feat: introduce role based access control

packages/backend/src/helpers/authentication.ts

@@ -12,7 +12,15 @@ const isAuthenticated = rule()(async (_parent, _args, req) => {
     const { userId } = jwt.verify(token, appConfig.appSecretKey) as {
       userId: string;
     };
-    req.currentUser = await User.query().findById(userId).throwIfNotFound();
+    req.currentUser = await User
+      .query()
+      .findById(userId)
+      .joinRelated({
+        permissions: true,
+      })
+      .withGraphFetched({
+        permissions: true,
+      });
 
     return true;
   } catch (error) {

packages/backend/src/helpers/pagination.ts

@@ -1,10 +1,11 @@
 import { Model } from 'objection';
 import ExtendedQueryBuilder from '../models/query-builder';
+import type Base from '../models/base';
 
 const paginate = async (
   query: ExtendedQueryBuilder<Model, Model[]>,
   limit: number,
-  offset: number
+  offset: number,
 ) => {
   if (limit < 1 || limit > 100) {
     throw new Error('Limit must be between 1 and 100');
@@ -20,11 +21,9 @@ const paginate = async (
       currentPage: Math.ceil(offset / limit + 1),
       totalPages: Math.ceil(count / limit),
     },
-    edges: records.map((record: Model) => {
-      return {
-        node: record,
-      };
-    }),
+    edges: records.map((record: Base) => ({
+      node: record,
+    })),
   };
 };