feat: enhance role management API with organization-specific role creation and retrieval, including comprehensive RBAC checks for permissions

2025-12-19 04:19:25 +00:00 · 2025-08-09 14:26:48 +02:00 · 2025-08-09 14:26:48 +02:00 · 531e1863c0
commit 531e1863c0
parent 3ce019abec
10 changed files with 2174 additions and 32 deletions
--- a/apps/web/components/Objects/Modals/Dash/OrgUsers/RolesUpdate.tsx
+++ b/apps/web/components/Objects/Modals/Dash/OrgUsers/RolesUpdate.tsx
@ -11,10 +11,12 @@ import * as Form from '@radix-ui/react-form'
 import { FormMessage } from '@radix-ui/react-form'
 import { getAPIUrl } from '@services/config/config'
 import { updateUserRole } from '@services/organizations/orgs'
+import { swrFetcher } from '@services/utils/ts/requests'
 import React, { useEffect } from 'react'
 import toast from 'react-hot-toast'
 import { BarLoader } from 'react-spinners'
 import { mutate } from 'swr'
+import useSWR from 'swr'

 interface Props {
  user: any
@ -25,13 +27,19 @@ interface Props {
 function RolesUpdate(props: Props) {
  const org = useOrg() as any
  const session = useLHSession() as any
-    const access_token = session?.data?.tokens?.access_token;
+  const access_token = session?.data?.tokens?.access_token;
  const [isSubmitting, setIsSubmitting] = React.useState(false)
  const [assignedRole, setAssignedRole] = React.useState(
    props.alreadyAssignedRole
  )
  const [error, setError] = React.useState(null) as any

+  // Fetch available roles for the organization
+  const { data: roles, error: rolesError } = useSWR(
+    org ? `${getAPIUrl()}roles/org/${org.id}` : null,
+    (url) => swrFetcher(url, access_token)
+  )
+
  const handleAssignedRole = (event: React.ChangeEvent<any>) => {
    setError(null)
    setAssignedRole(event.target.value)
@ -80,10 +88,20 @@ function RolesUpdate(props: Props) {
              defaultValue={assignedRole}
              className="border border-gray-300 rounded-md p-2"
              required
+              disabled={!roles || rolesError}
            >
-              <option value="role_global_admin">Admin </option>
-              <option value="role_global_maintainer">Maintainer</option>
-              <option value="role_global_user">User</option>
+              {!roles || rolesError ? (
+                <option value="">Loading roles...</option>
+              ) : (
+                <>
+                  <option value="">Select a role</option>
+                  {roles.map((role: any) => (
+                    <option key={role.id} value={role.role_uuid || role.id}>
+                      {role.name}
+                    </option>
+                  ))}
+                </>
+              )}
            </select>
          </Form.Control>
        </FormField>