feat: Add APIs to manage custom roles in Chatwoot (#9995)

Co-authored-by: Pranav <pranavrajs@gmail.com>

enterprise/app/controllers/api/v1/accounts/custom_roles_controller.rb

@@ -0,0 +1,31 @@
+class Api::V1::Accounts::CustomRolesController < Api::V1::Accounts::EnterpriseAccountsController
+  before_action :fetch_custom_role, only: [:show, :update, :destroy]
+  before_action :check_authorization
+
+  def index
+    @custom_roles = Current.account.custom_roles
+  end
+
+  def create
+    @custom_role = Current.account.custom_roles.create!(permitted_params)
+  end
+
+  def show; end
+
+  def update
+    @custom_role.update!(permitted_params)
+  end
+
+  def destroy
+    @custom_role.destroy!
+    head :ok
+  end
+
+  def permitted_params
+    params.require(:custom_role).permit(:name, :description, permissions: [])
+  end
+
+  def fetch_custom_role
+    @custom_role = Current.account.custom_roles.find_by(id: params[:id])
+  end
+end

enterprise/app/controllers/enterprise/api/v1/accounts/agents_controller.rb

@@ -0,0 +1,9 @@
+module Enterprise::Api::V1::Accounts::AgentsController
+  def account_user_attributes
+    super + [:custom_role_id]
+  end
+
+  def allowed_agent_params
+    super + [:custom_role_id]
+  end
+end

enterprise/app/models/custom_role.rb

@@ -0,0 +1,42 @@
+# == Schema Information
+#
+# Table name: custom_roles
+#
+#  id          :bigint           not null, primary key
+#  description :string
+#  name        :string
+#  permissions :text             default([]), is an Array
+#  created_at  :datetime         not null
+#  updated_at  :datetime         not null
+#  account_id  :bigint           not null
+#
+# Indexes
+#
+#  index_custom_roles_on_account_id  (account_id)
+#
+#
+
+# Available permissions for custom roles:
+# - 'conversation_manage': Can manage all conversations.
+# - 'conversation_unassigned_manage': Can manage unassigned conversations and assign to self.
+# - 'conversation_participating_manage': Can manage conversations they are participating in (assigned to or a participant).
+# - 'contact_manage': Can manage contacts.
+# - 'report_manage': Can manage reports.
+# - 'knowledge_base_manage': Can manage knowledge base portals.
+
+class CustomRole < ApplicationRecord
+  belongs_to :account
+  has_many :account_users, dependent: :nullify
+
+  PERMISSIONS = %w[
+    conversation_manage
+    conversation_unassigned_manage
+    conversation_participating_manage
+    contact_manage
+    report_manage
+    knowledge_base_manage
+  ].freeze
+
+  validates :name, presence: true
+  validates :permissions, inclusion: { in: PERMISSIONS }
+end

enterprise/app/models/enterprise/account_user.rb

@@ -0,0 +1,5 @@
+module Enterprise::AccountUser
+  def permissions
+    custom_role.present? ? (custom_role.permissions + ['custom_role']) : super
+  end
+end

enterprise/app/models/enterprise/concerns/account.rb

@@ -4,6 +4,7 @@ module Enterprise::Concerns::Account
   included do
     has_many :sla_policies, dependent: :destroy_async
     has_many :applied_slas, dependent: :destroy_async
+    has_many :custom_roles, dependent: :destroy_async
 
     def self.add_response_related_associations
       has_many :response_sources, dependent: :destroy_async

enterprise/app/models/enterprise/concerns/account_user.rb

@@ -0,0 +1,7 @@
+module Enterprise::Concerns::AccountUser
+  extend ActiveSupport::Concern
+
+  included do
+    belongs_to :custom_role, optional: true
+  end
+end

enterprise/app/policies/custom_role_policy.rb

@@ -0,0 +1,21 @@
+class CustomRolePolicy < ApplicationPolicy
+  def index?
+    @account_user.administrator?
+  end
+
+  def update?
+    @account_user.administrator?
+  end
+
+  def show?
+    @account_user.administrator?
+  end
+
+  def create?
+    @account_user.administrator?
+  end
+
+  def destroy?
+    @account_user.administrator?
+  end
+end

enterprise/app/views/api/v1/accounts/custom_roles/create.json.jbuilder

@@ -0,0 +1 @@
+json.partial! 'api/v1/models/custom_role', formats: [:json], custom_role: @custom_role

enterprise/app/views/api/v1/accounts/custom_roles/index.json.jbuilder

@@ -0,0 +1,3 @@
+json.array! @custom_roles do |custom_role|
+  json.partial! 'api/v1/models/custom_role', formats: [:json], custom_role: custom_role
+end

enterprise/app/views/api/v1/accounts/custom_roles/show.json.jbuilder

@@ -0,0 +1 @@
+json.partial! 'api/v1/models/custom_role', formats: [:json], custom_role: @custom_role

enterprise/app/views/api/v1/accounts/custom_roles/update.json.jbuilder

@@ -0,0 +1 @@
+json.partial! 'api/v1/models/custom_role', formats: [:json], custom_role: @custom_role

enterprise/app/views/api/v1/models/_custom_role.json.jbuilder

@@ -0,0 +1,6 @@
+json.id custom_role.id
+json.name custom_role.name
+json.description custom_role.description
+json.permissions custom_role.permissions
+json.created_at custom_role.created_at
+json.updated_at custom_role.updated_at