From fe8056179b846f941f074ce3b7eee1dcacbe714f Mon Sep 17 00:00:00 2001
From: Chris Jean-Marie <chris.jeanmarie@gmail.com>
Date: Sun, 15 Jun 2025 01:26:34 +0000
Subject: [PATCH] Add initial calendar rbac roles

---
 .../20250612024006_rbac_roles.down.sql          |  6 ++++++
 .../migrations/20250612024006_rbac_roles.up.sql | 17 +++++++++++++++++
 backend/src/calendar.rs                         |  2 +-
 3 files changed, 24 insertions(+), 1 deletion(-)
 create mode 100644 backend/migrations/20250612024006_rbac_roles.down.sql
 create mode 100644 backend/migrations/20250612024006_rbac_roles.up.sql

diff --git a/backend/migrations/20250612024006_rbac_roles.down.sql b/backend/migrations/20250612024006_rbac_roles.down.sql
new file mode 100644
index 0000000..b389d1c
--- /dev/null
+++ b/backend/migrations/20250612024006_rbac_roles.down.sql
@@ -0,0 +1,6 @@
+-- Delete old permissions
+delete from role_permissions where item like 'calendar%';
+
+-- Remove requester column
+ALTER TABLE if exists calendar_events
+    DROP COLUMN IF EXISTS requester_id uuid;
diff --git a/backend/migrations/20250612024006_rbac_roles.up.sql b/backend/migrations/20250612024006_rbac_roles.up.sql
new file mode 100644
index 0000000..3b02af8
--- /dev/null
+++ b/backend/migrations/20250612024006_rbac_roles.up.sql
@@ -0,0 +1,17 @@
+-- Add requester_id to calendar_events
+ALTER TABLE if exists calendar_events
+    ADD COLUMN IF NOT EXISTS requester_id uuid;
+
+-- Copy created_by to requester_id for all current records
+UPDATE calendar_events
+    SET requester_id = created_by;
+
+-- Add rbac data
+insert into role_permissions (item, created_by, updated_by, role_id)
+    select 'calendar:personal:*', u.id, u.id, r.id from users u, roles r where email = 'admin@jean-marie.ca' and r.name = 'normal';
+
+insert into role_permissions (item, created_by, updated_by, role_id)
+    select 'calendar:read:*', u.id, u.id, r.id from users u, roles r where email = 'admin@jean-marie.ca' and r.name = 'calendar';
+
+insert into role_permissions (item, created_by, updated_by, role_id)
+    select 'calendar:admin:*', u.id, u.id, r.id from users u, roles r where email = 'admin@jean-marie.ca' and r.name = 'admin';
diff --git a/backend/src/calendar.rs b/backend/src/calendar.rs
index 19e5d70..d782529 100644
--- a/backend/src/calendar.rs
+++ b/backend/src/calendar.rs
@@ -348,7 +348,7 @@ pub async fn new_request(
 
     if logged_in {
         // Extract the user data.
-        let user = user_data.as_ref().unwrap().clone();
+        let _user = user_data.as_ref().unwrap().clone();
         let userid = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
         let personid = user_data
             .as_ref()