more user role stuff

server/routers/org/createOrg.ts

@@ -2,7 +2,7 @@ import { Request, Response, NextFunction } from "express";
 import { z } from "zod";
 import { db } from "@server/db";
 import { eq } from "drizzle-orm";
-import { orgs, userOrgs } from "@server/db/schema";
+import { orgs, roleActions, roles, userOrgs } from "@server/db/schema";
 import response from "@server/utils/response";
 import HttpCode from "@server/types/HttpCode";
 import createHttpError from "http-errors";
@@ -10,6 +10,7 @@ import logger from "@server/logger";
 import { createAdminRole } from "@server/db/ensureActions";
 import config from "@server/config";
 import { fromError } from "zod-validation-error";
+import { defaultRoleAllowedActions } from "../role";
 
 const createOrgSchema = z.object({
     orgId: z.string(),
@@ -96,6 +97,26 @@ export async function createOrg(
             })
             .execute();
 
+        const memberRole = await db
+            .insert(roles)
+            .values({
+                name: "Member",
+                description: "Members can only view resources",
+                orgId,
+            })
+            .returning();
+
+        await db
+            .insert(roleActions)
+            .values(
+                defaultRoleAllowedActions.map((action) => ({
+                    roleId: memberRole[0].roleId,
+                    actionId: action,
+                    orgId,
+                }))
+            )
+            .execute();
+
         return response(res, {
             data: newOrg[0],
             success: true,