alldigital/PSA
2
0
Fork 0
Code Issues Pull Requests Actions 13 Packages Projects Releases Wiki Activity
PSA/server/migrations/20260610100001_add_ticket_close_override_permission.cjs
Hermes 284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Details
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Details
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
Details
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
Details
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Details
Integration Tests / Check for relevant changes (push) Waiting to run
Details
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Details
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Details
Mobile checks / Mobile unit tests (push) Waiting to run
Details
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Details
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Details
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Details
Temporal Readiness / fast-readiness (push) Waiting to run
Details
Temporal Readiness / docker-parity (push) Waiting to run
Details
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Details
Unit Tests / Skipped-test budget (push) Waiting to run
Details
Unit Tests / Nx affected unit tests (push) Waiting to run
Details
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Details
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Details
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
Details
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Details
Initial import of AlgaPSA codebase from PSA server 
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz

Source: /opt/alga-psa on psa.joliet.tech
2026-06-22 16:12:17 -05:00

72 lines
2.2 KiB
JavaScript
Raw Permalink Blame History

/**
* Adds the ticket:close_override permission (2026-06-10).
*
* Holders may close a ticket despite unmet board close rules; every override
* is written to ticket_audit_logs with the skipped conditions. Granted to
* each tenant's MSP Admin role by default. New tenants receive it via
* ee/server/seeds/onboarding/psa/02_permissions.cjs.
*
* Idempotent: skips tenants that already have the permission.
*
* @param { import("knex").Knex } knex
* @returns { Promise<void> }
*/
exports.up = async function (knex) {
const tenants = await knex('tenants').select('tenant');
if (!tenants.length) return;
for (const { tenant } of tenants) {
let permission = await knex('permissions')
.where({ tenant, resource: 'ticket', action: 'close_override' })
.first();
if (!permission) {
[permission] = await knex('permissions')
.insert({
tenant,
permission_id: knex.raw('gen_random_uuid()'),
resource: 'ticket',
action: 'close_override',
msp: true,
client: false,
description: 'Override ticket close rules',
created_at: new Date(),
})
.returning('*');
}
const roles = await knex('roles').where({ tenant });
const adminRoles = roles.filter(
(r) => r.role_name && r.role_name.toLowerCase() === 'admin' && r.msp !== false
);
for (const adminRole of adminRoles) {
const existing = await knex('role_permissions')
.where({ tenant, role_id: adminRole.role_id, permission_id: permission.permission_id })
.first();
if (!existing) {
await knex('role_permissions').insert({
tenant,
role_id: adminRole.role_id,
permission_id: permission.permission_id,
});
}
}
}
};
/**
* @param { import("knex").Knex } knex
* @returns { Promise<void> }
*/
exports.down = async function (knex) {
const permissions = await knex('permissions')
.where({ resource: 'ticket', action: 'close_override' })
.select('tenant', 'permission_id');
for (const { tenant, permission_id } of permissions) {
await knex('role_permissions').where({ tenant, permission_id }).del();
await knex('permissions').where({ tenant, permission_id }).del();
}
};
Reference in New Issue View Git Blame Copy Permalink