npm - @feedmepos/mf-hrm-portal - Versions diffs - 2.0.10-dev → 2.0.10-dev.3 - Mend

@feedmepos/mf-hrm-portal 2.0.10-dev → 2.0.10-dev.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

package/dist/AuditLogList-DaFC8LUT.js +915 -0
package/dist/{EmployeeList-B3qXFaOz.js → EmployeeList-fzS5kLyE.js} +164 -169
package/dist/FormSection.vue_vue_type_script_setup_true_lang-BVb8c4YU.js +71 -0
package/dist/HorizontalSplitter-o860F4xM.js +12 -0
package/dist/Main-CvuyDkkJ.js +560 -0
package/dist/{Main-JUX88mXA.js → Main-g0xYhlQL.js} +11 -10
package/dist/{Main-urBwZXUq.js → Main-pViKokej.js} +8 -7
package/dist/PermissionSetList-C71zXeNi.js +338 -0
package/dist/PortalPermissionEditor.vue_vue_type_script_setup_true_lang-Dx9qaSOy.js +3479 -0
package/dist/{RoleList-Dl7042_3.js → RoleList-CAGV8HIy.js} +26 -24
package/dist/TeamMemberList-BOSxsyhc.js +989 -0
package/dist/{TimesheetList-B3cmnZN5.js → TimesheetList-bEatYw_W.js} +11 -10
package/dist/{app-DHFWqcG2.js → app-CXo7sYZ7.js} +2376 -1092
package/dist/app.js +2 -2
package/dist/{dayjs.min-faWeeWGk.js → dayjs.min-DDneYlAk.js} +1 -1
package/dist/{employee-sOy9OKvU.js → employee-CfNSjKLV.js} +21 -20
package/dist/{index-DNsMh7eu.js → index-BAlO0GI7.js} +1 -1
package/dist/index-CiQs6mxE.js +975 -0
package/dist/{index-EeD0w_Es.js → iteration-BxC7Vx_7.js} +3444 -4352
package/dist/{lodash-CfsS7nDC.js → lodash-Cgp0qhfw.js} +1 -1
package/dist/src/api/audit-log/index.d.ts +1 -0
package/dist/src/api/grant-user/index.d.ts +8 -0
package/dist/src/api/index.d.ts +3 -1
package/dist/src/composables/useBasePermission.d.ts +37 -0
package/dist/src/helpers/permission-set.d.ts +34 -5
package/dist/src/helpers/permission-set.test.d.ts +1 -0
package/dist/src/helpers/permission-sync.d.ts +12 -0
package/dist/src/router/shared.d.ts +2 -1
package/dist/src/stores/grant-user.d.ts +86 -0
package/dist/src/types/grant-user.d.ts +27 -0
package/dist/src/views/audit-log/components/AuditLogModuleTabs.vue.d.ts +17 -0
package/dist/src/views/audit-log/constants.d.ts +30 -0
package/dist/src/views/audit-log/locales/index.d.ts +244 -0
package/dist/src/views/grant/GrantUserList.vue.d.ts +17 -0
package/dist/src/views/grant/Main.vue.d.ts +2 -0
package/dist/src/views/grant/components/GrantUserForm.vue.d.ts +17 -0
package/dist/src/views/grant/locales/index.d.ts +232 -0
package/dist/src/views/team/components/BasePermission.vue.d.ts +3 -3
package/dist/style.css +1 -1
package/dist/{team-CTYZ-AfE.js → team-DYjRRZA-.js} +1 -1
package/dist/{timesheet-CP-usx78.js → timesheet-DtpxRbZd.js} +10 -9
package/dist/tsconfig.app.tsbuildinfo +1 -1
package/dist/{useAppStore-DpKptyzk.js → useAppStore-4gHWq2VT.js} +1 -1
package/dist/{useLoading-D0NWMSr4.js → useLoading-Ef4IqHD8.js} +1 -1
package/dist/{useReportPermissions-CtnMIyaq.js → useReportPermissions-C4HbISVo.js} +12 -11
package/dist/useRestaurantMap-e9fQJiLC.js +39 -0
package/package.json +3 -3
package/dist/AuditLogList-BqKDq3NZ.js +0 -492
package/dist/PermissionSetList-BfCuoHa3.js +0 -327
package/dist/PortalPermissionEditor.vue_vue_type_script_setup_true_lang-BYZbAUtK.js +0 -3334
package/dist/TeamMemberList-BrZDh51J.js +0 -979
package/dist/useRestaurantMap-D5BNPLKh.js +0 -107

package/dist/{lodash-CfsS7nDC.js → lodash-Cgp0qhfw.js} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { c as jt } from "./app-DHFWqcG2.js";
+import { c as jt } from "./app-CXo7sYZ7.js";
 var Jr = { exports: {} };
 /**
  * @license

package/dist/src/api/audit-log/index.d.ts CHANGED Viewed

@@ -7,6 +7,7 @@ declare const AuditLogAPI: {
         to?: string;
         userIds?: string[];
         subjects?: string[];
+        subjectPrefixes?: string[];
         actions?: string[];
         outcomes?: string[];
     }): Promise<AuditLogEntry[]>;

package/dist/src/api/grant-user/index.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import type { IFdtoGrantUser, IFdtoCreateGrantUserReq, IFdtoGrantValidationRes } from '@/types/grant-user';
+declare const GrantUserAPI: {
+    getGrantUsers(): Promise<IFdtoGrantUser[]>;
+    createGrantUser(dto: IFdtoCreateGrantUserReq): Promise<IFdtoGrantUser>;
+    revokeGrantUser(id: string, restaurantId: string): Promise<IFdtoGrantUser>;
+    validatePasscode(passcode: string, restaurantId: string): Promise<IFdtoGrantValidationRes>;
+};
+export default GrantUserAPI;

package/dist/src/api/index.d.ts CHANGED Viewed

@@ -3,6 +3,8 @@ export declare class ApiError extends Error {
     readonly status: number;
     constructor(message: string, status: number);
 }
-export declare const businessClientInstance: () => AxiosInstance;
+export declare const businessClientInstance: (subPath?: string) => AxiosInstance;
 export declare const queryEngineClientInstance: () => AxiosInstance;
+export declare const grantClientInstance: () => AxiosInstance;
+export declare const grantValidateClientInstance: () => AxiosInstance;
 export declare function getAxiosData<T>(response: AxiosResponse<T>): T;

package/dist/src/composables/useBasePermission.d.ts ADDED Viewed

@@ -0,0 +1,37 @@
+import { type ComputedRef, type Ref } from 'vue';
+import { type IFdtoPortalPermissionsWithVisibilityCondition } from '@feedmepos/hrm-permission';
+import type { FdoPermissionRule } from '@feedmepos/core/entity';
+export type CategoryGroup = {
+    category: string;
+    options: {
+        label: string;
+        value: string;
+    }[];
+    selectedSubjects: string[];
+    isMultiAction: boolean;
+    actionColumns: string[];
+    permissionActionsMap: Map<string, string[]>;
+    selectedActionsMap: Map<string, Set<string>>;
+    coverSubject: string | null;
+    coverSelectedActions: Set<string>;
+    coverCoversAll: boolean;
+};
+export declare function useBasePermission(modelValue: Readonly<Ref<FdoPermissionRule[]>>, allPermissions: ComputedRef<IFdtoPortalPermissionsWithVisibilityCondition[]>, excludedSubjects: Readonly<Ref<string[]>>, emit: (event: 'update:model-value', value: FdoPermissionRule[]) => void): {
+    categoryGroups: ComputedRef<CategoryGroup[]>;
+    toggleCategory: (category: string, subjects: unknown[]) => void;
+    isAllManageChecked: (group: CategoryGroup) => boolean;
+    toggleAllManage: (group: CategoryGroup) => void;
+    isManageChecked: (group: CategoryGroup, subject: string) => boolean;
+    isManageIndeterminate: (group: CategoryGroup, subject: string) => boolean;
+    toggleManage: (_group: CategoryGroup, subject: string, checked: boolean) => void;
+    hasNonManageActions: (group: CategoryGroup, subject: string) => boolean;
+    isActionChecked: (group: CategoryGroup, subject: string, action: string) => boolean;
+    isRowFullyCoveredByCover: (group: CategoryGroup, subject: string) => boolean;
+    isActionCoveredByCover: (group: CategoryGroup, subject: string, action: string) => boolean;
+    permissionDefinesAction: (group: CategoryGroup, subject: string, action: string) => boolean;
+    toggleAction: (subject: string, action: string, checked: boolean) => void;
+    isAllActionChecked: (group: CategoryGroup, action: string) => boolean;
+    isAllActionIndeterminate: (group: CategoryGroup, action: string) => boolean;
+    toggleAllAction: (group: CategoryGroup, action: string, checked: boolean) => void;
+    actionLabel: (action: string) => string;
+};

package/dist/src/helpers/permission-set.d.ts CHANGED Viewed

@@ -43,18 +43,47 @@ export declare function materializeSystemPermissionSetOverrides(overridePermissi
 /**
  * Strip positive rules whose subject would be re-injected by system permission set expansion.
  * These need not be persisted to DB — expansion re-adds them at runtime.
- * Inverted rules (explicit user denials) are always preserved.
+ *
+ * Also strips inverted rules for subjects that are ONLY reachable as non-manage via permissions[]
+ * leaf injection. Such inverted rules cannot block permissions[] injection (only visitedSetIds/
+ * permissionSets[] expansion is blockable), are useless, and cause a CASL side-effect where an
+ * inverted `manage` rule inadvertently blocks `read` access.
+ *
+ * Inverted rules targeting subjects reachable as `manage` (via permissionSets[] chaining) are
+ * always preserved — they seed visitedSetIds to block system set re-expansion.
  */
 export declare function stripSystemExpandedPositives(permissions: FdoPermissionRule[]): FdoPermissionRule[];
+export declare const REPORT_SUBJECT_PREFIX = "business::report::";
 /**
- * Filter out permissions whose subject no longer exists in the known permission definitions.
- * Removes both positive and inverted rules for stale subjects.
+ * Filter out stale report permission rules.
+ *
+ * Only rules whose subject starts with `business::report::` are candidates for removal —
+ * any other subject (restaurant, role, warehouse, etc.) passes through untouched.
+ * A report-prefixed subject is kept only if it exists in `knownReportSubjects`.
  *
  * This handles:
  * - Deprecated/renamed subjects (e.g. `business::report::closeup` → `business::report::reports::closeup`)
  * - Deleted dynamic reports that no longer exist
  */
-export declare function filterStalePermissions(permissions: FdoPermissionRule[], knownSubjects: Set<string>): FdoPermissionRule[];
+export declare function filterStalePermissions(permissions: FdoPermissionRule[], knownReportSubjects: Set<string>): FdoPermissionRule[];
+/**
+ * Strip individual-report actions already covered by an `allDefaultReports` or
+ * `allCustomReports` positive grant, preventing redundant data from being saved.
+ *
+ * - If the cover rule has `manage` selected → every individual rule in that bucket is
+ *   fully covered and dropped entirely.
+ * - Otherwise, only covered non-manage actions are stripped from individual rules.
+ *   If `manage` was present and any non-manage action is stripped (breaking the
+ *   "manage = all non-manage selected" invariant), `manage` is also stripped.
+ *   Rules that end up with no remaining actions are dropped.
+ *
+ * Inverted rules and the cover subjects themselves pass through untouched.
+ *
+ * @param defaultReportSubjects  Full set of subjects in the "Default Report" UI category —
+ *   includes static hardcoded subjects AND dynamic reports with `isDefault: true`.
+ *   Built by the caller from `portalTeamPermissions` + `customReportPermissions`.
+ */
+export declare function filterRedundantReportPermissions(permissions: FdoPermissionRule[], defaultReportSubjects: Set<string>): FdoPermissionRule[];
 /**
  * Combine base permissions with override permissions to get effective permissions
  * @param basePermissions - Base permissions from permission sets
@@ -69,7 +98,7 @@ export declare function getEffectivePermissions(basePermissions: FdoPermissionRu
  * subject is NOT present in any base permission set (i.e. they target system-expanded subjects,
  * not permission-set-inherited subjects). These denials seed `visitedSetIds` in
  * `expandWithSystemPermissionSets` to block runtime re-expansion of system sets that the user
- * explicitly unchecked. Without them the editor would initialise without the denial guard and
+ * explicitly unchecked. Without them the editor would initialize without the denial guard and
  * those subjects would reappear as checked the next time the form opens.
  *
  * Inverted rules whose subject IS in base are handled correctly by `getEffectivePermissions`

package/dist/src/helpers/permission-set.test.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/src/helpers/permission-sync.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { FdoPermissionRule } from '@feedmepos/core/entity';
+/**
+ * Keeps the `manage` action in sync with non-manage actions for a given subject.
+ *
+ * - Adds `manage` when every non-manage action in `definedActions` is selected.
+ * - Removes `manage` (and splices the rule if it becomes empty) when any
+ *   non-manage action is unselected.
+ * - No-op when the subject defines only `manage` (or no non-manage actions).
+ *
+ * Mutates `newRules` in place.
+ */
+export declare function applyManageSync(newRules: FdoPermissionRule[], subject: string, definedActions: string[]): void;

package/dist/src/router/shared.d.ts CHANGED Viewed

@@ -7,7 +7,8 @@ export declare enum RouteName {
     AUDIT_LOG = "audit-log",
     TEAM = "team",
     TEAM_MEMBER = "team-member",
-    TEAM_ROLE = "team-role"
+    TEAM_ROLE = "team-role",
+    POS_GRANT = "pos-grant"
 }
 declare const routes: RouteRecordRaw[];
 export { routes };

package/dist/src/stores/grant-user.d.ts ADDED Viewed

@@ -0,0 +1,86 @@
+import type { IFdtoGrantUser, IFdtoCreateGrantUserReq } from '@/types/grant-user';
+export declare const useGrantUserStore: import("pinia").StoreDefinition<"grantUser", Pick<{
+    grantUsers: import("vue").Ref<{
+        _id: string;
+        passcode: string;
+        name: string;
+        restaurantId: string;
+        roleId: string;
+        status: "active" | "used" | "revoked";
+        grantById: string;
+        grantByName: string;
+        createdAt: string;
+        updatedAt: string;
+    }[], IFdtoGrantUser[] | {
+        _id: string;
+        passcode: string;
+        name: string;
+        restaurantId: string;
+        roleId: string;
+        status: "active" | "used" | "revoked";
+        grantById: string;
+        grantByName: string;
+        createdAt: string;
+        updatedAt: string;
+    }[]>;
+    isLoading: import("vue").Ref<boolean, boolean>;
+    readGrantUsers: () => Promise<void>;
+    createGrantUser: (dto: IFdtoCreateGrantUserReq) => Promise<IFdtoGrantUser>;
+    revokeGrantUser: (id: string, restaurantId: string) => Promise<void>;
+}, "isLoading" | "grantUsers">, Pick<{
+    grantUsers: import("vue").Ref<{
+        _id: string;
+        passcode: string;
+        name: string;
+        restaurantId: string;
+        roleId: string;
+        status: "active" | "used" | "revoked";
+        grantById: string;
+        grantByName: string;
+        createdAt: string;
+        updatedAt: string;
+    }[], IFdtoGrantUser[] | {
+        _id: string;
+        passcode: string;
+        name: string;
+        restaurantId: string;
+        roleId: string;
+        status: "active" | "used" | "revoked";
+        grantById: string;
+        grantByName: string;
+        createdAt: string;
+        updatedAt: string;
+    }[]>;
+    isLoading: import("vue").Ref<boolean, boolean>;
+    readGrantUsers: () => Promise<void>;
+    createGrantUser: (dto: IFdtoCreateGrantUserReq) => Promise<IFdtoGrantUser>;
+    revokeGrantUser: (id: string, restaurantId: string) => Promise<void>;
+}, never>, Pick<{
+    grantUsers: import("vue").Ref<{
+        _id: string;
+        passcode: string;
+        name: string;
+        restaurantId: string;
+        roleId: string;
+        status: "active" | "used" | "revoked";
+        grantById: string;
+        grantByName: string;
+        createdAt: string;
+        updatedAt: string;
+    }[], IFdtoGrantUser[] | {
+        _id: string;
+        passcode: string;
+        name: string;
+        restaurantId: string;
+        roleId: string;
+        status: "active" | "used" | "revoked";
+        grantById: string;
+        grantByName: string;
+        createdAt: string;
+        updatedAt: string;
+    }[]>;
+    isLoading: import("vue").Ref<boolean, boolean>;
+    readGrantUsers: () => Promise<void>;
+    createGrantUser: (dto: IFdtoCreateGrantUserReq) => Promise<IFdtoGrantUser>;
+    revokeGrantUser: (id: string, restaurantId: string) => Promise<void>;
+}, "readGrantUsers" | "createGrantUser" | "revokeGrantUser">>;

package/dist/src/types/grant-user.d.ts ADDED Viewed

@@ -0,0 +1,27 @@
+export interface IFdtoGrantUser {
+    _id: string;
+    passcode: string;
+    name: string;
+    restaurantId: string;
+    roleId: string;
+    status: 'active' | 'used' | 'revoked';
+    grantById: string;
+    grantByName: string;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface IFdtoCreateGrantUserReq {
+    name: string;
+    restaurantId: string;
+    roleId: string;
+}
+export interface IFdtoBypassUser {
+    id: string;
+    name: string;
+    role: string;
+    passcode: string;
+}
+export interface IFdtoGrantValidationRes {
+    bypass: boolean;
+    user: IFdtoBypassUser;
+}

package/dist/src/views/audit-log/components/AuditLogModuleTabs.vue.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+type TabValue = string | number;
+type TabItem = {
+    label: string;
+    value: TabValue;
+    disabled?: boolean;
+    badge?: number;
+};
+type __VLS_Props = {
+    modelValue: TabValue | null;
+    items: TabItem[];
+};
+declare const _default: import("vue").DefineComponent<__VLS_Props, {}, {}, {}, {}, import("vue").ComponentOptionsMixin, import("vue").ComponentOptionsMixin, {
+    "update:modelValue": (value: TabValue) => any;
+}, string, import("vue").PublicProps, Readonly<__VLS_Props> & Readonly<{
+    "onUpdate:modelValue"?: ((value: TabValue) => any) | undefined;
+}>, {}, {}, {}, {}, string, import("vue").ComponentProvideOptions, false, {}, any>;
+export default _default;

package/dist/src/views/audit-log/constants.d.ts ADDED Viewed

@@ -0,0 +1,30 @@
+export declare const AUDIT_LOG_MODULE_TABS: readonly [{
+    readonly key: "all";
+    readonly label: "All";
+    readonly subjectPrefixes: string[];
+}, {
+    readonly key: "inventory";
+    readonly label: "Inventory";
+    readonly subjectPrefixes: readonly ["business::inventory", "inventory"];
+}, {
+    readonly key: "report";
+    readonly label: "Report";
+    readonly subjectPrefixes: readonly ["business::report", "report"];
+}, {
+    readonly key: "hrm";
+    readonly label: "HRM";
+    readonly subjectPrefixes: readonly ["business::hrm", "hrm"];
+}, {
+    readonly key: "payment";
+    readonly label: "Payment";
+    readonly subjectPrefixes: readonly ["business::payment", "payment"];
+}, {
+    readonly key: "menu";
+    readonly label: "Menu";
+    readonly subjectPrefixes: readonly ["business::menu", "menu"];
+}, {
+    readonly key: "crm";
+    readonly label: "CRM";
+    readonly subjectPrefixes: readonly ["business::crm", "crm"];
+}];
+export type AuditLogModuleTab = (typeof AUDIT_LOG_MODULE_TABS)[number];