WIP - more admin users and roles

2025-12-30 09:10:45 +01:00
parent 3fbc019083
commit 6c29d18696
4 changed files with 331 additions and 8 deletions
--- a/backend/src/rbac/setup-roles.controller.ts
+++ b/backend/src/rbac/setup-roles.controller.ts
@@ -2,6 +2,7 @@ import {
  Controller,
  Get,
  Post,
+  Patch,
  Delete,
  Param,
  Body,
@@ -53,6 +54,46 @@ export class SetupRolesController {
    return role;
  }

+  @Patch(':id')
+  async updateRole(
+    @TenantId() tenantId: string,
+    @Param('id') id: string,
+    @Body() data: { name?: string; description?: string; guardName?: string },
+  ) {
+    const resolvedTenantId = await this.tenantDbService.resolveTenantId(tenantId);
+    const knex = await this.tenantDbService.getTenantKnexById(resolvedTenantId);
+    
+    const updateData: any = {};
+    
+    if (data.name) updateData.name = data.name;
+    if (data.description !== undefined) updateData.description = data.description;
+    if (data.guardName) updateData.guardName = data.guardName;
+    
+    const role = await Role.query(knex).patchAndFetchById(id, updateData);
+    return role;
+  }
+
+  @Delete(':id')
+  async deleteRole(
+    @TenantId() tenantId: string,
+    @Param('id') id: string,
+  ) {
+    const resolvedTenantId = await this.tenantDbService.resolveTenantId(tenantId);
+    const knex = await this.tenantDbService.getTenantKnexById(resolvedTenantId);
+    
+    // Delete role user assignments first
+    await knex('user_roles').where({ roleId: id }).delete();
+    
+    // Delete role permissions
+    await knex('role_permissions').where({ roleId: id }).delete();
+    await knex('role_object_permissions').where({ roleId: id }).delete();
+    
+    // Delete the role
+    await Role.query(knex).deleteById(id);
+    
+    return { success: true };
+  }
+
  @Post(':roleId/users')
  async addUserToRole(
    @TenantId() tenantId: string,
--- a/backend/src/rbac/setup-users.controller.ts
+++ b/backend/src/rbac/setup-users.controller.ts
@@ -2,6 +2,7 @@ import {
  Controller,
  Get,
  Post,
+  Patch,
  Delete,
  Param,
  Body,
@@ -57,6 +58,47 @@ export class SetupUsersController {
    return user;
  }

+  @Patch(':id')
+  async updateUser(
+    @TenantId() tenantId: string,
+    @Param('id') id: string,
+    @Body() data: { email?: string; password?: string; firstName?: string; lastName?: string },
+  ) {
+    const resolvedTenantId = await this.tenantDbService.resolveTenantId(tenantId);
+    const knex = await this.tenantDbService.getTenantKnexById(resolvedTenantId);
+    
+    const updateData: any = {};
+    
+    if (data.email) updateData.email = data.email;
+    if (data.firstName !== undefined) updateData.firstName = data.firstName;
+    if (data.lastName !== undefined) updateData.lastName = data.lastName;
+    
+    // Hash password if provided
+    if (data.password) {
+      updateData.password = await bcrypt.hash(data.password, 10);
+    }
+    
+    const user = await User.query(knex).patchAndFetchById(id, updateData);
+    return user;
+  }
+
+  @Delete(':id')
+  async deleteUser(
+    @TenantId() tenantId: string,
+    @Param('id') id: string,
+  ) {
+    const resolvedTenantId = await this.tenantDbService.resolveTenantId(tenantId);
+    const knex = await this.tenantDbService.getTenantKnexById(resolvedTenantId);
+    
+    // Delete user role assignments first
+    await knex('user_roles').where({ userId: id }).delete();
+    
+    // Delete the user
+    await User.query(knex).deleteById(id);
+    
+    return { success: true };
+  }
+
  @Post(':userId/roles')
  async addRoleToUser(
    @TenantId() tenantId: string,