add add/remove user/roles to siteResources/resources to integration api

2026-02-16 18:06:39 +00:00 · 2025-11-06 21:25:20 -08:00
parent bdb564823d
commit 76d54b2d0f
20 changed files with 1370 additions and 65 deletions
--- a/server/routers/integration.ts
+++ b/server/routers/integration.ts
@@ -229,6 +229,42 @@ authenticated.post(
    siteResource.setSiteResourceUsers
 );

+authenticated.post(
+    "/site-resource/:siteResourceId/roles/add",
+    verifyApiKeySiteResourceAccess,
+    verifyApiKeyRoleAccess,
+    verifyApiKeyHasAction(ActionsEnum.setResourceRoles),
+    logActionAudit(ActionsEnum.setResourceRoles),
+    siteResource.addRoleToSiteResource
+);
+
+authenticated.post(
+    "/site-resource/:siteResourceId/roles/remove",
+    verifyApiKeySiteResourceAccess,
+    verifyApiKeyRoleAccess,
+    verifyApiKeyHasAction(ActionsEnum.setResourceRoles),
+    logActionAudit(ActionsEnum.setResourceRoles),
+    siteResource.removeRoleFromSiteResource
+);
+
+authenticated.post(
+    "/site-resource/:siteResourceId/users/add",
+    verifyApiKeySiteResourceAccess,
+    verifyApiKeySetResourceUsers,
+    verifyApiKeyHasAction(ActionsEnum.setResourceUsers),
+    logActionAudit(ActionsEnum.setResourceUsers),
+    siteResource.addUserToSiteResource
+);
+
+authenticated.post(
+    "/site-resource/:siteResourceId/users/remove",
+    verifyApiKeySiteResourceAccess,
+    verifyApiKeySetResourceUsers,
+    verifyApiKeyHasAction(ActionsEnum.setResourceUsers),
+    logActionAudit(ActionsEnum.setResourceUsers),
+    siteResource.removeUserFromSiteResource
+);
+
 authenticated.put(
    "/org/:orgId/resource",
    verifyApiKeyOrgAccess,
@@ -444,6 +480,42 @@ authenticated.post(
    resource.setResourceUsers
 );

+authenticated.post(
+    "/resource/:resourceId/roles/add",
+    verifyApiKeyResourceAccess,
+    verifyApiKeyRoleAccess,
+    verifyApiKeyHasAction(ActionsEnum.setResourceRoles),
+    logActionAudit(ActionsEnum.setResourceRoles),
+    resource.addRoleToResource
+);
+
+authenticated.post(
+    "/resource/:resourceId/roles/remove",
+    verifyApiKeyResourceAccess,
+    verifyApiKeyRoleAccess,
+    verifyApiKeyHasAction(ActionsEnum.setResourceRoles),
+    logActionAudit(ActionsEnum.setResourceRoles),
+    resource.removeRoleFromResource
+);
+
+authenticated.post(
+    "/resource/:resourceId/users/add",
+    verifyApiKeyResourceAccess,
+    verifyApiKeySetResourceUsers,
+    verifyApiKeyHasAction(ActionsEnum.setResourceUsers),
+    logActionAudit(ActionsEnum.setResourceUsers),
+    resource.addUserToResource
+);
+
+authenticated.post(
+    "/resource/:resourceId/users/remove",
+    verifyApiKeyResourceAccess,
+    verifyApiKeySetResourceUsers,
+    verifyApiKeyHasAction(ActionsEnum.setResourceUsers),
+    logActionAudit(ActionsEnum.setResourceUsers),
+    resource.removeUserFromResource
+);
+
 authenticated.post(
    `/resource/:resourceId/password`,
    verifyApiKeyResourceAccess,