SudoSOS Back-end API / rbac / AssignedRole

Class: AssignedRole

The AssignedRole entity represents the many-to-many relationship between users and roles in the Role-Based Access Control (RBAC) system. This entity allows individual users to be assigned specific roles, granting them the permissions associated with those roles.

Purpose and Usage

While the RBAC system primarily uses user types for automatic role assignment (via RoleUserType), AssignedRole provides explicit role assignment for individual users. This is useful for:

Custom Role Assignments: Granting specific roles to individual users
Testing: Assigning roles for testing purposes
Legacy Support: Maintaining compatibility with existing role assignment systems
Administrative Overrides: Manually assigning roles that differ from user type defaults

Relationship Model

User: Each assignment is linked to a specific user
Role: Each assignment grants a specific role to the user
Composite Key: The combination of userId and roleId forms a unique constraint

Role Assignment Hierarchy

Users can receive roles through multiple mechanisms:

User Type Assignment: Automatic roles based on user type (RoleUserType)
Individual Assignment: Explicit role assignment (AssignedRole)
Organ Membership: Additional roles through organ membership (OrganMembership)

Database Design

The entity uses a composite primary key (userId, roleId) to ensure that each user can only have one instance of each role. The relationship includes cascade delete behavior to maintain referential integrity.

Integration with Role Manager

The RoleManager's getRoles() method considers both user type assignments and individual role assignments when determining a user's effective roles.

Extends

BaseEntityWithoutId

Constructors

Constructor

new AssignedRole(): AssignedRole;

Returns

AssignedRole

Inherited from

BaseEntityWithoutId.constructor

Properties

Property	Modifier	Type	Description	Inherited from
`createdAt`	`readonly`	`Date`	The creation date of the object.	`BaseEntityWithoutId`.`createdAt`
`role`	`public`	`Role`	-	-
`roleId`	`public`	`number`	-	-
`updatedAt`	`readonly`	`Date`	The last update date of the object.	`BaseEntityWithoutId`.`updatedAt`
`user`	`public`	`User`	-	-
`userId`	`public`	`number`	-	-
`version`	`readonly`	`number`	The current version of the object.	`BaseEntityWithoutId`.`version`

containers

Classes

Interfaces

Type Aliases

point-of-sale

Classes

Interfaces

Type Aliases

product-categories

Classes

Interfaces

products

Classes

Interfaces

Type Aliases

Functions

vat

Enumerations

Classes

Interfaces

Functions

inactive-administrative-cost-request

Interfaces

inactive-administrative-cost-response

Interfaces

wrapped-response

Interfaces

user-notification-preference-controller

Classes

user-notification-preference

Enumerations

Classes

inactive-administrative-cost

Classes

user

Classes

wrapped

Classes

base.html

Interfaces

Functions

inactive-administrative-cost-report.html

Interfaces

Functions

transaction.html

Interfaces

Functions

transfer.html

Interfaces

Functions

inactive-administrative-cost-notification

Classes

transaction-notification

Classes

Functions

user-got-inactive-administrative-cost

Classes

user-type-updated

Classes

user-type-updated-with-reset

Classes

1761324427011-member-authenticator

Classes

1761328648026-add-organ-membership-index

Classes

1763399087409-rename-gewis-to-external

Classes

1764615514906-user-notification-preference

Classes

1764842063654-add-wrapped-table

Classes

1765826596888-add-wrapped-organ-member

Classes

1768697568707-user-setting

Classes

1769000095806-add-last-seen-to-user

Classes

abstract-channel

Classes

mail-channel