Skip to content

Add role assignment management endpoints #42

Description

@Lakes41

Difficulty: Hard

Type: Feature

Summary

Add authenticated API endpoints for assigning, updating, and removing member roles within a community. This is needed so admin clients can manage access rights without directly editing the database.

Current Behaviour

The API can evaluate roles during access checks and member listing, but there is no clear public API surface for role assignment management.

Expected Behaviour

Admins should be able to assign and revoke roles through validated API endpoints, with all changes scoped to a community and protected by authorisation checks.

Suggested Implementation

Add role mutation endpoints such as POST /v1/communities/:communityId/members/:wallet/roles and DELETE /v1/communities/:communityId/members/:wallet/roles/:role. Validate wallet, community, and role values. Ensure only authorised community admins can perform the action.

Files or Areas Likely Affected

  • apps/access-api/src/routes.ts
  • apps/access-api/src/services/memberService.ts
  • apps/access-api/prisma/schema.prisma
  • packages/shared-types/src/index.ts
  • packages/sdk-lite/src/index.ts

Acceptance Criteria

  • Admins can assign a supported role to a member
  • Admins can remove a role from a member
  • Duplicate role assignments are handled safely
  • Unauthorised users receive 401 or 403 responses
  • Invalid wallet, community, or role values return 400
  • Tests cover assign, remove, duplicate, unauthorised, and invalid-input cases

Additional Notes

Assumption: role management belongs in the access API because roles directly affect policy decisions.

Metadata

Metadata

Assignees

Labels

GrantFox OSSIssue tracked in GrantFox OSSMaybe RewardedIssue may be eligible for a GrantFox rewardOfficial CampaignCampaign: Official Campaign

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions