Qlockify/qlockify-frontend-deployment
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(permissions): align workspace resource actions with role rules

Browse Source
This commit is contained in:
Amirhossein Khalili
2026-04-28 10:02:37 +03:30
parent 9fceef3753
commit b1ad372474
8 changed files with 141 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/api/projects.ts
View File

@@ -1,9 +1,16 @@
import { authFetch } from "./client"; import { authFetch } from "./client";
export interface ProjectClient { interface AuditUser {
id: string; id: string;
name: string; first_name?: string;
} last_name?: string;
mobile?: string;
}
export interface ProjectClient {
id: string;
name: string;
}
export interface ProjectMemberPayload { export interface ProjectMemberPayload {
user_id: string; user_id: string;
@@ -33,6 +40,7 @@ export interface Project {
is_archived: boolean; is_archived: boolean;
is_deleted?: boolean; is_deleted?: boolean;
workspace: string; workspace: string;
created_by?: AuditUser | null;
client: ProjectClient | null; client: ProjectClient | null;
my_role?: string; my_role?: string;
members?: ProjectMembership[]; members?: ProjectMembership[];

8
src/api/tags.ts
View File

@@ -1,11 +1,19 @@
import { authFetch } from "./client"; import { authFetch } from "./client";
interface AuditUser {
id: string;
first_name?: string;
last_name?: string;
mobile?: string;
}
export interface Tag { export interface Tag {
id: string; id: string;
workspace: string; workspace: string;
name: string; name: string;
color: string; color: string;
is_deleted?: boolean; is_deleted?: boolean;
created_by?: AuditUser | null;
created_at: string; created_at: string;
updated_at: string; updated_at: string;
} }

15
src/lib/permissions.ts
View File

@@ -163,6 +163,21 @@ export const canProject = ({
return projectRole === "manager" && PROJECT_MANAGER_CAPABILITIES.has(capability); return projectRole === "manager" && PROJECT_MANAGER_CAPABILITIES.has(capability);
}; };
export const canDeleteWorkspaceResource = ({
workspaceRole,
currentUserId,
createdById,
}: {
workspaceRole: WorkspaceRole | null | undefined;
currentUserId?: string | null;
createdById?: string | null;
}) => {
if (!workspaceRole) return false;
if (workspaceRole === "owner") return true;
if (!currentUserId || !createdById) return false;
return currentUserId === createdById;
};
export const canChangeWorkspaceMember = ({ export const canChangeWorkspaceMember = ({
actorRole, actorRole,
actorUserId, actorUserId,

62
src/pages/Clients.tsx
View File

@@ -1,13 +1,14 @@
import { useEffect, useState } from "react" import { useEffect, useState } from "react"
import { Plus, Building2, Loader2, Pencil, Trash2 } from "lucide-react" import { Plus, Building2, Loader2, Pencil, Trash2 } from "lucide-react"
import { useWorkspace } from "../context/WorkspaceContext" import { useWorkspace } from "../context/WorkspaceContext"
import { useTranslation } from "../hooks/useTranslation" import { useAppContext } from "../context/AppContext"
import { import { useTranslation } from "../hooks/useTranslation"
CLIENTS_CREATE, import {
CLIENTS_DELETE, CLIENTS_CREATE,
CLIENTS_EDIT, CLIENTS_EDIT,
canWorkspace, canDeleteWorkspaceResource,
} from "../lib/permissions" canWorkspace,
} from "../lib/permissions"
import { type Client } from "../types/client" import { type Client } from "../types/client"
import { getClients } from "../api/clients" import { getClients } from "../api/clients"
import CreateClientModal from "../components/CreateClientModal" import CreateClientModal from "../components/CreateClientModal"
@@ -18,9 +19,10 @@ import { Button } from "../components/ui/button"
import { Card } from "../components/ui/card" import { Card } from "../components/ui/card"
import { Pagination } from "../components/Pagination" import { Pagination } from "../components/Pagination"
export default function Clients() { export default function Clients() {
const { activeWorkspace } = useWorkspace() const { activeWorkspace } = useWorkspace()
const [clients, setClients] = useState<Client[]>([]) const { user } = useAppContext()
const [clients, setClients] = useState<Client[]>([])
const [isLoading, setIsLoading] = useState(true) const [isLoading, setIsLoading] = useState(true)
// Pagination States // Pagination States
@@ -40,10 +42,9 @@ export default function Clients() {
const { t, lang } = useTranslation() const { t, lang } = useTranslation()
const isFa = lang === "fa" const isFa = lang === "fa"
const workspaceRole = activeWorkspace?.my_role const workspaceRole = activeWorkspace?.my_role
const canCreateClient = canWorkspace(workspaceRole, CLIENTS_CREATE) const canCreateClient = canWorkspace(workspaceRole, CLIENTS_CREATE)
const canEditClient = canWorkspace(workspaceRole, CLIENTS_EDIT) const canEditClient = canWorkspace(workspaceRole, CLIENTS_EDIT)
const canDeleteClient = canWorkspace(workspaceRole, CLIENTS_DELETE)
const orderingOptions = [ const orderingOptions = [
{ value: "-created_at", label: t.ordering?.createdAtDesc || "Newest First" }, { value: "-created_at", label: t.ordering?.createdAtDesc || "Newest First" },
@@ -161,8 +162,14 @@ export default function Clients() {
</div> </div>
) : ( ) : (
<ul className="divide-y divide-slate-200 dark:divide-slate-800"> <ul className="divide-y divide-slate-200 dark:divide-slate-800">
{clients.map((client) => ( {clients.map((client) => {
<li key={client.id} className="p-4 hover:bg-slate-50 dark:hover:bg-slate-800/50 transition-colors flex items-center justify-between gap-4"> const canDeleteClient = canDeleteWorkspaceResource({
workspaceRole,
currentUserId: user?.id,
createdById: client.created_by?.id,
})
return (
<li key={client.id} className="p-4 hover:bg-slate-50 dark:hover:bg-slate-800/50 transition-colors flex items-center justify-between gap-4">
<div className="flex-1 min-w-0"> <div className="flex-1 min-w-0">
<h4 className="font-medium text-slate-900 dark:text-white truncate">{client.name}</h4> <h4 className="font-medium text-slate-900 dark:text-white truncate">{client.name}</h4>
{client.notes && ( {client.notes && (
@@ -196,10 +203,11 @@ export default function Clients() {
)} )}
</div> </div>
)} )}
</li> </li>
))} )
</ul> })}
)} </ul>
)}
</div> </div>
</Card> </Card>
@@ -231,12 +239,12 @@ export default function Clients() {
/> />
)} )}
{canDeleteClient && ( {!!deleteClient && (
<DeleteClientModal <DeleteClientModal
isOpen={!!deleteClient} isOpen={!!deleteClient}
onClose={() => setDeleteClient(null)} onClose={() => setDeleteClient(null)}
onSuccess={fetchClientsList} onSuccess={fetchClientsList}
client={deleteClient} client={deleteClient}
/> />
)} )}
</div> </div>

48
src/pages/Projects.tsx
View File

@@ -1,7 +1,8 @@
import React, { useState, useEffect } from "react"; import React, { useState, useEffect } from "react";
import { useTranslation } from "../hooks/useTranslation"; import { useTranslation } from "../hooks/useTranslation";
import { getProjects, deleteProject, type Project } from "../api/projects"; import { getProjects, deleteProject, type Project } from "../api/projects";
import { useWorkspace } from "../context/WorkspaceContext"; import { useAppContext } from "../context/AppContext";
import { useWorkspace } from "../context/WorkspaceContext";
import { ProjectCreateModal } from "../components/projects/ProjectCreateModal"; import { ProjectCreateModal } from "../components/projects/ProjectCreateModal";
import { ProjectEditModal } from "../components/projects/ProjectEditModal"; import { ProjectEditModal } from "../components/projects/ProjectEditModal";
import { Pagination } from "../components/Pagination"; import { Pagination } from "../components/Pagination";
@@ -14,21 +15,21 @@ import { Modal } from "../components/Modal";
import { toast } from "sonner"; import { toast } from "sonner";
import { Input } from "../components/ui/input"; import { Input } from "../components/ui/input";
import { import {
PROJECTS_ARCHIVE, PROJECTS_ARCHIVE,
PROJECTS_CREATE, PROJECTS_CREATE,
PROJECTS_DELETE, PROJECTS_EDIT,
PROJECTS_EDIT, canDeleteWorkspaceResource,
canWorkspace, canWorkspace,
} from "../lib/permissions"; } from "../lib/permissions";
export const Projects: React.FC = () => { export const Projects: React.FC = () => {
const { t, lang } = useTranslation(); const { t, lang } = useTranslation();
const { activeWorkspace } = useWorkspace(); const { user } = useAppContext();
const workspaceRole = activeWorkspace?.my_role; const { activeWorkspace } = useWorkspace();
const canCreateProject = canWorkspace(workspaceRole, PROJECTS_CREATE); const workspaceRole = activeWorkspace?.my_role;
const canEditProject = canWorkspace(workspaceRole, PROJECTS_EDIT); const canCreateProject = canWorkspace(workspaceRole, PROJECTS_CREATE);
const canDeleteProject = canWorkspace(workspaceRole, PROJECTS_DELETE); const canEditProject = canWorkspace(workspaceRole, PROJECTS_EDIT);
const canArchiveProject = canWorkspace(workspaceRole, PROJECTS_ARCHIVE); const canArchiveProject = canWorkspace(workspaceRole, PROJECTS_ARCHIVE);
const [projects, setProjects] = useState<any[]>([]); const [projects, setProjects] = useState<any[]>([]);
const [loading, setLoading] = useState(false); const [loading, setLoading] = useState(false);
@@ -188,9 +189,15 @@ export const Projects: React.FC = () => {
</div> </div>
) : ( ) : (
<ul className="divide-y divide-slate-200 dark:divide-slate-800"> <ul className="divide-y divide-slate-200 dark:divide-slate-800">
{projects.map((project) => ( {projects.map((project) => {
<li const canDeleteProject = canDeleteWorkspaceResource({
key={project.id} workspaceRole,
currentUserId: user?.id,
createdById: project.created_by?.id,
});
return (
<li
key={project.id}
className="p-4 hover:bg-slate-50 dark:hover:bg-slate-800/50 transition-colors flex items-center justify-between gap-4" className="p-4 hover:bg-slate-50 dark:hover:bg-slate-800/50 transition-colors flex items-center justify-between gap-4"
> >
<div className="flex-1 min-w-0"> <div className="flex-1 min-w-0">
@@ -232,8 +239,9 @@ export const Projects: React.FC = () => {
)} )}
</div> </div>
)} )}
</li> </li>
))} );
})}
</ul> </ul>
)} )}
</div> </div>

16
src/pages/Tags.tsx
View File

@@ -3,9 +3,10 @@ import { Edit2, Plus, Tag as TagIcon, Trash2 } from "lucide-react";
import { toast } from "sonner"; import { toast } from "sonner";
import { createTag, deleteTag, getTags, type Tag, updateTag } from "../api/tags"; import { createTag, deleteTag, getTags, type Tag, updateTag } from "../api/tags";
import { useAppContext } from "../context/AppContext";
import { useWorkspace } from "../context/WorkspaceContext"; import { useWorkspace } from "../context/WorkspaceContext";
import { useTranslation } from "../hooks/useTranslation"; import { useTranslation } from "../hooks/useTranslation";
import { TAGS_CREATE, TAGS_DELETE, TAGS_EDIT, canWorkspace } from "../lib/permissions"; import { TAGS_CREATE, TAGS_EDIT, canDeleteWorkspaceResource, canWorkspace } from "../lib/permissions";
import FilterBar from "../components/FilterBar"; import FilterBar from "../components/FilterBar";
import { Modal } from "../components/Modal"; import { Modal } from "../components/Modal";
import { Pagination } from "../components/Pagination"; import { Pagination } from "../components/Pagination";
@@ -17,11 +18,11 @@ const DEFAULT_COLOR = "#3B82F6";
export default function Tags() { export default function Tags() {
const { t } = useTranslation(); const { t } = useTranslation();
const { user } = useAppContext();
const { activeWorkspace } = useWorkspace(); const { activeWorkspace } = useWorkspace();
const workspaceRole = activeWorkspace?.my_role; const workspaceRole = activeWorkspace?.my_role;
const canCreateTag = canWorkspace(workspaceRole, TAGS_CREATE); const canCreateTag = canWorkspace(workspaceRole, TAGS_CREATE);
const canEditTag = canWorkspace(workspaceRole, TAGS_EDIT); const canEditTag = canWorkspace(workspaceRole, TAGS_EDIT);
const canDeleteTag = canWorkspace(workspaceRole, TAGS_DELETE);
const [tags, setTags] = useState<Tag[]>([]); const [tags, setTags] = useState<Tag[]>([]);
const [isLoading, setIsLoading] = useState(false); const [isLoading, setIsLoading] = useState(false);
@@ -172,7 +173,13 @@ export default function Tags() {
) : ( ) : (
<div className="flex flex-col flex-1"> <div className="flex flex-col flex-1">
<div className="mb-6 grid grid-cols-1 gap-4 sm:grid-cols-2 xl:grid-cols-3 2xl:grid-cols-4"> <div className="mb-6 grid grid-cols-1 gap-4 sm:grid-cols-2 xl:grid-cols-3 2xl:grid-cols-4">
{tags.map((tag) => ( {tags.map((tag) => {
const canDeleteTag = canDeleteWorkspaceResource({
workspaceRole,
currentUserId: user?.id,
createdById: tag.created_by?.id,
});
return (
<Card key={tag.id} className="overflow-hidden shadow-sm dark:border-slate-700 dark:bg-slate-800"> <Card key={tag.id} className="overflow-hidden shadow-sm dark:border-slate-700 dark:bg-slate-800">
<CardContent className="flex h-full flex-col gap-4 p-5"> <CardContent className="flex h-full flex-col gap-4 p-5">
<div className="flex items-start justify-between gap-3"> <div className="flex items-start justify-between gap-3">
@@ -208,7 +215,8 @@ export default function Tags() {
</div> </div>
</CardContent> </CardContent>
</Card> </Card>
))} );
})}
{tags.length === 0 && ( {tags.length === 0 && (
<div className="py-16 flex flex-col items-center justify-center border-2 border-dashed border-slate-200 dark:border-slate-800 rounded-2xl text-slate-500 dark:text-slate-400"> <div className="py-16 flex flex-col items-center justify-center border-2 border-dashed border-slate-200 dark:border-slate-800 rounded-2xl text-slate-500 dark:text-slate-400">

23
src/pages/WorkspaceEdit.tsx
View File

@@ -285,10 +285,11 @@ export default function EditWorkspace() {
const canManageMembers = canWorkspace(myRole, WORKSPACE_MEMBERS_CHANGE_ROLE); const canManageMembers = canWorkspace(myRole, WORKSPACE_MEMBERS_CHANGE_ROLE);
const isFirstOwner = currentUserId === workspaceOwnerId; const isFirstOwner = currentUserId === workspaceOwnerId;
const isOwner = myRole === "owner";
const roleOptions = (allowOwner: boolean) => [
...(allowOwner ? [{ value: "owner", label: t.workspace?.roles?.owner || "Owner" }] : []), const roleOptions = (allowOwnerRole: boolean, allowAdminRole: boolean) => [
{ value: "admin", label: t.workspace?.roles?.admin || "Admin" }, ...(allowOwnerRole ? [{ value: "owner", label: t.workspace?.roles?.owner || "Owner" }] : []),
...(allowAdminRole ? [{ value: "admin", label: t.workspace?.roles?.admin || "Admin" }] : []),
{ value: "member", label: t.workspace?.roles?.member || "Member" }, { value: "member", label: t.workspace?.roles?.member || "Member" },
{ value: "guest", label: t.workspace?.roles?.guest || "Guest" }, { value: "guest", label: t.workspace?.roles?.guest || "Guest" },
]; ];
@@ -386,13 +387,13 @@ export default function EditWorkspace() {
<div className="flex items-center gap-2 w-full sm:w-auto mt-2 sm:mt-0"> <div className="flex items-center gap-2 w-full sm:w-auto mt-2 sm:mt-0">
<Select <Select
value={newMemberRole} value={newMemberRole}
onChange={(val) => setNewMemberRole(val as any)} onChange={(val) => setNewMemberRole(val as any)}
options={[ options={[
...roleOptions(isFirstOwner), ...roleOptions(isFirstOwner, isOwner),
]} ]}
className="flex-1 sm:flex-none" className="flex-1 sm:flex-none"
buttonClassName="w-full sm:w-[110px] px-3 py-1.5 text-sm" buttonClassName="w-full sm:w-[110px] px-3 py-1.5 text-sm"
/> />
<Button <Button
@@ -456,7 +457,7 @@ export default function EditWorkspace() {
<Select <Select
value={m.role} value={m.role}
onChange={(val) => handleChangeRole(m.id, val)} onChange={(val) => handleChangeRole(m.id, val)}
options={roleOptions(isFirstOwner)} options={roleOptions(isFirstOwner, isOwner)}
buttonClassName="w-[110px] px-3 py-1.5 text-sm" buttonClassName="w-[110px] px-3 py-1.5 text-sm"
/> />
) : ( ) : (

26
src/types/client.ts
View File

@@ -1,12 +1,20 @@
export interface Client { interface AuditUser {
id: string; id: string;
name: string; first_name?: string;
notes: string | null; last_name?: string;
workspace: string; mobile?: string;
can_delete: boolean; }
created_at: string;
updated_at: string; export interface Client {
} id: string;
name: string;
notes: string | null;
workspace: string;
created_by?: AuditUser | null;
can_delete: boolean;
created_at: string;
updated_at: string;
}
export interface PaginatedClientList { export interface PaginatedClientList {
count: number; count: number;