Kingsmai/pokopiawiki.tootaio.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): assign default editor role to verified users without roles

Browse Source 
Update bootstrap rules to grant 'editor' role to verified users
Backfill existing verified users without roles in schema.sql
Apply default role automatically during email verification
This commit is contained in:
xiaomai
2026-05-03 12:41:00 +08:00
parent 043ebe392a
commit b9ec8076ac
3 changed files with 34 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
backend/src/auth.ts
View File

@@ -422,6 +422,24 @@ async function ensureOwnerRoleForUser(client: DbClient, userId: number): Promise
);
}
async function ensureDefaultEditorRoleForUser(client: DbClient, userId: number): Promise<void> {
await client.query(
`
INSERT INTO user_roles (user_id, role_id)
SELECT $1, r.id
FROM roles r
WHERE r.key = 'editor'
AND NOT EXISTS (
SELECT 1
FROM user_roles ur
WHERE ur.user_id = $1
)
ON CONFLICT DO NOTHING
`,
[userId]
);
}
function toRoleSummary(row: RoleRow): RoleSummary {
return {
id: row.id,
@@ -832,6 +850,7 @@ export async function verifyEmail(payload: Record<string, unknown>, locale = def
user.id
]);
await ensureOwnerRoleForUser(client, user.id);
await ensureDefaultEditorRoleForUser(client, user.id);
const publicUser = await publicUserById(user.id, client);
return { message: await authMessage(locale, 'emailVerified'), user: publicUser ?? toPublicUser(user) };