refactor: enhance role management and permissions handling

- Introduced a new mutation for creating roles with validation and slugification of names. - Updated existing queries to improve role retrieval and error handling. - Enhanced permission copying functionality when creating new roles. - Improved code organization and readability by restructuring functions and adding type annotations.
2025-11-12 10:24:56 -03:00
parent 1c56d71d43
commit 90bc5771ae
3 changed files with 1668 additions and 1645 deletions
--- a/apps/web/src/routes/(dashboard)/ti/painel-permissoes/+page.svelte
+++ b/apps/web/src/routes/(dashboard)/ti/painel-permissoes/+page.svelte
--- a/apps/web/src/routes/(dashboard)/ti/times/+page.svelte
+++ b/apps/web/src/routes/(dashboard)/ti/times/+page.svelte
--- a/packages/backend/convex/roles.ts
+++ b/packages/backend/convex/roles.ts
@@ -1,35 +1,125 @@
-import { v } from "convex/values";
-import { query } from "./_generated/server";
+import { v } from 'convex/values';
+import { query, mutation } from './_generated/server';
+import type { Id } from './_generated/dataModel';
+import { getCurrentUserFunction } from './auth';

 /**
 * Listar todas as roles
 */
 export const listar = query({
-  args: {},
-  handler: async (ctx) => {
-    return await ctx.db.query("roles").collect();
-  },
+	args: {},
+	handler: async (ctx) => {
+		return await ctx.db.query('roles').collect();
+	}
 });

 /**
 * Buscar role por ID
 */
 export const buscarPorId = query({
-  args: {
-    roleId: v.id("roles"),
-  },
-  returns: v.union(
-    v.object({
-      _id: v.id("roles"),
-      nome: v.string(),
-      descricao: v.string(),
-      nivel: v.number(),
-      setor: v.optional(v.string()),
-    }),
-    v.null()
-  ),
-  handler: async (ctx, args) => {
-    return await ctx.db.get(args.roleId);
-  },
+	args: {
+		roleId: v.id('roles')
+	},
+	returns: v.union(
+		v.object({
+			_id: v.id('roles'),
+			nome: v.string(),
+			descricao: v.string(),
+			nivel: v.number(),
+			setor: v.optional(v.string())
+		}),
+		v.null()
+	),
+	handler: async (ctx, args) => {
+		return await ctx.db.get(args.roleId);
+	}
 });

+const slugify = (value: string) =>
+	value
+		.normalize('NFD')
+		.replace(/[\u0300-\u036f]/g, '')
+		.trim()
+		.toLowerCase()
+		.replace(/[^a-z0-9]+/g, '_')
+		.replace(/^_+|_+$/g, '')
+		.replace(/_{2,}/g, '_');
+
+export const criar = mutation({
+	args: {
+		nome: v.string(),
+		descricao: v.string(),
+		nivel: v.number(),
+		setor: v.optional(v.string()),
+		copiarDeRoleId: v.optional(v.id('roles'))
+	},
+	returns: v.union(
+		v.object({ sucesso: v.literal(true), roleId: v.id('roles') }),
+		v.object({ sucesso: v.literal(false), erro: v.string() })
+	),
+	handler: async (ctx, args) => {
+		const usuarioAtual = await getCurrentUserFunction(ctx);
+		if (!usuarioAtual) {
+			return { sucesso: false as const, erro: 'nao_autenticado' };
+		}
+
+		const roleAtual = await ctx.db.get(usuarioAtual.roleId);
+		if (!roleAtual || roleAtual.nivel > 1) {
+			return { sucesso: false as const, erro: 'sem_permissao' };
+		}
+
+		const nomeNormalizado = slugify(args.nome);
+		if (!nomeNormalizado) {
+			return { sucesso: false as const, erro: 'nome_invalido' };
+		}
+
+		const existente = await ctx.db
+			.query('roles')
+			.withIndex('by_nome', (q) => q.eq('nome', nomeNormalizado))
+			.unique();
+
+		if (existente) {
+			return { sucesso: false as const, erro: 'nome_ja_utilizado' };
+		}
+
+		let permissoesParaCopiar: Array<Id<'permissoes'>> = [];
+
+		if (args.copiarDeRoleId) {
+			const roleOrigem = await ctx.db.get(args.copiarDeRoleId);
+			if (!roleOrigem) {
+				return { sucesso: false as const, erro: 'role_origem_nao_encontrada' };
+			}
+
+			const permissoesOrigem = await ctx.db
+				.query('rolePermissoes')
+				.withIndex('by_role', (q) => q.eq('roleId', args.copiarDeRoleId!))
+				.collect();
+
+			permissoesParaCopiar = permissoesOrigem.map((item) => item.permissaoId);
+		}
+
+		const nivelAjustado = Math.min(Math.max(Math.round(args.nivel), 0), 10);
+		const setor = args.setor?.trim();
+
+		const roleId = await ctx.db.insert('roles', {
+			nome: nomeNormalizado,
+			descricao: args.descricao.trim() || args.nome.trim(),
+			nivel: nivelAjustado,
+			setor: setor && setor.length > 0 ? setor : undefined,
+			customizado: true,
+			criadoPor: usuarioAtual._id,
+			editavel: true
+		});
+
+		if (permissoesParaCopiar.length > 0) {
+			for (const permissaoId of permissoesParaCopiar) {
+				await ctx.db.insert('rolePermissoes', {
+					roleId,
+					permissaoId
+				});
+			}
+		}
+
+		return { sucesso: true as const, roleId };
+	}
+});