From 53fb3232f3cd97c99716403475860a6d4cff41cd Mon Sep 17 00:00:00 2001 From: Till JS Date: Wed, 15 Apr 2026 18:18:31 +0200 Subject: [PATCH] chore(dev): also grant role=admin in setup-dev-user.sh Admin-gated backend endpoints (e.g. POST /api/v1/admin/sync/:id/gift, GET /api/v1/admin/users/:id/tier) check auth.users.role === 'admin', which is orthogonal to access_tier. The script was already lifting every dev account to tier=founder but left role at the 'user' default, so founders couldn't exercise the admin UI flows against their local stack. Wire role alongside tier (both via env-overridable defaults) and reflect it in the success output so re-runs surface what's being applied. Backfilled the existing three dev accounts (tills95, tilljkb, rajiehq) to role=admin manually once; re-running the script now is idempotent. Co-Authored-By: Claude Opus 4.6 (1M context) --- scripts/dev/setup-dev-user.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/scripts/dev/setup-dev-user.sh b/scripts/dev/setup-dev-user.sh index d0698577d..dce06e8a0 100755 --- a/scripts/dev/setup-dev-user.sh +++ b/scripts/dev/setup-dev-user.sh @@ -45,6 +45,7 @@ DB_USER="${DB_USER:-mana}" DB_PASS="${DB_PASS:-devpassword}" DB_NAME="${DB_NAME:-mana_platform}" TIER="${TIER:-founder}" +ROLE="${ROLE:-admin}" GREEN='\033[0;32m' YELLOW='\033[1;33m' @@ -124,10 +125,16 @@ create_user() { -v ON_ERROR_STOP=1 \ -v email="${email}" \ -v tier="${TIER}" \ + -v role="${ROLE}" \ <<-'SQL' + -- access_tier and role are orthogonal: tier gates product + -- features per user (public < beta < alpha < founder), role + -- gates backend admin endpoints (role=admin required for + -- e.g. /api/v1/admin/sync/:id/gift). Dev accounts want both. UPDATE auth.users SET email_verified = true, access_tier = :'tier'::access_tier, + role = :'role'::user_role, updated_at = NOW() WHERE email = :'email'; @@ -156,14 +163,14 @@ create_user() { return 1 fi echo -e " ${DIM}${row}${NC}" - echo -e " ${GREEN}✓${NC} email=${email} password=${password} tier=${TIER}" + echo -e " ${GREEN}✓${NC} email=${email} password=${password} tier=${TIER} role=${ROLE} sync=gifted" } # ─── Main ──────────────────────────────────────────────────── if [[ $# -eq 2 ]]; then create_user "$1" "$2" else - echo -e "${GREEN}Creating default dev users (${TIER} tier)…${NC}" + echo -e "${GREEN}Creating default dev users (tier=${TIER}, role=${ROLE}, sync=gifted)…${NC}" create_user "tills95@gmail.com" "Aa-123456789" create_user "tilljkb@gmail.com" "Aa-123456789" create_user "rajiehq@gmail.com" "Aa-123456789"