feat(tg): permissions

Author: lorenzocorallo

backend/src/db/schema/tg/index.ts

@@ -1,4 +1,5 @@
-import * as groups from "./groups"
-import * as test from "./test"
+import * as groups from "./groups";
+import * as test from "./test";
+import * as permissions from "./permissions";
 
-export const schema = {...groups, ...test}
+export const schema = { ...groups, ...test, ...permissions };

backend/src/db/schema/tg/permissions.ts

@@ -0,0 +1,48 @@
+import { timeColumns } from "@/db/columns";
+import { createTable } from "../create-table";
+import {
+  bigint,
+  index,
+  primaryKey,
+  varchar,
+} from "drizzle-orm/pg-core";
+
+export const USER_ROLE = {
+  ADMIN: "admin",
+  HR: "hr",
+  DIRETTIVO: "direttivo",
+  OWNER: "owner",
+} as const;
+
+export const ARRAY_USER_ROLE = [USER_ROLE.ADMIN, USER_ROLE.HR, USER_ROLE.DIRETTIVO, USER_ROLE.OWNER] as const
+export type TUserRole = (typeof USER_ROLE)[keyof typeof USER_ROLE];
+
+export const permissions = createTable.tg(
+  "permissions",
+  {
+    userId: bigint("user_id", { mode: "number" }).primaryKey(),
+    role: varchar("role", { length: 128 })
+      .$type<TUserRole>()
+      .default(USER_ROLE.ADMIN)
+      .notNull(),
+    addedBy: bigint("added_by_id", { mode: "number" }).notNull(),
+    modifiedBy: bigint("modified_by_id", { mode: "number" }),
+
+    ...timeColumns,
+  },
+);
+
+export const groupAdmins = createTable.tg(
+  "group_admins",
+  {
+    userId: bigint("user_id", { mode: "number" }).notNull(),
+    groupId: bigint("group_id", { mode: "number" }).notNull(),
+    addedBy: bigint("added_by_id", { mode: "number" }).notNull(),
+
+    ...timeColumns,
+  },
+  (t) => [
+    primaryKey({ columns: [t.userId, t.groupId] }),
+    index("user_id_idx").on(t.userId),
+  ],
+);

backend/src/routers/tg/index.ts

@@ -1,6 +1,8 @@
 import { createTRPCRouter } from "@/trpc";
 import groups from "./groups";
+import permissions from "./permissions";
 
 export const tgRouter = createTRPCRouter({
   groups,
+  permissions
 });

backend/src/routers/tg/permissions.ts

@@ -0,0 +1,78 @@
+import { DB, SCHEMA } from "@/db";
+import { ARRAY_USER_ROLE } from "@/db/schema/tg/permissions";
+import { createTRPCRouter, publicProcedure } from "@/trpc";
+import { and, eq } from "drizzle-orm";
+import { z } from "zod";
+
+const s = SCHEMA.TG;
+
+export default createTRPCRouter({
+  getRole: publicProcedure
+    .input(z.object({ userId: z.number() }))
+    .query(async ({ input }) => {
+      const [res] = await DB.select({
+        role: s.permissions.role,
+      })
+        .from(s.permissions)
+        .where(eq(s.permissions.userId, input.userId))
+        .limit(1);
+
+      return {
+        userId: input.userId,
+        role: res ? res.role : "user",
+      };
+    }),
+
+  setRole: publicProcedure
+    .input(
+      z.object({
+        userId: z.number(),
+        role: z.enum(ARRAY_USER_ROLE),
+        adderId: z.number(),
+      }),
+    )
+    .query(async ({ input }) => {
+      await DB.insert(s.permissions)
+        .values({
+          userId: input.userId,
+          role: input.role,
+          addedBy: input.adderId,
+        })
+        .onConflictDoUpdate({
+          target: s.permissions.userId,
+          set: { role: input.role, modifiedBy: input.adderId },
+        });
+    }),
+
+  checkGroup: publicProcedure
+    .input(z.object({ userId: z.number(), groupId: z.number() }))
+    .query(async ({ input }) => {
+      const res = await DB.$count(
+        s.groupAdmins,
+        and(
+          eq(s.groupAdmins.userId, input.userId),
+          eq(s.groupAdmins.groupId, input.groupId),
+        ),
+      );
+
+      return res != 0;
+    }),
+
+  addGroup: publicProcedure
+    .input(
+      z.object({
+        userId: z.number(),
+        adderId: z.number(),
+        groupId: z.number(),
+      }),
+    )
+    .query(async ({ input }) => {
+      await DB.insert(s.groupAdmins)
+        .values({
+          userId: input.userId,
+          groupId: input.groupId,
+          addedBy: input.adderId,
+        })
+        .onConflictDoNothing();
+    }),
+});