refactor(core): Allow multiple channelIds when creating Role

packages/common/src/generated-shop-types.ts

@@ -630,6 +630,7 @@ export type CurrentUser = {
 
 export type CurrentUserChannel = {
     __typename?: 'CurrentUserChannel';
+    id: Scalars['ID'];
     token: Scalars['String'];
     code: Scalars['String'];
     permissions: Array<Permission>;

packages/common/src/generated-types.ts

@@ -533,7 +533,7 @@ export type CreatePromotionInput = {
 };
 
 export type CreateRoleInput = {
-  channelId?: Maybe<Scalars['ID']>,
+  channelIds?: Maybe<Array<Scalars['ID']>>,
   code: Scalars['String'],
   description: Scalars['String'],
   permissions: Array<Permission>,
@@ -895,6 +895,7 @@ export type CurrentUser = {
 
 export type CurrentUserChannel = {
   __typename?: 'CurrentUserChannel',
+  id: Scalars['ID'],
   token: Scalars['String'],
   code: Scalars['String'],
   permissions: Array<Permission>,

packages/core/e2e/channel.e2e-spec.ts

@@ -85,7 +85,7 @@ describe('Channels', () => {
                 input: {
                     description: 'second channel admin',
                     code: 'second-channel-admin',
-                    channelId: 'T_2',
+                    channelIds: ['T_2'],
                     permissions: [
                         Permission.ReadCatalog,
                         Permission.ReadSettings,
@@ -133,7 +133,7 @@ describe('Channels', () => {
                 input: {
                     description: 'read default channel catalog',
                     code: 'read default channel catalog',
-                    channelId: 'T_1',
+                    channelIds: ['T_1'],
                     permissions: [Permission.ReadCatalog],
                 },
             });
@@ -147,7 +147,7 @@ describe('Channels', () => {
                 input: {
                     description: 'read second channel catalog',
                     code: 'read-second-channel-catalog',
-                    channelId: 'T_2',
+                    channelIds: ['T_2'],
                     permissions: [Permission.ReadCatalog],
                 },
             },

packages/core/e2e/graphql/generated-e2e-admin-types.ts

@@ -533,7 +533,7 @@ export type CreatePromotionInput = {
 };
 
 export type CreateRoleInput = {
-    channelId?: Maybe<Scalars['ID']>;
+    channelIds?: Maybe<Array<Scalars['ID']>>;
     code: Scalars['String'];
     description: Scalars['String'];
     permissions: Array<Permission>;
@@ -895,6 +895,7 @@ export type CurrentUser = {
 
 export type CurrentUserChannel = {
     __typename?: 'CurrentUserChannel';
+    id: Scalars['ID'];
     token: Scalars['String'];
     code: Scalars['String'];
     permissions: Array<Permission>;

packages/core/e2e/graphql/generated-e2e-shop-types.ts

@@ -630,6 +630,7 @@ export type CurrentUser = {
 
 export type CurrentUserChannel = {
     __typename?: 'CurrentUserChannel';
+    id: Scalars['ID'];
     token: Scalars['String'];
     code: Scalars['String'];
     permissions: Array<Permission>;

packages/core/src/api/schema/admin-api/role.api.graphql

@@ -14,7 +14,7 @@ type Mutation {
 input RoleListOptions
 
 input CreateRoleInput {
-    channelId: ID
+    channelIds: [ID!]
     code: String!
     description: String!
     permissions: [Permission!]!

packages/core/src/api/schema/type/auth.type.graphql

@@ -9,6 +9,7 @@ type CurrentUser {
 }
 
 type CurrentUserChannel {
+    id: ID!
     token: String!
     code: String!
     permissions: [Permission!]!

packages/core/src/service/services/role.service.ts

@@ -100,23 +100,29 @@ export class RoleService {
     }
 
     async create(ctx: RequestContext, input: CreateRoleInput): Promise<Role> {
-        this.checkPermissionsAreValid(input.permissions);
-        const targetChannel = input.channelId
-            ? await getEntityOrThrow(this.connection, Channel, input.channelId)
-            : ctx.channel;
-
         if (!ctx.activeUserId) {
             throw new ForbiddenError();
         }
-        const hasPermission = await this.userHasPermissionOnChannel(
-            ctx.activeUserId,
-            targetChannel.id,
-            Permission.CreateAdministrator,
-        );
-        if (!hasPermission) {
-            throw new ForbiddenError();
+        this.checkPermissionsAreValid(input.permissions);
+
+        let targetChannels: Channel[] = [];
+        if (input.channelIds) {
+            for (const channelId of input.channelIds) {
+                const channel = await getEntityOrThrow(this.connection, Channel, channelId);
+                const hasPermission = await this.userHasPermissionOnChannel(
+                    ctx.activeUserId,
+                    channelId,
+                    Permission.CreateAdministrator,
+                );
+                if (!hasPermission) {
+                    throw new ForbiddenError();
+                }
+                targetChannels = [...targetChannels, channel];
+            }
+        } else {
+            targetChannels = [ctx.channel];
         }
-        return this.createRoleForChannel(input, targetChannel);
+        return this.createRoleForChannels(input, targetChannels);
     }
 
     async update(input: UpdateRoleInput): Promise<Role> {
@@ -176,13 +182,13 @@ export class RoleService {
                 await this.connection.getRepository(Role).save(superAdminRole);
             }
         } catch (err) {
-            await this.createRoleForChannel(
+            await this.createRoleForChannels(
                 {
                     code: SUPER_ADMIN_ROLE_CODE,
                     description: SUPER_ADMIN_ROLE_DESCRIPTION,
                     permissions: allPermissions,
                 },
-                this.channelService.getDefaultChannel(),
+                [this.channelService.getDefaultChannel()],
             );
         }
     }
@@ -191,24 +197,24 @@ export class RoleService {
         try {
             await this.getCustomerRole();
         } catch (err) {
-            await this.createRoleForChannel(
+            await this.createRoleForChannels(
                 {
                     code: CUSTOMER_ROLE_CODE,
                     description: CUSTOMER_ROLE_DESCRIPTION,
                     permissions: [Permission.Authenticated],
                 },
-                this.channelService.getDefaultChannel(),
+                [this.channelService.getDefaultChannel()],
             );
         }
     }
 
-    private createRoleForChannel(input: CreateRoleInput, channel: Channel) {
+    private createRoleForChannels(input: CreateRoleInput, channels: Channel[]) {
         const role = new Role({
             code: input.code,
             description: input.description,
             permissions: unique([Permission.Authenticated, ...input.permissions]),
         });
-        role.channels = [channel];
+        role.channels = channels;
         return this.connection.manager.save(role);
     }
 }