refactor: remove authorization method calls (server)

[MarcosSpessatto]

https://rocketchat.atlassian.net/browse/CORE-935

Proposed changes (including videos or screenshots)

Issue(s)

Steps to test or reproduce

Further comments

---

This pull request refactors the authorization methods in the Rocket.Chat server codebase to enhance code modularity, maintainability, and reusability. The changes include:

• In roles.ts, a direct Meteor method call is replaced with a dedicated function call for adding a user to a role.
• In addUserToRole.ts, the core logic for adding a user to a role is extracted into a separate async function, simplifying the Meteor method implementation.
• In removeUserFromRole.ts, the logic for removing a user from a role is extracted into a separate function, updating the Meteor method to use this new function.
• In index.ts of the bot helpers, bot helper methods are modified to use direct function calls instead of Meteor.callAsync, a userId parameter is added to the request method, and role management functions are updated with proper user authentication.
• In setAdminStatus.ts, direct Meteor method calls are replaced with imported function calls for managing admin roles.

These changes aim to improve the overall structure and efficiency of the authorization-related code in the Rocket.Chat server.

[dionisio-bot]

Looks like this PR is not ready to merge, because of the following issues:

• This PR is missing the 'stat: QA assured' label

Please fix the issues and try again

If you have any trouble, please check the PR guidelines

[changeset-bot]

⚠️ No Changeset found

Latest commit: cca6795

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

PR Preview Action v1.6.0
🚀 View preview at https://RocketChat.github.io/Rocket.Chat/pr-preview/pr-34986/
Built to branch gh-pages at 2025-03-07 13:04 UTC. Preview will be ready when the GitHub Pages deployment is complete.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 59.48%. Comparing base (bbf12a1) to head (cca6795).

Additional details and impacted files

@@             Coverage Diff             @@
##           develop   #34986      +/-   ##
===========================================
+ Coverage    59.46%   59.48%   +0.02%     
===========================================
  Files         2830     2830              
  Lines        68579    68720     +141     
  Branches     15177    15204      +27     
===========================================
+ Hits         40778    40877      +99     
- Misses       25132    25171      +39     
- Partials      2669     2672       +3     

Flag	Coverage Δ
unit	75.50% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[scuciatto]

@kody start-review

[kodus-ai]

Code Review Completed! 🔥

The code review was successfully completed based on your current configurations.

Kody Guide: Usage and Configuration

Interacting with Kody

• Request a Review: Ask Kody to review your PR manually by adding a comment with the @kody start-review command at the root of your PR.

• Provide Feedback: Help Kody learn and improve by reacting to its comments with a 👍 for helpful suggestions or a 👎 if improvements are needed.

Current Kody Configuration

Review Options

The following review options are enabled or disabled:

Options	Enabled
Security	✅
Code Style	✅
Kody Rules	✅
Refactoring	✅
Error Handling	✅
Maintainability	✅
Potential Issues	✅
Documentation And Comments	✅
Performance And Optimization	✅

Access your configuration settings here.

​

[kodus-ai]

try {
  await addUserToRole(this.userId, role._id, user.username, roomId);
} catch (error) {
  throw new Meteor.Error('error-role-assignment-failed', 'Failed to assign user to role', { error: error.message });
}

Multiple functions lack proper error handling, which can lead to unhandled exceptions during role assignments and modifications.

This issue appears in multiple locations:

• apps/meteor/app/api/server/v1/roles.ts: Lines 85-85
• apps/meteor/app/authorization/server/methods/addUserToRole.ts: Lines 78-88
• apps/meteor/app/bot-helpers/server/index.ts: Lines 66-68
• apps/meteor/app/bot-helpers/server/index.ts: Lines 70-72
• apps/meteor/app/lib/server/methods/setAdminStatus.ts: Lines 39-43

Please add try-catch blocks around all relevant function calls to handle potential errors gracefully.

_{Talk to Kody by mentioning @kody}

_{Was this suggestion helpful? React with 👍 or 👎 to help Kody learn from this interaction.}​
​

[kodus-ai]

throw new Meteor.Error('error-invalid-arguments', `Invalid arguments: roleId and username must be non-empty strings`, {

The error message for invalid arguments should be more specific about which argument(s) failed validation to help with debugging and maintainability

_{Talk to Kody by mentioning @kody}

_{Was this suggestion helpful? React with 👍 or 👎 to help Kody learn from this interaction.}​
​