feat(roles): Add caching for custom roles (#3946)

crates/router/src/utils/user_role.rs

@@ -1,11 +1,14 @@
 use api_models::user_role as user_role_api;
 use common_enums::PermissionGroup;
-use error_stack::ResultExt;
+use diesel_models::user_role::UserRole;
+use error_stack::{IntoReport, ResultExt};
+use router_env::logger;
 
 use crate::{
+    consts,
     core::errors::{UserErrors, UserResult},
     routes::AppState,
-    services::authorization::{permissions::Permission, roles},
+    services::authorization::{self as authz, permissions::Permission, roles},
     types::domain,
 };
 
@@ -83,3 +86,47 @@ pub async fn validate_role_name(
 
     Ok(())
 }
+
+pub async fn set_role_permissions_in_cache_by_user_role(
+    state: &AppState,
+    user_role: &UserRole,
+) -> bool {
+    set_role_permissions_in_cache_if_required(
+        state,
+        user_role.role_id.as_str(),
+        user_role.merchant_id.as_str(),
+        user_role.org_id.as_str(),
+    )
+    .await
+    .map_err(|e| logger::error!("Error setting permissions in cache {:?}", e))
+    .is_ok()
+}
+
+pub async fn set_role_permissions_in_cache_if_required(
+    state: &AppState,
+    role_id: &str,
+    merchant_id: &str,
+    org_id: &str,
+) -> UserResult<()> {
+    if roles::predefined_roles::PREDEFINED_ROLES.contains_key(role_id) {
+        return Ok(());
+    }
+
+    let role_info = roles::RoleInfo::from_role_id(state, role_id, merchant_id, org_id)
+        .await
+        .change_context(UserErrors::InternalServerError)
+        .attach_printable("Error getting role_info from role_id")?;
+
+    authz::set_permissions_in_cache(
+        state,
+        role_id,
+        &role_info.get_permissions_set().into_iter().collect(),
+        consts::JWT_TOKEN_TIME_IN_SECS
+            .try_into()
+            .into_report()
+            .change_context(UserErrors::InternalServerError)?,
+    )
+    .await
+    .change_context(UserErrors::InternalServerError)
+    .attach_printable("Error setting permissions in redis")
+}