Support multiple roles

2026-05-11 23:04:59 +00:00 · 2026-05-04 14:54:20 -07:00
parent 660197eef1
commit a80ae49a33
5 changed files with 16 additions and 11 deletions
--- a/server/private/routers/policy/createResourcePolicy.ts
+++ b/server/private/routers/policy/createResourcePolicy.ts
@@ -143,7 +143,7 @@ export async function createResourcePolicy(
        }
        const { orgId } = parsedParams.data;

-        if (req.user && !req.userOrgRoleId) {
+        if (req.user && req.userOrgRoleIds?.length === 0) {
            return next(
                createHttpError(HttpCode.FORBIDDEN, "User does not have a role")
            );
@@ -304,7 +304,10 @@ export async function createResourcePolicy(

            const usersToAdd: InferInsertModel<typeof userPolicies>[] = [];

-            if (req.user && req.userOrgRoleId != adminRole[0].roleId) {
+            if (
+                req.user &&
+                !req.userOrgRoleIds?.includes(adminRole[0].roleId)
+            ) {
                // make sure the user can access the policy
                usersToAdd.push({
                    userId: req.user?.userId!,
--- a/server/private/routers/policy/listResourcePolicies.ts
+++ b/server/private/routers/policy/listResourcePolicies.ts
@@ -145,7 +145,7 @@ export async function listResourcePolicies(
                .where(
                    or(
                        eq(userPolicies.userId, req.user!.userId),
-                        eq(rolePolicies.roleId, req.userOrgRoleId!)
+                        inArray(rolePolicies.roleId, req.userOrgRoleIds || [])
                    )
                );
        } else {