Multi-role members, round detail UI overhaul, dashboard jury progress, and submit bug fix
Some checks failed
Build and Push Docker Image / build (push) Has been cancelled
Some checks failed
Build and Push Docker Image / build (push) Has been cancelled
- Add roles UserRole[] to User model with migration + backfill from existing role column - Update auth JWT/session to propagate roles array with [role] fallback for stale tokens - Update tRPC hasRole() middleware and add userHasRole() helper for inline role checks - Update ~15 router inline checks and ~13 DB queries to use roles array - Add updateRoles admin mutation with SUPER_ADMIN guard and priority-based primary role - Add role switcher UI in admin sidebar and role-nav for multi-role users - Remove redundant stats cards from round detail, add window dates to header banner - Merge Members section into JuryProgressTable with inline cap editor and remove buttons - Reorder round detail assignments tab: Progress > Score Dist > Assignments > Coverage > Jury Group - Make score distribution fill full vertical height, reassignment history always open - Add per-juror progress bars to admin dashboard ActiveRoundPanel for EVALUATION rounds - Fix evaluation submit bug: use isSubmitting state instead of startMutation.isPending Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -2,6 +2,7 @@ import crypto from 'crypto'
|
||||
import { z } from 'zod'
|
||||
import { TRPCError } from '@trpc/server'
|
||||
import type { Prisma } from '@prisma/client'
|
||||
import { UserRole } from '@prisma/client'
|
||||
import { router, protectedProcedure, adminProcedure, superAdminProcedure, publicProcedure } from '../trpc'
|
||||
import { sendInvitationEmail, sendMagicLinkEmail } from '@/lib/email'
|
||||
import { hashPassword, validatePassword } from '@/lib/password'
|
||||
@@ -275,6 +276,7 @@ export const userRouter = router({
|
||||
email: true,
|
||||
name: true,
|
||||
role: true,
|
||||
roles: true,
|
||||
status: true,
|
||||
expertiseTags: true,
|
||||
maxAssignments: true,
|
||||
@@ -929,7 +931,7 @@ export const userRouter = router({
|
||||
)
|
||||
.query(async ({ ctx, input }) => {
|
||||
const where: Record<string, unknown> = {
|
||||
role: 'JURY_MEMBER',
|
||||
roles: { has: 'JURY_MEMBER' },
|
||||
status: 'ACTIVE',
|
||||
}
|
||||
|
||||
@@ -1525,4 +1527,29 @@ export const userRouter = router({
|
||||
globalDigestSections: digestSections?.value ? JSON.parse(digestSections.value) : [],
|
||||
}
|
||||
}),
|
||||
|
||||
/**
|
||||
* Update a user's roles array (admin only)
|
||||
* Also updates the primary role to the highest privilege role in the array.
|
||||
*/
|
||||
updateRoles: adminProcedure
|
||||
.input(z.object({
|
||||
userId: z.string(),
|
||||
roles: z.array(z.nativeEnum(UserRole)).min(1),
|
||||
}))
|
||||
.mutation(async ({ ctx, input }) => {
|
||||
// Guard: only SUPER_ADMIN can grant SUPER_ADMIN
|
||||
if (input.roles.includes('SUPER_ADMIN') && ctx.user.role !== 'SUPER_ADMIN') {
|
||||
throw new TRPCError({ code: 'FORBIDDEN', message: 'Only super admins can grant super admin role' })
|
||||
}
|
||||
|
||||
// Set primary role to highest privilege role
|
||||
const rolePriority: UserRole[] = ['SUPER_ADMIN', 'PROGRAM_ADMIN', 'JURY_MEMBER', 'MENTOR', 'OBSERVER', 'AWARD_MASTER', 'APPLICANT', 'AUDIENCE']
|
||||
const primaryRole = rolePriority.find(r => input.roles.includes(r)) || input.roles[0]
|
||||
|
||||
return ctx.prisma.user.update({
|
||||
where: { id: input.userId },
|
||||
data: { roles: input.roles, role: primaryRole },
|
||||
})
|
||||
}),
|
||||
})
|
||||
|
||||
Reference in New Issue
Block a user