Implement role management and updateRequest support for isApproved

[Harish-Naruto]

Summary by CodeRabbit

• New Features

  • Introduced role-based member access control with four role levels: SUPER_ADMIN, ADMIN, FOUNDER, and MEMBER
  • Added functionality to update member roles

• Updates

  • Refactored site content operation authorization to use the new role-based system

[coderabbitai]

📝 Walkthrough

Walkthrough

The PR replaces the boolean isManager field on the Member model with a Role enum (SUPER_ADMIN, ADMIN, FOUNDER, MEMBER) via a Prisma schema update and SQL migration. It adds an updateMemberRole endpoint restricted to SUPER_ADMIN callers, migrates all site-content authorization guards from assertManager to assertAdmin, and updates tests accordingly.

Changes

Role Enum Migration and updateMemberRole Feature

Layer / File(s)	Summary
Role enum schema and migration prisma/schema.prisma, prisma/migrations/.../migration.sql	Adds the Role enum (SUPER_ADMIN, ADMIN, FOUNDER, MEMBER) to the Prisma schema, replaces Member.isManager: Boolean with Member.role: Role @default(MEMBER), and provides the SQL migration that creates the enum type, backfills role from isManager values, enforces NOT NULL, and drops the old column.
updateMemberRole service logic and getUserByEmail projection update src/services/member.service.ts	Imports Role, updates getUserByEmail select projection from isManager to role, and adds updateMemberRole which verifies the requester is SUPER_ADMIN, rejects self-role modification, and performs a Prisma member.update.
assertAdmin guard replacing assertManager in site-content service src/services/site-content.service.ts	Imports Role, introduces ADMIN_ROLES and assertAdmin helper checking member.role, and replaces all six assertManager call sites with assertAdmin(adminId).
updateMemberRole controller and route src/controllers/member.controller.ts, src/routes/members.ts	Adds the updateMemberRole controller handler with param validation and role enum enforcement, and registers a new documented PATCH /:memberId/role route.
Test updates and tsconfig include expansion tests/Member.test.ts, tests/SiteContent.test.ts, tsconfig.json	Adds Role import and role: Role.MEMBER to three updateAMember test mock objects; updates SiteContent.test.ts guards tests to use role instead of isManager and the new error message; expands tsconfig.json to include tests/**/*.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• call-0f-code/COC-API#15: Touches the same updateRequest handler in member.controller.ts where the isApproved falsy check was modified in this PR.
• call-0f-code/COC-API#70: Introduced the assertManager guard in site-content.service.ts that this PR replaces with assertAdmin using the new Role field.

Suggested reviewers

• i-am-that-guy

Poem

🐇 Hoppity-hop, no more true or false,
Now roles are enums — what a great waltz!
SUPER_ADMIN leaps tall fences with ease,
MEMBER munches clover, perfectly at peace.
The boolean burrow is sealed up tight,
Role-based rabbits rule the warren tonight! 🌙

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title describes the primary changes accurately: introducing role management (replacing isManager with a Role enum) and modifying updateRequest logic related to isApproved validation.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature/SuperAdmin

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

src/services/member.service.ts (1)

169-172: ⚡ Quick win

Missing target member existence check before update.

If memberId does not exist, Prisma throws a PrismaClientKnownRequestError with code P2025 rather than a user-friendly 404. Consider fetching the target member first or catching the Prisma error to return a clearer response.

♻️ Proposed fix

+  // Verify target member exists
+  const target = await prisma.member.findUnique({
+    where: { id: memberId },
+    select: { id: true },
+  });
+
+  if (!target) {
+    throw new ApiError("Member not found", 404);
+  }
+
   return await prisma.member.update({
     where: { id: memberId },
     data: { role: newRole },
   });

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/services/member.service.ts` around lines 169 - 172, The
prisma.member.update() call in the member update method does not verify that the
target member exists before attempting the update, which results in an unhelpful
Prisma error when the member is not found. Either fetch the member first using
prisma.member.findUnique() to verify it exists and return a proper 404 error if
not found, or wrap the update call in a try-catch block that catches
PrismaClientKnownRequestError with code P2025 and returns a user-friendly 404
response with a clear error message.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@src/services/member.service.ts`:
- Around line 169-172: The prisma.member.update() call in the member update
method does not verify that the target member exists before attempting the
update, which results in an unhelpful Prisma error when the member is not found.
Either fetch the member first using prisma.member.findUnique() to verify it
exists and return a proper 404 error if not found, or wrap the update call in a
try-catch block that catches PrismaClientKnownRequestError with code P2025 and
returns a user-friendly 404 response with a clear error message.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: fd6230cd-32f1-4d04-ac2a-9190b460e28f

📥 Commits

Reviewing files that changed from the base of the PR and between 4cc4808 and b617d63.

📒 Files selected for processing (9)

• prisma/migrations/20260616181835_new_role_added/migration.sql
• prisma/schema.prisma
• src/controllers/member.controller.ts
• src/routes/members.ts
• src/services/member.service.ts
• src/services/site-content.service.ts
• tests/Member.test.ts
• tests/SiteContent.test.ts
• tsconfig.json