SudoSOS Back-end API / rbac / RoleUserType

Class: RoleUserType

The RoleUserType entity represents the many-to-many relationship between user types and roles in the Role-Based Access Control (RBAC) system. This entity enables automatic role assignment based on a user's type.

Purpose and Usage

RoleUserType allows the system to automatically assign roles to users based on their user type, eliminating the need for manual role assignment for common user categories. This is the primary mechanism for role assignment in the RBAC system.

User Types and Role Assignment

Different user types receive different sets of roles:

MEMBER: Regular association members with basic access
LOCAL_USER: Local users with limited permissions
LOCAL_ADMIN: Local administrators with elevated privileges
ORGAN: Organization accounts with specific permissions
VOUCHER: Voucher accounts with restricted access
INVOICE: Invoice-related accounts
POINT_OF_SALE: Point of sale system accounts

Automatic Role Assignment Flow

User Creation: When a user is created with a specific user type
Role Lookup: System queries RoleUserType for roles associated with that user type
Role Assignment: User automatically receives all roles linked to their user type
Permission Evaluation: RoleManager uses these roles for permission checks

Relationship Model

Role: Each relationship links a specific role to a user type
UserType: Each relationship specifies which user type receives the role
Composite Key: The combination of roleId and userType forms a unique constraint

Database Design

The entity uses a composite primary key (roleId, userType) to ensure that each role can only be assigned once per user type. The relationship includes cascade behavior for maintaining referential integrity.

Integration with Role Manager

The RoleManager's getRoles() method queries RoleUserType to determine which roles a user should have based on their user type, providing the foundation for permission evaluation.

Extends

BaseEntity

Constructors

Constructor

new RoleUserType(): RoleUserType;

Returns

RoleUserType

Inherited from

BaseEntity.constructor

Properties

Property	Modifier	Type
`role`	`public`	`Role`
`roleId`	`public`	`number`
`userType`	`public`	`UserType`

containers

Classes

Interfaces

Type Aliases

point-of-sale

Classes

Interfaces

Type Aliases

product-categories

Classes

Interfaces

products

Classes

Interfaces

Type Aliases

Functions

vat

Enumerations

Classes

Interfaces

Functions

inactive-administrative-cost-request

Interfaces

inactive-administrative-cost-response

Interfaces

wrapped-response

Interfaces

user-notification-preference-controller

Classes

user-notification-preference

Enumerations

Classes

inactive-administrative-cost

Classes

user

Classes

wrapped

Classes

base.html

Interfaces

Functions

inactive-administrative-cost-report.html

Interfaces

Functions

transaction.html

Interfaces

Functions

transfer.html

Interfaces

Functions

inactive-administrative-cost-notification

Classes

transaction-notification

Classes

Functions

user-got-inactive-administrative-cost

Classes

user-type-updated

Classes

user-type-updated-with-reset

Classes

1761324427011-member-authenticator

Classes

1761328648026-add-organ-membership-index

Classes

1763399087409-rename-gewis-to-external

Classes

1764615514906-user-notification-preference

Classes

1764842063654-add-wrapped-table

Classes

1765826596888-add-wrapped-organ-member

Classes

1768697568707-user-setting

Classes

1769000095806-add-last-seen-to-user

Classes

abstract-channel

Classes

mail-channel