[Feature] Implement “Get My Permissions” api service (#4000)

* add my role permissions API service

* Add a global jotai atom that holds the role permissions of the connected user

* add ai bot suggestions

* add ai bot suggestions

* add ai bot suggestions

Author: CREDO23

apps/web/core/components/layouts/app/init-state.tsx

@@ -17,7 +17,7 @@ import {
 	useEmployee
 } from '@/core/hooks/organizations';
 import { useWorkspaces, useCurrentOrg } from '@/core/hooks/auth';
-import { useRoles } from '@/core/hooks/roles';
+import { useRolePermissions, useRoles } from '@/core/hooks/roles';
 import {
 	useTaskStatistics,
 	useAutoAssignTask,
@@ -52,6 +52,7 @@ function InitState() {
 	const { firstLoadData: firstLoadAutoAssignTask } = useAutoAssignTask();
 	const { firstLoadRolesData } = useRoles();
 	const { firstLoadTaskStatusesData, loadTaskStatuses: loadTaskStatusesData } = useTaskStatus();
+	const { firstLoadMyRolePermissionsData } = useRolePermissions();
 
 	// Load workspaces data on app initialization
 	const { firstLoadWorkspacesData } = useWorkspaces();
@@ -102,6 +103,7 @@ function InitState() {
 		firstLoadDailyPlanData();
 		firstLoadDataEmployee();
 		firstLoadRolesData();
+		firstLoadMyRolePermissionsData();
 		// --------------
 
 		getTimerStatus();

apps/web/core/hooks/roles/use-role-permissions.ts

@@ -1,17 +1,21 @@
-import { rolePermissionsFormatedState, rolePermissionsState } from '@/core/stores';
+import { myRolePermissionsState, rolePermissionsFormatedState, rolePermissionsState } from '@/core/stores';
 import { useCallback } from 'react';
 import { useAtom } from 'jotai';
 import { useQuery, useMutation, useQueryClient } from '@tanstack/react-query';
 import cloneDeep from 'lodash/cloneDeep';
 import { rolePermissionService } from '@/core/services/client/api/roles/role-permission.service';
 import { TRolePermission } from '@/core/types/schemas/role/role-permission-schema';
 import { queryKeys } from '@/core/query/keys';
-import { useConditionalUpdateEffect } from '../common';
+import { useConditionalUpdateEffect, useFirstLoad } from '../common';
+import { getTenantIdCookie } from '@/core/lib/helpers/cookies';
 
 export const useRolePermissions = (roleId?: string) => {
 	const [rolePermissions, setRolePermissions] = useAtom(rolePermissionsState);
+	const [myRolePermissions, setMyRolePermissions] = useAtom(myRolePermissionsState);
 	const [rolePermissionsFormated, setRolePermissionsFormated] = useAtom(rolePermissionsFormatedState);
+	const { firstLoadData: firstLoadMyRolePermissionsData } = useFirstLoad();
 	const queryClient = useQueryClient();
+	const tenantId = getTenantIdCookie();
 
 	// Query for fetching role permissions
 	const rolePermissionsQuery = useQuery({
@@ -23,6 +27,12 @@ export const useRolePermissions = (roleId?: string) => {
 		enabled: !!roleId
 	});
 
+	const myRolePermissionsQuery = useQuery({
+		queryKey: queryKeys.roles.myPermissions(tenantId),
+		queryFn: () => rolePermissionService.getMyRolePermissions(),
+		enabled: !!tenantId
+	});
+
 	// Mutation for updating role permissions
 	const updateRolePermissionMutation = useMutation({
 		mutationFn: rolePermissionService.updateRolePermission,
@@ -63,6 +73,16 @@ export const useRolePermissions = (roleId?: string) => {
 		Boolean(rolePermissions?.length)
 	);
 
+	useConditionalUpdateEffect(
+		() => {
+			if (myRolePermissionsQuery.data?.items?.length) {
+				setMyRolePermissions(myRolePermissionsQuery.data.items);
+			}
+		},
+		[myRolePermissionsQuery.data],
+		Boolean(myRolePermissions?.length)
+	);
+
 	// For backward compatibility
 	const getRolePermissions = useCallback(
 		(id: string) => {
@@ -71,12 +91,24 @@ export const useRolePermissions = (roleId?: string) => {
 		[queryClient]
 	);
 
+	const getMyRolePermissions = useCallback(() => {
+		queryClient.invalidateQueries({ queryKey: queryKeys.roles.myPermissions(tenantId) });
+	}, [queryClient, tenantId]);
+
+	const handleFirstLoad = useCallback(async () => {
+		await myRolePermissionsQuery.refetch();
+		firstLoadMyRolePermissionsData();
+	}, [firstLoadMyRolePermissionsData, myRolePermissionsQuery]);
+
 	return {
 		loading: rolePermissionsQuery.isLoading,
 		rolePermissions,
 		getRolePermissions,
 		updateRolePermission: updateRolePermissionMutation.mutate,
 		updateRolePermissionLoading: updateRolePermissionMutation.isPending,
-		rolePermissionsFormated
+		rolePermissionsFormated,
+		myRolePermissions,
+		getMyRolePermissions,
+		firstLoadMyRolePermissionsData: handleFirstLoad
 	};
 };

apps/web/core/query/keys/index.ts

@@ -111,7 +111,9 @@ export const queryKeys = {
 		detail: (roleId: string | undefined | null) => ['roles', ...(roleId ? [roleId] : [])] as const,
 		permissions: (roleId: string | undefined | null) =>
 			['roles', ...(roleId ? [roleId] : []), 'permissions'] as const,
-		users: (roleId: string | undefined | null) => ['roles', ...(roleId ? [roleId] : []), 'users'] as const
+		users: (roleId: string | undefined | null) => ['roles', ...(roleId ? [roleId] : []), 'users'] as const,
+		myPermissions: (tenantId: string | undefined | null) =>
+			['roles', 'my-permissions', ...(tenantId ? [tenantId] : [])] as const
 	},
 	permissions: {
 		all: ['permissions'] as const,

apps/web/core/services/client/api/roles/role-permission.service.ts

@@ -80,6 +80,34 @@ class RolePermissionService extends APIService {
 			throw error;
 		}
 	};
+
+	/**
+	 * Get my role permissions
+	 *
+	 * @returns Promise<PaginationResponse<TRolePermission>> - Validated role permissions for current user
+	 * @throws ValidationError if response data doesn't match schema
+	 */
+
+	getMyRolePermissions = async () => {
+		try {
+			const response = await this.get<PaginationResponse<TRolePermission>>('/role-permissions/me');
+
+			// Validate the response data using Zod schema
+			return validatePaginationResponse(rolePermissionSchema, response.data, 'getMyRolePermissions API response');
+		} catch (error) {
+			if (error instanceof ZodValidationError) {
+				this.logger.error(
+					'Get my role permissions validation failed:',
+					{
+						message: error.message,
+						issues: error.issues
+					},
+					'RolePermissionService'
+				);
+			}
+			throw error;
+		}
+	};
 }
 
 export const rolePermissionService = new RolePermissionService(GAUZY_API_BASE_SERVER_URL.value);

apps/web/core/stores/auth/role-permissions.ts

@@ -2,7 +2,13 @@ import { TRolePermission } from '@/core/types/schemas/role/role-permission-schem
 import { atom } from 'jotai';
 
 export const rolePermissionsState = atom<TRolePermission[]>([]);
+export const myRolePermissionsState = atom<TRolePermission[]>([]);
 
 export const rolePermissionsFormatedState = atom<{
 	[key: string]: TRolePermission;
 }>({});
+
+export const myPermissions = atom<string[]>((get) => {
+	const myRolePermissions = get(myRolePermissionsState);
+	return myRolePermissions.map((item) => item.permission);
+});