Add initial calendar rbac roles

backend/migrations/20250612024006_rbac_roles.down.sql

@@ -0,0 +1,6 @@
+-- Delete old permissions
+delete from role_permissions where item like 'calendar%';
+
+-- Remove requester column
+ALTER TABLE if exists calendar_events
+    DROP COLUMN IF EXISTS requester_id uuid;

backend/migrations/20250612024006_rbac_roles.up.sql

@@ -0,0 +1,17 @@
+-- Add requester_id to calendar_events
+ALTER TABLE if exists calendar_events
+    ADD COLUMN IF NOT EXISTS requester_id uuid;
+
+-- Copy created_by to requester_id for all current records
+UPDATE calendar_events
+    SET requester_id = created_by;
+
+-- Add rbac data
+insert into role_permissions (item, created_by, updated_by, role_id)
+    select 'calendar:personal:*', u.id, u.id, r.id from users u, roles r where email = 'admin@jean-marie.ca' and r.name = 'normal';
+
+insert into role_permissions (item, created_by, updated_by, role_id)
+    select 'calendar:read:*', u.id, u.id, r.id from users u, roles r where email = 'admin@jean-marie.ca' and r.name = 'calendar';
+
+insert into role_permissions (item, created_by, updated_by, role_id)
+    select 'calendar:admin:*', u.id, u.id, r.id from users u, roles r where email = 'admin@jean-marie.ca' and r.name = 'admin';

backend/src/calendar.rs

@@ -348,7 +348,7 @@ pub async fn new_request(
 
     if logged_in {
         // Extract the user data.
-        let user = user_data.as_ref().unwrap().clone();
+        let _user = user_data.as_ref().unwrap().clone();
         let userid = user_data.as_ref().map(|s| s.id.clone()).unwrap_or_default();
         let personid = user_data
             .as_ref()