refactor(user_roles): make org and merchant id nullable (#5353)

Co-authored-by: hyperswitch-bot[bot] <148525504+hyperswitch-bot[bot]@users.noreply.github.com> Co-authored-by: Mani Chandra Dulam <mani.dchandra@juspay.in>
2025-11-02 12:06:56 +08:00 · 2024-07-25 16:02:58 +05:30
parent 9ca9545318
commit 0330aff958
16 changed files with 545 additions and 202 deletions
--- a/crates/router/src/utils/user.rs
+++ b/crates/router/src/utils/user.rs
@ -6,7 +6,7 @@ use common_utils::{
    encryption::Encryption, errors::CustomResult, id_type, types::keymanager::Identifier,
 };
 use diesel_models::{enums::UserStatus, user_role::UserRole};
-use error_stack::ResultExt;
+use error_stack::{report, ResultExt};
 use masking::{ExposeInterface, Secret};
 use redis_interface::RedisConnectionPool;

@ -88,10 +88,20 @@ pub async fn generate_jwt_auth_token(
 ) -> UserResult<Secret<String>> {
    let token = AuthToken::new_token(
        user.get_user_id().to_string(),
-        user_role.merchant_id.clone(),
+        user_role
+            .merchant_id
+            .as_ref()
+            .ok_or(report!(UserErrors::InternalServerError))
+            .attach_printable("merchant_id not found for user_role")?
+            .clone(),
        user_role.role_id.clone(),
        &state.conf,
-        user_role.org_id.clone(),
+        user_role
+            .org_id
+            .as_ref()
+            .ok_or(report!(UserErrors::InternalServerError))
+            .attach_printable("org_id not found for user_role")?
+            .clone(),
    )
    .await?;
    Ok(Secret::new(token))
@ -124,7 +134,10 @@ pub fn get_dashboard_entry_response(
    let verification_days_left = get_verification_days_left(state, &user)?;

    Ok(user_api::DashboardEntryResponse {
-        merchant_id: user_role.merchant_id,
+        merchant_id: user_role.merchant_id.ok_or(
+            report!(UserErrors::InternalServerError)
+                .attach_printable("merchant_id not found for user_role"),
+        )?,
        token,
        name: user.get_name(),
        email: user.get_email(),
@ -163,8 +176,16 @@ pub fn get_multiple_merchant_details_with_status(
    user_roles
        .into_iter()
        .map(|user_role| {
+            let Some(merchant_id) = &user_role.merchant_id else {
+                return Err(report!(UserErrors::InternalServerError))
+                    .attach_printable("merchant_id not found for user_role");
+            };
+            let Some(org_id) = &user_role.org_id else {
+                return Err(report!(UserErrors::InternalServerError)
+                    .attach_printable("org_id not found in user_role"));
+            };
            let merchant_account = merchant_account_map
-                .get(&user_role.merchant_id)
+                .get(merchant_id)
                .ok_or(UserErrors::InternalServerError)
                .attach_printable("Merchant account for user role doesn't exist")?;

@ -174,12 +195,12 @@ pub fn get_multiple_merchant_details_with_status(
                .attach_printable("Role info for user role doesn't exist")?;

            Ok(user_api::UserMerchantAccount {
-                merchant_id: user_role.merchant_id,
+                merchant_id: merchant_id.to_owned(),
                merchant_name: merchant_account.merchant_name.clone(),
                is_active: user_role.status == UserStatus::Active,
                role_id: user_role.role_id,
                role_name: role_info.get_role_name().to_string(),
-                org_id: user_role.org_id,
+                org_id: org_id.to_owned(),
            })
        })
        .collect()
--- a/crates/router/src/utils/user_role.rs
+++ b/crates/router/src/utils/user_role.rs
@ -106,11 +106,18 @@ pub async fn set_role_permissions_in_cache_by_user_role(
    state: &SessionState,
    user_role: &UserRole,
 ) -> bool {
+    let Some(ref merchant_id) = user_role.merchant_id else {
+        return false;
+    };
+
+    let Some(ref org_id) = user_role.org_id else {
+        return false;
+    };
    set_role_permissions_in_cache_if_required(
        state,
        user_role.role_id.as_str(),
-        &user_role.merchant_id,
-        &user_role.org_id,
+        merchant_id,
+        org_id,
    )
    .await
    .map_err(|e| logger::error!("Error setting permissions in cache {:?}", e))
@ -149,15 +156,18 @@ pub async fn get_multiple_role_info_for_user_roles(
    user_roles: &[UserRole],
 ) -> UserResult<Vec<roles::RoleInfo>> {
    futures::future::try_join_all(user_roles.iter().map(|user_role| async {
-        let role = roles::RoleInfo::from_role_id(
-            state,
-            &user_role.role_id,
-            &user_role.merchant_id,
-            &user_role.org_id,
-        )
-        .await
-        .to_not_found_response(UserErrors::InternalServerError)
-        .attach_printable("Role for user role doesn't exist")?;
+        let Some(merchant_id) = &user_role.merchant_id else {
+            return Err(report!(UserErrors::InternalServerError))
+                .attach_printable("merchant_id not found for user_role");
+        };
+        let Some(org_id) = &user_role.org_id else {
+            return Err(report!(UserErrors::InternalServerError)
+                .attach_printable("org_id not found in user_role"));
+        };
+        let role = roles::RoleInfo::from_role_id(state, &user_role.role_id, merchant_id, org_id)
+            .await
+            .to_not_found_response(UserErrors::InternalServerError)
+            .attach_printable("Role for user role doesn't exist")?;
        Ok::<_, error_stack::Report<UserErrors>>(role)
    }))
    .await