fix: update PermissionsProvider to use site perms instead of resource perms (#1528)

* fix: update resourceId handling in PermissionsProvider to use site role instead of resource role

* undo

* move perms check logic

Author: adriangohjw

apps/studio/src/server/modules/permissions/__tests__/permissions.service.test.ts

@@ -1051,7 +1051,8 @@ describe("getResourcePermission", () => {
     expect(permissions[0]?.role).toBe(RoleType.Admin)
   })
 
-  it("should return resource-specific permissions when resourceId is provided", async () => {
+  // TODO: add this back in when we have resource-specific permissions
+  it.skip("should return resource-specific permissions when resourceId is provided", async () => {
     // Arrange
     const user = await setupUser({ email: "[email protected]" })
     const { page, site } = await setupPageResource({
@@ -1115,7 +1116,8 @@ describe("getResourcePermission", () => {
     expect(permissions).toHaveLength(0)
   })
 
-  it("should not return site-wide permissions when resourceId is provided and is not null", async () => {
+  // TODO: add this back in when we have resource-specific permissions
+  it.skip("should not return site-wide permissions when resourceId is provided and is not null", async () => {
     // Arrange
     const user = await setupUser({ email: "[email protected]" })
     const { page, site } = await setupPageResource({

apps/studio/src/server/modules/permissions/permissions.service.ts

@@ -165,19 +165,17 @@ export const bulkValidateUserPermissionsForResources = async ({
 export const getResourcePermission = async ({
   userId,
   siteId,
-  resourceId,
+  resourceId: _resourceId,
 }: PermissionsProps) => {
   let query = db
     .selectFrom("ResourcePermission")
     .where("userId", "=", userId)
     .where("siteId", "=", siteId)
     .where("deletedAt", "is", null)
 
-  if (resourceId) {
-    query = query.where("resourceId", "=", resourceId)
-  } else {
-    query = query.where("resourceId", "is", null)
-  }
+  // NOTE: we are using site-wide permissions for now
+  // because there's no granular resource role
+  query = query.where("resourceId", "is", null)
 
   return query.select("role").execute()
 }