rename super user to admin and middleware refactoring

2026-02-17 18:36:37 +00:00 · 2024-11-05 22:38:57 -05:00
parent 7b755a273c
commit 03051878ef
26 changed files with 790 additions and 529 deletions
--- a/server/routers/resource/createResource.ts
+++ b/server/routers/resource/createResource.ts
@@ -1,19 +1,29 @@
-import { Request, Response, NextFunction } from 'express';
-import { z } from 'zod';
-import { db } from '@server/db';
-import { orgs, resources, roleResources, roles, userResources } from '@server/db/schema';
+import { Request, Response, NextFunction } from "express";
+import { z } from "zod";
+import { db } from "@server/db";
+import {
+    orgs,
+    resources,
+    roleResources,
+    roles,
+    userResources,
+} from "@server/db/schema";
 import response from "@server/utils/response";
-import HttpCode from '@server/types/HttpCode';
-import createHttpError from 'http-errors';
-import { ActionsEnum, checkUserActionPermission } from '@server/auth/actions';
-import logger from '@server/logger';
-import { eq, and } from 'drizzle-orm';
-import stoi from '@server/utils/stoi';
-import { fromError } from 'zod-validation-error';
+import HttpCode from "@server/types/HttpCode";
+import createHttpError from "http-errors";
+import { ActionsEnum, checkUserActionPermission } from "@server/auth/actions";
+import logger from "@server/logger";
+import { eq, and } from "drizzle-orm";
+import stoi from "@server/utils/stoi";
+import { fromError } from "zod-validation-error";

 const createResourceParamsSchema = z.object({
-    siteId: z.string().optional().transform(stoi).pipe(z.number().int().positive().optional()),
-    orgId: z.string()
+    siteId: z
+        .string()
+        .optional()
+        .transform(stoi)
+        .pipe(z.number().int().positive().optional()),
+    orgId: z.string(),
 });

 // Define Zod schema for request body validation
@@ -22,7 +32,11 @@ const createResourceSchema = z.object({
    subdomain: z.string().min(1).max(255).optional(),
 });

-export async function createResource(req: Request, res: Response, next: NextFunction): Promise<any> {
+export async function createResource(
+    req: Request,
+    res: Response,
+    next: NextFunction
+): Promise<any> {
    try {
        // Validate request body
        const parsedBody = createResourceSchema.safeParse(req.body);
@@ -51,17 +65,28 @@ export async function createResource(req: Request, res: Response, next: NextFunc
        const { siteId, orgId } = parsedParams.data;

        // Check if the user has permission to list sites
-        const hasPermission = await checkUserActionPermission(ActionsEnum.createResource, req);
+        const hasPermission = await checkUserActionPermission(
+            ActionsEnum.createResource,
+            req
+        );
        if (!hasPermission) {
-            return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to perform this action'));
+            return next(
+                createHttpError(
+                    HttpCode.FORBIDDEN,
+                    "User does not have permission to perform this action"
+                )
+            );
        }

        if (!req.userOrgRoleId) {
-            return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have a role'));
+            return next(
+                createHttpError(HttpCode.FORBIDDEN, "User does not have a role")
+            );
        }

        // get the org
-        const org = await db.select()
+        const org = await db
+            .select()
            .from(orgs)
            .where(eq(orgs.orgId, orgId))
            .limit(1);
@@ -79,35 +104,35 @@ export async function createResource(req: Request, res: Response, next: NextFunc
        const fullDomain = `${subdomain}.${org[0].domain}`;

        // Create new resource in the database
-        const newResource = await db.insert(resources).values({
-            fullDomain,
-            siteId,
-            orgId,
-            name,
-            subdomain,
-        }).returning();
+        const newResource = await db
+            .insert(resources)
+            .values({
+                fullDomain,
+                siteId,
+                orgId,
+                name,
+                subdomain,
+            })
+            .returning();

-        // find the Super User roleId and also add the resource to the Super User role
-        const superUserRole = await db.select()
+        const adminRole = await db
+            .select()
            .from(roles)
-            .where(and(eq(roles.isSuperUserRole, true), eq(roles.orgId, orgId)))
+            .where(and(eq(roles.isAdmin, true), eq(roles.orgId, orgId)))
            .limit(1);

-        if (superUserRole.length === 0) {
+        if (adminRole.length === 0) {
            return next(
-                createHttpError(
-                    HttpCode.NOT_FOUND,
-                    `Super User role not found`
-                )
+                createHttpError(HttpCode.NOT_FOUND, `Admin role not found`)
            );
        }

        await db.insert(roleResources).values({
-            roleId: superUserRole[0].roleId,
+            roleId: adminRole[0].roleId,
            resourceId: newResource[0].resourceId,
        });

-        if (req.userOrgRoleId != superUserRole[0].roleId) {
+        if (req.userOrgRoleId != adminRole[0].roleId) {
            // make sure the user can access the resource
            await db.insert(userResources).values({
                userId: req.user?.userId!,
@@ -124,6 +149,11 @@ export async function createResource(req: Request, res: Response, next: NextFunc
        });
    } catch (error) {
        throw error;
-        return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred..."));
+        return next(
+            createHttpError(
+                HttpCode.INTERNAL_SERVER_ERROR,
+                "An error occurred..."
+            )
+        );
    }
 }