Skip to main content

User

The User is the global identity in Azalt. A single account can belong to multiple organizations but operates within one current organization at a time.

At a Glance

  • Global identity: not scoped to an organization
  • One active context: currentOrganizationId selects the working organization
  • Platform role: systemRole is "ADMIN" | "USER" (platform-level)
  • Org roles come from membership: see Organization User
  • Profile: name, phone, locale, optional image via Media

Data Shape

// apps/azalt/src/server/db/types/auth.ts (simplified)
interface User {
  id: string;
  email: string;           // from Auth adapter
  name?: string | null;    // from Auth adapter
  image?: string | null;   // signed URL when available (Media)
  phone: string | null;
  locale: string | null;   // e.g., "en" | "tr"; defaults to "en" in responses
  systemRole: "ADMIN" | "USER"; // platform-level role
  currentOrganizationId: string | null; // active org context
}

Current Organization Selection

  • If missing, backend selects the earliest ACTIVE membership and sets it as current.
  • Users can switch explicitly (see organization.switch).
  • If the previously current organization is deleted or the user is removed, it is cleared; the next ACTIVE membership is selected when available.
  • If the user has no organizations, organization queries return a client error.

Profile & Media

  • Updatable fields: name, phone, locale.
  • Email is managed by authentication and not editable via profile.
  • Profile pictures live in Media (fieldName = "profilePicture") and are served via time-limited signed URLs.
// tRPC (apps/azalt/src/server/api/routers/user)
// Queries
user.me(): { email, name, phone, locale }
// Mutations
user.updateProfile({ name?, phone?, locale?: "en" | "tr" })

System vs Organization Roles

  • systemRole controls platform-level admin features (e.g., global admin views).
  • Organization roles (Owner/Manager/Approver/Collector/Viewer) are assigned per organization via a membership record.

Typical Operations

  • View/update profile (name/phone/locale)
  • Switch current organization (only to orgs where the user is a member)
  • Accept invitations to new organizations (becomes ACTIVE upon acceptance)

Tips & Edge Cases

  • Locale defaults to "en" in API responses when not set.
  • Removing a user from the current organization immediately clears currentOrganizationId.
  • The user list within an organization includes a signed image URL when a profile picture exists.
  • Organization User — membership, role, and status
  • Organization User Site — site-level access assignments