feat(roles): update role schema and add migration for roles and permissions

foyzulkarim · foyzulkarim · commit ba6f65bae440 · 2024-12-06T21:26:10.000+11:00
diff --git a/src/domains/index.js b/src/domains/index.js
@@ -1,12 +1,11 @@
-const productRoutes = require('./product');
 const userRoutes = require('./user');
 const repositoryRoutes = require('./repository');
 const prRoutes = require('./pull');
 const roleRoutes = require('./role');
 const resourceRoutes = require('./resource');
 
 const defineRoutes = async (expressRouter) => {
-  productRoutes(expressRouter);
+  
   userRoutes(expressRouter);
   repositoryRoutes(expressRouter);
   prRoutes(expressRouter);
diff --git a/src/domains/role/schema.js b/src/domains/role/schema.js
@@ -2,42 +2,35 @@ const mongoose = require('mongoose');
 const { baseSchema } = require('../../libraries/db/base-schema');
 
 const permissionSchema = new mongoose.Schema({
-  resource: {
-    type: mongoose.Schema.Types.ObjectId,
-    ref: 'Resource',
-    required: true,
-  },
-  canAccess: {
-    type: Boolean,
-    default: false,
-  },
-  isDisabled: {
-    type: Boolean,
-    default: false,
+  api: {
+    type: Array,
+    required: true
   },
+  client: {
+    type: Array, 
+    required: false
+  }
 });
 
 const roleSchema = new mongoose.Schema({
   name: {
     type: String,
     required: true,
     unique: true,
-    lowercase: true,
     trim: true,
   },
-  displayName: {
+  identifier: {
     type: String,
     required: true,
+    unique: true,
+    trim: true,
+    lowercase: true,
   },
-  description: {
-    type: String,
-    default: '',
-  },
-  permissions: [permissionSchema],
-  isSystem: {
+  isSystemManaged: {
     type: Boolean,
-    default: false,
+    default: true,
   },
+  permissions: permissionSchema,
 });
 
 roleSchema.add(baseSchema);
diff --git a/src/migrations/002-add-roles-permissions.js b/src/migrations/002-add-roles-permissions.js
@@ -0,0 +1,35 @@
+const Model = require('../domains/role/schema');
+const data = require("./files/002-roles.json");
+
+async function insert(item) {
+  try {
+    // check if data already exists by identifier
+    const exists = await Model.findOne({ identifier: item.identifier });
+    if (exists) {
+      console.log(`Role already exists: ${item.identifier}`);
+      return;
+    }
+    const result = await Model.create(item);
+    console.log(`Inserted role: ${item._id}`);
+    return result;
+  } catch (error) {
+    console.error(`Error inserting role ${item._id}:`, error);
+    throw error;
+  }
+}
+
+async function runMigration() {
+  console.log("Running migration: 002-add-roles-permissions");
+
+  try {
+    for (const role of data.roles) {
+      await insert(role);
+    }
+    console.log("Successfully completed migration 002");
+  } catch (error) {
+    console.error("Failed to complete migration 002:", error);
+    throw error;
+  }
+}
+
+module.exports = { runMigration }; 
diff --git a/src/migrations/files/002-roles.json b/src/migrations/files/002-roles.json
@@ -0,0 +1,40 @@
+{
+  "roles": [
+    {
+      "name": "Super admin",
+      "identifier": "superadmin",
+      "isSystemManaged": true,
+      "permissions": {
+        "api": [
+          "/api/*"
+        ],
+        "client": []
+      }
+    },
+    {
+      "name": "Admin",
+      "identifier": "admin",
+      "isSystemManaged": true,
+      "permissions": {
+        "api": [
+          "/api/v1/*",
+          "/api/users/search",
+          "/api/users/count",
+          "/api/users/detail/:id"
+        ],
+        "client": []
+      }
+    },
+    {
+      "name": "Visitor",
+      "identifier": "visitor",
+      "isSystemManaged": true,
+      "permissions": {
+        "api": [
+          "/api/v1/*"
+        ],
+        "client": []
+      }
+    }
+  ]
+}
