Add isSystemRole field to RoleEntity and update related logic in RBAC components

Pranit-DC · Pranit-DC · commit 3dfc7c1cb62a · 2026-01-23T16:26:59.000+05:30
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
@@ -282,6 +282,7 @@ model RoleEntity {
   id              String           @id @default(cuid())
   name            String           @unique
   description     String?
+  isSystemRole    Boolean          @default(false)
   createdAt       DateTime         @default(now())
   updatedAt       DateTime         @updatedAt
   rolePermissions RolePermission[]
diff --git a/prisma/seed-rbac.ts b/prisma/seed-rbac.ts
@@ -271,7 +271,8 @@ async function main() {
       prisma.roleEntity.create({
         data: {
           name: roleName,
-          description: roleDescriptions[roleName]
+          description: roleDescriptions[roleName],
+          isSystemRole: true
         }
       })
     )
diff --git a/src/components/rbac/roles-management.tsx b/src/components/rbac/roles-management.tsx
@@ -75,12 +75,12 @@ export default function RolesManagement() {
   };
 
   const systemRoles = useMemo(
-    () => roles.filter((r) => ['ADMIN', 'DOCTOR', 'NURSE', 'PHARMACIST', 'LAB_TECH', 'RECEPTIONIST', 'EMERGENCY'].includes(r.name)),
+    () => roles.filter((r) => r.isSystemRole),
     [roles]
   );
 
   const customRoles = useMemo(
-    () => roles.filter((r) => !['ADMIN', 'DOCTOR', 'NURSE', 'PHARMACIST', 'LAB_TECH', 'RECEPTIONIST', 'EMERGENCY'].includes(r.name)),
+    () => roles.filter((r) => !r.isSystemRole),
     [roles]
   );
 
@@ -122,15 +122,14 @@ export default function RolesManagement() {
                     >
                       Edit
                     </button>
-                    {role.name !== 'ADMIN' && (
-                      <button
-                        onClick={() => handleDelete(role.id)}
-                        className="p-1 text-red-600 hover:bg-red-50 rounded transition"
-                        title="Delete"
-                      >
-                        <Trash2 className="w-4 h-4" />
-                      </button>
-                    )}
+                    <button
+                      onClick={() => handleDelete(role.id)}
+                      disabled={role.isSystemRole || role.name === 'ADMINISTRATOR'}
+                      className="p-1 text-red-600 hover:bg-red-50 disabled:text-gray-400 disabled:cursor-not-allowed rounded transition"
+                      title={role.name === 'ADMINISTRATOR' ? "Admin role cannot be deleted" : role.isSystemRole ? "System roles cannot be deleted" : "Delete"}
+                    >
+                      <Trash2 className="w-4 h-4" />
+                    </button>
                   </div>
                 </div>
                 <div className="flex flex-wrap gap-2">
diff --git a/src/components/rbac/users-management.tsx b/src/components/rbac/users-management.tsx
@@ -80,7 +80,7 @@ export default function UsersManagement() {
     // Prevent deleting admin user
     if (user?.roleEntityId) {
       const userRole = roles.find((r) => r.id === user.roleEntityId);
-      if (userRole?.name?.toLowerCase() === 'admin') {
+      if (userRole?.name === 'ADMINISTRATOR') {
         setFormError('Cannot delete admin user');
         return;
       }
@@ -160,14 +160,14 @@ export default function UsersManagement() {
                         </button>
                         <button
                           onClick={() => handleDelete(user.id)}
-                          disabled={!!(user.roleEntityId && roles.find((r) => r.id === user.roleEntityId)?.name?.toLowerCase() === 'admin')}
+                          disabled={!!(user.roleEntityId && roles.find((r) => r.id === user.roleEntityId)?.name === 'ADMINISTRATOR')}
                           className={`p-1 rounded transition ${
-                            user.roleEntityId && roles.find((r) => r.id === user.roleEntityId)?.name?.toLowerCase() === 'admin'
+                            user.roleEntityId && roles.find((r) => r.id === user.roleEntityId)?.name === 'ADMINISTRATOR'
                               ? 'text-gray-300 cursor-not-allowed'
                               : 'text-red-600 hover:bg-red-50'
                           }`}
                           title={
-                            user.roleEntityId && roles.find((r) => r.id === user.roleEntityId)?.name?.toLowerCase() === 'admin'
+                            user.roleEntityId && roles.find((r) => r.id === user.roleEntityId)?.name === 'ADMINISTRATOR'
                               ? 'Cannot delete admin user'
                               : 'Delete'
                           }
diff --git a/src/hooks/use-rbac.ts b/src/hooks/use-rbac.ts
@@ -19,6 +19,7 @@ export interface RoleEntity {
   id: string;
   name: string;
   description?: string;
+  isSystemRole: boolean;
   createdAt: string;
   updatedAt: string;
   rolePermissions: RolePermission[];

Original file line number	Diff line number	Diff line change
`@@ -271,7 +271,8 @@ async function main() {`
`271`	`271`	`prisma.roleEntity.create({`
`272`	`272`	`data: {`
`273`	`273`	`name: roleName,`
`274`		`- description: roleDescriptions[roleName]`
	`274`	`+ description: roleDescriptions[roleName],`
	`275`	`+ isSystemRole: true`
`275`	`276`	`}`
`276`	`277`	`})`
`277`	`278`	`)`