feat: refactor role system to is_admin flag, add Badge component, fix native dialogs
- Separate admin identity from role: viewer|model + is_admin boolean flag - DB migration 0001_is_admin: adds column, migrates former admin role users - Update ACL helpers, auth session, GraphQL types and all resolvers - Admin layout guard and header links check is_admin instead of role - Admin users table: show Admin badge next to name, remove admin from role select - Admin user edit page: is_admin checkbox toggle - Install shadcn Badge component; use in admin users table - Fix duplicate photo keys in adminGetUser resolver - Replace confirm() in /me recordings with Dialog component Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -3,7 +3,7 @@ import { builder } from "../builder";
|
||||
import { CurrentUserType, UserType, AdminUserListType, AdminUserDetailType } from "../types/index";
|
||||
import { users, user_photos, files } from "../../db/schema/index";
|
||||
import { eq, ilike, or, count, and } from "drizzle-orm";
|
||||
import { requireRole } from "../../lib/acl";
|
||||
import { requireAdmin } from "../../lib/acl";
|
||||
|
||||
builder.queryField("me", (t) =>
|
||||
t.field({
|
||||
@@ -86,7 +86,7 @@ builder.queryField("adminListUsers", (t) =>
|
||||
offset: t.arg.int(),
|
||||
},
|
||||
resolve: async (_root, args, ctx) => {
|
||||
requireRole(ctx, "admin");
|
||||
requireAdmin(ctx);
|
||||
|
||||
const limit = args.limit ?? 50;
|
||||
const offset = args.offset ?? 0;
|
||||
@@ -126,6 +126,7 @@ builder.mutationField("adminUpdateUser", (t) =>
|
||||
args: {
|
||||
userId: t.arg.string({ required: true }),
|
||||
role: t.arg.string(),
|
||||
isAdmin: t.arg.boolean(),
|
||||
firstName: t.arg.string(),
|
||||
lastName: t.arg.string(),
|
||||
artistName: t.arg.string(),
|
||||
@@ -133,10 +134,11 @@ builder.mutationField("adminUpdateUser", (t) =>
|
||||
bannerId: t.arg.string(),
|
||||
},
|
||||
resolve: async (_root, args, ctx) => {
|
||||
requireRole(ctx, "admin");
|
||||
requireAdmin(ctx);
|
||||
|
||||
const updates: Record<string, unknown> = { date_updated: new Date() };
|
||||
if (args.role !== undefined && args.role !== null) updates.role = args.role as any;
|
||||
if (args.isAdmin !== undefined && args.isAdmin !== null) updates.is_admin = args.isAdmin;
|
||||
if (args.firstName !== undefined && args.firstName !== null)
|
||||
updates.first_name = args.firstName;
|
||||
if (args.lastName !== undefined && args.lastName !== null) updates.last_name = args.lastName;
|
||||
@@ -163,7 +165,7 @@ builder.mutationField("adminDeleteUser", (t) =>
|
||||
userId: t.arg.string({ required: true }),
|
||||
},
|
||||
resolve: async (_root, args, ctx) => {
|
||||
requireRole(ctx, "admin");
|
||||
requireAdmin(ctx);
|
||||
if (args.userId === ctx.currentUser!.id) throw new GraphQLError("Cannot delete yourself");
|
||||
await ctx.db.delete(users).where(eq(users.id, args.userId));
|
||||
return true;
|
||||
@@ -179,7 +181,7 @@ builder.queryField("adminGetUser", (t) =>
|
||||
userId: t.arg.string({ required: true }),
|
||||
},
|
||||
resolve: async (_root, args, ctx) => {
|
||||
requireRole(ctx, "admin");
|
||||
requireAdmin(ctx);
|
||||
const user = await ctx.db.select().from(users).where(eq(users.id, args.userId)).limit(1);
|
||||
if (!user[0]) return null;
|
||||
const photoRows = await ctx.db
|
||||
@@ -188,10 +190,11 @@ builder.queryField("adminGetUser", (t) =>
|
||||
.leftJoin(files, eq(user_photos.file_id, files.id))
|
||||
.where(eq(user_photos.user_id, args.userId))
|
||||
.orderBy(user_photos.sort);
|
||||
return {
|
||||
...user[0],
|
||||
photos: photoRows.map((p: any) => ({ id: p.id, filename: p.filename })),
|
||||
};
|
||||
const seen = new Set<string>();
|
||||
const photos = photoRows
|
||||
.filter((p: any) => p.id && !seen.has(p.id) && seen.add(p.id))
|
||||
.map((p: any) => ({ id: p.id, filename: p.filename }));
|
||||
return { ...user[0], photos };
|
||||
},
|
||||
}),
|
||||
);
|
||||
@@ -204,7 +207,7 @@ builder.mutationField("adminAddUserPhoto", (t) =>
|
||||
fileId: t.arg.string({ required: true }),
|
||||
},
|
||||
resolve: async (_root, args, ctx) => {
|
||||
requireRole(ctx, "admin");
|
||||
requireAdmin(ctx);
|
||||
await ctx.db.insert(user_photos).values({ user_id: args.userId, file_id: args.fileId });
|
||||
return true;
|
||||
},
|
||||
@@ -219,7 +222,7 @@ builder.mutationField("adminRemoveUserPhoto", (t) =>
|
||||
fileId: t.arg.string({ required: true }),
|
||||
},
|
||||
resolve: async (_root, args, ctx) => {
|
||||
requireRole(ctx, "admin");
|
||||
requireAdmin(ctx);
|
||||
await ctx.db
|
||||
.delete(user_photos)
|
||||
.where(and(eq(user_photos.user_id, args.userId), eq(user_photos.file_id, args.fileId)));
|
||||
|
||||
Reference in New Issue
Block a user