@careflair/common 1.0.38 → 1.0.40

package/dist/abilities/index.d.ts

@@ -0,0 +1,32 @@
+import { PureAbility } from "@casl/ability";
+import { UserRole } from "../enums";
+/**
+ * Actions that users can perform
+ */
+export type Actions = "create" | "read" | "update" | "delete" | "apply" | "initiate" | "respond" | "submit" | "manage";
+/**
+ * Subjects/resources that users act upon
+ */
+export type Subjects = "Job" | "Chat" | "NDISScreening" | "WorkingWithChildren" | "Profile" | "all";
+/**
+ * AppAbility type for type-safe permission checks
+ * Uses PureAbility (modern API) instead of deprecated Ability
+ */
+export type AppAbility = PureAbility<[Actions, Subjects]>;
+/**
+ * User interface for ability definition
+ * Only requires id and role - minimal interface for permission checks
+ */
+export interface UserForAbility {
+    id: string;
+    role: UserRole;
+}
+/**
+ * Define abilities for a user based on their role
+ * This is the SINGLE SOURCE OF TRUTH for permissions
+ * Used by backend, frontend, and mobile app
+ *
+ * @param user - User object with id and role
+ * @returns AppAbility instance with user's permissions
+ */
+export declare function defineAbilitiesFor(user: UserForAbility): AppAbility;

package/dist/abilities/index.js

@@ -0,0 +1,68 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.defineAbilitiesFor = defineAbilitiesFor;
+const ability_1 = require("@casl/ability");
+const enums_1 = require("../enums");
+/**
+ * Define abilities for a user based on their role
+ * This is the SINGLE SOURCE OF TRUTH for permissions
+ * Used by backend, frontend, and mobile app
+ *
+ * @param user - User object with id and role
+ * @returns AppAbility instance with user's permissions
+ */
+function defineAbilitiesFor(user) {
+    const { can, cannot, build } = new ability_1.AbilityBuilder(ability_1.PureAbility);
+    // ============================================
+    // HIRERS: PARTICIPANT and SUPPORT_PERSON
+    // ============================================
+    if (user.role === enums_1.UserRole.PARTICIPANT ||
+        user.role === enums_1.UserRole.SUPPORT_PERSON) {
+        // Jobs
+        can("create", "Job");
+        can("read", "Job");
+        can("update", "Job", { postedBy: user.id }); // Only own jobs
+        can("delete", "Job", { postedBy: user.id }); // Only own jobs
+        // Chat
+        can("initiate", "Chat"); // Can start conversations
+        can("read", "Chat");
+        // Profile
+        can("read", "Profile", { user: user.id });
+    }
+    // ============================================
+    // WORKERS: SUPPORT_WORKER
+    // ============================================
+    if (user.role === enums_1.UserRole.SUPPORT_WORKER) {
+        // Jobs
+        can("read", "Job");
+        can("apply", "Job");
+        // Chat
+        can("respond", "Chat"); // Can respond to messages
+        cannot("initiate", "Chat"); // Cannot start conversations
+        // Verifications
+        can("submit", "NDISScreening");
+        can("submit", "WorkingWithChildren");
+        // Profile
+        can("read", "Profile", { user: user.id });
+        can("update", "Profile", { user: user.id });
+    }
+    // ============================================
+    // WORKERS: PROVIDER
+    // Same permissions as SUPPORT_WORKER for now
+    // ============================================
+    if (user.role === enums_1.UserRole.PROVIDER) {
+        // Jobs
+        can("read", "Job");
+        can("apply", "Job");
+        // Chat
+        can("respond", "Chat"); // Can respond to messages
+        cannot("initiate", "Chat"); // Cannot start conversations
+        // Verifications
+        can("submit", "NDISScreening");
+        can("submit", "WorkingWithChildren");
+        // Profile
+        can("read", "Profile", { user: user.id });
+        can("update", "Profile", { user: user.id });
+    }
+    return build();
+}

package/dist/index.d.ts

@@ -4,5 +4,6 @@ export { WorkHistoryInputValidation, WorkHistorySchema, } from "./schemas/workHi
 export { AvailabilitiesSchemaZod, AvailabilityZodInput, } from "./schemas/availabilitySchemaValidation";
 export { HourlyRateInputZod, HourlyRateInputZodType, } from "./schemas/hourlyRateSchemaValidation";
 export { ServicesSchema, validateServices, } from "./schemas/businessServicesValidation";
-export { VideoProvider, VideoValidationResult, detectVideoProvider, extractYouTubeVideoId, isValidCommunityVideoUrl, isValidYouTubeOrVimeoUrl, normalizeYouTubeUrl, validateVideoLink, } from "./utils/videoValidation";
+export { detectVideoProvider, extractYouTubeVideoId, isValidCommunityVideoUrl, isValidYouTubeOrVimeoUrl, normalizeYouTubeUrl, validateVideoLink, VideoProvider, VideoValidationResult, } from "./utils/videoValidation";
 export { ApplicationFormValues, applicationSchema, isValidVideoUrl, } from "./schemas/applicationSchema";
+export { defineAbilitiesFor, type Actions, type AppAbility, type Subjects, type UserForAbility, } from "./abilities";

package/dist/index.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isValidVideoUrl = exports.applicationSchema = exports.validateVideoLink = exports.normalizeYouTubeUrl = exports.isValidYouTubeOrVimeoUrl = exports.isValidCommunityVideoUrl = exports.extractYouTubeVideoId = exports.detectVideoProvider = exports.validateServices = exports.ServicesSchema = exports.HourlyRateInputZod = exports.AvailabilitiesSchemaZod = exports.WorkHistorySchema = exports.EducationAndTrainingSchema = exports.UserRegistrationSchema = void 0;
+exports.defineAbilitiesFor = exports.isValidVideoUrl = exports.applicationSchema = exports.validateVideoLink = exports.normalizeYouTubeUrl = exports.isValidYouTubeOrVimeoUrl = exports.isValidCommunityVideoUrl = exports.extractYouTubeVideoId = exports.detectVideoProvider = exports.validateServices = exports.ServicesSchema = exports.HourlyRateInputZod = exports.AvailabilitiesSchemaZod = exports.WorkHistorySchema = exports.EducationAndTrainingSchema = exports.UserRegistrationSchema = void 0;
 var userValiationSchema_1 = require("./schemas/userValiationSchema");
 Object.defineProperty(exports, "UserRegistrationSchema", { enumerable: true, get: function () { return userValiationSchema_1.UserRegistrationSchema; } });
 var educationSchemas_1 = require("./schemas/educationSchemas");
@@ -24,3 +24,6 @@ Object.defineProperty(exports, "validateVideoLink", { enumerable: true, get: fun
 var applicationSchema_1 = require("./schemas/applicationSchema");
 Object.defineProperty(exports, "applicationSchema", { enumerable: true, get: function () { return applicationSchema_1.applicationSchema; } });
 Object.defineProperty(exports, "isValidVideoUrl", { enumerable: true, get: function () { return applicationSchema_1.isValidVideoUrl; } });
+// CASL Abilities
+var abilities_1 = require("./abilities");
+Object.defineProperty(exports, "defineAbilitiesFor", { enumerable: true, get: function () { return abilities_1.defineAbilitiesFor; } });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@careflair/common",
-  "version": "1.0.38",
+  "version": "1.0.40",
   "description": "Shared assets for CareFlair",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -18,6 +18,7 @@
   "author": "Farhan Hossain",
   "license": "ISC",
   "dependencies": {
+    "@casl/ability": "^6.7.5",
     "date-fns": "^4.1.0",
     "libphonenumber-js": "^1.12.25"
   },
@@ -71,6 +72,10 @@
     "./interfaces/*": {
       "types": "./dist/interfaces/*.d.ts",
       "default": "./dist/interfaces/*.js"
+    },
+    "./abilities": {
+      "types": "./dist/abilities/index.d.ts",
+      "default": "./dist/abilities/index.js"
     }
   },
   "typesVersions": {