fix: Make project roles resolve correctly against new environments permissions structure

src/lib/db/access-store.ts

@@ -170,6 +170,13 @@ export class AccessStore implements IAccessStore {
             .from<IRole>(T.ROLES);
     }
 
+    async getProjectRoles(): Promise<IRole[]> {
+        return this.db
+            .select(['id', 'name', 'type', 'description'])
+            .from<IRole>(T.ROLES)
+            .andWhere('type', 'project');
+    }
+
     async getRolesForProject(projectId: string): Promise<IRole[]> {
         return this.db
             .select(['id', 'name', 'type', 'project', 'description'])
@@ -201,11 +208,15 @@ export class AccessStore implements IAccessStore {
             .where('ru.user_id', '=', userId);
     }
 
-    async getUserIdsForRole(roleId: number): Promise<number[]> {
+    async getUserIdsForRole(
+        roleId: number,
+        projectId?: string,
+    ): Promise<number[]> {
         const rows = await this.db
             .select(['user_id'])
             .from<IRole>(T.ROLE_USER)
-            .where('role_id', roleId);
+            .where('role_id', roleId)
+            .andWhere('project', projectId);
         return rows.map((r) => r.user_id);
     }
 

src/lib/services/access-service.ts

@@ -218,6 +218,10 @@ export class AccessService {
         return { role, permissions: rolePerms, users };
     }
 
+    async getProjectRoles(): Promise<IRole[]> {
+        return this.store.getProjectRoles();
+    }
+
     async getRolesForProject(projectId: string): Promise<IRole[]> {
         return this.store.getRolesForProject(projectId);
     }
@@ -226,8 +230,14 @@ export class AccessService {
         return this.store.getRolesForUserId(userId);
     }
 
-    async getUsersForRole(roleId: number): Promise<IUser[]> {
-        const userIdList = await this.store.getUserIdsForRole(roleId);
+    async getUsersForRole(
+        roleId: number,
+        projectId?: string,
+    ): Promise<IUser[]> {
+        const userIdList = await this.store.getUserIdsForRole(
+            roleId,
+            projectId,
+        );
         if (userIdList.length > 0) {
             return this.userStore.getAllWithId(userIdList);
         }
@@ -238,11 +248,11 @@ export class AccessService {
     async getProjectRoleUsers(
         projectId: string,
     ): Promise<[IRole[], IUserWithRole[]]> {
-        const roles = await this.store.getRolesForProject(projectId);
+        const roles = await this.store.getProjectRoles();
 
         const users = await Promise.all(
             roles.map(async (role) => {
-                const usrs = await this.getUsersForRole(role.id);
+                const usrs = await this.getUsersForRole(role.id, projectId);
                 return usrs.map((u) => ({ ...u, roleId: role.id }));
             }),
         );

src/lib/types/stores/access-store.ts

@@ -24,10 +24,11 @@ export interface IAccessStore extends Store<IRole, number> {
     getPermissionsForRole(roleId: number): Promise<IUserPermission[]>;
     getRoles(): Promise<IRole[]>;
     getRolesForProject(projectId: string): Promise<IRole[]>;
+    getProjectRoles(): Promise<IRole[]>;
     getRootRoles(): Promise<IRole[]>;
     removeRolesForProject(projectId: string): Promise<void>;
     getRolesForUserId(userId: number): Promise<IRole[]>;
-    getUserIdsForRole(roleId: number): Promise<number[]>;
+    getUserIdsForRole(roleId: number, projectId?: string): Promise<number[]>;
     addEnvironmentPermissionsToRole(
         role_id: number,
         permissions: IPermission[],

src/test/fixtures/fake-access-store.ts

@@ -9,6 +9,10 @@ import {
 import { IAvailablePermissions, IPermission } from 'lib/types/model';
 
 class AccessStoreMock implements IAccessStore {
+    getProjectRoles(): Promise<IRole[]> {
+        throw new Error('Method not implemented.');
+    }
+
     addEnvironmentPermissionsToRole(
         role_id: number,
         permissions: IPermission[],
@@ -59,7 +63,7 @@ class AccessStoreMock implements IAccessStore {
         return Promise.resolve([]);
     }
 
-    getUserIdsForRole(roleId: number): Promise<number[]> {
+    getUserIdsForRole(roleId: number, projectId: string): Promise<number[]> {
         throw new Error('Method not implemented.');
     }