Skip to main content

Organization User Site

This junction links a membership (Organization User) to one or more Sites, enabling fine-grained, site-scoped access control. 
// apps/azalt/src/server/db/types/organization.ts (simplified)
interface OrganizationUserSite {
  id: string;
  organizationUserId: string; // references OrganizationUser.id
  siteId: string;             // references Site.id
  createdAt: Date;
  updatedAt: Date;
}

At a Glance

  • Stores direct site assignments for a membership
  • Effective access = assigned sites + all descendants
  • Root site assignment grants access to entire organization
  • Unique per (organizationUserId, siteId); cascades on delete

How Access Is Calculated

  • Direct assignments are stored here (assignedSiteIds).
  • Effective access includes the descendants of assigned sites (computed via a recursive CTE).
  • Assigning the root site gives access to the entire organization (root + all children).

Constraints & Integrity

  • Unique pair: (organizationUserId, siteId) to prevent duplicates.
  • Cascades on delete/update to keep relations clean.
  • Soft-deleted sites are filtered out by queries that list assignments.

Typical Operations

  • On invitation: assign initial sites to the invited user.
  • Update a member’s site list (replace entire set).
  • Bulk operations for multiple users: replace, add, or remove sites.
// tRPC (apps/azalt/src/server/api/routers/organization)
organizations.updateUserSites({ userId, assignedSiteIds })
organizations.bulkUpdateUserSites({ userIds, siteIds, operation: "replace" | "add" | "remove" })

Read Patterns

  • User listings return assignedSites for each member for easy display.
  • Access checks reference the calculated accessibleSiteIds (descendants included).
  • Root site often appears as “Organization” in UI lists for clarity.

Security

  • Only Managers and Owners can modify site assignments.
  • All checks are further scoped to the acting user’s own accessible sites.

Tips & Edge Cases

  • Users without any assignments will have no effective site access but may still appear in admin lists.
  • Prefer replace for idempotent updates in bulk operations; use add/remove for incremental changes.
  • Organization User — membership and role
  • Site — hierarchical locations inside an organization