omni_orchestrator::schemas::v1::db::queries::permission

Function assign_permission_to_role

Source 
pub async fn assign_permission_to_role(
    pool: &Pool<MySql>,
    permission_id: i64,
    role_id: i64,
) -> Result<()>
Expand description

Assigns a permission to a role.

This function creates an association between a permission and a role, granting the capability represented by the permission to users who have the specified role. This is a core operation in the RBAC system for building role capabilities.

§Arguments

  • pool - Database connection pool for executing the query
  • permission_id - Unique identifier of the permission to assign
  • role_id - Unique identifier of the role to receive the permission

§Returns

  • Ok(()) - Successfully assigned the permission to the role
  • Err(anyhow::Error) - Failed to assign the permission

§Uniqueness

This function assumes that the combination of permission_id and role_id must be unique in the permissions_role table. If this association already exists, the operation will fail with a unique constraint violation.

§Transaction Handling

This function uses a database transaction to ensure atomicity of the operation. If any part of the operation fails, the entire operation is rolled back.

§Note

After this operation, all users who have the specified role will effectively gain the assigned permission.