Merge pull request #10 from headlines-toolkit/fix_rbac

refactor(auth): streamline user retrieval and add admin user reposito…

Author: fulleni

lib/src/services/auth_service.dart

@@ -65,19 +65,7 @@ class AuthService {
     try {
       // For dashboard login, first validate the user exists and has permissions.
       if (isDashboardLogin) {
-        print('Dashboard login initiated for $email. Verifying user...');
-        User? user;
-        try {
-          final query = {'email': email};
-          final response = await _userRepository.readAllByQuery(query);
-          if (response.items.isNotEmpty) {
-            user = response.items.first;
-          }
-        } on HtHttpException catch (e) {
-          print('Repository error while verifying dashboard user $email: $e');
-          rethrow;
-        }
-
+        final user = await _findUserByEmail(email);
         if (user == null) {
           print('Dashboard login failed: User $email not found.');
           throw const UnauthorizedException(
@@ -162,12 +150,9 @@ class AuthService {
     User user;
     try {
       // Attempt to find user by email
-      final query = {'email': email};
-      final paginatedResponse = await _userRepository.readAllByQuery(query);
-
-      if (paginatedResponse.items.isNotEmpty) {
-        user = paginatedResponse.items.first;
-        print('Found existing user: ${user.id} for email $email');
+      final existingUser = await _findUserByEmail(email);
+      if (existingUser != null) {
+        user = existingUser;
       } else {
         // User not found.
         if (isDashboardLogin) {
@@ -556,4 +541,21 @@ class AuthService {
       throw OperationFailedException('Failed to delete user account: $e');
     }
   }
+
+  /// Finds a user by their email address.
+  ///
+  /// Returns the [User] if found, otherwise `null`.
+  /// Re-throws any [HtHttpException] from the repository.
+  Future<User?> _findUserByEmail(String email) async {
+    try {
+      final query = {'email': email};
+      final response = await _userRepository.readAllByQuery(query);
+      if (response.items.isNotEmpty) {
+        return response.items.first;
+      }
+      return null;
+    } on HtHttpException {
+      rethrow;
+    }
+  }
 }

routes/_middleware.dart

@@ -111,6 +111,19 @@ HtDataRepository<Country> _createCountryRepository() {
   return HtDataRepository<Country>(dataClient: client);
 }
 
+HtDataRepository<User> _createAdminUserRepository() {
+  print('Initializing User Repository with Admin...');
+  // This assumes `adminUserFixtureData` is available from `ht_shared`.
+  final initialData = usersFixturesData;
+  final client = HtDataInMemory<User>(
+    toJson: (u) => u.toJson(),
+    getId: (u) => u.id,
+    initialData: initialData,
+  );
+  print('User Repository Initialized with admin user.');
+  return HtDataRepository<User>(dataClient: client);
+}
+
 // New repositories for user settings and preferences
 HtDataRepository<UserAppSettings> _createUserAppSettingsRepository() {
   print('Initializing UserAppSettings Repository...');
@@ -187,15 +200,9 @@ Handler middleware(Handler handler) {
   const uuid = Uuid();
 
   // --- Auth Dependencies ---
-  // User Repo (using InMemory for now)
-  final userRepository = HtDataRepository<User>(
-    dataClient: HtDataInMemory<User>(
-      toJson: (u) => u.toJson(),
-      getId: (u) => u.id,
-      // No initial user data fixture needed for auth flow typically
-    ),
-  );
-  print('[MiddlewareSetup] HtDataRepository<User> instantiated.');
+  // User Repo with pre-loaded admin user
+  final userRepository = _createAdminUserRepository();
+  print('[MiddlewareSetup] HtDataRepository<User> with admin user instantiated.');
   // Email Repo (using InMemory)
   const emailRepository = HtEmailRepository(
     emailClient: HtEmailInMemoryClient(),