update updateRole endpoint

server/routers/external.ts

@@ -589,8 +589,8 @@ authenticated.get(
 );
 
 authenticated.post(
-    "/org/:orgId/role/:roleId",
+    "/role/:roleId",
-    verifyOrgAccess,
+    verifyRoleAccess,
     verifyUserHasAction(ActionsEnum.updateRole),
     logActionAudit(ActionsEnum.updateRole),
     role.updateRole

server/routers/integration.ts

@@ -468,8 +468,8 @@ authenticated.put(
 );
 
 authenticated.post(
-    "/org/:orgId/role/:roleId",
+    "/role/:roleId",
-    verifyApiKeyOrgAccess,
+    verifyApiKeyRoleAccess,
     verifyApiKeyHasAction(ActionsEnum.updateRole),
     logActionAudit(ActionsEnum.updateRole),
     role.updateRole

server/routers/role/updateRole.ts

@@ -1,6 +1,6 @@
 import { Request, Response, NextFunction } from "express";
 import { z } from "zod";
-import { db, orgs, type Role } from "@server/db";
+import { db, type Role } from "@server/db";
 import { roles } from "@server/db";
 import { eq } from "drizzle-orm";
 import response from "@server/lib/response";
@@ -13,7 +13,6 @@ import { isLicensedOrSubscribed } from "@server/lib/isLicencedOrSubscribed";
 import { OpenAPITags, registry } from "@server/openApi";
 
 const updateRoleParamsSchema = z.strictObject({
-    orgId: z.string(),
     roleId: z.string().transform(Number).pipe(z.int().positive())
 });
 
@@ -33,7 +32,7 @@ export type UpdateRoleResponse = Role;
 
 registry.registerPath({
     method: "post",
-    path: "/org/{orgId}/role/{roleId}",
+    path: "/role/{roleId}",
     description: "Update a role.",
     tags: [OpenAPITags.Role],
     request: {
@@ -75,14 +74,13 @@ export async function updateRole(
             );
         }
 
-        const { roleId, orgId } = parsedParams.data;
+        const { roleId } = parsedParams.data;
         const updateData = parsedBody.data;
 
         const role = await db
             .select()
             .from(roles)
             .where(eq(roles.roleId, roleId))
-            .innerJoin(orgs, eq(roles.orgId, orgs.orgId))
             .limit(1);
 
         if (role.length === 0) {
@@ -94,7 +92,7 @@ export async function updateRole(
             );
         }
 
-        if (role[0].roles.isAdmin) {
+        if (role[0].isAdmin) {
             return next(
                 createHttpError(
                     HttpCode.FORBIDDEN,
@@ -103,6 +101,16 @@ export async function updateRole(
             );
         }
 
+        const orgId = role[0].orgId;
+        if (!orgId) {
+            return next(
+                createHttpError(
+                    HttpCode.BAD_REQUEST,
+                    "Role does not have an organization ID"
+                )
+            );
+        }
+
         const isLicensed = await isLicensedOrSubscribed(orgId);
         if (build === "oss" || !isLicensed) {
             updateData.requireDeviceApproval = undefined;

src/components/EditRoleForm.tsx

@@ -86,7 +86,7 @@ export default function EditRoleForm({
         const res = await api
             .post<
                 AxiosResponse<UpdateRoleResponse>
-            >(`/org/${org?.org.orgId}/role/${role.roleId}`, values satisfies UpdateRoleBody)
+            >(`/role/${role.roleId}`, values satisfies UpdateRoleBody)
             .catch((e) => {
                 toast({
                     variant: "destructive",