feat(core): Allow default Roles to be defined in InitialData

packages/core/mock-data/data-sources/initial-data.ts

@@ -1,10 +1,73 @@
-import { LanguageCode } from '@vendure/common/lib/generated-types';
+import { LanguageCode, Permission } from '@vendure/common/lib/generated-types';
 
 import { InitialData } from '../../src/data-import';
 
 export const initialData: InitialData = {
     defaultLanguage: LanguageCode.en,
     defaultZone: 'Europe',
+    roles: [
+        {
+            code: 'administrator',
+            description: 'Administrator',
+            permissions: [
+                Permission.CreateCatalog,
+                Permission.ReadCatalog,
+                Permission.UpdateCatalog,
+                Permission.DeleteCatalog,
+                Permission.CreateSettings,
+                Permission.ReadSettings,
+                Permission.UpdateSettings,
+                Permission.DeleteSettings,
+                Permission.CreateCustomer,
+                Permission.ReadCustomer,
+                Permission.UpdateCustomer,
+                Permission.DeleteCustomer,
+                Permission.CreateCustomerGroup,
+                Permission.ReadCustomerGroup,
+                Permission.UpdateCustomerGroup,
+                Permission.DeleteCustomerGroup,
+                Permission.CreateOrder,
+                Permission.ReadOrder,
+                Permission.UpdateOrder,
+                Permission.DeleteOrder,
+                Permission.CreateSystem,
+                Permission.ReadSystem,
+                Permission.UpdateSystem,
+                Permission.DeleteSystem,
+            ],
+        },
+        {
+            code: 'order-manager',
+            description: 'Order manager',
+            permissions: [
+                Permission.CreateOrder,
+                Permission.ReadOrder,
+                Permission.UpdateOrder,
+                Permission.DeleteOrder,
+                Permission.ReadCustomer,
+                Permission.ReadPaymentMethod,
+                Permission.ReadShippingMethod,
+                Permission.ReadPromotion,
+                Permission.ReadCountry,
+                Permission.ReadZone,
+            ],
+        },
+        {
+            code: 'inventory-manager',
+            description: 'Inventory manager',
+            permissions: [
+                Permission.CreateCatalog,
+                Permission.ReadCatalog,
+                Permission.UpdateCatalog,
+                Permission.DeleteCatalog,
+                Permission.CreateTag,
+                Permission.ReadTag,
+                Permission.UpdateTag,
+                Permission.DeleteTag,
+                Permission.ReadCustomer,
+            ],
+        },
+    ],
     taxRates: [
         { name: 'Standard Tax', percentage: 20 },
         { name: 'Reduced Tax', percentage: 10 },

packages/core/src/data-import/providers/populator/populator.ts

@@ -11,6 +11,7 @@ import {
     CollectionService,
     FacetValueService,
     PaymentMethodService,
+    RoleService,
     ShippingMethodService,
 } from '../../../service';
 import { ChannelService } from '../../../service/services/channel.service';
@@ -19,7 +20,13 @@ import { SearchService } from '../../../service/services/search.service';
 import { TaxCategoryService } from '../../../service/services/tax-category.service';
 import { TaxRateService } from '../../../service/services/tax-rate.service';
 import { ZoneService } from '../../../service/services/zone.service';
-import { CollectionFilterDefinition, CountryDefinition, InitialData, ZoneMap } from '../../types';
+import {
+    CollectionFilterDefinition,
+    CountryDefinition,
+    InitialData,
+    RoleDefinition,
+    ZoneMap,
+} from '../../types';
 import { AssetImporter } from '../asset-importer/asset-importer';
 
 /**
@@ -39,6 +46,7 @@ export class Populator {
         private facetValueService: FacetValueService,
         private searchService: SearchService,
         private assetImporter: AssetImporter,
+        private roleService: RoleService,
     ) {}
 
     /**
@@ -53,6 +61,7 @@ export class Populator {
         await this.populateShippingMethods(ctx, data.shippingMethods);
         await this.populatePaymentMethods(ctx, data.paymentMethods);
         await this.setChannelDefaults(zoneMap, data, channel);
+        await this.populateRoles(ctx, data.roles);
     }
 
     /**
@@ -248,4 +257,13 @@ export class Populator {
             });
         }
     }
+
+    private async populateRoles(ctx: RequestContext, roles?: RoleDefinition[]) {
+        if (!roles) {
+            return;
+        }
+        for (const roleDef of roles) {
+            await this.roleService.create(ctx, roleDef);
+        }
+    }
 }

packages/core/src/data-import/types.ts

@@ -1,4 +1,4 @@
-import { ConfigurableOperationInput, LanguageCode } from '@vendure/common/lib/generated-types';
+import { ConfigurableOperationInput, LanguageCode, Permission } from '@vendure/common/lib/generated-types';
 import { ID } from '@vendure/common/lib/shared-types';
 
 import { Zone } from '../entity/zone/zone.entity';
@@ -31,6 +31,12 @@ export interface CollectionDefinition {
     assetPaths?: string[];
 }
 
+export interface RoleDefinition {
+    code: string;
+    description: string;
+    permissions: Permission[];
+}
+
 /**
  * @description
  * An object defining initial settings for a new Vendure installation.
@@ -40,6 +46,7 @@ export interface CollectionDefinition {
 export interface InitialData {
     defaultLanguage: LanguageCode;
     defaultZone: string;
+    roles?: RoleDefinition[];
     countries: CountryDefinition[];
     taxRates: Array<{ name: string; percentage: number }>;
     shippingMethods: Array<{ name: string; price: number }>;

packages/core/src/service/services/role.service.ts

@@ -119,14 +119,11 @@ export class RoleService {
     }
 
     async create(ctx: RequestContext, input: CreateRoleInput): Promise<Role> {
-        if (!ctx.activeUserId) {
-            throw new ForbiddenError();
-        }
         this.checkPermissionsAreValid(input.permissions);
 
         let targetChannels: Channel[] = [];
         if (input.channelIds) {
-            targetChannels = await this.getPermittedChannels(ctx, input.channelIds, ctx.activeUserId);
+            targetChannels = await this.getPermittedChannels(ctx, input.channelIds);
         } else {
             targetChannels = [ctx.channel];
         }
@@ -150,7 +147,7 @@ export class RoleService {
                 : undefined,
         });
         if (input.channelIds && ctx.activeUserId) {
-            updatedRole.channels = await this.getPermittedChannels(ctx, input.channelIds, ctx.activeUserId);
+            updatedRole.channels = await this.getPermittedChannels(ctx, input.channelIds);
         }
         await this.connection.getRepository(ctx, Role).save(updatedRole, { reload: false });
         return assertFound(this.findOne(ctx, role.id));
@@ -174,11 +171,7 @@ export class RoleService {
         await this.channelService.assignToChannels(ctx, Role, roleId, [channelId]);
     }
 
-    private async getPermittedChannels(
-        ctx: RequestContext,
-        channelIds: ID[],
-        activeUserId: ID,
-    ): Promise<Channel[]> {
+    private async getPermittedChannels(ctx: RequestContext, channelIds: ID[]): Promise<Channel[]> {
         let permittedChannels: Channel[] = [];
         for (const channelId of channelIds) {
             const channel = await this.connection.getEntityOrThrow(ctx, Channel, channelId);