Add access control rework

toju-app/src/app/store/messages/messages.effects.ts

@@ -44,6 +44,7 @@ import {
 } from '../../shared-kernel';
 import { hydrateMessages } from './messages.helpers';
 import { canEditMessage } from '../../domains/chat/domain/message.rules';
+import { resolveRoomPermission } from '../../domains/access-control';
 import { dispatchIncomingMessage, IncomingMessageContext } from './messages-incoming.handlers';
 
 @Injectable()
@@ -244,16 +245,17 @@ export class MessagesEffects {
   adminDeleteMessage$ = createEffect(() =>
     this.actions$.pipe(
       ofType(MessagesActions.adminDeleteMessage),
-      withLatestFrom(this.store.select(selectCurrentUser)),
-      mergeMap(([{ messageId }, currentUser]) => {
+      withLatestFrom(this.store.select(selectCurrentUser), this.store.select(selectCurrentRoom)),
+      mergeMap(([
+        { messageId },
+        currentUser,
+        currentRoom
+      ]) => {
         if (!currentUser) {
           return of(MessagesActions.deleteMessageFailure({ error: 'Not logged in' }));
         }
 
-        const hasPermission =
-          currentUser.role === 'host' ||
-          currentUser.role === 'admin' ||
-          currentUser.role === 'moderator';
+        const hasPermission = !!currentRoom && resolveRoomPermission(currentRoom, currentUser, 'deleteMessages');
 
         if (!hasPermission) {
           return of(MessagesActions.deleteMessageFailure({ error: 'Permission denied' }));