Refactor user role handling to use single role object

2025-11-27 21:34:54 +00:00 · 2024-12-16 00:16:24 -06:00
parent 37d016ea43
commit 852299a273
13 changed files with 43 additions and 96 deletions
--- a/libs/common/src/auth/interfaces/auth.interface.ts
+++ b/libs/common/src/auth/interfaces/auth.interface.ts
@ -4,5 +4,5 @@ export class AuthInterface {
  uuid: string;
  sessionId: string;
  id: number;
-  roles?: string[];
+  role?: object;
 }
--- a/libs/common/src/auth/services/auth.service.ts
+++ b/libs/common/src/auth/services/auth.service.ts
@ -39,7 +39,7 @@ export class AuthService {
            }
          : undefined,
      },
-      relations: ['roles.roleType'],
+      relations: ['roleType'],
    });

    if (!user.isUserVerified) {
@ -85,9 +85,8 @@ export class AuthService {
      email: user.email,
      userId: user.userId,
      uuid: user.uuid,
-      type: user.type,
      sessionId: user.sessionId,
-      roles: user?.roles,
+      role: user?.role,
      googleCode: user.googleCode,
    };
    if (payload.googleCode) {
--- a/libs/common/src/auth/strategies/jwt.strategy.ts
+++ b/libs/common/src/auth/strategies/jwt.strategy.ts
@ -31,7 +31,7 @@ export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
        userUuid: payload.uuid,
        uuid: payload.uuid,
        sessionId: payload.sessionId,
-        roles: payload?.roles,
+        role: payload?.role,
      };
    } else {
      throw new BadRequestException('Unauthorized');
--- a/libs/common/src/auth/strategies/refresh-token.strategy.ts
+++ b/libs/common/src/auth/strategies/refresh-token.strategy.ts
@ -34,7 +34,7 @@ export class RefreshTokenStrategy extends PassportStrategy(
        userUuid: payload.uuid,
        uuid: payload.uuid,
        sessionId: payload.sessionId,
-        roles: payload?.roles,
+        role: payload?.role,
      };
    } else {
      throw new BadRequestException('Unauthorized');
--- a/libs/common/src/constants/role.type.enum.ts
+++ b/libs/common/src/constants/role.type.enum.ts
@ -1,4 +1,6 @@
 export enum RoleType {
  SUPER_ADMIN = 'SUPER_ADMIN',
  ADMIN = 'ADMIN',
+  SPACE_OWNER = 'SPACE_OWNER',
+  SPACE_MEMBER = 'SPACE_MEMBER',
 }
--- a/libs/common/src/seed/services/role.type.seeder.ts
+++ b/libs/common/src/seed/services/role.type.seeder.ts
@ -19,7 +19,12 @@ export class RoleTypeSeeder {
      if (!roleTypeNames.includes(RoleType.ADMIN)) {
        missingRoleTypes.push(RoleType.ADMIN);
      }
-
+      if (!roleTypeNames.includes(RoleType.SPACE_OWNER)) {
+        missingRoleTypes.push(RoleType.SPACE_OWNER);
+      }
+      if (!roleTypeNames.includes(RoleType.SPACE_MEMBER)) {
+        missingRoleTypes.push(RoleType.SPACE_MEMBER);
+      }
      if (missingRoleTypes.length > 0) {
        await this.addRoleTypeData(missingRoleTypes);
      }
--- a/libs/common/src/seed/services/supper.admin.seeder.ts
+++ b/libs/common/src/seed/services/supper.admin.seeder.ts
@ -1,7 +1,6 @@
 import { Injectable } from '@nestjs/common';
 import { UserRepository } from '@app/common/modules/user/repositories';
 import { RoleType } from '@app/common/constants/role.type.enum';
-import { UserRoleRepository } from '@app/common/modules/user/repositories';
 import { RoleTypeRepository } from '@app/common/modules/role-type/repositories';
 import { ConfigService } from '@nestjs/config';
 import { HelperHashService } from '../../helper/services';
@ -11,19 +10,23 @@ export class SuperAdminSeeder {
  constructor(
    private readonly configService: ConfigService,
    private readonly userRepository: UserRepository,
-    private readonly userRoleRepository: UserRoleRepository,
    private readonly roleTypeRepository: RoleTypeRepository,
    private readonly helperHashService: HelperHashService,
  ) {}

  async createSuperAdminIfNotFound(): Promise<void> {
    try {
-      const superAdminData = await this.userRoleRepository.find({
-        where: { roleType: { type: RoleType.SUPER_ADMIN } },
+      const superAdmin = await this.userRepository.findOne({
+        where: {
+          roleType: { type: RoleType.SUPER_ADMIN },
+          email: this.configService.get<string>(
+            'super-admin.SUPER_ADMIN_EMAIL',
+          ),
+        },
        relations: ['roleType'],
      });

-      if (superAdminData.length <= 0) {
+      if (!superAdmin) {
        // Create the super admin user if not found
        console.log('Creating super admin user...');

@ -48,20 +51,16 @@ export class SuperAdminSeeder {
      salt,
    );
    try {
-      const user = await this.userRepository.save({
+      const defaultUserRoleUuid = await this.getRoleUuidByRoleType(
+        RoleType.SUPER_ADMIN,
+      );
+      await this.userRepository.save({
        email: this.configService.get<string>('super-admin.SUPER_ADMIN_EMAIL'),
        password: hashedPassword,
        firstName: 'Super',
        lastName: 'Admin',
        isUserVerified: true,
        isActive: true,
-      });
-      const defaultUserRoleUuid = await this.getRoleUuidByRoleType(
-        RoleType.SUPER_ADMIN,
-      );
-
-      await this.userRoleRepository.save({
-        user: { uuid: user.uuid },
        roleType: { uuid: defaultUserRoleUuid },
      });
    } catch (err) {