feat: write REST API endpoint to update role

2024-09-04 15:18:52 +00:00
parent 1818930d2f
commit 3e34359fa9
6 changed files with 300 additions and 0 deletions
--- a/packages/backend/src/models/role.js
+++ b/packages/backend/src/models/role.js
@@ -1,6 +1,7 @@
 import Base from './base.js';
 import Permission from './permission.js';
 import User from './user.js';
+import NotAuthorizedError from '../errors/not-authorized.js';

 class Role extends Base {
  static tableName = 'roles';
@@ -48,6 +49,42 @@ class Role extends Base {
  static async findAdmin() {
    return await this.query().findOne({ name: 'Admin' });
  }
+
+  async updateWithPermissions(data) {
+    if (this.isAdmin) {
+      throw new NotAuthorizedError('The admin role cannot be altered!');
+    }
+
+    const { name, description, permissions } = data;
+
+    return await Role.transaction(async (trx) => {
+      await this.$relatedQuery('permissions', trx).delete();
+
+      if (permissions?.length) {
+        const sanitizedPermissions = Permission.sanitize(permissions).map(
+          (permission) => ({
+            ...permission,
+            roleId: this.id,
+          })
+        );
+
+        await Permission.query().insert(sanitizedPermissions);
+      }
+
+      await this.$query(trx).patch({
+        name,
+        description,
+      });
+
+      return await this.$query(trx)
+        .leftJoinRelated({
+          permissions: true,
+        })
+        .withGraphFetched({
+          permissions: true,
+        });
+    });
+  }
 }

 export default Role;