fix build permission errors

api/src/Controllers/AuthController.cs

@@ -15,12 +15,14 @@ public class AuthController : ControllerBase {
     private readonly SignInManager<User> signInManager_;
 
     private readonly JwtService jwt_;
+    private readonly UserService userService_;
 
-    public AuthController(UserManager<User> userManager, SignInManager<User> signInManager, JwtService jwt) {
+    public AuthController(UserManager<User> userManager, SignInManager<User> signInManager, JwtService jwt, UserService userService) {
 
         userManager_ = userManager;
         signInManager_ = signInManager;
         jwt_ = jwt;
+        userService_ = userService;
     }
 
     [HttpPost("register")]
@@ -31,21 +33,16 @@ public class AuthController : ControllerBase {
             CreatedAt = DateTime.UtcNow // yeah why not utc
         };
 
+        // assigning roles to user
+        if(dto.UserName.StartsWith("x")) {
+            user.Permissions = new List<string> { Permission.SensitiveData_Read };
+        } else if(dto.UserName == "bard") {
+            user.Permissions = new List<string> { Permission.SensitiveData_Read, Permission.SensitiveData_Modify };
+        } 
+
         var result = await userManager_.CreateAsync(user, dto.Password);
         if(!result.Succeeded) return BadRequest(result.Errors);
 
-        // assigning roles to user
-        string role = "base";
-        if(dto.UserName == "bard") {
-            role = "superuser";
-        } else if(dto.UserName.StartsWith("x")) {
-            role = "admin";
-        } 
-        await userManager_.AddToRoleAsync(user, role); // TODO: error check this
-        // these are here just in case you need them
-        // await _userManager.RemoveFromRoleAsync(user, "admin"); // remove role
-        // var roles = await _userManager.GetRolesAsync(user); // get list of roles for user
-
         return CreatedAtAction(
             nameof(Register),
             new { id = user.Id }
@@ -78,6 +75,11 @@ public class AuthController : ControllerBase {
             await userManager_.AddToRoleAsync(user, "superuser");
         } // eventually ill have an endpoint for adding/removing roles
 
+        if(dto.UserName == "bard") {
+            user.Permissions = new List<string> { Permission.SensitiveData_Read, Permission.SensitiveData_Modify };
+            await userService_.Update(user.Id, user);
+        }
+
         return Ok(new { accessToken, refreshToken });
     }
 

api/src/Models/User.cs

@@ -7,7 +7,7 @@ public class User : IdentityUser {
 
     public DateTime CreatedAt { get; set; }
 
-    public List<string> Permissions { get; set; } = [ Permission.SensitiveData_Read, Permission.SensitiveData_Modify ]; // just seeding these here initially
+    public List<string>? Permissions { get; set; }
 
     // properties inherited from IdentityUser:
     /*

api/src/Services/JwtService.cs

@@ -37,9 +37,11 @@ public class JwtService {
             new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
         };
 
-        List<string> permissions = user.Permissions;
-        foreach(var perm in permissions) {
-            claims.Add(new Claim("permission", perm));
+        List<string>? permissions = user.Permissions;
+        if(permissions != null) {
+            foreach(var perm in permissions) {
+                claims.Add(new Claim("permission", perm));
+            }
         }
 
         var token = new JwtSecurityToken(

api/src/Services/UserService.cs

@@ -36,4 +36,15 @@ public class UserService {
         }
     }
 
+    public async Task<User?> Update(string id, User user) {
+
+        User? oldUser = await db_.Users.FindAsync(id);
+        if(oldUser == null) return oldUser;
+
+        oldUser.Permissions = user.Permissions;
+
+        await db_.SaveChangesAsync();
+        return oldUser;
+    }
+
 }