Implement RBAC

2024-10-04 10:31:09 +02:00
parent 5251a637de
commit 70afa170ec
5 changed files with 30 additions and 2 deletions
--- a/api/db/migrations/20241004081930_add_roles_to_user/migration.sql
+++ b/api/db/migrations/20241004081930_add_roles_to_user/migration.sql
@ -0,0 +1,22 @@
+-- RedefineTables
+PRAGMA defer_foreign_keys=ON;
+PRAGMA foreign_keys=OFF;
+CREATE TABLE "new_User" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "email" TEXT NOT NULL,
+    "firstName" TEXT,
+    "lastName" TEXT,
+    "hashedPassword" TEXT,
+    "salt" TEXT,
+    "resetToken" TEXT,
+    "resetTokenExpiresAt" DATETIME,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "roles" TEXT NOT NULL DEFAULT 'user'
+);
+INSERT INTO "new_User" ("createdAt", "email", "firstName", "hashedPassword", "id", "lastName", "resetToken", "resetTokenExpiresAt", "salt", "updatedAt") SELECT "createdAt", "email", "firstName", "hashedPassword", "id", "lastName", "resetToken", "resetTokenExpiresAt", "salt", "updatedAt" FROM "User";
+DROP TABLE "User";
+ALTER TABLE "new_User" RENAME TO "User";
+CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
+PRAGMA foreign_keys=ON;
+PRAGMA defer_foreign_keys=OFF;
--- a/api/db/schema.prisma
+++ b/api/db/schema.prisma
@ -35,6 +35,7 @@ model User {
  resetTokenExpiresAt DateTime?
  createdAt           DateTime   @default(now())
  updatedAt           DateTime   @updatedAt
+  roles               String     @default("user")
 }

 model Identity {
--- a/api/src/lib/auth.ts
+++ b/api/src/lib/auth.ts
@ -36,7 +36,7 @@ export const getCurrentUser = async (session: Decoded) => {

  return await db.user.findUnique({
    where: { id: session.id },
-    select: { id: true },
+    select: { id: true, email: true, roles: true },
  })
 }