); const module = await db.select().from(modules).where(eq(modules.name, moduleName)); if (process.env.SECRETOVERRIDECODE != override && roleName === "systemAdmin") { return {success: false, message: "The override code provided is invalid."}; } const role = await db.select().from(roles).where(eq(roles.name, roleName)); /** * For system admin we want to do a little more */ if (roleName === "systemAdmin") { await setSysAdmin(user, roleName); return { success: true, message: `${username} has been granted access to ${moduleName} with the role ${roleName}`, }; } //console.log(user, module, role); // set the user try { const userRole = await db .insert(userRoles) .values({user_id: user[0].user_id, role_id: role[0].role_id, module_id: module[0].module_id, role: roleName}); //.returning({user: users.username, email: users.email}); // return c.json({message: "User Registered", user}, 200); return { success: true, message: `${username} has been granted access to ${moduleName} with the role ${roleName}`, }; } catch (error) { return { success: false, message: `There was an error granting ${username} access to ${moduleName} with the role ${roleName}`, data: error, }; } };