feat(permissions): creator role, check if user can add bot to chat

lorenzocorallo · lorenzocorallo · commit 71094a57deae · 2025-05-06T16:55:48.000+02:00
diff --git a/backend/package.json b/backend/package.json
@@ -1,6 +1,6 @@
 {
   "name": "backend",
-  "version": "0.6.1",
+  "version": "0.7.0",
   "description": "PoliNetwork backend server",
   "private": true,
   "keywords": [],
diff --git a/backend/src/db/schema/tg/permissions.ts b/backend/src/db/schema/tg/permissions.ts
@@ -11,10 +11,11 @@ export const USER_ROLE = {
   ADMIN: "admin",
   HR: "hr",
   DIRETTIVO: "direttivo",
+  CREATOR: "creator",
   OWNER: "owner",
 } as const;
 
-export const ARRAY_USER_ROLE = [USER_ROLE.ADMIN, USER_ROLE.HR, USER_ROLE.DIRETTIVO, USER_ROLE.OWNER] as const
+export const ARRAY_USER_ROLE = [USER_ROLE.ADMIN, USER_ROLE.HR, USER_ROLE.DIRETTIVO, USER_ROLE.OWNER, USER_ROLE.CREATOR] as const
 export type TUserRole = (typeof USER_ROLE)[keyof typeof USER_ROLE];
 
 export const permissions = createTable.tg(
diff --git a/backend/src/routers/tg/permissions.ts b/backend/src/routers/tg/permissions.ts
@@ -1,5 +1,9 @@
 import { DB, SCHEMA } from "@/db";
-import { ARRAY_USER_ROLE } from "@/db/schema/tg/permissions";
+import {
+  ARRAY_USER_ROLE,
+  TUserRole,
+  USER_ROLE,
+} from "@/db/schema/tg/permissions";
 import { createTRPCRouter, publicProcedure } from "@/trpc";
 import { and, eq } from "drizzle-orm";
 import { z } from "zod";
@@ -75,4 +79,39 @@ export default createTRPCRouter({
         })
         .onConflictDoNothing();
     }),
+
+  canAddBot: publicProcedure
+    .input(
+      z.object({
+        userId: z.number(),
+      }),
+    )
+    .output(
+      z.union([
+        z.object({ allowed: z.boolean(), error: z.null() }),
+        z.object({
+          allowed: z.literal(false),
+          error: z.enum(["NOT_FOUND"]),
+        }),
+      ]),
+    )
+    .query(async ({ input }) => {
+      const res = await DB.select({ role: s.permissions.role })
+        .from(s.permissions)
+        .where(eq(s.permissions.userId, input.userId))
+        .limit(1);
+
+      if (!res[0]) return { error: "NOT_FOUND", allowed: false };
+      const { role } = res[0];
+      const allowed = (
+        [
+          USER_ROLE.HR,
+          USER_ROLE.OWNER,
+          USER_ROLE.CREATOR,
+          USER_ROLE.DIRETTIVO,
+        ] as TUserRole[]
+      ).includes(role);
+
+      return { error: null, allowed };
+    }),
 });
diff --git a/package/package.json b/package/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@polinetwork/backend",
-  "version": "0.6.1",
+  "version": "0.7.0",
   "description": "Utils to interact with the backend.",
   "repository": {
     "type": "git",

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "backend",`
`3`		`- "version": "0.6.1",`
	`3`	`+ "version": "0.7.0",`
`4`	`4`	`"description": "PoliNetwork backend server",`
`5`	`5`	`"private": true,`
`6`	`6`	`"keywords": [],`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@polinetwork/backend",`
`3`		`- "version": "0.6.1",`
	`3`	`+ "version": "0.7.0",`
`4`	`4`	`"description": "Utils to interact with the backend.",`
`5`	`5`	`"repository": {`
`6`	`6`	`"type": "git",`