bonamin/bellsystems-cp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update: Major Overhaul to all subsystems

Browse Source
This commit is contained in:
Vasileios Kousaridas
2026-03-07 11:32:18 +02:00
parent 810e81b323
commit c62188fda6
107 changed files with 20414 additions and 929 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
frontend/src/auth/AuthContext.jsx
View File

@@ -71,6 +71,25 @@ export function AuthProvider({ children }) {
return roles.includes(user.role);
};
/**
* hasPermission(section, action)
*
* Sections and their action keys:
* melodies: view, add, delete, safe_edit, full_edit, archetype_access, settings_access, compose_access
* devices: view, add, delete, safe_edit, edit_bells, edit_clock, edit_warranty, full_edit, control
* app_users: view, add, delete, safe_edit, full_edit
* issues_notes: view, add, delete, edit
* mail: view, compose, reply
* crm: activity_log
* crm_customers: full_access, overview, orders_view, orders_edit, quotations_view, quotations_edit,
* comms_view, comms_log, comms_edit, comms_compose, add, delete,
* files_view, files_edit, devices_view, devices_edit
* crm_orders: view (→ crm_customers.orders_view), edit (→ crm_customers.orders_edit) [derived]
* crm_products: view, add, edit
* mfg: view_inventory, edit, provision, firmware_view, firmware_edit
* api_reference: access
* mqtt: access
*/
const hasPermission = (section, action) => {
if (!user) return false;
// sysadmin and admin have full access
@@ -79,13 +98,22 @@ export function AuthProvider({ children }) {
const perms = user.permissions;
if (!perms) return false;
// MQTT is a global flag
if (section === "mqtt") {
return !!perms.mqtt;
// crm_orders is derived from crm_customers
if (section === "crm_orders") {
const cc = perms.crm_customers;
if (!cc) return false;
if (cc.full_access) return true;
if (action === "view") return !!cc.orders_view;
if (action === "edit") return !!cc.orders_edit;
return false;
}
const sectionPerms = perms[section];
if (!sectionPerms) return false;
// crm_customers.full_access grants everything in that section
if (section === "crm_customers" && sectionPerms.full_access) return true;
return !!sectionPerms[action];
};