From 517f3e2170e6a6e50344a6b6098bd1907b25427b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ivar=20Conradi=20=C3=98sthus?= <ivarconr@gmail.com>
Date: Wed, 28 Apr 2021 11:48:21 +0200
Subject: [PATCH] fix: migration to create root roles for users with
 permissions (#816)

* fix: migration to create root roles for users with permissions

needed to migrate enterprise users to rbac.

* fix: callback
---
 .../20210428062103-user-permission-to-rbac.js | 39 +++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 src/migrations/20210428062103-user-permission-to-rbac.js

diff --git a/src/migrations/20210428062103-user-permission-to-rbac.js b/src/migrations/20210428062103-user-permission-to-rbac.js
new file mode 100644
index 0000000000..36d5e75efd
--- /dev/null
+++ b/src/migrations/20210428062103-user-permission-to-rbac.js
@@ -0,0 +1,39 @@
+'use strict';
+
+const async = require('async');
+
+function resolveRoleName(permissions = []) {
+    if (permissions.length === 0) {
+        return 'Viewer';
+    }
+    if (permissions.includes('ADMIN')) {
+        return 'Admin';
+    }
+    return 'Editor';
+}
+
+exports.up = function(db, cb) {
+    db.runSql(`SELECT id, permissions from users;`, (err, results) => {
+        if (results.rowCount > 0) {
+            const users = results.rows;
+            const insertRootRole = users.map(u => {
+                const roleName = resolveRoleName(u.permissions);
+                return db.runSql.bind(
+                    db,
+                    `INSERT INTO role_user (role_id, user_id) 
+                     SELECT id, '${u.id}'
+                     FROM roles
+                     WHERE name = '${roleName}' AND type = 'root';`,
+                );
+            });
+            async.series(insertRootRole, cb);
+        } else {
+            cb();
+        }
+    });
+};
+
+exports.down = function(db, cb) {
+    // We can't just remove roles for users as we don't know if there has been any manual additions.
+    cb();
+};