feat(users): Add entity type filter in list users and list roles API (#5997)

2025-11-02 21:07:58 +08:00 · 2024-09-24 19:48:39 +05:30
parent aae2343910
commit 3ddfe53838
7 changed files with 180 additions and 86 deletions
--- a/crates/router/src/utils/user_role.rs
+++ b/crates/router/src/utils/user_role.rs
@ -14,7 +14,7 @@ use storage_impl::errors::StorageError;
 use crate::{
    consts,
    core::errors::{UserErrors, UserResult},
-    db::user_role::ListUserRolesByUserIdPayload,
+    db::user_role::{ListUserRolesByOrgIdPayload, ListUserRolesByUserIdPayload},
    routes::SessionState,
    services::authorization::{self as authz, permissions::Permission, roles},
    types::domain,
@ -398,3 +398,61 @@ pub async fn get_single_merchant_id_and_profile_id(

    Ok((merchant_id, profile_id))
 }
+
+pub async fn fetch_user_roles_by_payload(
+    state: &SessionState,
+    payload: ListUserRolesByOrgIdPayload<'_>,
+    request_entity_type: Option<EntityType>,
+) -> UserResult<HashSet<UserRole>> {
+    Ok(state
+        .store
+        .list_user_roles_by_org_id(payload)
+        .await
+        .change_context(UserErrors::InternalServerError)?
+        .into_iter()
+        .filter_map(|user_role| {
+            let (_entity_id, entity_type) = user_role.get_entity_id_and_type()?;
+            request_entity_type
+                .map_or(true, |req_entity_type| entity_type == req_entity_type)
+                .then_some(user_role)
+        })
+        .collect::<HashSet<_>>())
+}
+
+pub fn get_min_entity(
+    user_entity: EntityType,
+    filter_entity: Option<EntityType>,
+) -> UserResult<EntityType> {
+    match (user_entity, filter_entity) {
+        (EntityType::Organization, None)
+        | (EntityType::Organization, Some(EntityType::Organization)) => {
+            Ok(EntityType::Organization)
+        }
+
+        (EntityType::Merchant, None)
+        | (EntityType::Organization, Some(EntityType::Merchant))
+        | (EntityType::Merchant, Some(EntityType::Merchant)) => Ok(EntityType::Merchant),
+
+        (EntityType::Profile, None)
+        | (EntityType::Organization, Some(EntityType::Profile))
+        | (EntityType::Merchant, Some(EntityType::Profile))
+        | (EntityType::Profile, Some(EntityType::Profile)) => Ok(EntityType::Profile),
+
+        (EntityType::Internal, _) => Ok(EntityType::Internal),
+
+        (EntityType::Organization, Some(EntityType::Internal))
+        | (EntityType::Merchant, Some(EntityType::Internal))
+        | (EntityType::Profile, Some(EntityType::Internal)) => {
+            Err(UserErrors::InvalidRoleOperation.into())
+        }
+
+        (EntityType::Merchant, Some(EntityType::Organization))
+        | (EntityType::Profile, Some(EntityType::Organization))
+        | (EntityType::Profile, Some(EntityType::Merchant)) => {
+            Err(report!(UserErrors::InvalidRoleOperation)).attach_printable(format!(
+                "{} level user requesting data for {:?} level",
+                user_entity, filter_entity
+            ))
+        }
+    }
+}