Permissions to dbAuth

I am trying to implement permissions to the RBAC model of dbAuth and use them on the web side. I have added new functionality to the auth.ts file where hasRole is implemented and added my code for hasPermission. Sadly I don’t have access to it. So I went to explore where I get hasRole from anyway.

In my client side component I do:

import { useAuth } from 'web/src/auth'
const { currentUser, hasPermission } = useAuth()

But that fails because hasPermission is not part of useAuth. So I found where useAuth is created and I see we’re also declaring useHasRole and useCurrentUser in @redwoodjs/auth-dbauth-web.

export declare function createAuth(dbAuthClient: ReturnType<typeof createDbAuthClient>, customProviderHooks?: {
    useCurrentUser?: () => Promise<CurrentUser>;
    useHasRole?: (currentUser: CurrentUser | null) => (rolesToCheck: string | string[]) => boolean;
}): {
    AuthContext: import("react").Context<import("@redwoodjs/auth").AuthContextInterface<string, LoginAttributes, any, unknown, boolean, SignupAttributes, any, any, ResetPasswordAttributes, any, any, import("./webAuthn").default> | undefined>;
    AuthProvider: ({ children, skipFetchCurrentUser, }: import("@redwoodjs/auth/dist/AuthProvider/AuthProvider").AuthProviderProps) => import("react").JSX.Element;
    useAuth: () => import("@redwoodjs/auth").AuthContextInterface<string, LoginAttributes, any, unknown, boolean, SignupAttributes, any, any, ResetPasswordAttributes, any, any, import("./webAuthn").default>;

I cannot edit the node_modules dbAuth.d.ts file so is the only way to add additional functionality to the auth.ts file to amend the web/src/auth.ts file?

import { createDbAuthClient, createAuth } from '@redwoodjs/auth-dbauth-web'

const dbAuthClient = createDbAuthClient()

export const { AuthProvider, useAuth, +include hasPermission+ } = createAuth(dbAuthClient)

I’ve dug a bit deeper and tried logging at least the hasRole in api/lib/auth.ts but it turns out, it always returns false. Am I not using it correctly? I import it like so in my components:

import { useAuth } from 'web/src/auth'

And then destructure the hasRole from it, but like I said even that doesn’t run properly. Always returns false. How do I use what I declare in api/lib/auth.ts on the web side properly?

Maybe I was wrong in my original post, it seems hasRole is defined in @redoowdjs/auth/dist/AuthContext.d.ts like so:

    hasRole(rolesToCheck: string | string[]): boolean;

I don’t see how that connects to the hasRole method in api/lib/auth.ts though? I feel like this is the reason I keep getting false and my hasPermission doesn’t show up when I try to destructure it. The AuthContext.d.ts file doesn’t pull from the methods from auth/lib/auth.ts and whatever this hasRole declaration is, there is no connection to the actual code in auth/lib

Solution for anyone who hits this roadblock where you have a User and Role model but can’t get hasRole to work:

Make sure your getCurrentUser returns not just user, but also roles and permissions as an array.