AcadeDoc/apps/client/src/features/acadenice/rbac/services/rbac-service.ts

import api from "@/lib/api-client";
import {
  IPermissionDescriptor,
  IRole,
  IRoleWithPermissions,
  IUserRoleAssignment,
  ICreateRolePayload,
  IUpdateRolePayload,
  IMyPermissionsResponse,
} from "@/features/acadenice/rbac/types/rbac.types";

/**
 * REST client for the Acadenice RBAC API (R2.1 backend).
 * Endpoints under /api/v1 — relative to api.baseURL ("/api").
 *
 * Note : Docmost's axios interceptor returns `response.data` directly, so the
 * return value of `api.get(...)` is already the body payload.
 */

export async function getPermissionsCatalog(): Promise<IPermissionDescriptor[]> {
  return api.get("/v1/permissions") as unknown as Promise<
    IPermissionDescriptor[]
  >;
}

/**
 * Fetches the effective permissions of the authenticated user in the current
 * workspace. Backed by the Redis 60s cache server-side (R2.1).
 */
export async function getMyPermissions(): Promise<IMyPermissionsResponse> {
  return api.get(
    "/v1/permissions/me",
  ) as unknown as Promise<IMyPermissionsResponse>;
}

export async function listRoles(): Promise<IRole[]> {
  return api.get("/v1/roles") as unknown as Promise<IRole[]>;
}

export async function getRole(roleId: string): Promise<IRoleWithPermissions> {
  return api.get(
    `/v1/roles/${roleId}`,
  ) as unknown as Promise<IRoleWithPermissions>;
}

export async function createRole(
  payload: ICreateRolePayload,
): Promise<IRoleWithPermissions> {
  return api.post(
    "/v1/roles",
    payload,
  ) as unknown as Promise<IRoleWithPermissions>;
}

export async function updateRole(
  roleId: string,
  payload: IUpdateRolePayload,
): Promise<IRole> {
  return api.patch(
    `/v1/roles/${roleId}`,
    payload,
  ) as unknown as Promise<IRole>;
}

export async function deleteRole(roleId: string): Promise<void> {
  await api.delete(`/v1/roles/${roleId}`);
}

export async function setRolePermissions(
  roleId: string,
  permissions: string[],
): Promise<IRoleWithPermissions> {
  return api.put(`/v1/roles/${roleId}/permissions`, {
    permissions,
  }) as unknown as Promise<IRoleWithPermissions>;
}

export async function listUserRoles(
  userId: string,
): Promise<IUserRoleAssignment[]> {
  return api.get(`/v1/users/${userId}/roles`) as unknown as Promise<
    IUserRoleAssignment[]
  >;
}

export async function assignRolesToUser(
  userId: string,
  roleIds: string[],
): Promise<{ ok: true }> {
  return api.post(`/v1/users/${userId}/roles`, {
    roleIds,
  }) as unknown as Promise<{ ok: true }>;
}

export async function unassignRoleFromUser(
  userId: string,
  roleId: string,
): Promise<void> {
  await api.delete(`/v1/users/${userId}/roles/${roleId}`);
}