RoleRepository
Component Detail
Data Layer
medium complexity
backend
0
Dependencies
0
Dependents
1
Entities
0
Integrations
Description
Data access layer responsible for reading and persisting role assignments and permission rules for users and organizations. It provides the queries that RbacService relies on to determine effective roles and organization membership. All role mutations go through this repository to maintain a consistent authorization state.
role-repository
Sources & reasoning
Lines 256-259 define all four roles with explicit access boundaries, and line 322 names mobile role profiles as an MVP deliverable. RBAC is listed in the Fase 1 MVP scope and is a structural prerequisite for module toggles, multi-tenancy, and audit logging, making it critical and must_have at MVP.
-
docs/source/likeperson.md · line 256-259Peer Mentor (Likeperson): Creates and tracks activities and follow-ups. Logs in to the Mobile App only.
-
docs/source/likeperson.md · line 3222 mobilrolle-profiler: Peer Mentor, Coordinator (Organization Admins logger på som Coordinator i app-konteksten)
Responsibilities
- Fetches the assigned roles and organization memberships for a given user
- Persists role assignment changes (grant, revoke) initiated by admins
- Queries permission rules and role definitions from the authorization store
- Supports bulk role lookups for organization-scoped admin operations
Interfaces
findRolesByUserId(userId: string): Promise<RoleAssignment[]>
assignRole(userId: string, role: Role, orgId: string): Promise<void>
revokeRole(userId: string, role: Role, orgId: string): Promise<void>
findOrgMembership(userId: string, orgId: string): Promise<OrgMembership | null>
Related Data Entities (1)
Data entities managed by this component