From c6a413f3991d660436f0c2b7deb0191bd47df482 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Wed, 23 Oct 2024 14:47:06 +0100
Subject: [PATCH] Quick fix for role validation, permissionId is no longer
 required.

---
 packages/server/src/api/controllers/role.ts        |  4 ++++
 packages/server/src/api/routes/tests/role.spec.ts  | 13 +++++++++++++
 packages/server/src/api/routes/utils/validators.ts |  2 +-
 packages/types/src/api/web/role.ts                 |  2 +-
 4 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/packages/server/src/api/controllers/role.ts b/packages/server/src/api/controllers/role.ts
index 1047711983..35f221293f 100644
--- a/packages/server/src/api/controllers/role.ts
+++ b/packages/server/src/api/controllers/role.ts
@@ -137,6 +137,10 @@ export async function save(ctx: UserCtx<SaveRoleRequest, SaveRoleResponse>) {
     permissionId = PermissionLevel.WRITE
   }
 
+  if (!permissionId) {
+    ctx.throw(400, "Role requires permissionId to be specified.")
+  }
+
   const role = new roles.Role(_id, name, permissionId, {
     displayName: uiMetadata?.displayName || name,
     description: uiMetadata?.description || "Custom role",
diff --git a/packages/server/src/api/routes/tests/role.spec.ts b/packages/server/src/api/routes/tests/role.spec.ts
index adb83ca793..e3dfcb40f1 100644
--- a/packages/server/src/api/routes/tests/role.spec.ts
+++ b/packages/server/src/api/routes/tests/role.spec.ts
@@ -58,6 +58,19 @@ describe("/roles", () => {
       })
       expect(res.inherits).toEqual([BUILTIN_ROLE_IDS.BASIC])
     })
+
+    it("save role without permissionId", async () => {
+      const res = await config.api.roles.save(
+        {
+          ...basicRole(),
+          permissionId: undefined,
+        },
+        {
+          status: 200,
+        }
+      )
+      expect(res.permissionId).toEqual(PermissionLevel.WRITE)
+    })
   })
 
   describe("update", () => {
diff --git a/packages/server/src/api/routes/utils/validators.ts b/packages/server/src/api/routes/utils/validators.ts
index 02a1a2d060..962735ded7 100644
--- a/packages/server/src/api/routes/utils/validators.ts
+++ b/packages/server/src/api/routes/utils/validators.ts
@@ -215,7 +215,7 @@ export function roleValidator() {
       // this is the base permission ID (for now a built in)
       permissionId: Joi.string()
         .valid(...Object.values(permissions.BuiltinPermissionID))
-        .required(),
+        .optional(),
       permissions: Joi.object()
         .pattern(
           /.*/,
diff --git a/packages/types/src/api/web/role.ts b/packages/types/src/api/web/role.ts
index df439e84e7..aa5dd2f31b 100644
--- a/packages/types/src/api/web/role.ts
+++ b/packages/types/src/api/web/role.ts
@@ -6,7 +6,7 @@ export interface SaveRoleRequest {
   _rev?: string
   name: string
   inherits?: string | string[]
-  permissionId: string
+  permissionId?: string
   permissions?: Record<string, PermissionLevel[]>
   version?: string
   uiMetadata?: RoleUIMetadata