using SurrealDb.Net.Models; namespace RelayServer.Models; ///

/// The permission bitfield. The whole permission model is just: /// /// ServerMembers.IsOwner = true → unconditional Administrator /// roles.Permissions has Administrator flag → unconditional everything /// channel_permissions.Deny has a specific flag → that permission denied here /// channel_permissions.Allow has a specific flag → that permission allowed here /// roles.Permissions has the flag → fallback (channel-independent) /// /// PermissionService.HasPermissionAsync walks that ladder in order. See that class for the /// authoritative implementation. ///

[Flags] public enum PermissionFlags { None = 0, ReadMessages = 1 << 0, SendMessages = 1 << 1, ManageMessages = 1 << 2, // Edit / delete others' messages ManageChannels = 1 << 3, // Create channels (umbrella manage permission) ManageMembers = 1 << 4, // Kick / ban members Administrator = 1 << 5, // All permissions, bypasses channel overrides ViewChannel = 1 << 6, // "Visibility" — can see the channel at all Speak = 1 << 7, // Can transmit in a voice channel EditChannel = 1 << 8, // Rename / reconfigure a channel DeleteChannel = 1 << 9 // Delete a channel } ///

/// Surreal record for the `roles` table. Defines a named permission bundle that can be /// assigned to users via UserRoles. ///

public class Roles : Record { ///

Display name ("Admin", "Moderator", "Member").

public required string Name { get; set; } ///

Base permission bitfield. Channel-level overrides in ChannelPermissions can add or remove.

public required PermissionFlags Permissions { get; set; } ///

When the role was seeded.

public required DateTime CreatedAt { get; set; } ///

Tie-breaker for future multi-role-per-user scenarios. Lower = higher priority. Not used by the current ladder.

public int Priority { get; set; } }