Quick fix for role validation, permissionId is no longer required.

packages/server/src/api/controllers/role.ts

@@ -137,6 +137,10 @@ export async function save(ctx: UserCtx<SaveRoleRequest, SaveRoleResponse>) {
     permissionId = PermissionLevel.WRITE
   }
 
+  if (!permissionId) {
+    ctx.throw(400, "Role requires permissionId to be specified.")
+  }
+
   const role = new roles.Role(_id, name, permissionId, {
     displayName: uiMetadata?.displayName || name,
     description: uiMetadata?.description || "Custom role",

packages/server/src/api/routes/tests/role.spec.ts

@@ -58,6 +58,19 @@ describe("/roles", () => {
       })
       expect(res.inherits).toEqual([BUILTIN_ROLE_IDS.BASIC])
     })
+
+    it("save role without permissionId", async () => {
+      const res = await config.api.roles.save(
+        {
+          ...basicRole(),
+          permissionId: undefined,
+        },
+        {
+          status: 200,
+        }
+      )
+      expect(res.permissionId).toEqual(PermissionLevel.WRITE)
+    })
   })
 
   describe("update", () => {

packages/server/src/api/routes/utils/validators.ts

@@ -215,7 +215,7 @@ export function roleValidator() {
       // this is the base permission ID (for now a built in)
       permissionId: Joi.string()
         .valid(...Object.values(permissions.BuiltinPermissionID))
-        .required(),
+        .optional(),
       permissions: Joi.object()
         .pattern(
           /.*/,

packages/types/src/api/web/role.ts

@@ -6,7 +6,7 @@ export interface SaveRoleRequest {
   _rev?: string
   name: string
   inherits?: string | string[]
-  permissionId: string
+  permissionId?: string
   permissions?: Record<string, PermissionLevel[]>
   version?: string
   uiMetadata?: RoleUIMetadata