🔐 feat: Granular Role-based Permissions + Entra ID Group Discovery (#7804)

2025-12-19 18:00:15 +01:00 · 2025-06-23 10:54:25 -04:00 · 2025-06-23 10:54:25 -04:00 · f55cdc9b7f
commit f55cdc9b7f
parent 6c9a29b6cf
99 changed files with 11321 additions and 621 deletions
--- a/packages/data-schemas/src/schema/group.ts
+++ b/packages/data-schemas/src/schema/group.ts
@ -0,0 +1,56 @@
+import { Schema } from 'mongoose';
+import type { IGroup } from '~/types';
+
+const groupSchema = new Schema<IGroup>(
+  {
+    name: {
+      type: String,
+      required: true,
+      index: true,
+    },
+    description: {
+      type: String,
+      required: false,
+    },
+    email: {
+      type: String,
+      required: false,
+      index: true,
+    },
+    avatar: {
+      type: String,
+      required: false,
+    },
+    memberIds: [
+      {
+        type: String,
+      },
+    ],
+    source: {
+      type: String,
+      enum: ['local', 'entra'],
+      default: 'local',
+    },
+    /** External ID (e.g., Entra ID) */
+    idOnTheSource: {
+      type: String,
+      sparse: true,
+      index: true,
+      required: function (this: IGroup) {
+        return this.source !== 'local';
+      },
+    },
+  },
+  { timestamps: true },
+);
+
+groupSchema.index(
+  { idOnTheSource: 1, source: 1 },
+  {
+    unique: true,
+    partialFilterExpression: { idOnTheSource: { $exists: true } },
+  },
+);
+groupSchema.index({ memberIds: 1 });
+
+export default groupSchema;