From 792d39395cd19fbca9703d7c2d91bdb43cbc7b3b Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Fri, 29 Sep 2023 15:50:43 +0200
Subject: [PATCH 01/44] Fixed and Updated OpenApi and changed users endpoint

---
 .../components/userProfile.tsx                | 14 ++---
 src/management-system-v2/lib/openapiSchema.ts | 34 ++++++------
 .../src/backend/openapi.json                  | 53 ++++++++++---------
 .../backend/server/iam/rest-api/auth0/user.js | 32 +++++------
 4 files changed, 68 insertions(+), 65 deletions(-)

diff --git a/src/management-system-v2/components/userProfile.tsx b/src/management-system-v2/components/userProfile.tsx
index bf3b3b646..c96e13621 100644
--- a/src/management-system-v2/components/userProfile.tsx
+++ b/src/management-system-v2/components/userProfile.tsx
@@ -83,8 +83,8 @@ const UserDataModal: FC<{
       } else {
         const body = {
           email: userData.email,
-          firstName: userData.given_name,
-          lastName: userData.family_name,
+          firstName: userData.firstName,
+          lastName: userData.lastName,
           username: userData.username,
           ...values,
         };
@@ -226,7 +226,7 @@ const UserProfile: FC = () => {
   async function deleteUser() {
     try {
       await deleteUserMutation({
-        params: { path: { id: user.sub } },
+        params: { path: { id: user && user.sub } },
       });
       messageApi.success({ content: 'Your account was deleted' });
       logout();
@@ -281,12 +281,12 @@ const UserProfile: FC = () => {
             {
               label: 'First Name',
               submitField: 'firstName',
-              userDataField: 'given_name',
+              userDataField: 'firstName',
             },
             {
               label: 'Last Name',
               submitField: 'lastName',
-              userDataField: 'family_name',
+              userDataField: 'lastName',
             },
             {
               label: 'Username',
@@ -306,8 +306,8 @@ const UserProfile: FC = () => {
               <Divider style={{ marginBottom: '0' }} />
               <UserDataRow
                 title="Name"
-                data={`${(userData && userData.given_name) || ''} ${
-                  (userData && userData.family_name) || ''
+                data={`${(userData && userData.firstName) || ''} ${
+                  (userData && userData.lastName) || ''
                 }`}
                 onClick={() => setChangeNameModalOpen(true)}
               />
diff --git a/src/management-system-v2/lib/openapiSchema.ts b/src/management-system-v2/lib/openapiSchema.ts
index 8691e9947..be036fa07 100644
--- a/src/management-system-v2/lib/openapiSchema.ts
+++ b/src/management-system-v2/lib/openapiSchema.ts
@@ -332,7 +332,7 @@ export interface components {
       created_at?: string;
       email_verified?: boolean;
       updated_at?: string;
-      user_id?: string;
+      id?: string;
     };
     /** user */
     userDataPut: {
@@ -350,8 +350,8 @@ export interface components {
       /** Format: uri */
       picture?: string;
       username?: string;
-      family_name?: string;
-      given_name?: string;
+      lastName?: string;
+      firstName?: string;
     };
     userResponse: WithRequired<
       components['schemas']['userMetaData'] & components['schemas']['userData'],
@@ -362,9 +362,9 @@ export interface components {
       | 'picture'
       | 'updated_at'
       | 'username'
-      | 'family_name'
-      | 'given_name'
-      | 'user_id'
+      | 'lastName'
+      | 'firstName'
+      | 'id'
     >;
     /**
      * PermissionNumber
@@ -998,13 +998,7 @@ export interface operations {
       /** @description OK */
       200: {
         content: {
-          'application/json': components['schemas']['userResponse'];
-        };
-      };
-      /** @description No Content */
-      204: {
-        content: {
-          'application/json': unknown[];
+          'application/json': components['schemas']['userResponse'][];
         };
       };
       /** @description Bad Request */
@@ -1015,12 +1009,16 @@ export interface operations {
   };
   /** @description Create a user. */
   postUser: {
-    requestBody?: {
+    requestBody: {
       content: {
-        'application/json': WithRequired<
-          components['schemas']['userData'],
-          'email' | 'name' | 'picture' | 'username' | 'family_name' | 'given_name'
-        >;
+        'application/json': {
+          /** Format: email */
+          email: string;
+          username: string;
+          lastName?: string;
+          firstName: string;
+          password: string;
+        };
       };
     };
     responses: {
diff --git a/src/management-system/src/backend/openapi.json b/src/management-system/src/backend/openapi.json
index 8fc39cb83..5f191c0cf 100644
--- a/src/management-system/src/backend/openapi.json
+++ b/src/management-system/src/backend/openapi.json
@@ -907,23 +907,13 @@
         "responses": {
           "200": {
             "description": "OK",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "$ref": "#/components/schemas/userResponse"
-                }
-              }
-            }
-          },
-          "204": {
-            "description": "No Content",
             "content": {
               "application/json": {
                 "schema": {
                   "type": "array",
-                  "maxItems": 0,
-                  "minItems": 0,
-                  "items": {}
+                  "items": {
+                    "$ref": "#/components/schemas/userResponse"
+                  }
                 }
               }
             }
@@ -956,15 +946,30 @@
           }
         },
         "requestBody": {
+          "required": true,
           "content": {
             "application/json": {
               "schema": {
-                "allOf": [
-                  {
-                    "$ref": "#/components/schemas/userData"
+                "type": "object",
+                "properties": {
+                  "email": {
+                    "type": "string",
+                    "format": "email"
+                  },
+                  "username": {
+                    "type": "string"
+                  },
+                  "lastName ": {
+                    "type": "string"
+                  },
+                  "firstName": {
+                    "type": "string"
+                  },
+                  "password": {
+                    "type": "string"
                   }
-                ],
-                "required": ["email", "name", "picture", "username", "family_name", "given_name"]
+                },
+                "required": ["email", "username", "lastName", "firstName", "password"]
               }
             }
           }
@@ -2040,7 +2045,7 @@
           "updated_at": {
             "type": "string"
           },
-          "user_id": {
+          "id": {
             "type": "string"
           }
         }
@@ -2083,10 +2088,10 @@
           "username": {
             "type": "string"
           },
-          "family_name": {
+          "lastName ": {
             "type": "string"
           },
-          "given_name": {
+          "firstName": {
             "type": "string"
           }
         }
@@ -2108,9 +2113,9 @@
           "picture",
           "updated_at",
           "username",
-          "family_name",
-          "given_name",
-          "user_id"
+          "lastName",
+          "firstName",
+          "id"
         ]
       },
       "PermissionNumber": {
diff --git a/src/management-system/src/backend/server/iam/rest-api/auth0/user.js b/src/management-system/src/backend/server/iam/rest-api/auth0/user.js
index 21c981d99..4c240bbf1 100644
--- a/src/management-system/src/backend/server/iam/rest-api/auth0/user.js
+++ b/src/management-system/src/backend/server/iam/rest-api/auth0/user.js
@@ -48,9 +48,7 @@ userRouter.get('/', isAuthenticated(), async (req, res) => {
       undefined,
       config,
     );
-    if (users.length === 0) {
-      return res.status(204).json([]);
-    }
+
     return res.status(200).json(
       users.map(
         ({
@@ -109,19 +107,21 @@ userRouter.get('/:id', isAuthenticated(), async (req, res) => {
         username,
         blocked,
       } = await requestResource(`/users/${id}`, undefined, config);
-      return res.status(200).json({
-        created_at,
-        email,
-        email_verified,
-        family_name,
-        given_name,
-        name,
-        picture,
-        updated_at,
-        user_id,
-        username,
-        blocked,
-      });
+      return res.status(200).json(
+        standardizeUser({
+          created_at,
+          email,
+          email_verified,
+          family_name,
+          given_name,
+          name,
+          picture,
+          updated_at,
+          user_id,
+          username,
+          blocked,
+        }),
+      );
     } catch (e) {
       return res.status(400).json({ error: e.toString() });
     }

From cd30d33457f5b61b5c4908ce99ca63090bfe97cd Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Fri, 29 Sep 2023 16:00:16 +0200
Subject: [PATCH 02/44] Data hooks: added MutationOptions and changed keys

---
 src/management-system-v2/lib/fetch-data.ts | 57 ++++++++++++++++++++--
 1 file changed, 52 insertions(+), 5 deletions(-)

diff --git a/src/management-system-v2/lib/fetch-data.ts b/src/management-system-v2/lib/fetch-data.ts
index 2c527bb5f..9272b24a6 100644
--- a/src/management-system-v2/lib/fetch-data.ts
+++ b/src/management-system-v2/lib/fetch-data.ts
@@ -1,5 +1,11 @@
 import { useAuthStore } from './iam';
-import { UseQueryOptions, useMutation, useQuery, useQueryClient } from '@tanstack/react-query';
+import {
+  UseMutationOptions,
+  UseQueryOptions,
+  useMutation,
+  useQuery,
+  useQueryClient,
+} from '@tanstack/react-query';
 import createClient from 'openapi-fetch';
 import { paths } from './openapiSchema';
 import { useMemo } from 'react';
@@ -106,21 +112,37 @@ export function useGetAsset<
 
 export function usePostAsset<TFirstParam extends Parameters<typeof apiClient.post>[0]>(
   path: TFirstParam,
+  mutationParams: Omit<UseMutationOptions, 'mutationFn'> = {},
 ) {
+  type FunctionType = typeof apiClient.post<TFirstParam>;
+  type Data = QueryData<FunctionType>;
+
   const queryClient = useQueryClient();
   return useMutation({
-    mutationFn: async (body: Parameters<typeof apiClient.post<TFirstParam>>[1]) => {
+    mutationFn: async (body: Parameters<FunctionType>[1]) => {
       const { data } = await post(path, body);
 
-      queryClient.invalidateQueries([path, (body as any).params.path]);
+      const keys: any[] = [path];
+      if (
+        typeof body === 'object' &&
+        'params' in body &&
+        typeof body.params === 'object' &&
+        'path' in body.params
+      ) {
+        keys.push(body.params.path);
+      }
+
+      queryClient.invalidateQueries(keys);
 
-      return data as QueryData<typeof apiClient.post<TFirstParam>>;
+      return data as Data;
     },
+    ...(mutationParams as Omit<UseMutationOptions<Data, Error>, 'mutationFn'>),
   });
 }
 
 export function usePutAsset<TFirstParam extends Parameters<typeof apiClient.put>[0]>(
   path: TFirstParam,
+  mutationParams: Omit<UseMutationOptions, 'mutationFn'> = {},
 ) {
   const queryClient = useQueryClient();
   return useMutation({
@@ -131,23 +153,48 @@ export function usePutAsset<TFirstParam extends Parameters<typeof apiClient.put>
 
       const { data } = await put(path, body);
 
-      queryClient.invalidateQueries([path, (body as any).params.path]);
+      const keys: any[] = [path];
+      if (
+        typeof body === 'object' &&
+        'params' in body &&
+        typeof body.params === 'object' &&
+        'path' in body.params
+      ) {
+        keys.push(body.params.path);
+      }
+
+      queryClient.invalidateQueries(keys);
 
       return data as QueryData<typeof apiClient.put<TFirstParam>>;
     },
+    ...mutationParams,
   });
 }
 
 export const useDeleteAsset = <TFirstParam extends Parameters<typeof apiClient.del>[0]>(
   path: TFirstParam,
+  mutationParams: Omit<UseMutationOptions, 'mutationFn'> = {},
 ) => {
   const queryClient = useQueryClient();
   return useMutation({
     mutationFn: async (body: Parameters<typeof apiClient.del<TFirstParam>>[1]) => {
       const { data } = await del(path, body);
 
+      const keys: any[] = [path];
+      if (
+        typeof body === 'object' &&
+        'params' in body &&
+        typeof body.params === 'object' &&
+        'path' in body.params
+      ) {
+        keys.push(body.params.path);
+      }
+
+      queryClient.invalidateQueries(keys);
+
       return data as QueryData<typeof apiClient.del<TFirstParam>>;
     },
+    ...mutationParams,
   });
 };
 

From 63f5c6116847a96a2bf082f52324465160084dc8 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Fri, 29 Sep 2023 16:11:07 +0200
Subject: [PATCH 03/44] Added Users page and Comming Soon page for roles

---
 .../app/(dashboard)/iam/roles/page.tsx        |   3 +
 .../(dashboard)/iam/users/header-actions.tsx  | 196 ++++++++++++++++++
 .../app/(dashboard)/iam/users/page.tsx        | 193 +++++++++++++++++
 .../app/(dashboard)/layout.tsx                |  29 +++
 4 files changed, 421 insertions(+)
 create mode 100644 src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
 create mode 100644 src/management-system-v2/app/(dashboard)/iam/users/header-actions.tsx
 create mode 100644 src/management-system-v2/app/(dashboard)/iam/users/page.tsx

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
new file mode 100644
index 000000000..5c15ae764
--- /dev/null
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
@@ -0,0 +1,3 @@
+export default function RolesPage() {
+  return <h2>Comming soon</h2>;
+}
diff --git a/src/management-system-v2/app/(dashboard)/iam/users/header-actions.tsx b/src/management-system-v2/app/(dashboard)/iam/users/header-actions.tsx
new file mode 100644
index 000000000..f8ce62994
--- /dev/null
+++ b/src/management-system-v2/app/(dashboard)/iam/users/header-actions.tsx
@@ -0,0 +1,196 @@
+'use client';
+
+import { ApiRequestBody, usePostAsset } from '@/lib/fetch-data';
+import { AuthCan } from '@/lib/iamComponents';
+import { ImportOutlined, PlusOutlined } from '@ant-design/icons';
+import { Button, Form, App, Input, Modal } from 'antd';
+import { ComponentProps, FC, ReactNode, useEffect, useState } from 'react';
+
+type PostUserField = keyof ApiRequestBody<'/users', 'post'>;
+
+const modalStructureWithoutPassword: {
+  dataKey: PostUserField;
+  label: string;
+  type: string;
+}[] = [
+  {
+    dataKey: 'firstName',
+    label: 'First Name',
+    type: 'text',
+  },
+  {
+    dataKey: 'lastName',
+    label: 'Last Name',
+    type: 'text',
+  },
+  {
+    dataKey: 'username',
+    label: 'Username Name',
+    type: 'text',
+  },
+  {
+    dataKey: 'email',
+    label: 'Email',
+    type: 'email',
+  },
+];
+
+const fieldNameToLabel: Record<PostUserField, string> = modalStructureWithoutPassword.reduce(
+  (acc, curr) => {
+    acc[curr.dataKey] = curr.label;
+    return acc;
+  },
+  {} as Record<PostUserField, string>,
+);
+
+const CreateUserModal: FC<{
+  modalOpen: boolean;
+  close: () => void;
+}> = ({ modalOpen, close }) => {
+  const [form] = Form.useForm();
+  const { message: messageApi } = App.useApp();
+  type ErrorsObject = { [field in PostUserField]?: ReactNode[] };
+  const [formatError, setFormatError] = useState<ErrorsObject>({});
+
+  const { mutateAsync: postUser, isLoading } = usePostAsset('/users', {
+    onError(e) {
+      if (!(typeof e === 'object' && e !== null && 'errors' in e)) {
+        return;
+      }
+
+      const errors: { [key in PostUserField]?: ReactNode[] } = {};
+
+      function appendError(key: PostUserField, error: string) {
+        error = error.replace(key, fieldNameToLabel[key]);
+
+        if (key in errors) {
+          errors[key]!.push(<p key={errors[key]?.length}>{error}</p>);
+        } else {
+          errors[key] = [<p key={0}>{error}</p>];
+        }
+      }
+
+      for (const error of e.errors as string[]) {
+        if (error.includes('username')) appendError('username', error);
+        else if (error.includes('email')) appendError('email', error);
+        else if (error.includes('firstName')) appendError('firstName', error);
+        else if (error.includes('lastName')) appendError('lastName', error);
+        else if (error.includes('password')) appendError('password', error);
+      }
+
+      setFormatError(errors);
+    },
+  });
+
+  useEffect(() => {
+    form.resetFields();
+    setFormatError({});
+  }, [form, modalOpen]);
+
+  const submitData = async (
+    values: Record<keyof ApiRequestBody<'/users', 'post'> | 'confirm_password', string>,
+  ) => {
+    debugger;
+    try {
+      await postUser({
+        body: {
+          email: values.email,
+          firstName: values.firstName,
+          lastName: values.lastName,
+          username: values.username,
+          password: values.password,
+        },
+      });
+      messageApi.success({ content: 'Account created' });
+      close();
+    } catch (e) {
+      messageApi.error({ content: 'An error ocurred' });
+    }
+  };
+
+  return (
+    <Modal open={modalOpen} onCancel={close} footer={null}>
+      <Form form={form} layout="vertical" onFinish={submitData}>
+        {modalStructureWithoutPassword.map((formField) => (
+          <Form.Item
+            key={formField.dataKey}
+            label={formField.label}
+            name={formField.dataKey}
+            validateStatus={formField.dataKey in formatError ? 'error' : ''}
+            help={formField.dataKey in formatError ? formatError[formField.dataKey] : ''}
+            hasFeedback
+            required
+          >
+            <Input type={formField.type} />
+          </Form.Item>
+        ))}
+
+        <Form.Item
+          name="password"
+          label="Password"
+          rules={[
+            {
+              required: true,
+              message: 'Please input your password!',
+            },
+          ]}
+          validateStatus={'password' in formatError ? 'error' : ''}
+          help={'password' in formatError ? formatError.password : ''}
+          hasFeedback
+        >
+          <Input.Password />
+        </Form.Item>
+
+        <Form.Item
+          name="confirm_password"
+          label="Confirm Password"
+          dependencies={['password']}
+          hasFeedback
+          rules={[
+            {
+              required: true,
+              message: 'Please confirm your password!',
+            },
+            ({ getFieldValue }) => ({
+              validator(_, value) {
+                if (!value || getFieldValue('password') === value) {
+                  return Promise.resolve();
+                }
+                return Promise.reject(new Error('The new password that you entered do not match!'));
+              },
+            }),
+          ]}
+        >
+          <Input.Password />
+        </Form.Item>
+
+        <Form.Item>
+          <Button type="primary" htmlType="submit" loading={isLoading}>
+            Submit
+          </Button>
+        </Form.Item>
+      </Form>
+    </Modal>
+  );
+};
+
+const HeaderActions: FC = () => {
+  const [createUserModalOpen, setCreateUserModalOpen] = useState(false);
+
+  return (
+    <>
+      <CreateUserModal
+        modalOpen={createUserModalOpen}
+        close={() => setCreateUserModalOpen(false)}
+      />
+
+      <AuthCan action="create" resource="User">
+        <Button type="primary" onClick={() => setCreateUserModalOpen(true)}>
+          <PlusOutlined /> Create
+        </Button>
+      </AuthCan>
+    </>
+  );
+};
+
+export default HeaderActions;
diff --git a/src/management-system-v2/app/(dashboard)/iam/users/page.tsx b/src/management-system-v2/app/(dashboard)/iam/users/page.tsx
new file mode 100644
index 000000000..29a368e8b
--- /dev/null
+++ b/src/management-system-v2/app/(dashboard)/iam/users/page.tsx
@@ -0,0 +1,193 @@
+'use client';
+
+import React, { FC, useMemo, useState } from 'react';
+import styles from '@/components/processes.module.scss';
+import cn from 'classnames';
+import { DeleteOutlined } from '@ant-design/icons';
+import Fuse from 'fuse.js';
+import {
+  Tooltip,
+  Space,
+  Avatar,
+  Row,
+  Col,
+  Button,
+  Input,
+  Result,
+  Table,
+  Popconfirm,
+  App,
+} from 'antd';
+import { ApiData, useGetAsset, useDeleteAsset } from '@/lib/fetch-data';
+import { CloseOutlined } from '@ant-design/icons';
+import Auth from '@/lib/AuthCanWrapper';
+import Content from '@/components/content';
+import HeaderActions from './header-actions';
+
+type User = ApiData<'/users/{id}', 'get'>;
+
+const UsersPage: FC = () => {
+  const { error, data, isLoading, refetch: refetchUsers } = useGetAsset('/users', {});
+  const { message: messageApi } = App.useApp();
+  const { mutateAsync: deleteUser, isLoading: deletingUser } = useDeleteAsset('/users/{id}', {
+    onSuccess: () => refetchUsers(),
+    onError: () => messageApi.open({ type: 'error', content: 'Something went wrong' }),
+  });
+
+  const users = useMemo(() => {
+    if (!data) return [];
+
+    return data.map((user) => ({
+      ...user,
+      display: (
+        <Space size={16}>
+          <Avatar src={user.picture} />
+          <span>
+            {user.firstName} {user.lastName}
+          </span>
+        </Space>
+      ),
+    }));
+  }, [data]);
+
+  const [selectedRowKeys, setSelectedRowKeys] = useState<string[]>([]);
+  const [searchQuery, setSearchQuery] = useState('');
+
+  const fuse = useMemo(
+    () =>
+      users &&
+      new Fuse(users, {
+        findAllMatches: true,
+        threshold: 0.75,
+        useExtendedSearch: true,
+        ignoreLocation: true,
+        keys: ['firstName', 'lastName', 'username', 'email'] as (keyof User)[],
+      }),
+    [users],
+  );
+
+  const filteredUsers = useMemo(() => {
+    if (!fuse || searchQuery === '') return users;
+
+    const filt = fuse.search(searchQuery).map((result) => result.item);
+    return filt;
+  }, [fuse, searchQuery, users]);
+
+  async function deleteUsers(userIds: string[]) {
+    setSelectedRowKeys([]);
+    await Promise.allSettled(userIds.map((id) => deleteUser({ params: { path: { id } } })));
+  }
+
+  const columns = [
+    {
+      title: 'Account',
+      dataIndex: 'display',
+      key: 'display',
+    },
+    {
+      title: 'Username',
+      dataIndex: 'username',
+      key: 'username',
+    },
+    {
+      title: 'Email Adress',
+      dataIndex: 'email',
+      key: 'email',
+    },
+    {
+      dataIndex: 'id',
+      key: 'tooltip',
+      title: '',
+      with: 100,
+      render: (id: string) =>
+        selectedRowKeys.length === 0 ? (
+          <Tooltip placement="top" title={'Delete'}>
+            <Popconfirm
+              title="Delete User"
+              description="Are you sure you want to delete this user?"
+              onConfirm={() => deleteUsers([id])}
+            >
+              <Button icon={<DeleteOutlined />} type="text" />
+            </Popconfirm>
+          </Tooltip>
+        ) : null,
+    },
+  ];
+
+  if (error)
+    return (
+      <Result
+        status="error"
+        title="Failed to fetch your profile"
+        subTitle="An error ocurred while fetching your profile, please try again."
+      />
+    );
+
+  return (
+    <Content title="Identity and Access Management" rightNode={<HeaderActions />}>
+      <Row className={styles.Headerrow}>
+        <Col
+          xs={24}
+          sm={24}
+          md={24}
+          lg={10}
+          xl={6}
+          className={cn({ [styles.SelectedRow]: selectedRowKeys.length > 0 })}
+          style={{
+            justifyContent: 'start',
+          }}
+        >
+          {selectedRowKeys.length > 0 ? (
+            <Space size={20}>
+              <Button type="text" icon={<CloseOutlined />} onClick={() => setSelectedRowKeys([])} />
+              <span>{selectedRowKeys.length} selected: </span>
+              <Popconfirm
+                title="Delete User"
+                description="Are you sure you want to delete this user?"
+                onConfirm={() => deleteUsers(selectedRowKeys)}
+              >
+                <Button type="text" icon={<DeleteOutlined />} />
+              </Popconfirm>
+            </Space>
+          ) : null}
+        </Col>
+        <Col className={styles.Headercol} xs={22} sm={22} md={22} lg={9} xl={13}>
+          <Input.Search
+            size="middle"
+            onChange={(e) => setSearchQuery(e.target.value)}
+            allowClear
+            placeholder="Search Users"
+          />
+        </Col>
+      </Row>
+
+      <Table
+        columns={columns}
+        dataSource={filteredUsers}
+        rowSelection={{
+          selectedRowKeys,
+          onChange: (selectedRowKeys: React.Key[]) => {
+            setSelectedRowKeys(selectedRowKeys as string[]);
+          },
+        }}
+        /* onRow={(record) => ({
+        onMouseEnter: () => setHovered(record.id),
+        onMouseOut: () => setHovered(''),
+      })} */
+        /* scroll={{ x: 800 }} */
+        rowKey="id"
+        loading={isLoading || deletingUser}
+        size="middle"
+      />
+    </Content>
+  );
+};
+
+export default Auth(
+  {
+    action: 'manage',
+    resource: 'User',
+    fallbackRedirect: '/',
+  },
+  UsersPage,
+);
diff --git a/src/management-system-v2/app/(dashboard)/layout.tsx b/src/management-system-v2/app/(dashboard)/layout.tsx
index cb1a67881..da1d50cb3 100644
--- a/src/management-system-v2/app/(dashboard)/layout.tsx
+++ b/src/management-system-v2/app/(dashboard)/layout.tsx
@@ -28,6 +28,7 @@ import {
   UserOutlined,
   StarOutlined,
   MenuOutlined,
+  UnlockOutlined,
 } from '@ant-design/icons';
 import Logo from '@/public/proceed.svg';
 import Image from 'next/image';
@@ -314,6 +315,34 @@ const AuthLayout: FC<PropsWithChildren> = ({ children }) => {
                 </>
               ) : null}
 
+              {ability.can('manage', 'User') ||
+              ability.can('manage', 'RoleMapping') ||
+              ability.can('manage', 'Role') ? (
+                <>
+                  <ItemGroup key="IAM" title="IAM">
+                    <Item
+                      key="iam/users"
+                      icon={<UserOutlined />}
+                      hidden={!ability.can('manage', 'User')}
+                    >
+                      Users
+                    </Item>
+
+                    <Item
+                      key="iam/roles"
+                      icon={<UnlockOutlined />}
+                      hidden={
+                        !(ability.can('manage', 'RoleMapping') || ability.can('manage', 'Role'))
+                      }
+                    >
+                      Roles
+                    </Item>
+                  </ItemGroup>
+
+                  <Divider />
+                </>
+              ) : null}
+
               <ItemGroup key="settings" title="Settings">
                 <Item key="generalSettings" icon={<SettingOutlined />}>
                   General Settings

From ee745a067caaa8436b0687877ba03e326310dcbc Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Sat, 30 Sep 2023 09:59:06 +0200
Subject: [PATCH 04/44] Added useFuzySearch hook

---
 .../app/(dashboard)/iam/users/page.tsx        | 40 ++++---------
 src/management-system-v2/lib/useDebounce.ts   | 22 +++++++
 src/management-system-v2/lib/useFuzySearch.ts | 57 +++++++++++++++++++
 3 files changed, 90 insertions(+), 29 deletions(-)
 create mode 100644 src/management-system-v2/lib/useDebounce.ts
 create mode 100644 src/management-system-v2/lib/useFuzySearch.ts

diff --git a/src/management-system-v2/app/(dashboard)/iam/users/page.tsx b/src/management-system-v2/app/(dashboard)/iam/users/page.tsx
index 29a368e8b..fe0fcfbfc 100644
--- a/src/management-system-v2/app/(dashboard)/iam/users/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/users/page.tsx
@@ -4,7 +4,6 @@ import React, { FC, useMemo, useState } from 'react';
 import styles from '@/components/processes.module.scss';
 import cn from 'classnames';
 import { DeleteOutlined } from '@ant-design/icons';
-import Fuse from 'fuse.js';
 import {
   Tooltip,
   Space,
@@ -18,13 +17,12 @@ import {
   Popconfirm,
   App,
 } from 'antd';
-import { ApiData, useGetAsset, useDeleteAsset } from '@/lib/fetch-data';
+import { useGetAsset, useDeleteAsset } from '@/lib/fetch-data';
 import { CloseOutlined } from '@ant-design/icons';
 import Auth from '@/lib/AuthCanWrapper';
 import Content from '@/components/content';
 import HeaderActions from './header-actions';
-
-type User = ApiData<'/users/{id}', 'get'>;
+import useFuzySearch from '@/lib/useFuzySearch';
 
 const UsersPage: FC = () => {
   const { error, data, isLoading, refetch: refetchUsers } = useGetAsset('/users', {});
@@ -34,10 +32,14 @@ const UsersPage: FC = () => {
     onError: () => messageApi.open({ type: 'error', content: 'Something went wrong' }),
   });
 
-  const users = useMemo(() => {
-    if (!data) return [];
+  const { searchQuery, setSearchQuery, filteredData } = useFuzySearch(
+    data || [],
+    ['firstName', 'lastName', 'username', 'email'],
+    { useSearchParams: false },
+  );
 
-    return data.map((user) => ({
+  const filteredUsers = useMemo(() => {
+    return filteredData.map((user) => ({
       ...user,
       display: (
         <Space size={16}>
@@ -48,30 +50,9 @@ const UsersPage: FC = () => {
         </Space>
       ),
     }));
-  }, [data]);
+  }, [filteredData]);
 
   const [selectedRowKeys, setSelectedRowKeys] = useState<string[]>([]);
-  const [searchQuery, setSearchQuery] = useState('');
-
-  const fuse = useMemo(
-    () =>
-      users &&
-      new Fuse(users, {
-        findAllMatches: true,
-        threshold: 0.75,
-        useExtendedSearch: true,
-        ignoreLocation: true,
-        keys: ['firstName', 'lastName', 'username', 'email'] as (keyof User)[],
-      }),
-    [users],
-  );
-
-  const filteredUsers = useMemo(() => {
-    if (!fuse || searchQuery === '') return users;
-
-    const filt = fuse.search(searchQuery).map((result) => result.item);
-    return filt;
-  }, [fuse, searchQuery, users]);
 
   async function deleteUsers(userIds: string[]) {
     setSelectedRowKeys([]);
@@ -154,6 +135,7 @@ const UsersPage: FC = () => {
         <Col className={styles.Headercol} xs={22} sm={22} md={22} lg={9} xl={13}>
           <Input.Search
             size="middle"
+            value={searchQuery}
             onChange={(e) => setSearchQuery(e.target.value)}
             allowClear
             placeholder="Search Users"
diff --git a/src/management-system-v2/lib/useDebounce.ts b/src/management-system-v2/lib/useDebounce.ts
new file mode 100644
index 000000000..957ce758d
--- /dev/null
+++ b/src/management-system-v2/lib/useDebounce.ts
@@ -0,0 +1,22 @@
+import { useEffect, useRef, useState } from 'react';
+
+export default function useDebounce<TData>(value: TData, milliSeconds: number, enabled?: boolean) {
+  const [debouncedValue, setDebouncedValue] = useState<TData>(value);
+  const currentTimeout = useRef<ReturnType<typeof setTimeout> | null>(null);
+
+  useEffect(() => {
+    if (enabled) {
+      if (currentTimeout.current) clearTimeout(currentTimeout.current);
+
+      currentTimeout.current = setTimeout(() => {
+        setDebouncedValue(value);
+      }, milliSeconds);
+
+      return () => {
+        if (currentTimeout.current) clearTimeout(currentTimeout.current);
+      };
+    }
+  }, [value, milliSeconds, enabled]);
+
+  return debouncedValue;
+}
diff --git a/src/management-system-v2/lib/useFuzySearch.ts b/src/management-system-v2/lib/useFuzySearch.ts
new file mode 100644
index 000000000..29a7f89e5
--- /dev/null
+++ b/src/management-system-v2/lib/useFuzySearch.ts
@@ -0,0 +1,57 @@
+import Fuse from 'fuse.js';
+import { useEffect, useMemo, useState } from 'react';
+import { usePathname, useSearchParams, useRouter } from 'next/navigation';
+import useDebounce from './useDebounce';
+
+type FuzzySearchOptions = { useSearchParams: true; queryName: string } | { useSearchParams: false };
+
+/**
+ * Handles state and search logic for fuzzy search.
+ *
+ * @warning useSearchParams: true makes the page flicker
+ *
+ */
+export default function useFuzySearch<TData extends Record<string, any>>(
+  data: TData[],
+  keys: (keyof TData)[],
+  fuzzySearchOptions: FuzzySearchOptions,
+  fuseOptions: ConstructorParameters<typeof Fuse<TData>>[1] = {},
+) {
+  const router = useRouter();
+  const pathname = usePathname();
+  const searchParams = useSearchParams();
+
+  const [searchQuery, setSearchQuery] = useState(
+    searchParams.get(fuzzySearchOptions.useSearchParams ? fuzzySearchOptions.queryName : ''),
+  );
+  const debouncedSearchQuery = useDebounce(searchQuery, 200, fuzzySearchOptions.useSearchParams);
+
+  useEffect(() => {
+    if (!fuzzySearchOptions.useSearchParams) return;
+
+    const params = new URLSearchParams(searchParams);
+    params.set(fuzzySearchOptions.queryName, debouncedSearchQuery ?? '');
+
+    router.replace(pathname + '?' + params.toString(), { scroll: false });
+  }, [debouncedSearchQuery, router, fuzzySearchOptions, pathname, searchParams]);
+
+  const fuse = useMemo(
+    () =>
+      new Fuse(data, {
+        findAllMatches: true,
+        threshold: 0.75,
+        useExtendedSearch: true,
+        ignoreLocation: true,
+        keys: keys as string[],
+        ...fuseOptions,
+      }),
+    [data, keys, fuseOptions],
+  );
+
+  const filteredData = useMemo(() => {
+    if (!searchQuery) return data;
+    return fuse.search(searchQuery).map((result) => result.item);
+  }, [fuse, searchQuery, data]);
+
+  return { searchQuery, setSearchQuery, filteredData };
+}

From 098ff11c5e55065b3500fdd1ccc91cf94e3eb4fa Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Sat, 30 Sep 2023 12:08:32 +0200
Subject: [PATCH 05/44] Typo

---
 src/management-system-v2/app/(dashboard)/iam/roles/page.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
index 5c15ae764..5ca3a2018 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
@@ -1,3 +1,3 @@
 export default function RolesPage() {
-  return <h2>Comming soon</h2>;
+  return <h2>Coming soon</h2>;
 }

From 4e8c2194202c4148980e0bb6ebc3bda2d7c9a1c2 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Sat, 30 Sep 2023 12:28:22 +0200
Subject: [PATCH 06/44] Removed submodule files

---
 .gitmodules                                                    | 3 ---
 .../src/backend/server/environment-configurations              | 1 -
 2 files changed, 4 deletions(-)
 delete mode 100644 .gitmodules
 delete mode 160000 src/management-system/src/backend/server/environment-configurations

diff --git a/.gitmodules b/.gitmodules
deleted file mode 100644
index c249b565e..000000000
--- a/.gitmodules
+++ /dev/null
@@ -1,3 +0,0 @@
-[submodule "src/management-system/src/backend/server/environment-configurations"]
-	path = src/management-system/src/backend/server/environment-configurations
-	url = git@github.com:PROCEED-Labs/environments
diff --git a/src/management-system/src/backend/server/environment-configurations b/src/management-system/src/backend/server/environment-configurations
deleted file mode 160000
index 31c8af4dc..000000000
--- a/src/management-system/src/backend/server/environment-configurations
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 31c8af4dc6ecea50a784871fdf6bb2f859c63bcd

From 1add266177fbe111d0cb2198a7b28897bbb43f22 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Fri, 6 Oct 2023 17:20:46 +0200
Subject: [PATCH 07/44] Removed 204 response for roles

---
 src/management-system-v2/lib/openapiSchema.ts    |  9 +--------
 src/management-system/src/backend/openapi.json   | 16 +++-------------
 .../src/backend/server/iam/rest-api/roles.js     |  1 -
 3 files changed, 4 insertions(+), 22 deletions(-)

diff --git a/src/management-system-v2/lib/openapiSchema.ts b/src/management-system-v2/lib/openapiSchema.ts
index 5a3b74644..37d6169f7 100644
--- a/src/management-system-v2/lib/openapiSchema.ts
+++ b/src/management-system-v2/lib/openapiSchema.ts
@@ -195,7 +195,6 @@ export interface components {
     };
     /** processData */
     processData: {
-      description?: string;
       departments?: string[];
       /** @description The variables supposed to be used in the process */
       variables?: {
@@ -1138,13 +1137,7 @@ export interface operations {
       /** @description OK */
       200: {
         content: {
-          'application/json': components['schemas']['roleResponse'];
-        };
-      };
-      /** @description No Content */
-      204: {
-        content: {
-          'application/json': unknown[];
+          'application/json': components['schemas']['roleResponse'][];
         };
       };
       401: components['responses']['401_unauthenticated'];
diff --git a/src/management-system/src/backend/openapi.json b/src/management-system/src/backend/openapi.json
index 5f191c0cf..a9eca4c85 100644
--- a/src/management-system/src/backend/openapi.json
+++ b/src/management-system/src/backend/openapi.json
@@ -1150,23 +1150,13 @@
         "responses": {
           "200": {
             "description": "OK",
-            "content": {
-              "application/json": {
-                "schema": {
-                  "$ref": "#/components/schemas/roleResponse"
-                }
-              }
-            }
-          },
-          "204": {
-            "description": "No Content",
             "content": {
               "application/json": {
                 "schema": {
                   "type": "array",
-                  "minItems": 0,
-                  "maxItems": 0,
-                  "items": {}
+                  "items": {
+                    "$ref": "#/components/schemas/roleResponse"
+                  }
                 }
               }
             }
diff --git a/src/management-system/src/backend/server/iam/rest-api/roles.js b/src/management-system/src/backend/server/iam/rest-api/roles.js
index 2c8408fd0..f85cf2661 100644
--- a/src/management-system/src/backend/server/iam/rest-api/roles.js
+++ b/src/management-system/src/backend/server/iam/rest-api/roles.js
@@ -41,7 +41,6 @@ rolesRouter.get('/:id', isAuthenticated(), async (req, res) => {
 rolesRouter.get('/', isAuthenticated(), async (req, res) => {
   try {
     const roles = await getRoles();
-    if (roles.length === 0) return res.status(204).json([]);
     return res.status(200).json(roles);
   } catch (e) {
     return res.status(400).json(e.toString());

From 911389f4d81be81aa502b0554b5487f3ef78b756 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Fri, 6 Oct 2023 19:28:12 +0200
Subject: [PATCH 08/44] Fix: cannot delete default roles

---
 .../src/backend/server/iam/authorization/caslRules.ts | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/management-system/src/backend/server/iam/authorization/caslRules.ts b/src/management-system/src/backend/server/iam/authorization/caslRules.ts
index ee947d633..097482834 100644
--- a/src/management-system/src/backend/server/iam/authorization/caslRules.ts
+++ b/src/management-system/src/backend/server/iam/authorization/caslRules.ts
@@ -116,6 +116,17 @@ function rulesForAuthenticatedUsers(userId: string): AbilityRule[] {
 function rulesForRoles(ability: CaslAbility) {
   const rules: AbilityRule[] = [];
 
+  rules.push({
+    inverted: true,
+    subject: 'Role',
+    action: 'delete',
+    conditions: {
+      conditions: {
+        default: { $eq: true },
+      },
+    },
+  });
+
   if (ability.cannot('admin', 'All')) {
     rules.push({
       inverted: true,

From 47242a64e89f8708303568d784f95df9e2260a19 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Mon, 9 Oct 2023 14:33:22 +0200
Subject: [PATCH 09/44] Moved toCaslResources to ms-v2

---
 src/management-system-v2/lib/ability/abilityHelper.ts      | 7 +------
 src/management-system-v2/lib/ability/caslAbility.ts        | 5 +++++
 .../src/backend/server/iam/authorization/caslRules.ts      | 5 -----
 .../src/backend/server/iam/rest-api/auth0/user.js          | 2 +-
 .../src/backend/server/iam/rest-api/keycloak/user.js       | 2 +-
 .../src/backend/server/iam/rest-api/role-mappings.js       | 2 +-
 .../src/backend/server/iam/rest-api/roles.js               | 2 +-
 .../src/backend/server/iam/rest-api/shares.js              | 2 +-
 .../src/backend/server/rest-api/machine.js                 | 2 +-
 .../src/backend/server/rest-api/process.js                 | 2 +-
 .../specs/backend/authorization/iam/roleMapping.spec.js    | 6 +++---
 .../unit/specs/backend/authorization/iam/roles.spec.js     | 6 +++---
 .../unit/specs/backend/authorization/iam/users.spec.js     | 6 +++---
 .../unit/specs/backend/authorization/machines.spec.js      | 4 +++-
 .../backend/authorization/process/deleteProcess.spec.js    | 6 +++---
 .../specs/backend/authorization/process/getProcess.spec.js | 6 +++---
 .../specs/backend/authorization/process/putProcess.spec.js | 6 +++---
 .../specs/backend/authorization/shares/deleteShare.spec.js | 6 +++---
 .../specs/backend/authorization/shares/getShare.spec.js    | 6 +++---
 .../specs/backend/authorization/shares/postShare.spec.js   | 4 ++--
 .../specs/backend/authorization/shares/putShare.spec.js    | 6 +++---
 21 files changed, 45 insertions(+), 48 deletions(-)

diff --git a/src/management-system-v2/lib/ability/abilityHelper.ts b/src/management-system-v2/lib/ability/abilityHelper.ts
index b538e09de..7df5faeb4 100644
--- a/src/management-system-v2/lib/ability/abilityHelper.ts
+++ b/src/management-system-v2/lib/ability/abilityHelper.ts
@@ -1,13 +1,8 @@
 import { PackRule, unpackRules } from '@casl/ability/extra';
-import { AbilityRule, CaslAbility, ResourceType, buildAbility } from './caslAbility';
-import { subject } from '@casl/ability';
+import { AbilityRule, CaslAbility, buildAbility, toCaslResource } from './caslAbility';
 
 type CanParams = Parameters<CaslAbility['can']>;
 
-export function toCaslResource(resource: ResourceType, object: any) {
-  return subject(resource, object);
-}
-
 export default class Ability {
   caslAbility: CaslAbility;
 
diff --git a/src/management-system-v2/lib/ability/caslAbility.ts b/src/management-system-v2/lib/ability/caslAbility.ts
index f2e25e0d6..af3a252a4 100644
--- a/src/management-system-v2/lib/ability/caslAbility.ts
+++ b/src/management-system-v2/lib/ability/caslAbility.ts
@@ -4,6 +4,7 @@ import {
   PureAbility,
   RawRuleOf,
   fieldPatternMatcher,
+  subject,
 } from '@casl/ability';
 
 export const resources = [
@@ -179,3 +180,7 @@ export function buildAbility(rules: AbilityRule[]) {
 
   return ability;
 }
+
+export function toCaslResource(resource: ResourceType, object: any) {
+  return subject(resource, object);
+}
diff --git a/src/management-system/src/backend/server/iam/authorization/caslRules.ts b/src/management-system/src/backend/server/iam/authorization/caslRules.ts
index 223055c2d..ba08e31ca 100644
--- a/src/management-system/src/backend/server/iam/authorization/caslRules.ts
+++ b/src/management-system/src/backend/server/iam/authorization/caslRules.ts
@@ -1,4 +1,3 @@
-import { subject } from '@casl/ability-v6';
 import { SHARE_TYPE, sharedWitOrByhUser } from './shares';
 import { packRules } from '@casl/ability-v6/extra';
 import {
@@ -376,7 +375,3 @@ export async function rulesForUser(userId: string) {
 
   return { rules: packRules(translatedRules), expiration: firstExpiration };
 }
-
-export function toCaslResource(resource: ResourceType, object: any) {
-  return subject(resource, object);
-}
diff --git a/src/management-system/src/backend/server/iam/rest-api/auth0/user.js b/src/management-system/src/backend/server/iam/rest-api/auth0/user.js
index 13fe85423..5466e3433 100644
--- a/src/management-system/src/backend/server/iam/rest-api/auth0/user.js
+++ b/src/management-system/src/backend/server/iam/rest-api/auth0/user.js
@@ -4,8 +4,8 @@ import { validateUser } from '../../middleware/inputValidations.js';
 import { ensureCleanRoleMappings } from '../../utils/roleMappings.js';
 import { isAllowed, isAuthenticated } from '../../middleware/authorization';
 import { config } from '../../../iam/utils/config.js';
-import { toCaslResource } from '../../authorization/caslRules';
 import Ability from '../../../../../../../management-system-v2/lib/ability/abilityHelper';
+import { toCaslResource } from '../../../../../../../management-system-v2/lib/ability/caslAbility';
 
 // some userinfo endpoints are not returning standardized fields, so we have to make a standard for the MS
 const standardizeUser = (user) => {
diff --git a/src/management-system/src/backend/server/iam/rest-api/keycloak/user.js b/src/management-system/src/backend/server/iam/rest-api/keycloak/user.js
index 9fc7a14ed..70c68c47b 100644
--- a/src/management-system/src/backend/server/iam/rest-api/keycloak/user.js
+++ b/src/management-system/src/backend/server/iam/rest-api/keycloak/user.js
@@ -3,8 +3,8 @@ import requestResource from '../index.js';
 import { validateUser } from '../../middleware/inputValidations.js';
 import { ensureCleanRoleMappings } from '../../utils/roleMappings.js';
 import { isAllowed, isAuthenticated } from '../../middleware/authorization';
-import { toCaslResource } from '../../authorization/caslRules';
 import Ability from '../../../../../../../management-system-v2/lib/ability/abilityHelper';
+import { toCaslResource } from '../../../../../../../management-system-v2/lib/ability/caslAbility';
 
 const userRouter = express.Router();
 
diff --git a/src/management-system/src/backend/server/iam/rest-api/role-mappings.js b/src/management-system/src/backend/server/iam/rest-api/role-mappings.js
index 5fae8c764..f36755c6e 100644
--- a/src/management-system/src/backend/server/iam/rest-api/role-mappings.js
+++ b/src/management-system/src/backend/server/iam/rest-api/role-mappings.js
@@ -7,7 +7,7 @@ import {
 } from '../../../shared-electron-server/data/iam/role-mappings.js';
 import { deleteRulesForUsers, isAllowed } from '../middleware/authorization';
 import Ability from '../../../../../../management-system-v2/lib/ability/abilityHelper';
-import { toCaslResource } from '../authorization/caslRules';
+import { toCaslResource } from '../../../../../../management-system-v2/lib/ability/caslAbility';
 
 const roleMappingsRouter = express.Router();
 
diff --git a/src/management-system/src/backend/server/iam/rest-api/roles.js b/src/management-system/src/backend/server/iam/rest-api/roles.js
index 9f29ab07d..7d2796378 100644
--- a/src/management-system/src/backend/server/iam/rest-api/roles.js
+++ b/src/management-system/src/backend/server/iam/rest-api/roles.js
@@ -8,8 +8,8 @@ import {
 } from '../../../shared-electron-server/data/iam/roles.js';
 import { validateRole } from '../middleware/inputValidations.js';
 import { abilityCacheDeleteAll, isAllowed, isAuthenticated } from '../middleware/authorization';
-import { toCaslResource } from '../authorization/caslRules';
 import Ability from '../../../../../../management-system-v2/lib/ability/abilityHelper';
+import { toCaslResource } from '../../../../../../management-system-v2/lib/ability/caslAbility';
 
 const rolesRouter = express.Router();
 
diff --git a/src/management-system/src/backend/server/iam/rest-api/shares.js b/src/management-system/src/backend/server/iam/rest-api/shares.js
index 26b0d7636..e42981adb 100644
--- a/src/management-system/src/backend/server/iam/rest-api/shares.js
+++ b/src/management-system/src/backend/server/iam/rest-api/shares.js
@@ -9,8 +9,8 @@ import {
 import { abilityCacheDeleteAll, isAllowed } from '../middleware/authorization';
 import { validateShare } from '../middleware/inputValidations.js';
 import jwt from 'jsonwebtoken';
-import { toCaslResource } from '../authorization/caslRules';
 import Ability from '../../../../../../management-system-v2/lib/ability/abilityHelper';
+import { toCaslResource } from '../../../../../../management-system-v2/lib/ability/caslAbility';
 
 const sharesRouter = express.Router();
 
diff --git a/src/management-system/src/backend/server/rest-api/machine.js b/src/management-system/src/backend/server/rest-api/machine.js
index ec3548df8..fd2c75352 100644
--- a/src/management-system/src/backend/server/rest-api/machine.js
+++ b/src/management-system/src/backend/server/rest-api/machine.js
@@ -7,8 +7,8 @@ import {
 import { v4 } from 'uuid';
 import express from 'express';
 import { isAllowed } from '../iam/middleware/authorization';
-import { toCaslResource } from '../iam/authorization/caslRules';
 import Ability from '../../../../../management-system-v2/lib/ability/abilityHelper';
+import { toCaslResource } from '../../../../../management-system-v2/lib/ability/caslAbility';
 
 const machinesRouter = express.Router();
 
diff --git a/src/management-system/src/backend/server/rest-api/process.js b/src/management-system/src/backend/server/rest-api/process.js
index 4b5a7bbcc..94d594cd5 100644
--- a/src/management-system/src/backend/server/rest-api/process.js
+++ b/src/management-system/src/backend/server/rest-api/process.js
@@ -18,7 +18,7 @@ import express from 'express';
 import { isAllowed } from '../iam/middleware/authorization.ts';
 import logger from '../../shared-electron-server/logging.js';
 import Ability from '../../../../../management-system-v2/lib/ability/abilityHelper';
-import { toCaslResource } from '../iam/authorization/caslRules';
+import { toCaslResource } from '../../../../../management-system-v2/lib/ability/caslAbility';
 
 const processRouter = express.Router();
 
diff --git a/src/management-system/tests/unit/specs/backend/authorization/iam/roleMapping.spec.js b/src/management-system/tests/unit/specs/backend/authorization/iam/roleMapping.spec.js
index 8124b7bd6..45f8e3366 100644
--- a/src/management-system/tests/unit/specs/backend/authorization/iam/roleMapping.spec.js
+++ b/src/management-system/tests/unit/specs/backend/authorization/iam/roleMapping.spec.js
@@ -1,10 +1,10 @@
 const { users, abilitiesBuilt, buildAbility } = require('../authorization');
-const {
-  toCaslResource,
-} = require('../../../../../../src/backend/server/iam/authorization/caslRules');
 const {
   permissionNumberToIdentifiers,
 } = require('../../../../../../src/backend/server/iam/authorization/permissionHelpers');
+const {
+  toCaslResource,
+} = require('../../../../../../../management-system-v2/lib/ability/caslAbility');
 
 let adminAbility,
   all_user_permissionsAbility,
diff --git a/src/management-system/tests/unit/specs/backend/authorization/iam/roles.spec.js b/src/management-system/tests/unit/specs/backend/authorization/iam/roles.spec.js
index e9cfa8a49..41a0078de 100644
--- a/src/management-system/tests/unit/specs/backend/authorization/iam/roles.spec.js
+++ b/src/management-system/tests/unit/specs/backend/authorization/iam/roles.spec.js
@@ -1,10 +1,10 @@
 const { roles, abilitiesBuilt, buildAbility } = require('../authorization');
-const {
-  toCaslResource,
-} = require('../../../../../../src/backend/server/iam/authorization/caslRules');
 const {
   permissionNumberToIdentifiers,
 } = require('../../../../../../src/backend/server/iam/authorization/permissionHelpers');
+const {
+  toCaslResource,
+} = require('../../../../../../../management-system-v2/lib/ability/caslAbility');
 
 let adminAbility,
   all_user_permissionsAbility,
diff --git a/src/management-system/tests/unit/specs/backend/authorization/iam/users.spec.js b/src/management-system/tests/unit/specs/backend/authorization/iam/users.spec.js
index e18d081b6..2f3020082 100644
--- a/src/management-system/tests/unit/specs/backend/authorization/iam/users.spec.js
+++ b/src/management-system/tests/unit/specs/backend/authorization/iam/users.spec.js
@@ -1,10 +1,10 @@
 const { users, abilitiesBuilt } = require('../authorization');
-const {
-  toCaslResource,
-} = require('../../../../../../src/backend/server/iam/authorization/caslRules');
 const {
   permissionNumberToIdentifiers,
 } = require('../../../../../../src/backend/server/iam/authorization/permissionHelpers');
+const {
+  toCaslResource,
+} = require('../../../../../../../management-system-v2/lib/ability/caslAbility');
 
 let adminAbility,
   all_user_permissionsAbility,
diff --git a/src/management-system/tests/unit/specs/backend/authorization/machines.spec.js b/src/management-system/tests/unit/specs/backend/authorization/machines.spec.js
index ddfd34975..a252ffb8d 100644
--- a/src/management-system/tests/unit/specs/backend/authorization/machines.spec.js
+++ b/src/management-system/tests/unit/specs/backend/authorization/machines.spec.js
@@ -1,8 +1,10 @@
 const { abilitiesBuilt, buildAbility } = require('./authorization');
-const { toCaslResource } = require('../../../../../src/backend/server/iam/authorization/caslRules');
 const {
   permissionNumberToIdentifiers,
 } = require('../../../../../src/backend/server/iam/authorization/permissionHelpers');
+const {
+  toCaslResource,
+} = require('../../../../../../management-system-v2/lib/ability/caslAbility');
 
 let adminAbility, all_role_permissionsAbility, unauthenticatedAbility;
 
diff --git a/src/management-system/tests/unit/specs/backend/authorization/process/deleteProcess.spec.js b/src/management-system/tests/unit/specs/backend/authorization/process/deleteProcess.spec.js
index ba0296b25..f42436042 100644
--- a/src/management-system/tests/unit/specs/backend/authorization/process/deleteProcess.spec.js
+++ b/src/management-system/tests/unit/specs/backend/authorization/process/deleteProcess.spec.js
@@ -1,10 +1,10 @@
 const { processes, abilitiesBuilt, buildAbility } = require('../authorization');
-const {
-  toCaslResource,
-} = require('../../../../../../src/backend/server/iam/authorization/caslRules');
 const {
   permissionNumberToIdentifiers,
 } = require('../../../../../../src/backend/server/iam/authorization/permissionHelpers');
+const {
+  toCaslResource,
+} = require('../../../../../../../management-system-v2/lib/ability/caslAbility');
 
 let adminAbility,
   process_engineer_adminAbility,
diff --git a/src/management-system/tests/unit/specs/backend/authorization/process/getProcess.spec.js b/src/management-system/tests/unit/specs/backend/authorization/process/getProcess.spec.js
index 7d13f79de..c4047e446 100644
--- a/src/management-system/tests/unit/specs/backend/authorization/process/getProcess.spec.js
+++ b/src/management-system/tests/unit/specs/backend/authorization/process/getProcess.spec.js
@@ -1,10 +1,10 @@
 const { processArray, processes, abilitiesBuilt, buildAbility } = require('../authorization');
-const {
-  toCaslResource,
-} = require('../../../../../../src/backend/server/iam/authorization/caslRules');
 const {
   permissionNumberToIdentifiers,
 } = require('../../../../../../src/backend/server/iam/authorization/permissionHelpers');
+const {
+  toCaslResource,
+} = require('../../../../../../../management-system-v2/lib/ability/caslAbility');
 
 let adminAbility,
   process_engineer_adminAbility,
diff --git a/src/management-system/tests/unit/specs/backend/authorization/process/putProcess.spec.js b/src/management-system/tests/unit/specs/backend/authorization/process/putProcess.spec.js
index a0f2ce5d5..39c67b12a 100644
--- a/src/management-system/tests/unit/specs/backend/authorization/process/putProcess.spec.js
+++ b/src/management-system/tests/unit/specs/backend/authorization/process/putProcess.spec.js
@@ -1,10 +1,10 @@
 const { processes, abilitiesBuilt, buildAbility } = require('../authorization');
-const {
-  toCaslResource,
-} = require('../../../../../../src/backend/server/iam/authorization/caslRules');
 const {
   permissionNumberToIdentifiers,
 } = require('../../../../../../src/backend/server/iam/authorization/permissionHelpers');
+const {
+  toCaslResource,
+} = require('../../../../../../../management-system-v2/lib/ability/caslAbility');
 
 let adminAbility,
   process_engineer_adminAbility,
diff --git a/src/management-system/tests/unit/specs/backend/authorization/shares/deleteShare.spec.js b/src/management-system/tests/unit/specs/backend/authorization/shares/deleteShare.spec.js
index 888d0df82..a92717f8d 100644
--- a/src/management-system/tests/unit/specs/backend/authorization/shares/deleteShare.spec.js
+++ b/src/management-system/tests/unit/specs/backend/authorization/shares/deleteShare.spec.js
@@ -1,10 +1,10 @@
 const { abilitiesBuilt, buildAbility } = require('../authorization');
-const {
-  toCaslResource,
-} = require('../../../../../../src/backend/server/iam/authorization/caslRules');
 const {
   getShares,
 } = require('../../../../../../src/backend/shared-electron-server/data/iam/shares');
+const {
+  toCaslResource,
+} = require('../../../../../../../management-system-v2/lib/ability/caslAbility');
 
 let adminAbility, process_engineer_adminAbility, unauthenticatedAbility;
 
diff --git a/src/management-system/tests/unit/specs/backend/authorization/shares/getShare.spec.js b/src/management-system/tests/unit/specs/backend/authorization/shares/getShare.spec.js
index 7538b91b5..c6b08f080 100644
--- a/src/management-system/tests/unit/specs/backend/authorization/shares/getShare.spec.js
+++ b/src/management-system/tests/unit/specs/backend/authorization/shares/getShare.spec.js
@@ -1,13 +1,13 @@
 const { processes, shares, abilitiesBuilt, buildAbility } = require('../authorization');
-const {
-  toCaslResource,
-} = require('../../../../../../src/backend/server/iam/authorization/caslRules');
 const {
   permissionNumberToIdentifiers,
 } = require('../../../../../../src/backend/server/iam/authorization/permissionHelpers');
 const {
   getShares,
 } = require('../../../../../../src/backend/shared-electron-server/data/iam/shares');
+const {
+  toCaslResource,
+} = require('../../../../../../../management-system-v2/lib/ability/caslAbility');
 
 let adminAbility, unauthenticatedAbility;
 
diff --git a/src/management-system/tests/unit/specs/backend/authorization/shares/postShare.spec.js b/src/management-system/tests/unit/specs/backend/authorization/shares/postShare.spec.js
index 78b8ac47c..35dc5118b 100644
--- a/src/management-system/tests/unit/specs/backend/authorization/shares/postShare.spec.js
+++ b/src/management-system/tests/unit/specs/backend/authorization/shares/postShare.spec.js
@@ -1,7 +1,7 @@
-const { abilitiesBuilt, buildAbility } = require('../authorization');
 const {
   toCaslResource,
-} = require('../../../../../../src/backend/server/iam/authorization/caslRules');
+} = require('../../../../../../../management-system-v2/lib/ability/caslAbility');
+const { abilitiesBuilt, buildAbility } = require('../authorization');
 
 let adminAbility, unauthenticatedAbility;
 
diff --git a/src/management-system/tests/unit/specs/backend/authorization/shares/putShare.spec.js b/src/management-system/tests/unit/specs/backend/authorization/shares/putShare.spec.js
index c0a1b5926..c85865b10 100644
--- a/src/management-system/tests/unit/specs/backend/authorization/shares/putShare.spec.js
+++ b/src/management-system/tests/unit/specs/backend/authorization/shares/putShare.spec.js
@@ -1,10 +1,10 @@
 const { abilitiesBuilt, buildAbility } = require('../authorization');
-const {
-  toCaslResource,
-} = require('../../../../../../src/backend/server/iam/authorization/caslRules');
 const {
   getShares,
 } = require('../../../../../../src/backend/shared-electron-server/data/iam/shares');
+const {
+  toCaslResource,
+} = require('../../../../../../../management-system-v2/lib/ability/caslAbility');
 
 let adminAbility, unauthenticatedAbility;
 

From b8b75ff0e0277a12453a4e610ee322d3d6ab7a92 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 12 Oct 2023 19:36:37 +0200
Subject: [PATCH 10/44] Removed debugger statement

---
 .../app/(dashboard)/iam/users/header-actions.tsx                 | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/users/header-actions.tsx b/src/management-system-v2/app/(dashboard)/iam/users/header-actions.tsx
index f8ce62994..465aa49e4 100644
--- a/src/management-system-v2/app/(dashboard)/iam/users/header-actions.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/users/header-actions.tsx
@@ -90,7 +90,6 @@ const CreateUserModal: FC<{
   const submitData = async (
     values: Record<keyof ApiRequestBody<'/users', 'post'> | 'confirm_password', string>,
   ) => {
-    debugger;
     try {
       await postUser({
         body: {

From 0c3b3a92d5c905ed7777341c46eb255bb8ee44f4 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 12 Oct 2023 19:44:40 +0200
Subject: [PATCH 11/44] PUT /role now uses only fields that changed for auth

---
 .../src/backend/server/iam/rest-api/roles.js      | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/management-system/src/backend/server/iam/rest-api/roles.js b/src/management-system/src/backend/server/iam/rest-api/roles.js
index 7d2796378..f29014076 100644
--- a/src/management-system/src/backend/server/iam/rest-api/roles.js
+++ b/src/management-system/src/backend/server/iam/rest-api/roles.js
@@ -86,15 +86,28 @@ rolesRouter.put('/:id', validateRole, isAllowed('update', 'Role'), async (req, r
 
   if (role) {
     try {
+      // validateRole turns expiration into a Date, in order for the object merge
+      // to work, we need it to be a string (type safe option in mergeIntoObject)
+      if (typeof role.expiration === 'object') {
+        /** @type {Date} */
+        const expirationDate = role.expiration;
+        role.expiration = expirationDate.toISOString();
+      }
+
       /** @type {Ability} */
       const userAbility = req.userAbility;
 
       const targetRole = getRoleById(id);
 
+      for (const [key, value] of Object.entries(role)) {
+        console.log('Key:', key, 'Value:', value, 'Target:', targetRole[key]);
+        if (targetRole[key] === value) delete role[key];
+      }
+
       // Casl isn't really built to check the value of input fields when updating, so we have to perform this two checks
       if (
         !(
-          userAbility.can('update', toCaslResource('Role', targetRole)) &&
+          userAbility.checkInputFields(toCaslResource('Role', targetRole), 'update', role) &&
           userAbility.can('create', toCaslResource('Role', role))
         )
       )

From e56aa789ffe33569f1666ab6a2fc017a9a06120e Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 12 Oct 2023 19:48:14 +0200
Subject: [PATCH 12/44] Updated authorization rules

---
 .../src/backend/server/iam/authorization/caslRules.ts           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/management-system/src/backend/server/iam/authorization/caslRules.ts b/src/management-system/src/backend/server/iam/authorization/caslRules.ts
index ba08e31ca..0a41b14f2 100644
--- a/src/management-system/src/backend/server/iam/authorization/caslRules.ts
+++ b/src/management-system/src/backend/server/iam/authorization/caslRules.ts
@@ -75,7 +75,7 @@ function rulesForAuthenticatedUsers(userId: string): AbilityRule[] {
           default: { $eq: true },
         },
       },
-      fields: ['default', 'name'],
+      fields: ['default', 'name', 'expiration'],
     },
     {
       inverted: true,

From 9d3d303b6343eaf1152318061c1bb7fc70c99243 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 12 Oct 2023 19:49:24 +0200
Subject: [PATCH 13/44] Fixed API endpoints in OpenAPI description

---
 src/management-system-v2/lib/openapiSchema.ts | 140 +++++++++++++-----
 .../src/backend/openapi.json                  |  26 +++-
 2 files changed, 118 insertions(+), 48 deletions(-)

diff --git a/src/management-system-v2/lib/openapiSchema.ts b/src/management-system-v2/lib/openapiSchema.ts
index 02e946a4f..a66d3b652 100644
--- a/src/management-system-v2/lib/openapiSchema.ts
+++ b/src/management-system-v2/lib/openapiSchema.ts
@@ -153,7 +153,7 @@ export interface paths {
       };
     };
   };
-  '/role-mappings/users/{userId}/{roleId}': {
+  '/role-mappings/users/{userId}/roles/{roleId}': {
     /** @description Delete role mapping. */
     delete: operations['deleteRoleMappingByIdByUserId'];
     parameters: {
@@ -245,7 +245,7 @@ export interface components {
       | 'versions'
     >;
     processVersion: {
-      version: number;
+      version: string;
       name: string;
       description: string;
     };
@@ -339,7 +339,7 @@ export interface components {
       /** Format: email */
       email: string;
       username: string;
-      firstName: string;
+      'firstName ': string;
       lastName: string;
     };
     /** user */
@@ -394,7 +394,7 @@ export interface components {
       members?: {
         userId: string;
         username: string;
-        fisrtName: string;
+        firstName: string;
         lastName: string;
         email: string;
       }[];
@@ -422,8 +422,8 @@ export interface components {
     >;
     /** roleMappingData */
     roleMappingData: {
-      roleId?: string;
-      userId?: string;
+      roleId: string;
+      userId: string;
     };
     /** roleMappingMetaData */
     roleMappingMetaData: {
@@ -549,6 +549,8 @@ export interface components {
   pathItems: never;
 }
 
+export type $defs = Record<string, never>;
+
 export type external = Record<string, never>;
 
 export interface operations {
@@ -570,7 +572,9 @@ export interface operations {
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
       /** @description Failed to get processes */
-      500: never;
+      500: {
+        content: never;
+      };
     };
   };
   /** @description Post a process. */
@@ -599,11 +603,15 @@ export interface operations {
         };
       };
       /** @description The body of the request does not conform to the schma of a process */
-      400: never;
+      400: {
+        content: never;
+      };
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
       /** @description Failed to create the process due an internal error */
-      500: never;
+      500: {
+        content: never;
+      };
     };
   };
   /** @description Get a porcess by it's id. */
@@ -620,11 +628,15 @@ export interface operations {
         };
       };
       /** @description Error getting the bpmn of the process */
-      400: never;
+      400: {
+        content: never;
+      };
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
       /** @description No Process with the given definitionId was found */
-      404: never;
+      404: {
+        content: never;
+      };
     };
   };
   /** @description Updates a **partial** set of properties (this means, that arbitrarily many properties can be left out). */
@@ -654,10 +666,14 @@ export interface operations {
         };
       };
       /** @description Request body doesn't contain a partial set of key:value properties of the Process scheme */
-      400: never;
+      400: {
+        content: never;
+      };
       403: components['responses']['403_validationFailed'];
       /** @description No Process with the given definitionId was found */
-      404: never;
+      404: {
+        content: never;
+      };
     };
   };
   /** @description Delete a process. */
@@ -669,10 +685,14 @@ export interface operations {
     };
     responses: {
       /** @description Process deleted succesfuly */
-      200: never;
+      200: {
+        content: never;
+      };
       403: components['responses']['403_validationFailed'];
       /** @description No Process with the given definitionId was found */
-      404: never;
+      404: {
+        content: never;
+      };
     };
   };
   /** @description Get all the versions of a process. */
@@ -692,7 +712,9 @@ export interface operations {
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
       /** @description No Process with the given definitionId was found */
-      404: never;
+      404: {
+        content: never;
+      };
     };
   };
   /** @description Post a new version of a process. */
@@ -712,9 +734,13 @@ export interface operations {
     };
     responses: {
       /** @description OK */
-      200: never;
+      200: {
+        content: never;
+      };
       /** @description Bad Request */
-      400: never;
+      400: {
+        content: never;
+      };
       403: components['responses']['403_validationFailed'];
     };
   };
@@ -735,7 +761,9 @@ export interface operations {
         };
       };
       /** @description {definitionId} or {version} are wrong */
-      400: never;
+      400: {
+        content: never;
+      };
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
     };
@@ -770,7 +798,7 @@ export interface operations {
     requestBody?: {
       content: {
         'application/json': {
-          [key: string]: components['schemas']['image'] | undefined;
+          [key: string]: components['schemas']['image'];
         };
       };
     };
@@ -786,7 +814,9 @@ export interface operations {
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
       /** @description Not Found */
-      404: never;
+      404: {
+        content: never;
+      };
     };
   };
   /** @description Get all user tasks used in a process. */
@@ -848,9 +878,13 @@ export interface operations {
     };
     responses: {
       /** @description User task HTML updated */
-      200: never;
+      200: {
+        content: never;
+      };
       /** @description User task HTML created in the server */
-      201: never;
+      201: {
+        content: never;
+      };
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
     };
@@ -866,7 +900,9 @@ export interface operations {
     };
     responses: {
       /** @description The request returns 200 wether the userTaskFile exists or not */
-      200: never;
+      200: {
+        content: never;
+      };
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
     };
@@ -905,7 +941,9 @@ export interface operations {
     };
     responses: {
       /** @description Created */
-      201: never;
+      201: {
+        content: never;
+      };
       /** @description Bad Request */
       400: {
         content: {
@@ -955,7 +993,9 @@ export interface operations {
     };
     responses: {
       /** @description OK */
-      200: never;
+      200: {
+        content: never;
+      };
       /** @description Possible causes: The body of the request is not a JSON object or the machine is not stored and thus can't be changed. */
       400: {
         content: {
@@ -982,7 +1022,9 @@ export interface operations {
     };
     responses: {
       /** @description OK (This is the response, even if the machine is not known) */
-      200: never;
+      200: {
+        content: never;
+      };
       401: components['responses']['401_unauthenticated'];
       /** @description The machine is known through the discovery and not stored. It can't be removed! */
       403: {
@@ -1002,7 +1044,9 @@ export interface operations {
         };
       };
       /** @description Bad Request */
-      400: never;
+      400: {
+        content: never;
+      };
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
     };
@@ -1015,7 +1059,7 @@ export interface operations {
           /** Format: email */
           email: string;
           username: string;
-          lastName?: string;
+          lastName: string;
           firstName: string;
           password: string;
         };
@@ -1023,7 +1067,9 @@ export interface operations {
     };
     responses: {
       /** @description OK */
-      200: never;
+      200: {
+        content: never;
+      };
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
     };
@@ -1068,7 +1114,9 @@ export interface operations {
     };
     responses: {
       /** @description No Content */
-      204: never;
+      204: {
+        content: never;
+      };
       /** @description Bad Request */
       400: {
         content: {
@@ -1089,7 +1137,9 @@ export interface operations {
     };
     responses: {
       /** @description No Content */
-      204: never;
+      204: {
+        content: never;
+      };
       /** @description Bad Request */
       400: {
         content: {
@@ -1232,7 +1282,9 @@ export interface operations {
     };
     responses: {
       /** @description No Content */
-      204: never;
+      204: {
+        content: never;
+      };
       400: components['responses']['400_Error_Json'];
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
@@ -1265,15 +1317,19 @@ export interface operations {
   postRoleMapping: {
     requestBody?: {
       content: {
-        'application/json': WithRequired<
-          components['schemas']['roleMappingData'],
-          'roleId' | 'userId'
-        >[];
+        'application/json': (components['schemas']['roleMappingData'] & {
+          username: string;
+          firstName: string;
+          lastName: string;
+          email: string;
+        })[];
       };
     };
     responses: {
       /** @description Created */
-      201: never;
+      201: {
+        content: never;
+      };
       400: components['responses']['400_error_message'];
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
@@ -1310,7 +1366,9 @@ export interface operations {
     };
     responses: {
       /** @description Role deleted */
-      204: never;
+      204: {
+        content: never;
+      };
       /** @description Bad Request */
       400: {
         content: {
@@ -1355,7 +1413,9 @@ export interface operations {
       401: components['responses']['401_unauthenticated'];
       403: components['responses']['403_validationFailed'];
       /** @description Not Found */
-      404: never;
+      404: {
+        content: never;
+      };
     };
   };
 }
diff --git a/src/management-system/src/backend/openapi.json b/src/management-system/src/backend/openapi.json
index a9eca4c85..2e46866e5 100644
--- a/src/management-system/src/backend/openapi.json
+++ b/src/management-system/src/backend/openapi.json
@@ -959,7 +959,7 @@
                   "username": {
                     "type": "string"
                   },
-                  "lastName ": {
+                  "lastName": {
                     "type": "string"
                   },
                   "firstName": {
@@ -1416,9 +1416,18 @@
                   "allOf": [
                     {
                       "$ref": "#/components/schemas/roleMappingData"
+                    },
+                    {
+                      "type": "object",
+                      "properties": {
+                        "username": { "type": "string" },
+                        "firstName": { "type": "string" },
+                        "lastName": { "type": "string" },
+                        "email": { "type": "string" }
+                      },
+                      "required": ["username", "firstName", "lastName", "email"]
                     }
-                  ],
-                  "required": ["roleId", "userId"]
+                  ]
                 }
               }
             }
@@ -1471,7 +1480,7 @@
         "description": "Get all role mappings referencing a specific user."
       }
     },
-    "/role-mappings/users/{userId}/{roleId}": {
+    "/role-mappings/users/{userId}/roles/{roleId}": {
       "parameters": [
         {
           "schema": {
@@ -2078,7 +2087,7 @@
           "username": {
             "type": "string"
           },
-          "lastName ": {
+          "lastName": {
             "type": "string"
           },
           "firstName": {
@@ -2178,7 +2187,7 @@
                 "username": {
                   "type": "string"
                 },
-                "fisrtName": {
+                "firstName": {
                   "type": "string"
                 },
                 "lastName": {
@@ -2188,7 +2197,7 @@
                   "type": "string"
                 }
               },
-              "required": ["userId", "username", "fisrtName", "lastName", "email"]
+              "required": ["userId", "username", "firstName", "lastName", "email"]
             }
           },
           "default": {
@@ -2244,7 +2253,8 @@
           "userId": {
             "type": "string"
           }
-        }
+        },
+        "required": ["roleId", "userId"]
       },
       "roleMappingMetaData": {
         "title": "roleMappingMetaData",

From a169c8f384b973e1a82e475525a38799536609c9 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 12 Oct 2023 19:50:35 +0200
Subject: [PATCH 14/44] Refactor and implemented useInvalidateAsseta

---
 src/management-system-v2/lib/fetch-data.ts | 96 ++++++++--------------
 1 file changed, 36 insertions(+), 60 deletions(-)

diff --git a/src/management-system-v2/lib/fetch-data.ts b/src/management-system-v2/lib/fetch-data.ts
index 1cc8ebb4e..e836e47b1 100644
--- a/src/management-system-v2/lib/fetch-data.ts
+++ b/src/management-system-v2/lib/fetch-data.ts
@@ -9,7 +9,7 @@ import {
 import createClient, { FetchOptions } from 'openapi-fetch';
 import { FilterKeys } from 'openapi-typescript-helpers';
 import { paths } from './openapiSchema';
-import { useMemo } from 'react';
+import { useCallback, useMemo } from 'react';
 
 const BASE_URL = process.env.API_URL;
 
@@ -80,23 +80,40 @@ export type ApiData<
     : unknown
   : unknown;
 
+function getKeys(path: any, params: any) {
+  const keys = [path];
+
+  if (
+    typeof params === 'object' &&
+    'params' in params &&
+    typeof params.params === 'object' &&
+    'path' in params.params
+  ) {
+    keys.push(params.params.path as any);
+  }
+
+  return keys;
+}
+
+type PathParamsToList<T> = T extends { params: { path: any } } ? [T] : [];
+
+export function useInvalidateAsset<
+  TFirstParam extends Parameters<typeof apiClient.GET>[0],
+  TSecondParam extends Parameters<typeof apiClient.GET<TFirstParam>>[1],
+>(path: TFirstParam, ...params: PathParamsToList<TSecondParam>) {
+  const queryClient = useQueryClient();
+
+  return useCallback(
+    () => queryClient.invalidateQueries(getKeys(path, params)),
+    [path, params, queryClient],
+  );
+}
+
 export function useGetAsset<
   TFirstParam extends Parameters<typeof apiClient.GET>[0],
   TSecondParam extends Parameters<typeof apiClient.GET<TFirstParam>>[1],
 >(path: TFirstParam, params: TSecondParam, reactQueryOptions?: Omit<UseQueryOptions, 'queryFn'>) {
-  const keys = useMemo(() => {
-    const keys = [path];
-    if (
-      typeof params === 'object' &&
-      'params' in params &&
-      typeof params.params === 'object' &&
-      'path' in params.params
-    ) {
-      keys.push(params.params.path as any);
-    }
-
-    return keys;
-  }, [path, params]);
+  const keys = useMemo(() => getKeys(path, params), [path, params]);
 
   type Data = QueryData<typeof apiClient.GET<TFirstParam>> | undefined;
 
@@ -124,24 +141,14 @@ export function usePostAsset<TFirstParam extends Parameters<typeof apiClient.POS
 ) {
   const queryClient = useQueryClient();
   return useMutation({
-    mutationFn: async (body: Parameters<FunctionType>[1]) => {
+    mutationFn: async (body: FetchOptions<FilterKeys<paths[TFirstParam], 'post'>>) => {
       const { data } = await post(path, body);
 
-      const keys: any[] = [path];
-      if (
-        typeof body === 'object' &&
-        'params' in body &&
-        typeof body.params === 'object' &&
-        'path' in body.params
-      ) {
-        keys.push(body.params.path);
-      }
-
-      queryClient.invalidateQueries(keys);
+      queryClient.invalidateQueries(getKeys(path, body));
 
       return data as QueryData<typeof apiClient.POST<TFirstParam>>;
     },
-    ...(mutationParams as Omit<UseMutationOptions<Data, Error>, 'mutationFn'>),
+    ...mutationParams,
   });
 }
 
@@ -165,28 +172,7 @@ export function usePutAsset<TFirstParam extends Parameters<typeof apiClient.PUT>
 
       const { data } = await put(path, body);
 
-      const keys: any[] = [path];
-      if (
-        typeof body === 'object' &&
-        'params' in body &&
-        typeof body.params === 'object' &&
-        'path' in body.params
-      ) {
-        keys.push(body.params.path);
-      }
-
-      queryClient.invalidateQueries(keys);
-      const keys: any[] = [path];
-      if (
-        typeof body === 'object' &&
-        'params' in body &&
-        typeof body.params === 'object' &&
-        'path' in body.params
-      ) {
-        keys.push(body.params.path);
-      }
-
-      queryClient.invalidateQueries(keys);
+      queryClient.invalidateQueries(getKeys(path, body));
 
       return data as QueryData<typeof apiClient.PUT<TFirstParam>>;
     },
@@ -210,17 +196,7 @@ export const useDeleteAsset = <TFirstParam extends Parameters<typeof apiClient.D
     mutationFn: async (body: FetchOptions<FilterKeys<paths[TFirstParam], 'delete'>>) => {
       const { data } = await del(path, body);
 
-      const keys: any[] = [path];
-      if (
-        typeof body === 'object' &&
-        'params' in body &&
-        typeof body.params === 'object' &&
-        'path' in body.params
-      ) {
-        keys.push(body.params.path);
-      }
-
-      queryClient.invalidateQueries(keys);
+      queryClient.invalidateQueries(getKeys(path, body));
 
       return data as QueryData<typeof apiClient.DELETE<TFirstParam>>;
     },

From 26c7ae228d0544038115837bb077434635e0b9ff Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 12 Oct 2023 19:52:30 +0200
Subject: [PATCH 15/44] Updated subject type to accept objects

---
 src/management-system-v2/lib/ability/abilityHelper.ts | 10 ++++++++--
 src/management-system-v2/lib/ability/caslAbility.ts   | 10 ++++++++--
 src/management-system-v2/lib/iamComponents.tsx        |  6 ++++--
 3 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/src/management-system-v2/lib/ability/abilityHelper.ts b/src/management-system-v2/lib/ability/abilityHelper.ts
index 7df5faeb4..87d5b823f 100644
--- a/src/management-system-v2/lib/ability/abilityHelper.ts
+++ b/src/management-system-v2/lib/ability/abilityHelper.ts
@@ -1,5 +1,11 @@
 import { PackRule, unpackRules } from '@casl/ability/extra';
-import { AbilityRule, CaslAbility, buildAbility, toCaslResource } from './caslAbility';
+import {
+  AbilityRule,
+  CaslAbility,
+  ResourceType,
+  buildAbility,
+  toCaslResource,
+} from './caslAbility';
 
 type CanParams = Parameters<CaslAbility['can']>;
 
@@ -19,7 +25,7 @@ export default class Ability {
     return true;
   }
 
-  filter(action: CanParams[0] | CanParams[0][], resource: CanParams[1], array: any[]) {
+  filter(action: CanParams[0] | CanParams[0][], resource: ResourceType, array: any[]) {
     return array.filter((resourceInstance) =>
       this.can(action, toCaslResource(resource, resourceInstance)),
     );
diff --git a/src/management-system-v2/lib/ability/caslAbility.ts b/src/management-system-v2/lib/ability/caslAbility.ts
index af3a252a4..98a4d2c32 100644
--- a/src/management-system-v2/lib/ability/caslAbility.ts
+++ b/src/management-system-v2/lib/ability/caslAbility.ts
@@ -151,7 +151,10 @@ function conditionsMatcher(conditionsObject: ConditionsObject) {
   return combineFunctions(conditionsForResource, conditionsObject.conditionsOperator || 'and');
 }
 
-export type CaslAbility = PureAbility<[ResourceActionType, ResourceType], ConditionsObject>;
+export type CaslAbility = PureAbility<
+  [ResourceActionType, ResourceType | Record<PropertyKey, any>],
+  ConditionsObject
+>;
 export type AbilityRule = RawRuleOf<CaslAbility>;
 
 // beware: casl usually uses 'manage' as a wildcard
@@ -181,6 +184,9 @@ export function buildAbility(rules: AbilityRule[]) {
   return ability;
 }
 
-export function toCaslResource(resource: ResourceType, object: any) {
+export function toCaslResource<T extends Record<PropertyKey, any>>(
+  resource: ResourceType,
+  object: T,
+) {
   return subject(resource, object);
 }
diff --git a/src/management-system-v2/lib/iamComponents.tsx b/src/management-system-v2/lib/iamComponents.tsx
index 222dd8b5f..75b63ce2e 100644
--- a/src/management-system-v2/lib/iamComponents.tsx
+++ b/src/management-system-v2/lib/iamComponents.tsx
@@ -12,9 +12,10 @@ import {
 } from 'react';
 import { useRouter } from 'next/navigation';
 import { Route } from 'next';
-import { ResourceActionType, ResourceType } from '../lib/ability/caslAbility';
+import { CaslAbility, ResourceActionType, ResourceType } from '../lib/ability/caslAbility';
 import { handleOauthCallback, useAuthStore } from './iam';
 import { App } from 'antd';
+import { Ability } from '@casl/ability';
 
 export const AuthCallbackListener: FC = () => {
   const oauthCallback = useAuthStore((store) => store.oauthCallback);
@@ -57,9 +58,10 @@ export const AuthCallbackListener: FC = () => {
   return null;
 };
 
+type CanParams = Parameters<CaslAbility['can']>;
 export type AuthCanProps = PropsWithChildren<{
   action: ResourceActionType | ResourceActionType[];
-  resource: ResourceType | ResourceType[];
+  resource: CanParams[1] | CanParams[1][];
   notLoggedIn?: ReactNode;
   fallback?: ReactNode;
   fallbackRedirect?: Route;

From 709cf6fcc4d35b792468fa04e5d8957312092303 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 12 Oct 2023 19:53:26 +0200
Subject: [PATCH 16/44] Moved AuthCallbackListener to be inside of AntDesign
 context

---
 src/management-system-v2/components/app.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/management-system-v2/components/app.tsx b/src/management-system-v2/components/app.tsx
index d8593d4b0..e2e29ea26 100644
--- a/src/management-system-v2/components/app.tsx
+++ b/src/management-system-v2/components/app.tsx
@@ -13,8 +13,8 @@ const App: FC<PropsWithChildren> = ({ children }) => {
   return (
     <QueryClientProvider client={queryClient}>
       <ReactQueryDevtools initialIsOpen={false} />
-      <AuthCallbackListener />
       <AntDesignApp>
+        <AuthCallbackListener />
         <Theme>{children}</Theme>
       </AntDesignApp>
     </QueryClientProvider>

From 1df00d5ae573c427c3a040d448c9bd9fc20693f4 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 12 Oct 2023 19:54:21 +0200
Subject: [PATCH 17/44] Updated active segment logic

---
 src/management-system-v2/components/layout.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/management-system-v2/components/layout.tsx b/src/management-system-v2/components/layout.tsx
index daec1152a..422cac39e 100644
--- a/src/management-system-v2/components/layout.tsx
+++ b/src/management-system-v2/components/layout.tsx
@@ -52,7 +52,7 @@ const items: MenuProps['items'] = [
  */
 const Layout: FC<PropsWithChildren> = ({ children }) => {
   const router = useRouter();
-  const activeSegment = usePathname().split('/')[1] || 'processes';
+  const activeSegment = usePathname().slice(1) || 'processes';
   const [collapsed, setCollapsed] = useState(false);
   const ability = useAuthStore((state) => state.ability);
   const loggedIn = useAuthStore((state) => state.loggedIn);

From 8b3e0c4a02903f47f2821aa5ef68016880b44f6d Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 12 Oct 2023 19:56:37 +0200
Subject: [PATCH 18/44] Moved user list to a separate component

---
 .../app/(dashboard)/iam/users/page.tsx        | 157 +++++-------------
 .../components/user-list.tsx                  | 125 ++++++++++++++
 2 files changed, 163 insertions(+), 119 deletions(-)
 create mode 100644 src/management-system-v2/components/user-list.tsx

diff --git a/src/management-system-v2/app/(dashboard)/iam/users/page.tsx b/src/management-system-v2/app/(dashboard)/iam/users/page.tsx
index 60bd970b0..2838cce6f 100644
--- a/src/management-system-v2/app/(dashboard)/iam/users/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/users/page.tsx
@@ -1,149 +1,68 @@
 'use client';
 
-import React, { FC, useMemo, useState } from 'react';
-import styles from '@/components/processes.module.scss';
-import cn from 'classnames';
+import { FC } from 'react';
 import { DeleteOutlined } from '@ant-design/icons';
-import {
-  Tooltip,
-  Space,
-  Avatar,
-  Row,
-  Col,
-  Button,
-  Input,
-  Result,
-  Table,
-  Popconfirm,
-  App,
-} from 'antd';
+import { Tooltip, Button, Popconfirm, App } from 'antd';
 import { useGetAsset, useDeleteAsset } from '@/lib/fetch-data';
-import { CloseOutlined } from '@ant-design/icons';
 import Auth from '@/lib/AuthCanWrapper';
 import Content from '@/components/content';
 import HeaderActions from './header-actions';
-import useFuzySearch from '@/lib/useFuzySearch';
-import Bar from '@/components/bar';
+import UserList from '@/components/user-list';
+import { useQueryClient } from '@tanstack/react-query';
 
 const UsersPage: FC = () => {
-  const { error, data, isLoading, refetch: refetchUsers } = useGetAsset('/users', {});
   const { message: messageApi } = App.useApp();
+  const queryClient = useQueryClient();
+
+  const { error, data, isLoading } = useGetAsset('/users', {});
   const { mutateAsync: deleteUser, isLoading: deletingUser } = useDeleteAsset('/users/{id}', {
-    onSuccess: () => refetchUsers(),
     onError: () => messageApi.open({ type: 'error', content: 'Something went wrong' }),
+    onSuccess: async () => await queryClient.invalidateQueries(['/users']),
   });
 
-  const { searchQuery, setSearchQuery, filteredData } = useFuzySearch(
-    data || [],
-    ['firstName', 'lastName', 'username', 'email'],
-    { useSearchParams: false },
-  );
-
-  const filteredUsers = useMemo(() => {
-    return filteredData.map((user) => ({
-      ...user,
-      display: (
-        <Space size={16}>
-          <Avatar src={user.picture} />
-          <span>
-            {user.firstName} {user.lastName}
-          </span>
-        </Space>
-      ),
-    }));
-  }, [filteredData]);
-
-  const [selectedRowKeys, setSelectedRowKeys] = useState<string[]>([]);
-
-  async function deleteUsers(userIds: string[]) {
-    setSelectedRowKeys([]);
-    await Promise.allSettled(userIds.map((id) => deleteUser({ params: { path: { id } } })));
+  async function deleteUsers(ids: string[], unsetIds?: () => void) {
+    if (unsetIds) unsetIds();
+    const promises = ids.map((id) => deleteUser({ params: { path: { id } } }));
+    await Promise.allSettled(promises);
   }
 
   const columns = [
-    {
-      title: 'Account',
-      dataIndex: 'display',
-      key: 'display',
-    },
-    {
-      title: 'Username',
-      dataIndex: 'username',
-      key: 'username',
-    },
-    {
-      title: 'Email Adress',
-      dataIndex: 'email',
-      key: 'email',
-    },
     {
       dataIndex: 'id',
       key: 'tooltip',
       title: '',
-      with: 100,
-      render: (id: string) =>
-        selectedRowKeys.length === 0 ? (
-          <Tooltip placement="top" title={'Delete'}>
-            <Popconfirm
-              title="Delete User"
-              description="Are you sure you want to delete this user?"
-              onConfirm={() => deleteUsers([id])}
-            >
-              <Button icon={<DeleteOutlined />} type="text" />
-            </Popconfirm>
-          </Tooltip>
-        ) : undefined,
+      width: 100,
+      render: (id: string) => (
+        <Tooltip placement="top" title="Delete">
+          <Popconfirm
+            title="Delete User"
+            description="Are you sure you want to delete this user?"
+            onConfirm={() => deleteUsers([id])}
+          >
+            <Button icon={<DeleteOutlined />} type="text" />
+          </Popconfirm>
+        </Tooltip>
+      ),
     },
   ];
 
-  if (error)
-    return (
-      <Content title="Identity and Access Management">
-        <Result
-          status="error"
-          title="Failed to fetch your profile"
-          subTitle="An error ocurred while fetching your profile, please try again."
-        />
-      </Content>
-    );
-
   return (
     <Content title="Identity and Access Management">
-      <Bar
-        leftNode={
-          selectedRowKeys.length ? (
-            <Space size={20}>
-              <Button type="text" icon={<CloseOutlined />} onClick={() => setSelectedRowKeys([])} />
-              <span>{selectedRowKeys.length} selected: </span>
-              <Popconfirm
-                title="Delete User"
-                description="Are you sure you want to delete this user?"
-                onConfirm={() => deleteUsers(selectedRowKeys)}
-              >
-                <Button type="text" icon={<DeleteOutlined />} />
-              </Popconfirm>
-            </Space>
-          ) : undefined
-        }
-        searchProps={{
-          value: searchQuery,
-          onChange: (e) => setSearchQuery(e.target.value),
-          placeholder: 'Search Users ...',
-        }}
-        rightNode={<HeaderActions />}
-      />
-      <Table
+      <UserList
+        users={data || []}
+        error={!!error}
         columns={columns}
-        dataSource={filteredUsers}
-        rowSelection={{
-          selectedRowKeys,
-          onChange: (selectedRowKeys: React.Key[]) => {
-            setSelectedRowKeys(selectedRowKeys as string[]);
-          },
-        }}
-        rowKey="id"
-        loading={isLoading || deletingUser}
-        size="middle"
+        loading={deletingUser || isLoading}
+        selectedRowActions={(ids, clearIds) => (
+          <Popconfirm
+            title="Delete Users"
+            description="Are you sure you want to delete the selected users?"
+            onConfirm={() => deleteUsers(ids, clearIds)}
+          >
+            <Button type="text" icon={<DeleteOutlined />} />
+          </Popconfirm>
+        )}
+        searchBarRightNode={<HeaderActions />}
       />
     </Content>
   );
diff --git a/src/management-system-v2/components/user-list.tsx b/src/management-system-v2/components/user-list.tsx
new file mode 100644
index 000000000..f0169463d
--- /dev/null
+++ b/src/management-system-v2/components/user-list.tsx
@@ -0,0 +1,125 @@
+'use client';
+
+import React, { ComponentProps, FC, ReactNode, useMemo, useState } from 'react';
+import { Space, Avatar, Button, Table, Result } from 'antd';
+import { CloseOutlined } from '@ant-design/icons';
+import useFuzySearch from '@/lib/useFuzySearch';
+import Bar from '@/components/bar';
+import { ApiData } from '@/lib/fetch-data';
+
+const defaultColumns = [
+  {
+    title: 'Account',
+    dataIndex: 'display',
+    key: 'display',
+  },
+  {
+    title: 'Username',
+    dataIndex: 'username',
+    key: 'username',
+  },
+  {
+    title: 'Email Adress',
+    dataIndex: 'email',
+    key: 'email',
+  },
+];
+
+type User = ApiData<'/users', 'get'>[number];
+type ListUser = Partial<Omit<User, 'id' | 'firstName' | 'lastName' | 'username' | 'email'>> &
+  Pick<User, 'id' | 'firstName' | 'lastName' | 'username' | 'email'> & {};
+type Column = Exclude<ComponentProps<typeof Table<ListUser>>['columns'], undefined>;
+
+export type UserListProps = {
+  users: ListUser[];
+  columns?: Column | ((clearSelected: () => void) => Column);
+  selectedRowActions?: (ids: string[], clearSelected: () => void, users: ListUser[]) => ReactNode;
+  error?: boolean;
+  searchBarRightNode?: ReactNode;
+  loading?: boolean;
+};
+
+const UserList: FC<UserListProps> = ({
+  users,
+  columns,
+  selectedRowActions,
+  error,
+  searchBarRightNode,
+  loading,
+}) => {
+  const { searchQuery, setSearchQuery, filteredData } = useFuzySearch(
+    users,
+    ['firstName', 'lastName', 'username', 'email'],
+    { useSearchParams: false },
+  );
+
+  const [selectedRowKeys, setSelectedRowKeys] = useState<string[]>([]);
+  const [selectedRows, setSelectedRows] = useState<typeof users>([]);
+
+  const tableColums = useMemo(() => {
+    if (!columns) return defaultColumns;
+
+    if (typeof columns === 'function')
+      return [...defaultColumns, ...columns(() => setSelectedRowKeys([]))];
+    else return [...defaultColumns, ...columns];
+  }, [columns]);
+
+  if (error)
+    <Result
+      status="error"
+      title="Failed fetch to users"
+      subTitle="An error ocurred while fetching users"
+    />;
+
+  return (
+    <>
+      <Bar
+        leftNode={
+          selectedRowKeys.length ? (
+            <Space size={20}>
+              <Button type="text" icon={<CloseOutlined />} onClick={() => setSelectedRowKeys([])} />
+              <span>{selectedRowKeys.length} selected: </span>
+              {selectedRowActions
+                ? selectedRowActions(selectedRowKeys, () => setSelectedRowKeys([]), selectedRows)
+                : null}
+            </Space>
+          ) : undefined
+        }
+        searchProps={{
+          value: searchQuery,
+          onChange: (e) => setSearchQuery(e.target.value),
+          placeholder: 'Search Users ...',
+        }}
+        rightNode={searchBarRightNode ? searchBarRightNode : null}
+      />
+      <Table
+        columns={tableColums}
+        dataSource={filteredData.map((user) => ({
+          ...user,
+          display: (
+            <Space size={16}>
+              <Avatar src={user.picture}>
+                {user.picture ? null : user.firstName.slice(0, 1) + user.lastName.slice(0, 1)}
+              </Avatar>
+              <span>
+                {user.firstName} {user.lastName}
+              </span>
+            </Space>
+          ),
+        }))}
+        rowSelection={{
+          selectedRowKeys,
+          onChange: (selectedRowKeys: React.Key[], selectedObjects: typeof users) => {
+            setSelectedRowKeys(selectedRowKeys as string[]);
+            setSelectedRows(selectedObjects);
+          },
+        }}
+        rowKey="id"
+        loading={loading}
+        size="middle"
+      />
+    </>
+  );
+};
+
+export default UserList;

From 7696a83fa615fe0b065429eae13eb4fdb31c33d2 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 12 Oct 2023 20:00:31 +0200
Subject: [PATCH 19/44] Implemented role pages

---
 .../(dashboard)/iam/roles/[roleId]/page.tsx   |  74 ++++
 .../iam/roles/[roleId]/role-members.tsx       | 154 ++++++++
 .../iam/roles/[roleId]/roleGeneralData.tsx    |  90 +++++
 .../iam/roles/[roleId]/rolePermissions.tsx    | 336 ++++++++++++++++++
 .../(dashboard)/iam/roles/header-actions.tsx  | 196 ++++++++++
 .../app/(dashboard)/iam/roles/page.tsx        | 154 +++++++-
 6 files changed, 1001 insertions(+), 3 deletions(-)
 create mode 100644 src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx
 create mode 100644 src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/role-members.tsx
 create mode 100644 src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/roleGeneralData.tsx
 create mode 100644 src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/rolePermissions.tsx
 create mode 100644 src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx
new file mode 100644
index 000000000..2c7a9936e
--- /dev/null
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx
@@ -0,0 +1,74 @@
+'use client';
+
+import Content from '@/components/content';
+import Auth from '@/lib/AuthCanWrapper';
+import { useGetAsset } from '@/lib/fetch-data';
+import { Button, Result, Skeleton, Space, Tabs } from 'antd';
+import { LeftOutlined } from '@ant-design/icons';
+import { ComponentProps } from 'react';
+import RoleGeneralData from './roleGeneralData';
+import { useRouter } from 'next/navigation';
+import RolePermissions from './rolePermissions';
+import RoleMembers from './role-members';
+
+type Items = ComponentProps<typeof Tabs>['items'];
+
+function RolePage({ params: { roleId } }: { params: { roleId: string } }) {
+  const router = useRouter();
+  const {
+    data: role,
+    isLoading,
+    error,
+  } = useGetAsset('/roles/{id}', {
+    params: { path: { id: roleId } },
+  });
+
+  const items: Items = role
+    ? [
+        {
+          key: 'members',
+          label: 'Manage Members',
+          children: <RoleMembers role={role} isLoadingRole={isLoading} />,
+        },
+        { key: 'permissions', label: 'Permissions', children: <RolePermissions role={role} /> },
+        {
+          key: 'generalData',
+          label: 'General Data',
+          children: <RoleGeneralData roleId={roleId} />,
+        },
+      ]
+    : [];
+
+  if (error) return;
+  <Result
+    status="error"
+    title="Failed to fetch role"
+    subTitle="An error ocurred while fetching role, please try again."
+  />;
+
+  return (
+    <Content
+      title={
+        <Space>
+          <Button icon={<LeftOutlined />} onClick={() => router.push('/iam/roles')} type="text">
+            Back
+          </Button>
+          {role?.name}
+        </Space>
+      }
+    >
+      <Skeleton loading={isLoading}>
+        <Tabs items={items} />
+      </Skeleton>
+    </Content>
+  );
+}
+
+export default Auth(
+  {
+    action: ['view', 'manage'],
+    resource: 'Role',
+    fallbackRedirect: '/',
+  },
+  RolePage,
+);
diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/role-members.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/role-members.tsx
new file mode 100644
index 000000000..832f31963
--- /dev/null
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/role-members.tsx
@@ -0,0 +1,154 @@
+'use client';
+
+import { FC, useMemo, useState } from 'react';
+import { DeleteOutlined, PlusOutlined } from '@ant-design/icons';
+import {
+  ApiData,
+  useDeleteAsset,
+  useGetAsset,
+  useInvalidateAsset,
+  usePostAsset,
+} from '@/lib/fetch-data';
+import UserList, { UserListProps } from '@/components/user-list';
+import { Button, Modal, Popconfirm, Tooltip } from 'antd';
+
+type Role = ApiData<'/roles', 'get'>[number];
+
+const AddUserModal: FC<{ role: Role; open: boolean; close: () => void }> = ({
+  role,
+  open,
+  close,
+}) => {
+  const { data: users, isLoading: isLoadingUsers } = useGetAsset('/users', {});
+  const invalidateRole = useInvalidateAsset('/roles/{id}', { params: { path: { id: role.id } } });
+  const { mutateAsync, isLoading: isLoadingMutation } = usePostAsset('/role-mappings', {
+    onSuccess: invalidateRole,
+  });
+
+  type AddUserParams = Parameters<NonNullable<UserListProps['selectedRowActions']>>;
+  const addUsers = async (users: AddUserParams[2], clearIds?: AddUserParams[1]) => {
+    if (clearIds) clearIds();
+    await mutateAsync({
+      body: users.map((user) => ({
+        userId: user.id,
+        roleId: role.id,
+        email: user.email,
+        lastName: user.lastName,
+        firstName: user.firstName,
+        username: user.username,
+      })),
+      parseAs: 'text',
+    });
+  };
+
+  const usersNotInRole = useMemo(() => {
+    if (!users) return [];
+
+    const usersInRole = new Set(role.members.map((member) => member.userId));
+
+    return users.filter((user) => !usersInRole.has(user.id));
+  }, [users, role.members]);
+
+  return (
+    <Modal
+      open={open}
+      onCancel={close}
+      footer={null}
+      width={800}
+      title={`Add members to ${role.name}`}
+    >
+      <UserList
+        users={usersNotInRole}
+        loading={isLoadingUsers || isLoadingMutation}
+        columns={(clearSelected) => [
+          {
+            dataIndex: 'id',
+            render: (_, user) => (
+              <Tooltip placement="top" title="Add to role">
+                <Button
+                  icon={<PlusOutlined />}
+                  type="text"
+                  onClick={() => addUsers([user], clearSelected)}
+                />
+              </Tooltip>
+            ),
+          },
+        ]}
+        selectedRowActions={(_, clearIds, users) => (
+          <Tooltip placement="top" title="Add to role">
+            <Button icon={<PlusOutlined />} type="text" onClick={() => addUsers(users, clearIds)} />
+          </Tooltip>
+        )}
+      />
+    </Modal>
+  );
+};
+
+const RoleMembers: FC<{ role: Role; isLoadingRole?: boolean }> = ({ role, isLoadingRole }) => {
+  const [addUserModalOpen, setAddUserModalOpen] = useState(false);
+
+  const refetchRole = useInvalidateAsset('/roles/{id}', { params: { path: { id: role.id } } });
+  const { mutateAsync: deleteUser, isLoading: isLoadingDelete } = useDeleteAsset(
+    '/role-mappings/users/{userId}/roles/{roleId}',
+    { onSuccess: refetchRole },
+  );
+
+  async function deleteMembers(userIds: string[], clearIds?: () => void) {
+    if (clearIds) clearIds();
+
+    await Promise.allSettled(
+      userIds.map((userId) =>
+        deleteUser({
+          params: { path: { roleId: role.id, userId: userId } },
+        }),
+      ),
+    );
+  }
+
+  return (
+    <>
+      <AddUserModal role={role} open={addUserModalOpen} close={() => setAddUserModalOpen(false)} />
+      <UserList
+        users={role.members.map((member) => ({ ...member, id: member.userId }))}
+        loading={isLoadingDelete || isLoadingRole}
+        columns={(clearSelected) => [
+          {
+            dataIndex: 'id',
+            key: 'remove',
+            title: '',
+            width: 100,
+            render: (id: string) => (
+              <Tooltip placement="top" title="Remove member">
+                <Popconfirm
+                  title="Remove member"
+                  description="Are you sure you want to remove this member?"
+                  onConfirm={() => deleteMembers([id], clearSelected)}
+                >
+                  <Button icon={<DeleteOutlined />} type="text" />
+                </Popconfirm>
+              </Tooltip>
+            ),
+          },
+        ]}
+        selectedRowActions={(ids, clearIds) => (
+          <Tooltip placement="top" title="Remove members">
+            <Popconfirm
+              title="Remove member"
+              description="Are you sure you want to remove this member?"
+              onConfirm={() => deleteMembers(ids, clearIds)}
+            >
+              <Button icon={<DeleteOutlined />} type="text" />
+            </Popconfirm>
+          </Tooltip>
+        )}
+        searchBarRightNode={
+          <Button type="primary" onClick={() => setAddUserModalOpen(true)}>
+            Add member
+          </Button>
+        }
+      />
+    </>
+  );
+};
+
+export default RoleMembers;
diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/roleGeneralData.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/roleGeneralData.tsx
new file mode 100644
index 000000000..06f7e7702
--- /dev/null
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/roleGeneralData.tsx
@@ -0,0 +1,90 @@
+import Auth from '@/lib/AuthCanWrapper';
+import { toCaslResource } from '@/lib/ability/caslAbility';
+import { useGetAsset, usePutAsset } from '@/lib/fetch-data';
+import { useAuthStore } from '@/lib/iam';
+import { Alert, App, Button, DatePicker, Form, Input, Spin } from 'antd';
+import { FC } from 'react';
+import dayjs from 'dayjs';
+import germanLocale from 'antd/es/date-picker/locale/de_DE';
+
+const RoleGeneralData: FC<{ roleId: string }> = ({ roleId }) => {
+  const { message } = App.useApp();
+  const ability = useAuthStore((store) => store.ability);
+  const [form] = Form.useForm();
+
+  const { data, isLoading, error } = useGetAsset('/roles/{id}', {
+    params: { path: { id: roleId } },
+  });
+
+  const { mutateAsync: updateRole, isLoading: putLoading } = usePutAsset('/roles/{id}', {
+    onError: () => message.open({ type: 'error', content: 'Something went wrong' }),
+  });
+
+  if (isLoading || error || !data) return <Spin />;
+
+  const role = toCaslResource('Role', data);
+
+  async function submitChanges(values: Record<string, any>) {
+    if (typeof values.expirationDayJs === 'object') {
+      values.expiration = (values.expirationDayJs as dayjs.Dayjs).toISOString();
+      delete values.expirationDayJs;
+    }
+
+    try {
+      await updateRole({
+        params: { path: { id: roleId } },
+        body: values,
+      });
+
+      // success message has to go here, or else the mutation will stop loading when the message
+      // disappears
+      message.open({ type: 'success', content: 'Role updated' });
+    } catch (e) {}
+  }
+
+  return (
+    <Form form={form} layout="vertical" onFinish={submitChanges} initialValues={role}>
+      {role.note && (
+        <>
+          <Alert type="warning" message={role.note} />
+          <br />
+        </>
+      )}
+      <Form.Item label="Name" name="name">
+        <Input placeholder="input placeholder" disabled={!ability.can('update', role, 'name')} />
+      </Form.Item>
+
+      <Form.Item label="Description" name="description">
+        <Input.TextArea
+          placeholder="input placeholder"
+          disabled={!ability.can('update', role, 'description')}
+        />
+      </Form.Item>
+
+      <Form.Item label="Expiration" name="expirationDayJs">
+        <DatePicker
+          // Note german locale hard coded
+          locale={germanLocale}
+          allowClear={true}
+          disabled={!ability.can('update', role, 'expiration')}
+          defaultValue={role.expiration ? dayjs(new Date(role.expiration)) : undefined}
+        />
+      </Form.Item>
+
+      <Form.Item>
+        <Button type="primary" htmlType="submit" loading={putLoading}>
+          Submit
+        </Button>
+      </Form.Item>
+    </Form>
+  );
+};
+
+export default Auth(
+  {
+    action: ['view', 'manage'],
+    resource: 'Role',
+    fallbackRedirect: '/',
+  },
+  RoleGeneralData,
+);
diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/rolePermissions.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/rolePermissions.tsx
new file mode 100644
index 000000000..6998df9b8
--- /dev/null
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/rolePermissions.tsx
@@ -0,0 +1,336 @@
+'use client';
+
+import { Divider, Form, Row, Space, Switch, Typography, FloatButton, Tooltip, Spin } from 'antd';
+import { SaveOutlined } from '@ant-design/icons';
+import { ResourceActionType, ResourceType } from '@/lib/ability/caslAbility';
+import { FC } from 'react';
+import { ApiData, usePutAsset } from '@/lib/fetch-data';
+
+type PermissionCategory = {
+  key: string;
+  title: string;
+  resource: ResourceType;
+  permissions: {
+    key: string;
+    title: string;
+    description: string;
+    permission: ResourceActionType;
+  }[];
+};
+
+const basePermissionOptions: PermissionCategory[] = [
+  {
+    key: 'process',
+    title: 'PROCESSES',
+    resource: 'Process',
+    permissions: [
+      {
+        key: 'process_view',
+        title: 'View processes',
+        description: 'Allows a user to view her or his processes. (Enables the Processes view.)',
+        permission: 'view',
+      },
+      {
+        key: 'process_manage',
+        title: 'Manage processes',
+        description: 'Allows a user to create, modify and delete processes in the Processes view.',
+        permission: 'manage',
+      },
+      {
+        key: 'process_share',
+        title: 'Share processes',
+        description: 'Allows a user to share processes with different users and groups.',
+        permission: 'share',
+      },
+      {
+        key: 'process_admin',
+        title: 'Administrate processes',
+        description: 'Allows a user to create, modify, delete and share all PROCEED processes.',
+        permission: 'admin',
+      },
+    ],
+  },
+  {
+    key: 'projects',
+    title: 'PROJECTS',
+    resource: 'Project',
+    permissions: [
+      {
+        key: 'View projects',
+        title: 'View projects',
+        description: 'Allows a user to view her or his projects. (Enables the Projects view.)',
+        permission: 'view',
+      },
+
+      {
+        key: 'Manage projects',
+        title: 'Manage projects',
+        description: 'Allows a user to create, modify and delete projects in the Projects view.',
+        permission: 'manage',
+      },
+
+      {
+        key: 'Share projects',
+        title: 'Share projects',
+        description: 'Allows a user to share projects with different users and groups.',
+        permission: 'share',
+      },
+
+      {
+        key: 'Administrate projects',
+        title: 'Administrate projects',
+        description: 'Allows a user to create, modify, delete and share all PROCEED projects.',
+        permission: 'admin',
+      },
+    ],
+  },
+  {
+    key: 'templates',
+    title: 'TEMPLATES',
+    resource: 'Template',
+    permissions: [
+      {
+        key: 'View templates',
+        title: 'View templates',
+        description: 'A,llows a user to view her or his templates. (Enables the Templates view.)',
+        permission: 'view',
+      },
+
+      {
+        key: 'Manage templates',
+        title: 'Manage templates',
+        description: 'A,llows a user to create, modify and delete templates in the Templates view.',
+        permission: 'manage',
+      },
+
+      {
+        key: 'Share templates',
+        title: 'Share templates',
+        description: 'A,llows a user to share templates with different users and groups.',
+        permission: 'share',
+      },
+
+      {
+        key: 'Administrate templates',
+        title: 'Administrate templates',
+        description: 'A,llows a user to create, modify, delete and share all PROCEED templates.',
+        permission: 'admin',
+      },
+    ],
+  },
+  {
+    key: 'tasks',
+    title: 'TASKS',
+    resource: 'Task',
+    permissions: [
+      {
+        key: 'View tasks',
+        title: 'View tasks',
+        description: 'A,llows a user to view her or his tasks. (Enables the Tasklist view.)',
+        permission: 'view',
+      },
+    ],
+  },
+  {
+    key: 'machines',
+    title: 'MACHINES',
+    resource: 'Machine',
+    permissions: [
+      {
+        key: 'View machines',
+        title: 'View machines',
+        description: ',Allows a user to view all machines. (Enables the Machines view.)',
+        permission: 'view',
+      },
+
+      {
+        key: 'Manage machines',
+        title: 'Manage machines',
+        description: 'Allows a user to create, modify and delete machines in the Machines view.',
+        permission: 'manage',
+      },
+    ],
+  },
+  {
+    key: 'executions',
+    title: 'EXECUTIONS',
+    resource: 'Execution',
+    permissions: [
+      {
+        key: 'View executions',
+        title: 'View executions',
+        description: 'Allows a user to view all executions. (Enables the Executions view.)',
+        permission: 'view',
+      },
+    ],
+  },
+  {
+    key: 'roles',
+    title: 'ROLES',
+    resource: 'Role',
+    permissions: [
+      {
+        key: 'Manage roles',
+        title: 'Manage roles',
+        description: 'Allows a user to create, modify and delete roles. (Enables the IAM view.)',
+        permission: 'manage',
+      },
+    ],
+  },
+  {
+    key: 'users',
+    title: 'Users',
+    resource: 'User',
+    permissions: [
+      {
+        key: 'Manage users',
+        title: 'Manage users',
+        description:
+          'Allows a user to create,, delete and enable/disable users. (Enables the IAM view.)',
+        permission: 'manage',
+      },
+
+      {
+        key: 'Manage roles of users',
+        title: 'Manage roles of users',
+        description:
+          'Allows a user to assign roles to a user and to remove roles from a user. (Enables the IAM view.)',
+        permission: 'manage-roles',
+      },
+    ],
+  },
+  {
+    key: 'settings',
+    title: 'SETTINGS',
+    resource: 'Setting',
+    permissions: [
+      {
+        key: 'Administrate settings',
+        title: 'Administrate settings',
+        description:
+          'Allows a user to administrate the settings of the Management System and the Engine. (Enables the Settings view.)',
+        permission: 'admin',
+      },
+    ],
+  },
+  {
+    key: 'environment_configurations',
+    title: 'Environment Configurations',
+    resource: 'EnvConfig',
+    permissions: [
+      {
+        key: 'Administrate environment configuration',
+        title: 'Administrate environment configuration',
+        description:
+          'Allows a user to administrate the environment configuration of the Management System. (Enables the Environment Configuration view.)',
+        permission: 'admin',
+      },
+    ],
+  },
+  {
+    key: 'all',
+    title: 'ALL',
+    resource: 'All',
+    permissions: [
+      {
+        key: 'Administrator Permissions',
+        title: 'Administrator Permissions',
+        description:
+          'Grants a user full administrator permissions for the PROCEED Management System.',
+        permission: 'admin',
+      },
+    ],
+  },
+];
+
+type Role = ApiData<'/roles', 'get'>[number];
+
+// permission mapping to verbs
+const PERMISSION_MAPPING = {
+  none: 0,
+  view: 1,
+  update: 2,
+  create: 4,
+  delete: 8,
+  manage: 16,
+  share: 32,
+  'manage-roles': 64,
+  'manage-groups': 128,
+  'manage-password': 256,
+  admin: 9007199254740991,
+};
+
+function permissionChecked(role: Role, subject: ResourceType, action: ResourceActionType) {
+  if (
+    !('permissions' in role && typeof role.permissions === 'object' && subject in role.permissions)
+  )
+    return false;
+
+  // @ts-ignore
+  const permissionNumber = role.permissions[subject];
+
+  return !!(PERMISSION_MAPPING[action] & permissionNumber);
+}
+
+const RolePermissions: FC<{ role: Role }> = ({ role }) => {
+  const { mutateAsync, isLoading } = usePutAsset('/roles/{id}');
+  const [form] = Form.useForm();
+
+  function updateRole(values: any) {
+    // TODO submit role
+    const newRole = {
+      description: role.description,
+      name: role.name,
+      permissions: role.permissions,
+      id: role.id,
+      note: role.note,
+      default: role.default,
+      members: role.members,
+      expiration: role.expiration,
+    };
+  }
+
+  return (
+    <Form form={form} onFinish={updateRole} disabled={isLoading}>
+      {basePermissionOptions.map((permissionCategory) => (
+        <>
+          <Typography.Title type="secondary" level={5}>
+            {permissionCategory.title}
+          </Typography.Title>
+          {permissionCategory.permissions.map((permission, idx) => (
+            <>
+              <Row key={permissionCategory.key} align="top" justify="space-between" wrap={false}>
+                <Space direction="vertical" size={0}>
+                  <Typography.Text strong>{permission.title}</Typography.Text>
+                  <Typography.Text type="secondary">{permission.description}</Typography.Text>
+                </Space>
+                <Form.Item name={`${permissionCategory.resource}-${permission.permission}`}>
+                  <Switch
+                    defaultChecked={permissionChecked(
+                      role,
+                      permissionCategory.resource,
+                      permission.permission,
+                    )}
+                  />
+                </Form.Item>
+              </Row>
+              {idx < permissionCategory.permissions.length - 1 && (
+                <Divider style={{ marginTop: '10px', marginBottom: '10px' }} />
+              )}
+            </>
+          ))}
+          <br />
+        </>
+      ))}
+      <Tooltip title="Save changes">
+        <FloatButton
+          type="primary"
+          icon={isLoading ? <Spin /> : <SaveOutlined />}
+          onClick={() => !isLoading && form.submit()}
+        />
+      </Tooltip>
+    </Form>
+  );
+};
+
+export default RolePermissions;
diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx
new file mode 100644
index 000000000..f8ce62994
--- /dev/null
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx
@@ -0,0 +1,196 @@
+'use client';
+
+import { ApiRequestBody, usePostAsset } from '@/lib/fetch-data';
+import { AuthCan } from '@/lib/iamComponents';
+import { ImportOutlined, PlusOutlined } from '@ant-design/icons';
+import { Button, Form, App, Input, Modal } from 'antd';
+import { ComponentProps, FC, ReactNode, useEffect, useState } from 'react';
+
+type PostUserField = keyof ApiRequestBody<'/users', 'post'>;
+
+const modalStructureWithoutPassword: {
+  dataKey: PostUserField;
+  label: string;
+  type: string;
+}[] = [
+  {
+    dataKey: 'firstName',
+    label: 'First Name',
+    type: 'text',
+  },
+  {
+    dataKey: 'lastName',
+    label: 'Last Name',
+    type: 'text',
+  },
+  {
+    dataKey: 'username',
+    label: 'Username Name',
+    type: 'text',
+  },
+  {
+    dataKey: 'email',
+    label: 'Email',
+    type: 'email',
+  },
+];
+
+const fieldNameToLabel: Record<PostUserField, string> = modalStructureWithoutPassword.reduce(
+  (acc, curr) => {
+    acc[curr.dataKey] = curr.label;
+    return acc;
+  },
+  {} as Record<PostUserField, string>,
+);
+
+const CreateUserModal: FC<{
+  modalOpen: boolean;
+  close: () => void;
+}> = ({ modalOpen, close }) => {
+  const [form] = Form.useForm();
+  const { message: messageApi } = App.useApp();
+  type ErrorsObject = { [field in PostUserField]?: ReactNode[] };
+  const [formatError, setFormatError] = useState<ErrorsObject>({});
+
+  const { mutateAsync: postUser, isLoading } = usePostAsset('/users', {
+    onError(e) {
+      if (!(typeof e === 'object' && e !== null && 'errors' in e)) {
+        return;
+      }
+
+      const errors: { [key in PostUserField]?: ReactNode[] } = {};
+
+      function appendError(key: PostUserField, error: string) {
+        error = error.replace(key, fieldNameToLabel[key]);
+
+        if (key in errors) {
+          errors[key]!.push(<p key={errors[key]?.length}>{error}</p>);
+        } else {
+          errors[key] = [<p key={0}>{error}</p>];
+        }
+      }
+
+      for (const error of e.errors as string[]) {
+        if (error.includes('username')) appendError('username', error);
+        else if (error.includes('email')) appendError('email', error);
+        else if (error.includes('firstName')) appendError('firstName', error);
+        else if (error.includes('lastName')) appendError('lastName', error);
+        else if (error.includes('password')) appendError('password', error);
+      }
+
+      setFormatError(errors);
+    },
+  });
+
+  useEffect(() => {
+    form.resetFields();
+    setFormatError({});
+  }, [form, modalOpen]);
+
+  const submitData = async (
+    values: Record<keyof ApiRequestBody<'/users', 'post'> | 'confirm_password', string>,
+  ) => {
+    debugger;
+    try {
+      await postUser({
+        body: {
+          email: values.email,
+          firstName: values.firstName,
+          lastName: values.lastName,
+          username: values.username,
+          password: values.password,
+        },
+      });
+      messageApi.success({ content: 'Account created' });
+      close();
+    } catch (e) {
+      messageApi.error({ content: 'An error ocurred' });
+    }
+  };
+
+  return (
+    <Modal open={modalOpen} onCancel={close} footer={null}>
+      <Form form={form} layout="vertical" onFinish={submitData}>
+        {modalStructureWithoutPassword.map((formField) => (
+          <Form.Item
+            key={formField.dataKey}
+            label={formField.label}
+            name={formField.dataKey}
+            validateStatus={formField.dataKey in formatError ? 'error' : ''}
+            help={formField.dataKey in formatError ? formatError[formField.dataKey] : ''}
+            hasFeedback
+            required
+          >
+            <Input type={formField.type} />
+          </Form.Item>
+        ))}
+
+        <Form.Item
+          name="password"
+          label="Password"
+          rules={[
+            {
+              required: true,
+              message: 'Please input your password!',
+            },
+          ]}
+          validateStatus={'password' in formatError ? 'error' : ''}
+          help={'password' in formatError ? formatError.password : ''}
+          hasFeedback
+        >
+          <Input.Password />
+        </Form.Item>
+
+        <Form.Item
+          name="confirm_password"
+          label="Confirm Password"
+          dependencies={['password']}
+          hasFeedback
+          rules={[
+            {
+              required: true,
+              message: 'Please confirm your password!',
+            },
+            ({ getFieldValue }) => ({
+              validator(_, value) {
+                if (!value || getFieldValue('password') === value) {
+                  return Promise.resolve();
+                }
+                return Promise.reject(new Error('The new password that you entered do not match!'));
+              },
+            }),
+          ]}
+        >
+          <Input.Password />
+        </Form.Item>
+
+        <Form.Item>
+          <Button type="primary" htmlType="submit" loading={isLoading}>
+            Submit
+          </Button>
+        </Form.Item>
+      </Form>
+    </Modal>
+  );
+};
+
+const HeaderActions: FC = () => {
+  const [createUserModalOpen, setCreateUserModalOpen] = useState(false);
+
+  return (
+    <>
+      <CreateUserModal
+        modalOpen={createUserModalOpen}
+        close={() => setCreateUserModalOpen(false)}
+      />
+
+      <AuthCan action="create" resource="User">
+        <Button type="primary" onClick={() => setCreateUserModalOpen(true)}>
+          <PlusOutlined /> Create
+        </Button>
+      </AuthCan>
+    </>
+  );
+};
+
+export default HeaderActions;
diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
index 5ca3a2018..8826f0a89 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
@@ -1,3 +1,151 @@
-export default function RolesPage() {
-  return <h2>Coming soon</h2>;
-}
+'use client';
+
+import React, { FC, useState } from 'react';
+import styles from '@/components/processes.module.scss';
+import cn from 'classnames';
+import { DeleteOutlined } from '@ant-design/icons';
+import { Tooltip, Space, Row, Col, Button, Input, Result, Table, Popconfirm, App } from 'antd';
+import { useGetAsset, useDeleteAsset, ApiData } from '@/lib/fetch-data';
+import { CloseOutlined } from '@ant-design/icons';
+import Auth from '@/lib/AuthCanWrapper';
+import Content from '@/components/content';
+import HeaderActions from './header-actions';
+import useFuzySearch from '@/lib/useFuzySearch';
+import { AuthCan } from '@/lib/iamComponents';
+import Link from 'next/link';
+import { toCaslResource } from '@/lib/ability/caslAbility';
+
+type Role = ApiData<'/roles', 'get'>[number];
+
+const RolesPage: FC = () => {
+  const { message: messageApi } = App.useApp();
+
+  const { error, data: roles, isLoading, refetch: refetchRoles } = useGetAsset('/roles', {});
+  const { mutateAsync: deleteRole, isLoading: deletingRole } = useDeleteAsset('/roles/{id}', {
+    onSuccess: () => refetchRoles(),
+    onError: () => messageApi.open({ type: 'error', content: 'Something went wrong' }),
+  });
+
+  const {
+    searchQuery,
+    setSearchQuery,
+    filteredData: filteredRoles,
+  } = useFuzySearch(roles || [], ['name'], {
+    useSearchParams: false,
+  });
+
+  const [selectedRowKeys, setSelectedRowKeys] = useState<string[]>([]);
+
+  async function deleteRoles(userIds: string[]) {
+    setSelectedRowKeys([]);
+    await Promise.allSettled(userIds.map((id) => deleteRole({ params: { path: { id } } })));
+  }
+
+  const columns = [
+    {
+      title: 'Name',
+      dataIndex: 'name',
+      key: 'display',
+      render: (name: string, role: Role) => <Link href={`/iam/roles/${role.id}`}>{name}</Link>,
+    },
+    {
+      title: 'Members',
+      dataIndex: 'members',
+      render: (_: any, record: Role) => record.members.length,
+      key: 'username',
+    },
+    {
+      dataIndex: 'id',
+      key: 'tooltip',
+      title: '',
+      with: 100,
+      render: (id: string, role: Role) =>
+        selectedRowKeys.length === 0 ? (
+          <AuthCan action="delete" resource={toCaslResource('Role', role)}>
+            <Tooltip placement="top" title={'Delete'}>
+              <Popconfirm
+                title="Delete User"
+                description="Are you sure you want to delete this user?"
+                onConfirm={() => deleteRoles([id])}
+              >
+                <Button icon={<DeleteOutlined />} type="text" />
+              </Popconfirm>
+            </Tooltip>
+          </AuthCan>
+        ) : null,
+    },
+  ];
+
+  if (error)
+    return (
+      <Result
+        status="error"
+        title="Failed to fetch roles"
+        subTitle="An error ocurred while fetching roles, please try again."
+      />
+    );
+
+  return (
+    <Content title="Identity and Access Management" rightNode={<HeaderActions />}>
+      <Row className={styles.Headerrow}>
+        <Col
+          xs={24}
+          sm={24}
+          md={24}
+          lg={10}
+          xl={6}
+          className={cn({ [styles.SelectedRow]: selectedRowKeys.length > 0 })}
+          style={{
+            justifyContent: 'start',
+          }}
+        >
+          {selectedRowKeys.length > 0 ? (
+            <Space size={20}>
+              <Button type="text" icon={<CloseOutlined />} onClick={() => setSelectedRowKeys([])} />
+              <span>{selectedRowKeys.length} selected: </span>
+              <Popconfirm
+                title="Delete User"
+                description="Are you sure you want to delete this user?"
+                onConfirm={() => deleteRoles(selectedRowKeys)}
+              >
+                <Button type="text" icon={<DeleteOutlined />} />
+              </Popconfirm>
+            </Space>
+          ) : null}
+        </Col>
+        <Col className={styles.Headercol} xs={22} sm={22} md={22} lg={9} xl={13}>
+          <Input.Search
+            size="middle"
+            value={searchQuery}
+            onChange={(e) => setSearchQuery(e.target.value)}
+            allowClear
+            placeholder="Search Users"
+          />
+        </Col>
+      </Row>
+
+      <Table
+        columns={columns}
+        dataSource={filteredRoles}
+        rowSelection={{
+          selectedRowKeys,
+          onChange: (selectedRowKeys: React.Key[]) => {
+            setSelectedRowKeys(selectedRowKeys as string[]);
+          },
+        }}
+        rowKey="id"
+        loading={isLoading || deletingRole}
+        size="middle"
+      />
+    </Content>
+  );
+};
+
+export default Auth(
+  {
+    action: 'manage',
+    resource: 'User',
+    fallbackRedirect: '/',
+  },
+  RolesPage,
+);

From d56a52c4b1d58cee2c46570c858beef47ddc6bfb Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Mon, 16 Oct 2023 08:36:22 +0200
Subject: [PATCH 20/44] Removed console.log

---
 src/management-system/src/backend/server/iam/rest-api/roles.js | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/management-system/src/backend/server/iam/rest-api/roles.js b/src/management-system/src/backend/server/iam/rest-api/roles.js
index f29014076..41cfa2295 100644
--- a/src/management-system/src/backend/server/iam/rest-api/roles.js
+++ b/src/management-system/src/backend/server/iam/rest-api/roles.js
@@ -100,7 +100,6 @@ rolesRouter.put('/:id', validateRole, isAllowed('update', 'Role'), async (req, r
       const targetRole = getRoleById(id);
 
       for (const [key, value] of Object.entries(role)) {
-        console.log('Key:', key, 'Value:', value, 'Target:', targetRole[key]);
         if (targetRole[key] === value) delete role[key];
       }
 

From d0e8c768a11564202db22eb6a4361356747f3d3c Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Mon, 16 Oct 2023 09:00:58 +0200
Subject: [PATCH 21/44] Fixed permission check in api

---
 src/management-system/src/backend/server/iam/rest-api/roles.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/management-system/src/backend/server/iam/rest-api/roles.js b/src/management-system/src/backend/server/iam/rest-api/roles.js
index 41cfa2295..153bca207 100644
--- a/src/management-system/src/backend/server/iam/rest-api/roles.js
+++ b/src/management-system/src/backend/server/iam/rest-api/roles.js
@@ -143,7 +143,7 @@ rolesRouter.delete('/:id', isAllowed('delete', 'Role'), async (req, res) => {
       /** @type {Ability} */
       const userAbility = req.userAbility;
 
-      if (!userAbility.can('update', toCaslResource('Role', role)))
+      if (!userAbility.can('delete', toCaslResource('Role', role)))
         return res.status(403).send('Forbidden.');
 
       await deleteRole(id);

From 7fd6759b7577ff675aa782f68b5d48427f19eea8 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Mon, 16 Oct 2023 09:01:22 +0200
Subject: [PATCH 22/44] Use custom Bar component

---
 .../app/(dashboard)/iam/roles/page.tsx        | 79 +++++++++----------
 1 file changed, 38 insertions(+), 41 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
index 8826f0a89..6b9cc5807 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
@@ -14,11 +14,14 @@ import useFuzySearch from '@/lib/useFuzySearch';
 import { AuthCan } from '@/lib/iamComponents';
 import Link from 'next/link';
 import { toCaslResource } from '@/lib/ability/caslAbility';
+import Bar from '@/components/bar';
+import { useAuthStore } from '@/lib/iam';
 
 type Role = ApiData<'/roles', 'get'>[number];
 
 const RolesPage: FC = () => {
   const { message: messageApi } = App.useApp();
+  const ability = useAuthStore((store) => store.ability);
 
   const { error, data: roles, isLoading, refetch: refetchRoles } = useGetAsset('/roles', {});
   const { mutateAsync: deleteRole, isLoading: deletingRole } = useDeleteAsset('/roles/{id}', {
@@ -26,15 +29,16 @@ const RolesPage: FC = () => {
     onError: () => messageApi.open({ type: 'error', content: 'Something went wrong' }),
   });
 
-  const {
-    searchQuery,
-    setSearchQuery,
-    filteredData: filteredRoles,
-  } = useFuzySearch(roles || [], ['name'], {
+  const { setSearchQuery, filteredData: filteredRoles } = useFuzySearch(roles || [], ['name'], {
     useSearchParams: false,
   });
 
   const [selectedRowKeys, setSelectedRowKeys] = useState<string[]>([]);
+  const [selectedRows, setSelectedRows] = useState<Role[]>([]);
+
+  const canDeleteSelectedRows = !selectedRows.find(
+    (role) => !ability.can('delete', toCaslResource('Role', role)),
+  );
 
   async function deleteRoles(userIds: string[]) {
     setSelectedRowKeys([]);
@@ -86,50 +90,43 @@ const RolesPage: FC = () => {
     );
 
   return (
-    <Content title="Identity and Access Management" rightNode={<HeaderActions />}>
-      <Row className={styles.Headerrow}>
-        <Col
-          xs={24}
-          sm={24}
-          md={24}
-          lg={10}
-          xl={6}
-          className={cn({ [styles.SelectedRow]: selectedRowKeys.length > 0 })}
-          style={{
-            justifyContent: 'start',
-          }}
-        >
-          {selectedRowKeys.length > 0 ? (
+    <Content title="Identity and Access Management">
+      <Bar
+        rightNode={<HeaderActions />}
+        leftNode={
+          selectedRowKeys.length ? (
             <Space size={20}>
-              <Button type="text" icon={<CloseOutlined />} onClick={() => setSelectedRowKeys([])} />
-              <span>{selectedRowKeys.length} selected: </span>
-              <Popconfirm
-                title="Delete User"
-                description="Are you sure you want to delete this user?"
-                onConfirm={() => deleteRoles(selectedRowKeys)}
-              >
-                <Button type="text" icon={<DeleteOutlined />} />
-              </Popconfirm>
+              <Button onClick={() => setSelectedRowKeys([])} type="text">
+                <CloseOutlined />
+              </Button>
+              {selectedRowKeys.length} selected:{' '}
+              {canDeleteSelectedRows && (
+                <span className={styles.Icons}>
+                  <Popconfirm
+                    title="Delete User"
+                    description="Are you sure you want to delete this user?"
+                    onConfirm={() => deleteRoles(selectedRowKeys)}
+                  >
+                    <Button type="text" icon={<DeleteOutlined />} />
+                  </Popconfirm>
+                </span>
+              )}
             </Space>
-          ) : null}
-        </Col>
-        <Col className={styles.Headercol} xs={22} sm={22} md={22} lg={9} xl={13}>
-          <Input.Search
-            size="middle"
-            value={searchQuery}
-            onChange={(e) => setSearchQuery(e.target.value)}
-            allowClear
-            placeholder="Search Users"
-          />
-        </Col>
-      </Row>
+          ) : undefined
+        }
+        searchProps={{
+          onChange: (e) => setSearchQuery(e.target.value),
+          placeholder: 'Search roles ....',
+        }}
+      />
 
       <Table
         columns={columns}
         dataSource={filteredRoles}
         rowSelection={{
           selectedRowKeys,
-          onChange: (selectedRowKeys: React.Key[]) => {
+          onChange: (selectedRowKeys, selectedRows) => {
+            setSelectedRows(selectedRows);
             setSelectedRowKeys(selectedRowKeys as string[]);
           },
         }}

From e717b20d0e252c8b446e5c8c3b8aa77d861ed4e2 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Mon, 16 Oct 2023 11:27:25 +0200
Subject: [PATCH 23/44] Updated POST: /roles endpoint in openapi

---
 src/management-system-v2/lib/openapiSchema.ts | 16 ++--
 .../src/backend/openapi.json                  | 77 ++++++++++---------
 2 files changed, 49 insertions(+), 44 deletions(-)

diff --git a/src/management-system-v2/lib/openapiSchema.ts b/src/management-system-v2/lib/openapiSchema.ts
index a66d3b652..08a36ac72 100644
--- a/src/management-system-v2/lib/openapiSchema.ts
+++ b/src/management-system-v2/lib/openapiSchema.ts
@@ -372,8 +372,8 @@ export interface components {
      * - ezample 2
      */
     PermissionNumber: number;
-    /** role */
-    roleData: {
+    /** rolePostData */
+    rolePostData: {
       name?: string;
       description?: string;
       note?: string;
@@ -391,6 +391,10 @@ export interface components {
         All?: components['schemas']['PermissionNumber'];
       };
       expiration?: string;
+      default?: boolean;
+    };
+    /** role */
+    roleData: {
       members?: {
         userId: string;
         username: string;
@@ -398,8 +402,7 @@ export interface components {
         lastName: string;
         email: string;
       }[];
-      default?: boolean;
-    };
+    } & components['schemas']['rolePostData'];
     /** role */
     roleMetaData: {
       id?: string;
@@ -1198,10 +1201,7 @@ export interface operations {
   postRole: {
     requestBody?: {
       content: {
-        'application/json': WithRequired<
-          components['schemas']['roleData'],
-          'name' | 'description' | 'note' | 'permissions' | 'expiration' | 'members' | 'default'
-        >;
+        'application/json': WithRequired<components['schemas']['rolePostData'], 'name'>;
       };
     };
     responses: {
diff --git a/src/management-system/src/backend/openapi.json b/src/management-system/src/backend/openapi.json
index 2e46866e5..dcfc7c477 100644
--- a/src/management-system/src/backend/openapi.json
+++ b/src/management-system/src/backend/openapi.json
@@ -1208,18 +1208,10 @@
               "schema": {
                 "allOf": [
                   {
-                    "$ref": "#/components/schemas/roleData"
+                    "$ref": "#/components/schemas/rolePostData"
                   }
                 ],
-                "required": [
-                  "name",
-                  "description",
-                  "note",
-                  "permissions",
-                  "expiration",
-                  "members",
-                  "default"
-                ]
+                "required": ["name"]
               }
             }
           }
@@ -2122,8 +2114,8 @@
         "type": "number",
         "description": "- example\n- ezample 2"
       },
-      "roleData": {
-        "title": "role",
+      "rolePostData": {
+        "title": "rolePostData",
         "type": "object",
         "properties": {
           "name": {
@@ -2176,35 +2168,48 @@
           "expiration": {
             "type": "string"
           },
-          "members": {
-            "type": "array",
-            "items": {
-              "type": "object",
-              "properties": {
-                "userId": {
-                  "type": "string"
-                },
-                "username": {
-                  "type": "string"
-                },
-                "firstName": {
-                  "type": "string"
-                },
-                "lastName": {
-                  "type": "string"
-                },
-                "email": {
-                  "type": "string"
-                }
-              },
-              "required": ["userId", "username", "firstName", "lastName", "email"]
-            }
-          },
           "default": {
             "type": "boolean"
           }
         }
       },
+      "roleData": {
+        "title": "role",
+        "allOf": [
+          {
+            "type": "object",
+            "properties": {
+              "members": {
+                "type": "array",
+                "items": {
+                  "type": "object",
+                  "properties": {
+                    "userId": {
+                      "type": "string"
+                    },
+                    "username": {
+                      "type": "string"
+                    },
+                    "firstName": {
+                      "type": "string"
+                    },
+                    "lastName": {
+                      "type": "string"
+                    },
+                    "email": {
+                      "type": "string"
+                    }
+                  },
+                  "required": ["userId", "username", "firstName", "lastName", "email"]
+                }
+              }
+            }
+          },
+          {
+            "$ref": "#/components/schemas/rolePostData"
+          }
+        ]
+      },
       "roleMetaData": {
         "title": "role",
         "type": "object",

From 4046c02e894c0b61ed986aa952c61aa335d83de8 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Mon, 16 Oct 2023 11:28:34 +0200
Subject: [PATCH 24/44] Default permissions value is now an empty object

---
 .../src/backend/shared-electron-server/data/iam/roles.js        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/management-system/src/backend/shared-electron-server/data/iam/roles.js b/src/management-system/src/backend/shared-electron-server/data/iam/roles.js
index cd6aaaecb..5aa144ccf 100644
--- a/src/management-system/src/backend/shared-electron-server/data/iam/roles.js
+++ b/src/management-system/src/backend/shared-electron-server/data/iam/roles.js
@@ -45,7 +45,7 @@ export async function addRole(roleRepresentation) {
     name,
     description: description || null,
     note: note || null,
-    permissions: permissions || null,
+    permissions: permissions || {},
     expiration: expiration || null,
     members: [],
     id,

From 330c08fe39022a939cb2021a0e40819cfe46e539 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Mon, 16 Oct 2023 11:35:50 +0200
Subject: [PATCH 25/44] Roles page header actions

---
 .../(dashboard)/iam/roles/header-actions.tsx  | 181 ++++++------------
 1 file changed, 63 insertions(+), 118 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx
index f8ce62994..9bf3c5da3 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx
@@ -2,67 +2,35 @@
 
 import { ApiRequestBody, usePostAsset } from '@/lib/fetch-data';
 import { AuthCan } from '@/lib/iamComponents';
-import { ImportOutlined, PlusOutlined } from '@ant-design/icons';
-import { Button, Form, App, Input, Modal } from 'antd';
-import { ComponentProps, FC, ReactNode, useEffect, useState } from 'react';
-
-type PostUserField = keyof ApiRequestBody<'/users', 'post'>;
-
-const modalStructureWithoutPassword: {
-  dataKey: PostUserField;
-  label: string;
-  type: string;
-}[] = [
-  {
-    dataKey: 'firstName',
-    label: 'First Name',
-    type: 'text',
-  },
-  {
-    dataKey: 'lastName',
-    label: 'Last Name',
-    type: 'text',
-  },
-  {
-    dataKey: 'username',
-    label: 'Username Name',
-    type: 'text',
-  },
-  {
-    dataKey: 'email',
-    label: 'Email',
-    type: 'email',
-  },
-];
-
-const fieldNameToLabel: Record<PostUserField, string> = modalStructureWithoutPassword.reduce(
-  (acc, curr) => {
-    acc[curr.dataKey] = curr.label;
-    return acc;
-  },
-  {} as Record<PostUserField, string>,
-);
-
-const CreateUserModal: FC<{
+import { PlusOutlined } from '@ant-design/icons';
+import { Button, Form, App, Input, Modal, DatePicker } from 'antd';
+import { FC, ReactNode, useState } from 'react';
+import { Dayjs } from 'dayjs';
+
+import germanLocale from 'antd/es/date-picker/locale/de_DE';
+import { useRouter } from 'next/navigation';
+
+type RoleRequestBody = ApiRequestBody<'/roles', 'post'>;
+
+const CreateRoleModal: FC<{
   modalOpen: boolean;
   close: () => void;
 }> = ({ modalOpen, close }) => {
   const [form] = Form.useForm();
+  const router = useRouter();
   const { message: messageApi } = App.useApp();
-  type ErrorsObject = { [field in PostUserField]?: ReactNode[] };
+  type ErrorsObject = Partial<{ [field in keyof RoleRequestBody]?: ReactNode[] }>;
   const [formatError, setFormatError] = useState<ErrorsObject>({});
 
-  const { mutateAsync: postUser, isLoading } = usePostAsset('/users', {
+  const { mutateAsync: postRole, isLoading } = usePostAsset('/roles', {
     onError(e) {
       if (!(typeof e === 'object' && e !== null && 'errors' in e)) {
         return;
       }
 
-      const errors: { [key in PostUserField]?: ReactNode[] } = {};
-
-      function appendError(key: PostUserField, error: string) {
-        error = error.replace(key, fieldNameToLabel[key]);
+      const errors: ErrorsObject = {};
 
+      function appendError(key: keyof RoleRequestBody, error: string) {
         if (key in errors) {
           errors[key]!.push(<p key={errors[key]?.length}>{error}</p>);
         } else {
@@ -71,37 +39,35 @@ const CreateUserModal: FC<{
       }
 
       for (const error of e.errors as string[]) {
-        if (error.includes('username')) appendError('username', error);
-        else if (error.includes('email')) appendError('email', error);
-        else if (error.includes('firstName')) appendError('firstName', error);
-        else if (error.includes('lastName')) appendError('lastName', error);
-        else if (error.includes('password')) appendError('password', error);
+        if (error.includes('name')) appendError('name', error);
+        else if (error.includes('description')) appendError('description', error);
+        else if (error.includes('expiration')) appendError('expiration', error);
       }
 
       setFormatError(errors);
     },
   });
 
-  useEffect(() => {
-    form.resetFields();
-    setFormatError({});
-  }, [form, modalOpen]);
-
-  const submitData = async (
-    values: Record<keyof ApiRequestBody<'/users', 'post'> | 'confirm_password', string>,
-  ) => {
-    debugger;
+  const submitData = async () => {
     try {
-      await postUser({
+      type FormData = {
+        name: string;
+        description?: string;
+        expiration?: Dayjs;
+      };
+      const values: FormData = await form.validateFields();
+
+      const response = await postRole({
         body: {
-          email: values.email,
-          firstName: values.firstName,
-          lastName: values.lastName,
-          username: values.username,
-          password: values.password,
+          name: values.name,
+          description: values.description,
+          expiration: values.expiration ? values.expiration.toISOString() : undefined,
         },
       });
-      messageApi.success({ content: 'Account created' });
+
+      if (response.id && typeof response.id === 'string') router.push(`/iam/roles/${response.id}`);
+
+      messageApi.success({ content: 'Role created' });
       close();
     } catch (e) {
       messageApi.error({ content: 'An error ocurred' });
@@ -109,63 +75,42 @@ const CreateUserModal: FC<{
   };
 
   return (
-    <Modal open={modalOpen} onCancel={close} footer={null}>
+    <Modal open={modalOpen} onCancel={close} footer={null} title="Create a new role">
       <Form form={form} layout="vertical" onFinish={submitData}>
-        {modalStructureWithoutPassword.map((formField) => (
-          <Form.Item
-            key={formField.dataKey}
-            label={formField.label}
-            name={formField.dataKey}
-            validateStatus={formField.dataKey in formatError ? 'error' : ''}
-            help={formField.dataKey in formatError ? formatError[formField.dataKey] : ''}
-            hasFeedback
-            required
-          >
-            <Input type={formField.type} />
-          </Form.Item>
-        ))}
+        <Form.Item
+          name="name"
+          label="Role Name"
+          rules={[{ required: true, message: 'Please the role name' }]}
+          help={'name' in formatError ? formatError['name'] : ''}
+          validateStatus={'name' in formatError ? 'error' : ''}
+          hasFeedback
+          required
+        >
+          <Input />
+        </Form.Item>
 
         <Form.Item
-          name="password"
-          label="Password"
-          rules={[
-            {
-              required: true,
-              message: 'Please input your password!',
-            },
-          ]}
-          validateStatus={'password' in formatError ? 'error' : ''}
-          help={'password' in formatError ? formatError.password : ''}
+          name="description"
+          label="Description"
+          help={'description' in formatError ? formatError['description'] : ''}
+          validateStatus={'description' in formatError ? 'error' : ''}
           hasFeedback
         >
-          <Input.Password />
+          <Input.TextArea />
         </Form.Item>
 
         <Form.Item
-          name="confirm_password"
-          label="Confirm Password"
-          dependencies={['password']}
+          name="expiration"
+          label="Expiration"
+          help={'expiration' in formatError ? formatError['expiration'] : ''}
+          validateStatus={'expiration' in formatError ? 'error' : ''}
           hasFeedback
-          rules={[
-            {
-              required: true,
-              message: 'Please confirm your password!',
-            },
-            ({ getFieldValue }) => ({
-              validator(_, value) {
-                if (!value || getFieldValue('password') === value) {
-                  return Promise.resolve();
-                }
-                return Promise.reject(new Error('The new password that you entered do not match!'));
-              },
-            }),
-          ]}
         >
-          <Input.Password />
+          <DatePicker locale={germanLocale} />
         </Form.Item>
 
         <Form.Item>
-          <Button type="primary" htmlType="submit" loading={isLoading}>
+          <Button type="primary" onClick={submitData} loading={isLoading}>
             Submit
           </Button>
         </Form.Item>
@@ -175,17 +120,17 @@ const CreateUserModal: FC<{
 };
 
 const HeaderActions: FC = () => {
-  const [createUserModalOpen, setCreateUserModalOpen] = useState(false);
+  const [createRoleModalOpen, setCreateRoleModalOpen] = useState(false);
 
   return (
     <>
-      <CreateUserModal
-        modalOpen={createUserModalOpen}
-        close={() => setCreateUserModalOpen(false)}
+      <CreateRoleModal
+        modalOpen={createRoleModalOpen}
+        close={() => setCreateRoleModalOpen(false)}
       />
 
       <AuthCan action="create" resource="User">
-        <Button type="primary" onClick={() => setCreateUserModalOpen(true)}>
+        <Button type="primary" onClick={() => setCreateRoleModalOpen(true)}>
           <PlusOutlined /> Create
         </Button>
       </AuthCan>

From d9f1d68baae808608fc2f50263b9432d5cb49321 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Mon, 16 Oct 2023 11:38:22 +0200
Subject: [PATCH 26/44] Cleaned up imports

---
 src/management-system-v2/app/(dashboard)/iam/roles/page.tsx | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
index 6b9cc5807..78b368389 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
@@ -1,10 +1,9 @@
 'use client';
 
-import React, { FC, useState } from 'react';
+import { FC, useState } from 'react';
 import styles from '@/components/processes.module.scss';
-import cn from 'classnames';
 import { DeleteOutlined } from '@ant-design/icons';
-import { Tooltip, Space, Row, Col, Button, Input, Result, Table, Popconfirm, App } from 'antd';
+import { Tooltip, Space, Button, Result, Table, Popconfirm, App } from 'antd';
 import { useGetAsset, useDeleteAsset, ApiData } from '@/lib/fetch-data';
 import { CloseOutlined } from '@ant-design/icons';
 import Auth from '@/lib/AuthCanWrapper';

From d230f2556b4e7bc8104497e7e3fd1941d2f535f1 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Mon, 16 Oct 2023 11:41:23 +0200
Subject: [PATCH 27/44] Changed texts and updated ui

---
 .../app/(dashboard)/iam/roles/page.tsx        | 24 +++++++++----------
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
index 78b368389..1ba16c9fd 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
@@ -67,8 +67,8 @@ const RolesPage: FC = () => {
           <AuthCan action="delete" resource={toCaslResource('Role', role)}>
             <Tooltip placement="top" title={'Delete'}>
               <Popconfirm
-                title="Delete User"
-                description="Are you sure you want to delete this user?"
+                title="Delete Role"
+                description="Are you sure you want to delete this role?"
                 onConfirm={() => deleteRoles([id])}
               >
                 <Button icon={<DeleteOutlined />} type="text" />
@@ -99,17 +99,15 @@ const RolesPage: FC = () => {
                 <CloseOutlined />
               </Button>
               {selectedRowKeys.length} selected:{' '}
-              {canDeleteSelectedRows && (
-                <span className={styles.Icons}>
-                  <Popconfirm
-                    title="Delete User"
-                    description="Are you sure you want to delete this user?"
-                    onConfirm={() => deleteRoles(selectedRowKeys)}
-                  >
-                    <Button type="text" icon={<DeleteOutlined />} />
-                  </Popconfirm>
-                </span>
-              )}
+              <span className={styles.Icons}>
+                <Popconfirm
+                  title="Delete Roles"
+                  description="Are you sure you want to the selected roles?"
+                  onConfirm={() => deleteRoles(selectedRowKeys)}
+                >
+                  <Button type="text" icon={<DeleteOutlined />} disabled={!canDeleteSelectedRows} />
+                </Popconfirm>
+              </span>
             </Space>
           ) : undefined
         }

From f64e6e685348e729cb25b2fc78b309efbc095402 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Mon, 16 Oct 2023 17:06:13 +0200
Subject: [PATCH 28/44] Changed order of tabs

---
 .../app/(dashboard)/iam/roles/[roleId]/page.tsx      | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx
index 2c7a9936e..87bf82a80 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx
@@ -25,17 +25,17 @@ function RolePage({ params: { roleId } }: { params: { roleId: string } }) {
 
   const items: Items = role
     ? [
-        {
-          key: 'members',
-          label: 'Manage Members',
-          children: <RoleMembers role={role} isLoadingRole={isLoading} />,
-        },
-        { key: 'permissions', label: 'Permissions', children: <RolePermissions role={role} /> },
         {
           key: 'generalData',
           label: 'General Data',
           children: <RoleGeneralData roleId={roleId} />,
         },
+        { key: 'permissions', label: 'Permissions', children: <RolePermissions role={role} /> },
+        {
+          key: 'members',
+          label: 'Manage Members',
+          children: <RoleMembers role={role} isLoadingRole={isLoading} />,
+        },
       ]
     : [];
 

From bbc5c95db11b6c9d6f672744c25ae679d01ce2e5 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Mon, 16 Oct 2023 17:07:03 +0200
Subject: [PATCH 29/44] Changed roleGeneralData style

---
 .../iam/roles/[roleId]/roleGeneralData.tsx    | 64 ++++++++++---------
 1 file changed, 33 insertions(+), 31 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/roleGeneralData.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/roleGeneralData.tsx
index 06f7e7702..7d93bb0a7 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/roleGeneralData.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/roleGeneralData.tsx
@@ -43,40 +43,42 @@ const RoleGeneralData: FC<{ roleId: string }> = ({ roleId }) => {
   }
 
   return (
-    <Form form={form} layout="vertical" onFinish={submitChanges} initialValues={role}>
-      {role.note && (
-        <>
-          <Alert type="warning" message={role.note} />
-          <br />
-        </>
-      )}
-      <Form.Item label="Name" name="name">
-        <Input placeholder="input placeholder" disabled={!ability.can('update', role, 'name')} />
-      </Form.Item>
+    <div style={{ maxWidth: '800px' }}>
+      <Form form={form} layout="vertical" onFinish={submitChanges} initialValues={role}>
+        {role.note && (
+          <>
+            <Alert type="warning" message={role.note} />
+            <br />
+          </>
+        )}
+        <Form.Item label="Name" name="name">
+          <Input placeholder="input placeholder" disabled={!ability.can('update', role, 'name')} />
+        </Form.Item>
 
-      <Form.Item label="Description" name="description">
-        <Input.TextArea
-          placeholder="input placeholder"
-          disabled={!ability.can('update', role, 'description')}
-        />
-      </Form.Item>
+        <Form.Item label="Description" name="description">
+          <Input.TextArea
+            placeholder="input placeholder"
+            disabled={!ability.can('update', role, 'description')}
+          />
+        </Form.Item>
 
-      <Form.Item label="Expiration" name="expirationDayJs">
-        <DatePicker
-          // Note german locale hard coded
-          locale={germanLocale}
-          allowClear={true}
-          disabled={!ability.can('update', role, 'expiration')}
-          defaultValue={role.expiration ? dayjs(new Date(role.expiration)) : undefined}
-        />
-      </Form.Item>
+        <Form.Item label="Expiration" name="expirationDayJs">
+          <DatePicker
+            // Note german locale hard coded
+            locale={germanLocale}
+            allowClear={true}
+            disabled={!ability.can('update', role, 'expiration')}
+            defaultValue={role.expiration ? dayjs(new Date(role.expiration)) : undefined}
+          />
+        </Form.Item>
 
-      <Form.Item>
-        <Button type="primary" htmlType="submit" loading={putLoading}>
-          Submit
-        </Button>
-      </Form.Item>
-    </Form>
+        <Form.Item>
+          <Button type="primary" htmlType="submit" loading={putLoading}>
+            Submit
+          </Button>
+        </Form.Item>
+      </Form>
+    </div>
   );
 };
 

From 11efff067fde8eeac02577ee1e3a2003e747a873 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Mon, 23 Oct 2023 17:17:07 +0200
Subject: [PATCH 30/44] toCaslResource creates a shallow copy

---
 src/management-system-v2/lib/ability/caslAbility.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/management-system-v2/lib/ability/caslAbility.ts b/src/management-system-v2/lib/ability/caslAbility.ts
index 98a4d2c32..1b8e9a0c0 100644
--- a/src/management-system-v2/lib/ability/caslAbility.ts
+++ b/src/management-system-v2/lib/ability/caslAbility.ts
@@ -188,5 +188,5 @@ export function toCaslResource<T extends Record<PropertyKey, any>>(
   resource: ResourceType,
   object: T,
 ) {
-  return subject(resource, object);
+  return subject(resource, { ...object });
 }

From 2a183c7ed9e69d316d60515022ebc80501e8deae Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Wed, 25 Oct 2023 18:02:05 +0200
Subject: [PATCH 31/44] Update openapi typescript types

---
 src/management-system-v2/lib/openapiSchema.ts | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/management-system-v2/lib/openapiSchema.ts b/src/management-system-v2/lib/openapiSchema.ts
index 08a36ac72..7d1c738d5 100644
--- a/src/management-system-v2/lib/openapiSchema.ts
+++ b/src/management-system-v2/lib/openapiSchema.ts
@@ -245,7 +245,7 @@ export interface components {
       | 'versions'
     >;
     processVersion: {
-      version: string;
+      version: number;
       name: string;
       description: string;
     };
@@ -339,7 +339,7 @@ export interface components {
       /** Format: email */
       email: string;
       username: string;
-      'firstName ': string;
+      firstName: string;
       lastName: string;
     };
     /** user */
@@ -372,8 +372,8 @@ export interface components {
      * - ezample 2
      */
     PermissionNumber: number;
-    /** rolePostData */
-    rolePostData: {
+    /** role */
+    roleData: {
       name?: string;
       description?: string;
       note?: string;
@@ -391,10 +391,6 @@ export interface components {
         All?: components['schemas']['PermissionNumber'];
       };
       expiration?: string;
-      default?: boolean;
-    };
-    /** role */
-    roleData: {
       members?: {
         userId: string;
         username: string;
@@ -402,7 +398,8 @@ export interface components {
         lastName: string;
         email: string;
       }[];
-    } & components['schemas']['rolePostData'];
+      default?: boolean;
+    };
     /** role */
     roleMetaData: {
       id?: string;
@@ -1201,7 +1198,10 @@ export interface operations {
   postRole: {
     requestBody?: {
       content: {
-        'application/json': WithRequired<components['schemas']['rolePostData'], 'name'>;
+        'application/json': WithRequired<
+          components['schemas']['roleData'],
+          'name' | 'description' | 'note' | 'permissions' | 'expiration' | 'members' | 'default'
+        >;
       };
     };
     responses: {

From c61ac6d7a059dc291c2e96b27c91c034aa4f9c2f Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Wed, 25 Oct 2023 18:02:25 +0200
Subject: [PATCH 32/44] Fix typo

---
 src/management-system-v2/components/userProfile.tsx | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/management-system-v2/components/userProfile.tsx b/src/management-system-v2/components/userProfile.tsx
index a2846fe87..683e02869 100644
--- a/src/management-system-v2/components/userProfile.tsx
+++ b/src/management-system-v2/components/userProfile.tsx
@@ -85,8 +85,6 @@ const UserDataModal: FC<{
           email: userData.email,
           firstName: userData.firstName,
           lastName: userData.lastName,
-          firstName: userData.firstName,
-          lastName: userData.lastName,
           username: userData.username,
           ...values,
         };

From 27b97203c76871474ea6d941f9cc920d1e82bd2d Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Wed, 25 Oct 2023 20:58:00 +0200
Subject: [PATCH 33/44] use Bar + check if selected items can be deleted

---
 .../app/(dashboard)/iam/roles/page.tsx        | 70 +++++++++----------
 1 file changed, 34 insertions(+), 36 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
index 83428e206..913a4c48a 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
@@ -15,12 +15,13 @@ import { AuthCan } from '@/lib/iamComponents';
 import Link from 'next/link';
 import { toCaslResource } from '@/lib/ability/caslAbility';
 import Bar from '@/components/bar';
+import { useAuthStore } from '@/lib/iam';
 
 type Role = ApiData<'/roles', 'get'>[number];
 
 const RolesPage: FC = () => {
   const { message: messageApi } = App.useApp();
-
+  const ability = useAuthStore((store) => store.ability);
   const { error, data: roles, isLoading, refetch: refetchRoles } = useGetAsset('/roles', {});
   const { mutateAsync: deleteRole, isLoading: deletingRole } = useDeleteAsset('/roles/{id}', {
     onSuccess: () => refetchRoles(),
@@ -36,9 +37,15 @@ const RolesPage: FC = () => {
   });
 
   const [selectedRowKeys, setSelectedRowKeys] = useState<string[]>([]);
+  const [selectedRow, setSelectedRows] = useState<Role[]>([]);
+
+  const canDeleteSelected = !selectedRow.some(
+    (role) => !ability.can('delete', toCaslResource('Role', role)),
+  );
 
   async function deleteRoles(userIds: string[]) {
     setSelectedRowKeys([]);
+    setSelectedRows([]);
     await Promise.allSettled(userIds.map((id) => deleteRole({ params: { path: { id } } })));
   }
 
@@ -88,51 +95,42 @@ const RolesPage: FC = () => {
 
   return (
     <Content title="Identity and Access Management">
-      <Bar rightNode={<HeaderActions />} />
-      <Row className={styles.Headerrow}>
-        <Col
-          xs={24}
-          sm={24}
-          md={24}
-          lg={10}
-          xl={6}
-          className={cn({ [styles.SelectedRow]: selectedRowKeys.length > 0 })}
-          style={{
-            justifyContent: 'start',
-          }}
-        >
-          {selectedRowKeys.length > 0 ? (
+      <Bar
+        rightNode={<HeaderActions />}
+        leftNode={
+          selectedRowKeys.length > 0 ? (
             <Space size={20}>
               <Button type="text" icon={<CloseOutlined />} onClick={() => setSelectedRowKeys([])} />
-              <span>{selectedRowKeys.length} selected: </span>
-              <Popconfirm
-                title="Delete User"
-                description="Are you sure you want to delete this user?"
-                onConfirm={() => deleteRoles(selectedRowKeys)}
-              >
-                <Button type="text" icon={<DeleteOutlined />} />
-              </Popconfirm>
+              <span>
+                {selectedRowKeys.length} selected {canDeleteSelected ? ':' : ' '}
+              </span>
+              {canDeleteSelected && (
+                <Popconfirm
+                  title="Delete User"
+                  description="Are you sure you want to delete this user?"
+                  onConfirm={() => deleteRoles(selectedRowKeys)}
+                >
+                  <Button type="text" icon={<DeleteOutlined />} />
+                </Popconfirm>
+              )}
             </Space>
-          ) : null}
-        </Col>
-        <Col className={styles.Headercol} xs={22} sm={22} md={22} lg={9} xl={13}>
-          <Input.Search
-            size="middle"
-            value={searchQuery}
-            onChange={(e) => setSearchQuery(e.target.value)}
-            allowClear
-            placeholder="Search Users"
-          />
-        </Col>
-      </Row>
+          ) : null
+        }
+        searchProps={{
+          onChange: (e) => setSearchQuery(e.target.value),
+          onPressEnter: (e) => setSearchQuery(e.currentTarget.value),
+          placeholder: 'Search Role ...',
+        }}
+      />
 
       <Table
         columns={columns}
         dataSource={filteredRoles}
         rowSelection={{
           selectedRowKeys,
-          onChange: (selectedRowKeys: React.Key[]) => {
+          onChange: (selectedRowKeys, selectedRows) => {
             setSelectedRowKeys(selectedRowKeys as string[]);
+            setSelectedRows(selectedRows);
           },
         }}
         rowKey="id"

From 90700a37a414443cb1e0c16077a90ea5c97f9ddb Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Wed, 25 Oct 2023 22:02:36 +0200
Subject: [PATCH 34/44] Create role modal

---
 .../(dashboard)/iam/roles/header-actions.tsx  | 179 ++++++------------
 1 file changed, 60 insertions(+), 119 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx
index f8ce62994..3ff605ca6 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx
@@ -1,68 +1,34 @@
 'use client';
 
-import { ApiRequestBody, usePostAsset } from '@/lib/fetch-data';
+import { usePostAsset } from '@/lib/fetch-data';
 import { AuthCan } from '@/lib/iamComponents';
-import { ImportOutlined, PlusOutlined } from '@ant-design/icons';
-import { Button, Form, App, Input, Modal } from 'antd';
-import { ComponentProps, FC, ReactNode, useEffect, useState } from 'react';
-
-type PostUserField = keyof ApiRequestBody<'/users', 'post'>;
-
-const modalStructureWithoutPassword: {
-  dataKey: PostUserField;
-  label: string;
-  type: string;
-}[] = [
-  {
-    dataKey: 'firstName',
-    label: 'First Name',
-    type: 'text',
-  },
-  {
-    dataKey: 'lastName',
-    label: 'Last Name',
-    type: 'text',
-  },
-  {
-    dataKey: 'username',
-    label: 'Username Name',
-    type: 'text',
-  },
-  {
-    dataKey: 'email',
-    label: 'Email',
-    type: 'email',
-  },
-];
-
-const fieldNameToLabel: Record<PostUserField, string> = modalStructureWithoutPassword.reduce(
-  (acc, curr) => {
-    acc[curr.dataKey] = curr.label;
-    return acc;
-  },
-  {} as Record<PostUserField, string>,
-);
-
-const CreateUserModal: FC<{
+import { PlusOutlined } from '@ant-design/icons';
+import { Button, Form, App, Input, Modal, DatePicker } from 'antd';
+import { FC, ReactNode, useEffect, useState } from 'react';
+import dayjs from 'dayjs';
+import germanLocale from 'antd/es/date-picker/locale/de_DE';
+import { useRouter } from 'next/navigation';
+
+type PostRoleKeys = 'name' | 'description' | 'expiration';
+
+const CreateRoleModal: FC<{
   modalOpen: boolean;
   close: () => void;
 }> = ({ modalOpen, close }) => {
   const [form] = Form.useForm();
+  const router = useRouter();
   const { message: messageApi } = App.useApp();
-  type ErrorsObject = { [field in PostUserField]?: ReactNode[] };
+  type ErrorsObject = { [field in PostRoleKeys]?: ReactNode[] };
   const [formatError, setFormatError] = useState<ErrorsObject>({});
-
-  const { mutateAsync: postUser, isLoading } = usePostAsset('/users', {
+  const { mutateAsync: postRole, isLoading } = usePostAsset('/roles', {
     onError(e) {
       if (!(typeof e === 'object' && e !== null && 'errors' in e)) {
         return;
       }
 
-      const errors: { [key in PostUserField]?: ReactNode[] } = {};
-
-      function appendError(key: PostUserField, error: string) {
-        error = error.replace(key, fieldNameToLabel[key]);
+      const errors: { [key in PostRoleKeys]?: ReactNode[] } = {};
 
+      function appendError(key: PostRoleKeys, error: string) {
         if (key in errors) {
           errors[key]!.push(<p key={errors[key]?.length}>{error}</p>);
         } else {
@@ -71,11 +37,9 @@ const CreateUserModal: FC<{
       }
 
       for (const error of e.errors as string[]) {
-        if (error.includes('username')) appendError('username', error);
-        else if (error.includes('email')) appendError('email', error);
-        else if (error.includes('firstName')) appendError('firstName', error);
-        else if (error.includes('lastName')) appendError('lastName', error);
-        else if (error.includes('password')) appendError('password', error);
+        if (error.includes('name')) appendError('name', error);
+        else if (error.includes('description')) appendError('description', error);
+        else if (error.includes('expiration')) appendError('expiration', error);
       }
 
       setFormatError(errors);
@@ -87,81 +51,58 @@ const CreateUserModal: FC<{
     setFormatError({});
   }, [form, modalOpen]);
 
-  const submitData = async (
-    values: Record<keyof ApiRequestBody<'/users', 'post'> | 'confirm_password', string>,
-  ) => {
-    debugger;
+  const submitData = async (values: Record<'name' | 'description' | 'expirationDayJs', 'post'>) => {
+    let expiration;
+    if (typeof values.expirationDayJs === 'object')
+      expiration = (values.expirationDayJs as dayjs.Dayjs).toISOString();
+
     try {
-      await postUser({
+      const newRole = await postRole({
         body: {
-          email: values.email,
-          firstName: values.firstName,
-          lastName: values.lastName,
-          username: values.username,
-          password: values.password,
+          name: values.name,
+          description: values.description,
+          expiration,
         },
       });
-      messageApi.success({ content: 'Account created' });
-      close();
+      messageApi.success({ content: 'Role created' });
+      router.push(`/iam/roles/${newRole.id}`);
     } catch (e) {
-      messageApi.error({ content: 'An error ocurred' });
+      messageApi.error({ content: 'Something went wrong' });
     }
   };
 
   return (
-    <Modal open={modalOpen} onCancel={close} footer={null}>
+    <Modal open={modalOpen} onCancel={close} footer={null} title="Create a new role">
       <Form form={form} layout="vertical" onFinish={submitData}>
-        {modalStructureWithoutPassword.map((formField) => (
-          <Form.Item
-            key={formField.dataKey}
-            label={formField.label}
-            name={formField.dataKey}
-            validateStatus={formField.dataKey in formatError ? 'error' : ''}
-            help={formField.dataKey in formatError ? formatError[formField.dataKey] : ''}
-            hasFeedback
-            required
-          >
-            <Input type={formField.type} />
-          </Form.Item>
-        ))}
+        <Form.Item
+          label="Name"
+          name="name"
+          help={formatError.name}
+          validateStatus={formatError.name && 'error'}
+        >
+          <Input />
+        </Form.Item>
 
         <Form.Item
-          name="password"
-          label="Password"
-          rules={[
-            {
-              required: true,
-              message: 'Please input your password!',
-            },
-          ]}
-          validateStatus={'password' in formatError ? 'error' : ''}
-          help={'password' in formatError ? formatError.password : ''}
-          hasFeedback
+          label="Description"
+          name="description"
+          help={formatError.description}
+          validateStatus={formatError.description && 'error'}
         >
-          <Input.Password />
+          <Input.TextArea placeholder="input placeholder" />
         </Form.Item>
 
         <Form.Item
-          name="confirm_password"
-          label="Confirm Password"
-          dependencies={['password']}
-          hasFeedback
-          rules={[
-            {
-              required: true,
-              message: 'Please confirm your password!',
-            },
-            ({ getFieldValue }) => ({
-              validator(_, value) {
-                if (!value || getFieldValue('password') === value) {
-                  return Promise.resolve();
-                }
-                return Promise.reject(new Error('The new password that you entered do not match!'));
-              },
-            }),
-          ]}
+          label="Expiration"
+          name="expirationDayJs"
+          help={formatError.expiration}
+          validateStatus={formatError.expiration && 'error'}
         >
-          <Input.Password />
+          <DatePicker
+            // NOTE german locale hard coded
+            locale={germanLocale}
+            allowClear={true}
+          />
         </Form.Item>
 
         <Form.Item>
@@ -175,17 +116,17 @@ const CreateUserModal: FC<{
 };
 
 const HeaderActions: FC = () => {
-  const [createUserModalOpen, setCreateUserModalOpen] = useState(false);
+  const [createRoleModalOpen, setCreateRoleModalOpen] = useState(false);
 
   return (
     <>
-      <CreateUserModal
-        modalOpen={createUserModalOpen}
-        close={() => setCreateUserModalOpen(false)}
+      <CreateRoleModal
+        modalOpen={createRoleModalOpen}
+        close={() => setCreateRoleModalOpen(false)}
       />
 
-      <AuthCan action="create" resource="User">
-        <Button type="primary" onClick={() => setCreateUserModalOpen(true)}>
+      <AuthCan action="create" resource="Role">
+        <Button type="primary" onClick={() => setCreateRoleModalOpen(true)}>
           <PlusOutlined /> Create
         </Button>
       </AuthCan>

From 27bbfd7751ac6a2a6854aedcd02ca2c4328343b1 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Wed, 25 Oct 2023 22:09:00 +0200
Subject: [PATCH 35/44] Corrected confirmation popup text

---
 .../app/(dashboard)/iam/roles/page.tsx        | 20 +++++++------------
 1 file changed, 7 insertions(+), 13 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
index 913a4c48a..427ed84c3 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
@@ -1,10 +1,8 @@
 'use client';
 
-import React, { FC, useState } from 'react';
-import styles from '@/components/processes.module.scss';
-import cn from 'classnames';
+import { FC, useState } from 'react';
 import { DeleteOutlined } from '@ant-design/icons';
-import { Tooltip, Space, Row, Col, Button, Input, Result, Table, Popconfirm, App } from 'antd';
+import { Tooltip, Space, Button, Result, Table, Popconfirm, App } from 'antd';
 import { useGetAsset, useDeleteAsset, ApiData } from '@/lib/fetch-data';
 import { CloseOutlined } from '@ant-design/icons';
 import Auth from '@/lib/AuthCanWrapper';
@@ -28,11 +26,7 @@ const RolesPage: FC = () => {
     onError: () => messageApi.open({ type: 'error', content: 'Something went wrong' }),
   });
 
-  const {
-    searchQuery,
-    setSearchQuery,
-    filteredData: filteredRoles,
-  } = useFuzySearch(roles || [], ['name'], {
+  const { setSearchQuery, filteredData: filteredRoles } = useFuzySearch(roles || [], ['name'], {
     useSearchParams: false,
   });
 
@@ -72,8 +66,8 @@ const RolesPage: FC = () => {
           <AuthCan action="delete" resource={toCaslResource('Role', role)}>
             <Tooltip placement="top" title={'Delete'}>
               <Popconfirm
-                title="Delete User"
-                description="Are you sure you want to delete this user?"
+                title="Delete Role"
+                description="Are you sure you want to delete this role?"
                 onConfirm={() => deleteRoles([id])}
               >
                 <Button icon={<DeleteOutlined />} type="text" />
@@ -106,8 +100,8 @@ const RolesPage: FC = () => {
               </span>
               {canDeleteSelected && (
                 <Popconfirm
-                  title="Delete User"
-                  description="Are you sure you want to delete this user?"
+                  title="Delete roles"
+                  description="Are you sure you want to delete these roles?"
                   onConfirm={() => deleteRoles(selectedRowKeys)}
                 >
                   <Button type="text" icon={<DeleteOutlined />} />

From c9b378df5f59a1ce7faa547c09ea1d640b38120a Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 26 Oct 2023 08:29:11 +0200
Subject: [PATCH 36/44] Rearange tabs in role page

---
 .../app/(dashboard)/iam/roles/[roleId]/page.tsx  | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx
index 2c7a9936e..270b09c34 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx
@@ -25,17 +25,17 @@ function RolePage({ params: { roleId } }: { params: { roleId: string } }) {
 
   const items: Items = role
     ? [
-        {
-          key: 'members',
-          label: 'Manage Members',
-          children: <RoleMembers role={role} isLoadingRole={isLoading} />,
-        },
-        { key: 'permissions', label: 'Permissions', children: <RolePermissions role={role} /> },
         {
           key: 'generalData',
           label: 'General Data',
           children: <RoleGeneralData roleId={roleId} />,
         },
+        { key: 'permissions', label: 'Permissions', children: <RolePermissions role={role} /> },
+        {
+          key: 'members',
+          label: 'Manage Members',
+          children: <RoleMembers role={role} isLoadingRole={isLoading} />,
+        },
       ]
     : [];
 
@@ -58,7 +58,9 @@ function RolePage({ params: { roleId } }: { params: { roleId: string } }) {
       }
     >
       <Skeleton loading={isLoading}>
-        <Tabs items={items} />
+        <div style={{ maxWidth: '800px', margin: 'auto' }}>
+          <Tabs items={items} />
+        </div>
       </Skeleton>
     </Content>
   );

From 5db7d3317db486e0b79c4fb1bdf5c884c13abe3e Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 26 Oct 2023 09:26:44 +0200
Subject: [PATCH 37/44] fixed openapi POST /role types

---
 src/management-system-v2/lib/openapiSchema.ts | 14 ++--
 .../src/backend/openapi.json                  | 77 ++++++++++---------
 2 files changed, 48 insertions(+), 43 deletions(-)

diff --git a/src/management-system-v2/lib/openapiSchema.ts b/src/management-system-v2/lib/openapiSchema.ts
index 7d1c738d5..6c3a06b54 100644
--- a/src/management-system-v2/lib/openapiSchema.ts
+++ b/src/management-system-v2/lib/openapiSchema.ts
@@ -372,8 +372,8 @@ export interface components {
      * - ezample 2
      */
     PermissionNumber: number;
-    /** role */
-    roleData: {
+    /** rolePostData */
+    rolePostData: {
       name?: string;
       description?: string;
       note?: string;
@@ -391,6 +391,9 @@ export interface components {
         All?: components['schemas']['PermissionNumber'];
       };
       expiration?: string;
+    };
+    /** role */
+    roleData: {
       members?: {
         userId: string;
         username: string;
@@ -399,7 +402,7 @@ export interface components {
         email: string;
       }[];
       default?: boolean;
-    };
+    } & components['schemas']['rolePostData'];
     /** role */
     roleMetaData: {
       id?: string;
@@ -1198,10 +1201,7 @@ export interface operations {
   postRole: {
     requestBody?: {
       content: {
-        'application/json': WithRequired<
-          components['schemas']['roleData'],
-          'name' | 'description' | 'note' | 'permissions' | 'expiration' | 'members' | 'default'
-        >;
+        'application/json': WithRequired<components['schemas']['rolePostData'], 'name'>;
       };
     };
     responses: {
diff --git a/src/management-system/src/backend/openapi.json b/src/management-system/src/backend/openapi.json
index 13ac91b0b..c5337ccf4 100644
--- a/src/management-system/src/backend/openapi.json
+++ b/src/management-system/src/backend/openapi.json
@@ -1208,18 +1208,10 @@
               "schema": {
                 "allOf": [
                   {
-                    "$ref": "#/components/schemas/roleData"
+                    "$ref": "#/components/schemas/rolePostData"
                   }
                 ],
-                "required": [
-                  "name",
-                  "description",
-                  "note",
-                  "permissions",
-                  "expiration",
-                  "members",
-                  "default"
-                ]
+                "required": ["name"]
               }
             }
           }
@@ -2122,8 +2114,8 @@
         "type": "number",
         "description": "- example\n- ezample 2"
       },
-      "roleData": {
-        "title": "role",
+      "rolePostData": {
+        "title": "rolePostData",
         "type": "object",
         "properties": {
           "name": {
@@ -2175,35 +2167,48 @@
           },
           "expiration": {
             "type": "string"
-          },
-          "members": {
-            "type": "array",
-            "items": {
-              "type": "object",
-              "properties": {
-                "userId": {
-                  "type": "string"
-                },
-                "username": {
-                  "type": "string"
-                },
-                "firstName": {
-                  "type": "string"
-                },
-                "lastName": {
-                  "type": "string"
-                },
-                "email": {
-                  "type": "string"
+          }
+        }
+      },
+      "roleData": {
+        "title": "role",
+        "allOf": [
+          {
+            "type": "object",
+            "properties": {
+              "members": {
+                "type": "array",
+                "items": {
+                  "type": "object",
+                  "properties": {
+                    "userId": {
+                      "type": "string"
+                    },
+                    "username": {
+                      "type": "string"
+                    },
+                    "firstName": {
+                      "type": "string"
+                    },
+                    "lastName": {
+                      "type": "string"
+                    },
+                    "email": {
+                      "type": "string"
+                    }
+                  },
+                  "required": ["userId", "username", "firstName", "lastName", "email"]
                 }
               },
-              "required": ["userId", "username", "firstName", "lastName", "email"]
+              "default": {
+                "type": "boolean"
+              }
             }
           },
-          "default": {
-            "type": "boolean"
+          {
+            "$ref": "#/components/schemas/rolePostData"
           }
-        }
+        ]
       },
       "roleMetaData": {
         "title": "role",

From 5a99e573c3e07763b9065ffa7f4a6b7daed38da1 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 26 Oct 2023 09:27:24 +0200
Subject: [PATCH 38/44] Removed console log

---
 .../src/backend/server/iam/rest-api/roles.js                  | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/management-system/src/backend/server/iam/rest-api/roles.js b/src/management-system/src/backend/server/iam/rest-api/roles.js
index c5c4af160..f624fb6b0 100644
--- a/src/management-system/src/backend/server/iam/rest-api/roles.js
+++ b/src/management-system/src/backend/server/iam/rest-api/roles.js
@@ -99,10 +99,8 @@ rolesRouter.put('/:id', validateRole, isAllowed('update', 'Role'), async (req, r
 
       const targetRole = getRoleById(id);
 
-      for (const [key, value] of Object.entries(role)) {
-        console.log('Key:', key, 'Value:', value, 'Target:', targetRole[key]);
+      for (const [key, value] of Object.entries(role))
         if (targetRole[key] === value) delete role[key];
-      }
 
       // Casl isn't really built to check the value of input fields when updating, so we have to perform this two checks
       if (

From c233c7d8895f080f450cfebdcac717b05bc681a8 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 26 Oct 2023 09:35:34 +0200
Subject: [PATCH 39/44] Fixed permission check

---
 src/management-system-v2/app/(dashboard)/iam/roles/page.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
index 427ed84c3..ac2cd79d7 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
@@ -138,7 +138,7 @@ const RolesPage: FC = () => {
 export default Auth(
   {
     action: 'manage',
-    resource: 'User',
+    resource: 'Role',
     fallbackRedirect: '/',
   },
   RolesPage,

From 43a816083283f29bca443d638985757976a1d673 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Thu, 26 Oct 2023 09:50:09 +0200
Subject: [PATCH 40/44] Disable button instead of hidding it

---
 .../app/(dashboard)/iam/roles/page.tsx        | 22 ++++++++-----------
 1 file changed, 9 insertions(+), 13 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
index ac2cd79d7..6095c8a54 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
@@ -33,7 +33,7 @@ const RolesPage: FC = () => {
   const [selectedRowKeys, setSelectedRowKeys] = useState<string[]>([]);
   const [selectedRow, setSelectedRows] = useState<Role[]>([]);
 
-  const canDeleteSelected = !selectedRow.some(
+  const cannotDeleteSelected = selectedRow.some(
     (role) => !ability.can('delete', toCaslResource('Role', role)),
   );
 
@@ -95,18 +95,14 @@ const RolesPage: FC = () => {
           selectedRowKeys.length > 0 ? (
             <Space size={20}>
               <Button type="text" icon={<CloseOutlined />} onClick={() => setSelectedRowKeys([])} />
-              <span>
-                {selectedRowKeys.length} selected {canDeleteSelected ? ':' : ' '}
-              </span>
-              {canDeleteSelected && (
-                <Popconfirm
-                  title="Delete roles"
-                  description="Are you sure you want to delete these roles?"
-                  onConfirm={() => deleteRoles(selectedRowKeys)}
-                >
-                  <Button type="text" icon={<DeleteOutlined />} />
-                </Popconfirm>
-              )}
+              <span>{selectedRowKeys.length} selected:</span>
+              <Popconfirm
+                title="Delete roles"
+                description="Are you sure you want to delete these roles?"
+                onConfirm={() => deleteRoles(selectedRowKeys)}
+              >
+                <Button type="text" icon={<DeleteOutlined />} disabled={cannotDeleteSelected} />
+              </Popconfirm>
             </Space>
           ) : null
         }

From d08a902edc6afa2f004b46fa74564a55a8d05ff0 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Sun, 5 Nov 2023 10:26:45 +0100
Subject: [PATCH 41/44] Moved skelleton to the inside of the container

---
 .../app/(dashboard)/iam/roles/[roleId]/page.tsx           | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx
index 270b09c34..3604c70f3 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/page.tsx
@@ -57,11 +57,11 @@ function RolePage({ params: { roleId } }: { params: { roleId: string } }) {
         </Space>
       }
     >
-      <Skeleton loading={isLoading}>
-        <div style={{ maxWidth: '800px', margin: 'auto' }}>
+      <div style={{ maxWidth: '800px', margin: 'auto' }}>
+        <Skeleton loading={isLoading}>
           <Tabs items={items} />
-        </div>
-      </Skeleton>
+        </Skeleton>
+      </div>
     </Content>
   );
 }

From b17a3e1130ad8a9e0e38afb11ebe8783beb94be9 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Sun, 5 Nov 2023 10:28:29 +0100
Subject: [PATCH 42/44] Updated texts and form validation

---
 .../iam/roles/[roleId]/role-members.tsx       |  2 +-
 .../iam/roles/[roleId]/roleGeneralData.tsx    | 28 ++++++++++++++++---
 .../(dashboard)/iam/roles/header-actions.tsx  | 26 +++++++++++++----
 .../app/(dashboard)/iam/roles/page.tsx        |  4 +--
 .../(dashboard)/iam/users/header-actions.tsx  | 24 ++++++++++++----
 5 files changed, 67 insertions(+), 17 deletions(-)

diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/role-members.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/role-members.tsx
index 832f31963..67f479fc7 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/role-members.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/role-members.tsx
@@ -143,7 +143,7 @@ const RoleMembers: FC<{ role: Role; isLoadingRole?: boolean }> = ({ role, isLoad
         )}
         searchBarRightNode={
           <Button type="primary" onClick={() => setAddUserModalOpen(true)}>
-            Add member
+            Add Member
           </Button>
         }
       />
diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/roleGeneralData.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/roleGeneralData.tsx
index 06f7e7702..61900a270 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/roleGeneralData.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/[roleId]/roleGeneralData.tsx
@@ -3,7 +3,7 @@ import { toCaslResource } from '@/lib/ability/caslAbility';
 import { useGetAsset, usePutAsset } from '@/lib/fetch-data';
 import { useAuthStore } from '@/lib/iam';
 import { Alert, App, Button, DatePicker, Form, Input, Spin } from 'antd';
-import { FC } from 'react';
+import { FC, useEffect, useState } from 'react';
 import dayjs from 'dayjs';
 import germanLocale from 'antd/es/date-picker/locale/de_DE';
 
@@ -20,6 +20,20 @@ const RoleGeneralData: FC<{ roleId: string }> = ({ roleId }) => {
     onError: () => message.open({ type: 'error', content: 'Something went wrong' }),
   });
 
+  const [submittable, setSubmittable] = useState(false);
+  const values = Form.useWatch('name', form);
+
+  useEffect(() => {
+    form.validateFields({ validateOnly: true }).then(
+      () => {
+        setSubmittable(true);
+      },
+      () => {
+        setSubmittable(false);
+      },
+    );
+  }, [form, values]);
+
   if (isLoading || error || !data) return <Spin />;
 
   const role = toCaslResource('Role', data);
@@ -50,7 +64,13 @@ const RoleGeneralData: FC<{ roleId: string }> = ({ roleId }) => {
           <br />
         </>
       )}
-      <Form.Item label="Name" name="name">
+
+      <Form.Item
+        label="Name"
+        name="name"
+        rules={[{ required: true, message: 'this field is required' }]}
+        required
+      >
         <Input placeholder="input placeholder" disabled={!ability.can('update', role, 'name')} />
       </Form.Item>
 
@@ -72,8 +92,8 @@ const RoleGeneralData: FC<{ roleId: string }> = ({ roleId }) => {
       </Form.Item>
 
       <Form.Item>
-        <Button type="primary" htmlType="submit" loading={putLoading}>
-          Submit
+        <Button type="primary" htmlType="submit" loading={putLoading} disabled={!submittable}>
+          Update Role
         </Button>
       </Form.Item>
     </Form>
diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx
index 3ff605ca6..1caeb2e09 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/header-actions.tsx
@@ -46,6 +46,20 @@ const CreateRoleModal: FC<{
     },
   });
 
+  const [submittable, setSubmittable] = useState(false);
+  const values = Form.useWatch('name', form);
+
+  useEffect(() => {
+    form.validateFields({ validateOnly: true }).then(
+      () => {
+        setSubmittable(true);
+      },
+      () => {
+        setSubmittable(false);
+      },
+    );
+  }, [form, values]);
+
   useEffect(() => {
     form.resetFields();
     setFormatError({});
@@ -72,13 +86,15 @@ const CreateRoleModal: FC<{
   };
 
   return (
-    <Modal open={modalOpen} onCancel={close} footer={null} title="Create a new role">
+    <Modal open={modalOpen} onCancel={close} footer={null} title="Create New Role">
       <Form form={form} layout="vertical" onFinish={submitData}>
         <Form.Item
           label="Name"
           name="name"
           help={formatError.name}
           validateStatus={formatError.name && 'error'}
+          rules={[{ required: true, message: 'This field is required' }]}
+          required
         >
           <Input />
         </Form.Item>
@@ -89,7 +105,7 @@ const CreateRoleModal: FC<{
           help={formatError.description}
           validateStatus={formatError.description && 'error'}
         >
-          <Input.TextArea placeholder="input placeholder" />
+          <Input.TextArea />
         </Form.Item>
 
         <Form.Item
@@ -106,8 +122,8 @@ const CreateRoleModal: FC<{
         </Form.Item>
 
         <Form.Item>
-          <Button type="primary" htmlType="submit" loading={isLoading}>
-            Submit
+          <Button type="primary" htmlType="submit" loading={isLoading} disabled={!submittable}>
+            Create Role
           </Button>
         </Form.Item>
       </Form>
@@ -127,7 +143,7 @@ const HeaderActions: FC = () => {
 
       <AuthCan action="create" resource="Role">
         <Button type="primary" onClick={() => setCreateRoleModalOpen(true)}>
-          <PlusOutlined /> Create
+          <PlusOutlined /> Create Role
         </Button>
       </AuthCan>
     </>
diff --git a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
index 6095c8a54..82c7bde4b 100644
--- a/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/roles/page.tsx
@@ -97,8 +97,8 @@ const RolesPage: FC = () => {
               <Button type="text" icon={<CloseOutlined />} onClick={() => setSelectedRowKeys([])} />
               <span>{selectedRowKeys.length} selected:</span>
               <Popconfirm
-                title="Delete roles"
-                description="Are you sure you want to delete these roles?"
+                title="Delete Roles"
+                description="Are you sure you want to delete the selected roles?"
                 onConfirm={() => deleteRoles(selectedRowKeys)}
               >
                 <Button type="text" icon={<DeleteOutlined />} disabled={cannotDeleteSelected} />
diff --git a/src/management-system-v2/app/(dashboard)/iam/users/header-actions.tsx b/src/management-system-v2/app/(dashboard)/iam/users/header-actions.tsx
index 465aa49e4..6797f48dd 100644
--- a/src/management-system-v2/app/(dashboard)/iam/users/header-actions.tsx
+++ b/src/management-system-v2/app/(dashboard)/iam/users/header-actions.tsx
@@ -47,10 +47,24 @@ const CreateUserModal: FC<{
   modalOpen: boolean;
   close: () => void;
 }> = ({ modalOpen, close }) => {
-  const [form] = Form.useForm();
   const { message: messageApi } = App.useApp();
   type ErrorsObject = { [field in PostUserField]?: ReactNode[] };
   const [formatError, setFormatError] = useState<ErrorsObject>({});
+  const [form] = Form.useForm();
+
+  const [submittable, setSubmittable] = useState(false);
+  const values = Form.useWatch([], form);
+
+  useEffect(() => {
+    form.validateFields({ validateOnly: true }).then(
+      () => {
+        setSubmittable(true);
+      },
+      () => {
+        setSubmittable(false);
+      },
+    );
+  }, [form, values]);
 
   const { mutateAsync: postUser, isLoading } = usePostAsset('/users', {
     onError(e) {
@@ -108,7 +122,7 @@ const CreateUserModal: FC<{
   };
 
   return (
-    <Modal open={modalOpen} onCancel={close} footer={null}>
+    <Modal open={modalOpen} onCancel={close} footer={null} title="Create New User">
       <Form form={form} layout="vertical" onFinish={submitData}>
         {modalStructureWithoutPassword.map((formField) => (
           <Form.Item
@@ -164,8 +178,8 @@ const CreateUserModal: FC<{
         </Form.Item>
 
         <Form.Item>
-          <Button type="primary" htmlType="submit" loading={isLoading}>
-            Submit
+          <Button type="primary" htmlType="submit" loading={isLoading} disabled={!submittable}>
+            Create User
           </Button>
         </Form.Item>
       </Form>
@@ -185,7 +199,7 @@ const HeaderActions: FC = () => {
 
       <AuthCan action="create" resource="User">
         <Button type="primary" onClick={() => setCreateUserModalOpen(true)}>
-          <PlusOutlined /> Create
+          <PlusOutlined /> Create User
         </Button>
       </AuthCan>
     </>

From 28a220a62262b571f32ae1cd19270bb8f0ecc039 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Sun, 5 Nov 2023 10:37:00 +0100
Subject: [PATCH 43/44] Added Link component to sidebr items

---
 src/management-system-v2/components/layout.tsx | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/management-system-v2/components/layout.tsx b/src/management-system-v2/components/layout.tsx
index f7f3f7423..e8998775d 100644
--- a/src/management-system-v2/components/layout.tsx
+++ b/src/management-system-v2/components/layout.tsx
@@ -6,7 +6,7 @@ import { Layout as AntLayout, Grid, Menu } from 'antd';
 const { Item, Divider, ItemGroup } = Menu;
 import { SettingOutlined, ApiOutlined, UserOutlined, UnlockOutlined } from '@ant-design/icons';
 import Image from 'next/image';
-import { usePathname } from 'next/navigation';
+import { usePathname, useRouter } from 'next/navigation';
 import cn from 'classnames';
 import { useAuthStore } from '@/lib/iam';
 import Link from 'next/link';
@@ -23,6 +23,7 @@ import ProcessSider from './ProcessSider';
  */
 const Layout: FC<PropsWithChildren> = ({ children }) => {
   const activeSegment = usePathname().slice(1) || 'processes';
+  const router = useRouter();
   const [collapsed, setCollapsed] = useState(false);
   const ability = useAuthStore((state) => state.ability);
   const loggedIn = useAuthStore((state) => state.loggedIn);
@@ -76,7 +77,7 @@ const Layout: FC<PropsWithChildren> = ({ children }) => {
                       icon={<UserOutlined />}
                       hidden={!ability.can('manage', 'User')}
                     >
-                      Users
+                      <Link href="/iam/users">Users</Link>
                     </Item>
 
                     <Item
@@ -86,7 +87,7 @@ const Layout: FC<PropsWithChildren> = ({ children }) => {
                         !(ability.can('manage', 'RoleMapping') || ability.can('manage', 'Role'))
                       }
                     >
-                      Roles
+                      <Link href="/iam/roles">Roles</Link>
                     </Item>
                   </ItemGroup>
 

From ce5d49a4659036ec5578e00fc178c778df4e04f1 Mon Sep 17 00:00:00 2001
From: Felipe Trost <felipe.trost@gmail.com>
Date: Sat, 11 Nov 2023 17:01:34 +0100
Subject: [PATCH 44/44] searchQury defaults to empty string

---
 src/management-system-v2/lib/useFuzySearch.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/management-system-v2/lib/useFuzySearch.ts b/src/management-system-v2/lib/useFuzySearch.ts
index 29a7f89e5..aa1495795 100644
--- a/src/management-system-v2/lib/useFuzySearch.ts
+++ b/src/management-system-v2/lib/useFuzySearch.ts
@@ -22,7 +22,7 @@ export default function useFuzySearch<TData extends Record<string, any>>(
   const searchParams = useSearchParams();
 
   const [searchQuery, setSearchQuery] = useState(
-    searchParams.get(fuzzySearchOptions.useSearchParams ? fuzzySearchOptions.queryName : ''),
+    searchParams.get(fuzzySearchOptions.useSearchParams ? fuzzySearchOptions.queryName : '') ?? '',
   );
   const debouncedSearchQuery = useDebounce(searchQuery, 200, fuzzySearchOptions.useSearchParams);