@goplusvn/core 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/audit/index.d.mts +115 -0
- package/dist/audit/index.d.ts +115 -0
- package/dist/audit/index.js +204 -0
- package/dist/audit/index.js.map +1 -0
- package/dist/audit/index.mjs +200 -0
- package/dist/audit/index.mjs.map +1 -0
- package/dist/auth/index.d.mts +86 -0
- package/dist/auth/index.d.ts +86 -0
- package/dist/auth/index.js +210 -0
- package/dist/auth/index.js.map +1 -0
- package/dist/auth/index.mjs +198 -0
- package/dist/auth/index.mjs.map +1 -0
- package/dist/button-1dWvP9Ib.d.mts +30 -0
- package/dist/button-1dWvP9Ib.d.ts +30 -0
- package/dist/calendar-2QzdEo1z.d.mts +20 -0
- package/dist/calendar-2QzdEo1z.d.ts +20 -0
- package/dist/code-generation/index.d.mts +30 -0
- package/dist/code-generation/index.d.ts +30 -0
- package/dist/code-generation/index.js +31 -0
- package/dist/code-generation/index.js.map +1 -0
- package/dist/code-generation/index.mjs +28 -0
- package/dist/code-generation/index.mjs.map +1 -0
- package/dist/configs/index.d.mts +175 -0
- package/dist/configs/index.d.ts +175 -0
- package/dist/configs/index.js +254 -0
- package/dist/configs/index.js.map +1 -0
- package/dist/configs/index.mjs +233 -0
- package/dist/configs/index.mjs.map +1 -0
- package/dist/crud/index.d.mts +646 -0
- package/dist/crud/index.d.ts +646 -0
- package/dist/crud/index.js +11772 -0
- package/dist/crud/index.js.map +1 -0
- package/dist/crud/index.mjs +11665 -0
- package/dist/crud/index.mjs.map +1 -0
- package/dist/crud/server.d.mts +20 -0
- package/dist/crud/server.d.ts +20 -0
- package/dist/crud/server.js +123 -0
- package/dist/crud/server.js.map +1 -0
- package/dist/crud/server.mjs +120 -0
- package/dist/crud/server.mjs.map +1 -0
- package/dist/data-table-skeleton-12NA8Mjx.d.mts +39 -0
- package/dist/data-table-skeleton-12NA8Mjx.d.ts +39 -0
- package/dist/dialog-bKfjZMTd.d.mts +22 -0
- package/dist/dialog-bKfjZMTd.d.ts +22 -0
- package/dist/dynamic-icon-DrGIiu2N.d.mts +10 -0
- package/dist/dynamic-icon-DrGIiu2N.d.ts +10 -0
- package/dist/home/index.d.mts +269 -0
- package/dist/home/index.d.ts +269 -0
- package/dist/home/index.js +1678 -0
- package/dist/home/index.js.map +1 -0
- package/dist/home/index.mjs +1635 -0
- package/dist/home/index.mjs.map +1 -0
- package/dist/hooks/index.d.mts +7 -0
- package/dist/hooks/index.d.ts +7 -0
- package/dist/hooks/index.js +8316 -0
- package/dist/hooks/index.js.map +1 -0
- package/dist/hooks/index.mjs +8255 -0
- package/dist/hooks/index.mjs.map +1 -0
- package/dist/index-50hpiPrV.d.ts +116 -0
- package/dist/index-B9zQVEVi.d.mts +116 -0
- package/dist/index.d.mts +5 -0
- package/dist/index.d.ts +5 -0
- package/dist/index.js +123 -0
- package/dist/index.js.map +1 -0
- package/dist/index.mjs +118 -0
- package/dist/index.mjs.map +1 -0
- package/dist/infrastructure/index.d.mts +423 -0
- package/dist/infrastructure/index.d.ts +423 -0
- package/dist/infrastructure/index.js +633 -0
- package/dist/infrastructure/index.js.map +1 -0
- package/dist/infrastructure/index.mjs +619 -0
- package/dist/infrastructure/index.mjs.map +1 -0
- package/dist/label-DWTEkNPo.d.ts +226 -0
- package/dist/label-LPpdcoBx.d.mts +226 -0
- package/dist/layout/index.d.mts +48 -0
- package/dist/layout/index.d.ts +48 -0
- package/dist/layout/index.js +117 -0
- package/dist/layout/index.js.map +1 -0
- package/dist/layout/index.mjs +90 -0
- package/dist/layout/index.mjs.map +1 -0
- package/dist/navigation/index.d.mts +16 -0
- package/dist/navigation/index.d.ts +16 -0
- package/dist/navigation/index.js +53 -0
- package/dist/navigation/index.js.map +1 -0
- package/dist/navigation/index.mjs +50 -0
- package/dist/navigation/index.mjs.map +1 -0
- package/dist/notification/index.d.mts +105 -0
- package/dist/notification/index.d.ts +105 -0
- package/dist/notification/index.js +278 -0
- package/dist/notification/index.js.map +1 -0
- package/dist/notification/index.mjs +274 -0
- package/dist/notification/index.mjs.map +1 -0
- package/dist/organization/index.d.mts +99 -0
- package/dist/organization/index.d.ts +99 -0
- package/dist/organization/index.js +360 -0
- package/dist/organization/index.js.map +1 -0
- package/dist/organization/index.mjs +352 -0
- package/dist/organization/index.mjs.map +1 -0
- package/dist/plugin/index.d.mts +83 -0
- package/dist/plugin/index.d.ts +83 -0
- package/dist/plugin/index.js +86 -0
- package/dist/plugin/index.js.map +1 -0
- package/dist/plugin/index.mjs +84 -0
- package/dist/plugin/index.mjs.map +1 -0
- package/dist/providers/index.d.mts +25 -0
- package/dist/providers/index.d.ts +25 -0
- package/dist/providers/index.js +84 -0
- package/dist/providers/index.js.map +1 -0
- package/dist/providers/index.mjs +77 -0
- package/dist/providers/index.mjs.map +1 -0
- package/dist/rbac/index.d.mts +226 -0
- package/dist/rbac/index.d.ts +226 -0
- package/dist/rbac/index.js +4784 -0
- package/dist/rbac/index.js.map +1 -0
- package/dist/rbac/index.mjs +4722 -0
- package/dist/rbac/index.mjs.map +1 -0
- package/dist/rbac/permissions.d.mts +26 -0
- package/dist/rbac/permissions.d.ts +26 -0
- package/dist/rbac/permissions.js +94 -0
- package/dist/rbac/permissions.js.map +1 -0
- package/dist/rbac/permissions.mjs +90 -0
- package/dist/rbac/permissions.mjs.map +1 -0
- package/dist/rbac/server.d.mts +1 -0
- package/dist/rbac/server.d.ts +1 -0
- package/dist/rbac/server.js +128 -0
- package/dist/rbac/server.js.map +1 -0
- package/dist/rbac/server.mjs +124 -0
- package/dist/rbac/server.mjs.map +1 -0
- package/dist/schemas/index.d.mts +1257 -0
- package/dist/schemas/index.d.ts +1257 -0
- package/dist/schemas/index.js +572 -0
- package/dist/schemas/index.js.map +1 -0
- package/dist/schemas/index.mjs +523 -0
- package/dist/schemas/index.mjs.map +1 -0
- package/dist/server-QuYCTa89.d.mts +83 -0
- package/dist/server-QuYCTa89.d.ts +83 -0
- package/dist/sonner-C74GlRDQ.d.mts +71 -0
- package/dist/sonner-C74GlRDQ.d.ts +71 -0
- package/dist/status-BOXZgIqX.d.mts +12 -0
- package/dist/status-BOXZgIqX.d.ts +12 -0
- package/dist/system/index.d.mts +77 -0
- package/dist/system/index.d.ts +77 -0
- package/dist/system/index.js +102 -0
- package/dist/system/index.js.map +1 -0
- package/dist/system/index.mjs +100 -0
- package/dist/system/index.mjs.map +1 -0
- package/dist/tabs-C6FfBwPY.d.mts +18 -0
- package/dist/tabs-C6FfBwPY.d.ts +18 -0
- package/dist/tenant-provider-B8eC_Wpb.d.mts +27 -0
- package/dist/tenant-provider-B8eC_Wpb.d.ts +27 -0
- package/dist/types/index.d.mts +469 -0
- package/dist/types/index.d.ts +469 -0
- package/dist/types/index.js +25 -0
- package/dist/types/index.js.map +1 -0
- package/dist/types/index.mjs +21 -0
- package/dist/types/index.mjs.map +1 -0
- package/dist/ui/auth.d.mts +39 -0
- package/dist/ui/auth.d.ts +39 -0
- package/dist/ui/auth.js +4941 -0
- package/dist/ui/auth.js.map +1 -0
- package/dist/ui/auth.mjs +4896 -0
- package/dist/ui/auth.mjs.map +1 -0
- package/dist/ui/crud.d.mts +2 -0
- package/dist/ui/crud.d.ts +2 -0
- package/dist/ui/crud.js +4 -0
- package/dist/ui/crud.js.map +1 -0
- package/dist/ui/crud.mjs +3 -0
- package/dist/ui/crud.mjs.map +1 -0
- package/dist/ui/data-display.d.mts +596 -0
- package/dist/ui/data-display.d.ts +596 -0
- package/dist/ui/data-display.js +5307 -0
- package/dist/ui/data-display.js.map +1 -0
- package/dist/ui/data-display.mjs +5212 -0
- package/dist/ui/data-display.mjs.map +1 -0
- package/dist/ui/feedback.d.mts +55 -0
- package/dist/ui/feedback.d.ts +55 -0
- package/dist/ui/feedback.js +2608 -0
- package/dist/ui/feedback.js.map +1 -0
- package/dist/ui/feedback.mjs +2526 -0
- package/dist/ui/feedback.mjs.map +1 -0
- package/dist/ui/forms.d.mts +309 -0
- package/dist/ui/forms.d.ts +309 -0
- package/dist/ui/forms.js +4656 -0
- package/dist/ui/forms.js.map +1 -0
- package/dist/ui/forms.mjs +4571 -0
- package/dist/ui/forms.mjs.map +1 -0
- package/dist/ui/index.d.mts +331 -0
- package/dist/ui/index.d.ts +331 -0
- package/dist/ui/index.js +16953 -0
- package/dist/ui/index.js.map +1 -0
- package/dist/ui/index.mjs +16598 -0
- package/dist/ui/index.mjs.map +1 -0
- package/dist/ui/primitives/client.d.mts +61 -0
- package/dist/ui/primitives/client.d.ts +61 -0
- package/dist/ui/primitives/client.js +3408 -0
- package/dist/ui/primitives/client.js.map +1 -0
- package/dist/ui/primitives/client.mjs +3256 -0
- package/dist/ui/primitives/client.mjs.map +1 -0
- package/dist/ui/primitives.d.mts +113 -0
- package/dist/ui/primitives.d.ts +113 -0
- package/dist/ui/primitives.js +3356 -0
- package/dist/ui/primitives.js.map +1 -0
- package/dist/ui/primitives.mjs +3227 -0
- package/dist/ui/primitives.mjs.map +1 -0
- package/dist/user/index.d.mts +228 -0
- package/dist/user/index.d.ts +228 -0
- package/dist/user/index.js +4306 -0
- package/dist/user/index.js.map +1 -0
- package/dist/user/index.mjs +4260 -0
- package/dist/user/index.mjs.map +1 -0
- package/dist/utils/index.d.mts +205 -0
- package/dist/utils/index.d.ts +205 -0
- package/dist/utils/index.js +574 -0
- package/dist/utils/index.js.map +1 -0
- package/dist/utils/index.mjs +514 -0
- package/dist/utils/index.mjs.map +1 -0
- package/dist/workflow/index.d.mts +40 -0
- package/dist/workflow/index.d.ts +40 -0
- package/dist/workflow/index.js +3710 -0
- package/dist/workflow/index.js.map +1 -0
- package/dist/workflow/index.mjs +3677 -0
- package/dist/workflow/index.mjs.map +1 -0
- package/package.json +311 -0
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import { CrudPermissions, EntityConfig } from '../types/index.mjs';
|
|
2
|
+
import { Session } from 'next-auth';
|
|
3
|
+
import 'lucide-react';
|
|
4
|
+
import 'react';
|
|
5
|
+
import 'zod';
|
|
6
|
+
|
|
7
|
+
/**
|
|
8
|
+
* Get CRUD permissions for a user based on their session
|
|
9
|
+
* Permissions are read from session (loaded from cache in session callback)
|
|
10
|
+
* Uses memoization to return stable object references with TTL
|
|
11
|
+
*/
|
|
12
|
+
declare function getCrudPermissions(session: Session | null, entity: string): Promise<CrudPermissions>;
|
|
13
|
+
/**
|
|
14
|
+
* Merge config permissions with user permissions
|
|
15
|
+
* User permissions take precedence
|
|
16
|
+
* Config permissions are optional, so undefined means "allow if user has permission"
|
|
17
|
+
*/
|
|
18
|
+
declare function mergePermissions(configPermissions: EntityConfig["permissions"], userPermissions: CrudPermissions): CrudPermissions;
|
|
19
|
+
|
|
20
|
+
export { getCrudPermissions, mergePermissions };
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import { CrudPermissions, EntityConfig } from '../types/index.js';
|
|
2
|
+
import { Session } from 'next-auth';
|
|
3
|
+
import 'lucide-react';
|
|
4
|
+
import 'react';
|
|
5
|
+
import 'zod';
|
|
6
|
+
|
|
7
|
+
/**
|
|
8
|
+
* Get CRUD permissions for a user based on their session
|
|
9
|
+
* Permissions are read from session (loaded from cache in session callback)
|
|
10
|
+
* Uses memoization to return stable object references with TTL
|
|
11
|
+
*/
|
|
12
|
+
declare function getCrudPermissions(session: Session | null, entity: string): Promise<CrudPermissions>;
|
|
13
|
+
/**
|
|
14
|
+
* Merge config permissions with user permissions
|
|
15
|
+
* User permissions take precedence
|
|
16
|
+
* Config permissions are optional, so undefined means "allow if user has permission"
|
|
17
|
+
*/
|
|
18
|
+
declare function mergePermissions(configPermissions: EntityConfig["permissions"], userPermissions: CrudPermissions): CrudPermissions;
|
|
19
|
+
|
|
20
|
+
export { getCrudPermissions, mergePermissions };
|
|
@@ -0,0 +1,123 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
// src/rbac/permissions.ts
|
|
4
|
+
var CRUD_ACTIONS = {
|
|
5
|
+
create: "create",
|
|
6
|
+
view: "view",
|
|
7
|
+
update: "update",
|
|
8
|
+
delete: "delete",
|
|
9
|
+
export: "export",
|
|
10
|
+
import: "import",
|
|
11
|
+
approve: "approve",
|
|
12
|
+
reject: "reject"
|
|
13
|
+
};
|
|
14
|
+
function getActionCode(operation) {
|
|
15
|
+
return CRUD_ACTIONS[operation];
|
|
16
|
+
}
|
|
17
|
+
var BYPASS_AUTH = process.env.BYPASS_AUTH === "true" || process.env.BYPASS_AUTH === "1";
|
|
18
|
+
var ADMIN_ROLE_CODES = ["admin", "SUPER_ADMIN"];
|
|
19
|
+
function getCrudPermissionsFromSession(session, entity) {
|
|
20
|
+
if (BYPASS_AUTH) {
|
|
21
|
+
return {
|
|
22
|
+
create: true,
|
|
23
|
+
view: true,
|
|
24
|
+
update: true,
|
|
25
|
+
delete: true,
|
|
26
|
+
export: true,
|
|
27
|
+
import: true,
|
|
28
|
+
approve: true,
|
|
29
|
+
reject: true
|
|
30
|
+
};
|
|
31
|
+
}
|
|
32
|
+
if (!session?.user) {
|
|
33
|
+
return {
|
|
34
|
+
create: false,
|
|
35
|
+
view: false,
|
|
36
|
+
update: false,
|
|
37
|
+
delete: false,
|
|
38
|
+
export: false,
|
|
39
|
+
import: false,
|
|
40
|
+
approve: false,
|
|
41
|
+
reject: false
|
|
42
|
+
};
|
|
43
|
+
}
|
|
44
|
+
const user = session.user;
|
|
45
|
+
if (!user.id) {
|
|
46
|
+
return {
|
|
47
|
+
create: false,
|
|
48
|
+
view: false,
|
|
49
|
+
update: false,
|
|
50
|
+
delete: false,
|
|
51
|
+
export: false,
|
|
52
|
+
import: false,
|
|
53
|
+
approve: false,
|
|
54
|
+
reject: false
|
|
55
|
+
};
|
|
56
|
+
}
|
|
57
|
+
const isAdmin = user.roles?.some((role) => ADMIN_ROLE_CODES.includes(role));
|
|
58
|
+
if (isAdmin) {
|
|
59
|
+
return {
|
|
60
|
+
create: true,
|
|
61
|
+
view: true,
|
|
62
|
+
update: true,
|
|
63
|
+
delete: true,
|
|
64
|
+
export: true,
|
|
65
|
+
import: true,
|
|
66
|
+
approve: true,
|
|
67
|
+
reject: true
|
|
68
|
+
};
|
|
69
|
+
}
|
|
70
|
+
const permissions = user.permissions || [];
|
|
71
|
+
const permissionKeys = new Set(
|
|
72
|
+
permissions.map((p) => `${p.resourceCode}:${p.actionCode}`)
|
|
73
|
+
);
|
|
74
|
+
const hasPermission = (action) => {
|
|
75
|
+
const key = `${entity}:${action}`;
|
|
76
|
+
return permissionKeys.has(key);
|
|
77
|
+
};
|
|
78
|
+
return {
|
|
79
|
+
create: hasPermission(getActionCode("create")),
|
|
80
|
+
view: hasPermission(getActionCode("view")),
|
|
81
|
+
update: hasPermission(getActionCode("update")),
|
|
82
|
+
delete: hasPermission(getActionCode("delete")),
|
|
83
|
+
export: hasPermission(getActionCode("export")),
|
|
84
|
+
import: hasPermission(getActionCode("import")),
|
|
85
|
+
approve: hasPermission(getActionCode("approve")),
|
|
86
|
+
reject: hasPermission(getActionCode("reject"))
|
|
87
|
+
};
|
|
88
|
+
}
|
|
89
|
+
|
|
90
|
+
// src/crud/lib/permissions.ts
|
|
91
|
+
async function getCrudPermissions(session, entity) {
|
|
92
|
+
const perms = getCrudPermissionsFromSession(session, entity);
|
|
93
|
+
return {
|
|
94
|
+
create: perms.create,
|
|
95
|
+
read: perms.view,
|
|
96
|
+
update: perms.update,
|
|
97
|
+
delete: perms.delete,
|
|
98
|
+
export: perms.export,
|
|
99
|
+
import: perms.import,
|
|
100
|
+
approve: perms.approve,
|
|
101
|
+
reject: perms.reject
|
|
102
|
+
};
|
|
103
|
+
}
|
|
104
|
+
function mergePermissions(configPermissions, userPermissions) {
|
|
105
|
+
if (!configPermissions) {
|
|
106
|
+
return userPermissions;
|
|
107
|
+
}
|
|
108
|
+
return {
|
|
109
|
+
create: (configPermissions.create ?? true) && userPermissions.create,
|
|
110
|
+
read: (configPermissions.read ?? true) && userPermissions.read,
|
|
111
|
+
update: (configPermissions.update ?? true) && userPermissions.update,
|
|
112
|
+
delete: (configPermissions.delete ?? true) && userPermissions.delete,
|
|
113
|
+
export: (configPermissions.export ?? true) && userPermissions.export,
|
|
114
|
+
import: (configPermissions.import ?? true) && userPermissions.import,
|
|
115
|
+
approve: (configPermissions.approve ?? true) && userPermissions.approve,
|
|
116
|
+
reject: (configPermissions.reject ?? true) && userPermissions.reject
|
|
117
|
+
};
|
|
118
|
+
}
|
|
119
|
+
|
|
120
|
+
exports.getCrudPermissions = getCrudPermissions;
|
|
121
|
+
exports.mergePermissions = mergePermissions;
|
|
122
|
+
//# sourceMappingURL=server.js.map
|
|
123
|
+
//# sourceMappingURL=server.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/rbac/permissions.ts","../../src/crud/lib/permissions.ts"],"names":[],"mappings":";;;AAWO,IAAM,YAAA,GAAe;AAAA,EAC1B,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,MAAA;AAAA,EACN,MAAA,EAAQ,QAAA;AAAA,EACR,MAAA,EAAQ,QAAA;AAAA,EACR,MAAA,EAAQ,QAAA;AAAA,EACR,MAAA,EAAQ,QAAA;AAAA,EACR,OAAA,EAAS,SAAA;AAAA,EACT,MAAA,EAAQ;AACV,CAAA;AAIO,SAAS,cAAc,SAAA,EAA+B;AAC3D,EAAA,OAAO,aAAa,SAAS,CAAA;AAC/B;AAeA,IAAM,cACJ,OAAA,CAAQ,GAAA,CAAI,gBAAgB,MAAA,IAAU,OAAA,CAAQ,IAAI,WAAA,KAAgB,GAAA;AAEpE,IAAM,gBAAA,GAAmB,CAAC,OAAA,EAAS,aAAa,CAAA;AAEzC,SAAS,6BAAA,CACd,SACA,MAAA,EAUA;AACA,EAAA,IAAI,WAAA,EAAa;AACf,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,IAAA;AAAA,MACR,IAAA,EAAM,IAAA;AAAA,MACN,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,OAAA,EAAS,IAAA;AAAA,MACT,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,SAAS,IAAA,EAAM;AAClB,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,KAAA;AAAA,MACR,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,KAAA;AAAA,MACR,OAAA,EAAS,KAAA;AAAA,MACT,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAEA,EAAA,MAAM,OAAO,OAAA,CAAQ,IAAA;AAErB,EAAA,IAAI,CAAC,KAAK,EAAA,EAAI;AACZ,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,KAAA;AAAA,MACR,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,KAAA;AAAA,MACR,OAAA,EAAS,KAAA;AAAA,MACT,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAEA,EAAA,MAAM,OAAA,GAAU,KAAK,KAAA,EAAO,IAAA,CAAK,CAAC,IAAA,KAAS,gBAAA,CAAiB,QAAA,CAAS,IAAI,CAAC,CAAA;AAC1E,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,IAAA;AAAA,MACR,IAAA,EAAM,IAAA;AAAA,MACN,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,OAAA,EAAS,IAAA;AAAA,MACT,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAEA,EAAA,MAAM,WAAA,GAAc,IAAA,CAAK,WAAA,IAAe,EAAC;AACzC,EAAA,MAAM,iBAAiB,IAAI,GAAA;AAAA,IACzB,WAAA,CAAY,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,EAAG,EAAE,YAAY,CAAA,CAAA,EAAI,CAAA,CAAE,UAAU,CAAA,CAAE;AAAA,GAC5D;AAEA,EAAA,MAAM,aAAA,GAAgB,CAAC,MAAA,KAAmB;AACxC,IAAA,MAAM,GAAA,GAAM,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA;AAC/B,IAAA,OAAO,cAAA,CAAe,IAAI,GAAG,CAAA;AAAA,EAC/B,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,aAAA,CAAc,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,IAC7C,IAAA,EAAM,aAAA,CAAc,aAAA,CAAc,MAAM,CAAC,CAAA;AAAA,IACzC,MAAA,EAAQ,aAAA,CAAc,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,IAC7C,MAAA,EAAQ,aAAA,CAAc,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,IAC7C,MAAA,EAAQ,aAAA,CAAc,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,IAC7C,MAAA,EAAQ,aAAA,CAAc,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,IAC7C,OAAA,EAAS,aAAA,CAAc,aAAA,CAAc,SAAS,CAAC,CAAA;AAAA,IAC/C,MAAA,EAAQ,aAAA,CAAc,aAAA,CAAc,QAAQ,CAAC;AAAA,GAC/C;AACF;;;AC5HA,eAAsB,kBAAA,CACpB,SACA,MAAA,EAC0B;AAE1B,EAAA,MAAM,KAAA,GAAQ,6BAAA,CAA8B,OAAA,EAAS,MAAM,CAAA;AAC3D,EAAA,OAAO;AAAA,IACL,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,MAAM,KAAA,CAAM,IAAA;AAAA,IACZ,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,SAAS,KAAA,CAAM,OAAA;AAAA,IACf,QAAQ,KAAA,CAAM;AAAA,GAChB;AACF;AAOO,SAAS,gBAAA,CACd,mBACA,eAAA,EACiB;AACjB,EAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,IAAA,OAAO,eAAA;AAAA,EACT;AAEA,EAAA,OAAO;AAAA,IACL,MAAA,EAAA,CAAS,iBAAA,CAAkB,MAAA,IAAU,IAAA,KAAS,eAAA,CAAgB,MAAA;AAAA,IAC9D,IAAA,EAAA,CAAO,iBAAA,CAAkB,IAAA,IAAQ,IAAA,KAAS,eAAA,CAAgB,IAAA;AAAA,IAC1D,MAAA,EAAA,CAAS,iBAAA,CAAkB,MAAA,IAAU,IAAA,KAAS,eAAA,CAAgB,MAAA;AAAA,IAC9D,MAAA,EAAA,CAAS,iBAAA,CAAkB,MAAA,IAAU,IAAA,KAAS,eAAA,CAAgB,MAAA;AAAA,IAC9D,MAAA,EAAA,CAAS,iBAAA,CAAkB,MAAA,IAAU,IAAA,KAAS,eAAA,CAAgB,MAAA;AAAA,IAC9D,MAAA,EAAA,CAAS,iBAAA,CAAkB,MAAA,IAAU,IAAA,KAAS,eAAA,CAAgB,MAAA;AAAA,IAC9D,OAAA,EAAA,CAAU,iBAAA,CAAkB,OAAA,IAAW,IAAA,KAAS,eAAA,CAAgB,OAAA;AAAA,IAChE,MAAA,EAAA,CAAS,iBAAA,CAAkB,MAAA,IAAU,IAAA,KAAS,eAAA,CAAgB;AAAA,GAChE;AACF","file":"server.js","sourcesContent":["// @goerp/core/rbac/permissions\n// Server-only permission utilities - no client/UI imports\n// Use this in Server Components and API routes to avoid bundling client code\n\nimport type { Permission } from \"../types\";\nimport type { Session } from \"next-auth\";\n\n// ============================================================================\n// Action Mapping\n// ============================================================================\n\nexport const CRUD_ACTIONS = {\n create: \"create\",\n view: \"view\",\n update: \"update\",\n delete: \"delete\",\n export: \"export\",\n import: \"import\",\n approve: \"approve\",\n reject: \"reject\",\n} as const;\n\nexport type CrudAction = keyof typeof CRUD_ACTIONS;\n\nexport function getActionCode(operation: CrudAction): string {\n return CRUD_ACTIONS[operation];\n}\n\n// ============================================================================\n// Permission Helpers\n// ============================================================================\n\ninterface ExtendedUser {\n id: string;\n name?: string | null;\n email?: string | null;\n image?: string | null;\n roles?: string[];\n permissions?: Permission[];\n}\n\nconst BYPASS_AUTH =\n process.env.BYPASS_AUTH === \"true\" || process.env.BYPASS_AUTH === \"1\";\n\nconst ADMIN_ROLE_CODES = [\"admin\", \"SUPER_ADMIN\"];\n\nexport function getCrudPermissionsFromSession(\n session: Session | null,\n entity: string,\n): {\n create: boolean;\n view: boolean;\n update: boolean;\n delete: boolean;\n export: boolean;\n import: boolean;\n approve: boolean;\n reject: boolean;\n} {\n if (BYPASS_AUTH) {\n return {\n create: true,\n view: true,\n update: true,\n delete: true,\n export: true,\n import: true,\n approve: true,\n reject: true,\n };\n }\n\n if (!session?.user) {\n return {\n create: false,\n view: false,\n update: false,\n delete: false,\n export: false,\n import: false,\n approve: false,\n reject: false,\n };\n }\n\n const user = session.user as ExtendedUser;\n\n if (!user.id) {\n return {\n create: false,\n view: false,\n update: false,\n delete: false,\n export: false,\n import: false,\n approve: false,\n reject: false,\n };\n }\n\n const isAdmin = user.roles?.some((role) => ADMIN_ROLE_CODES.includes(role));\n if (isAdmin) {\n return {\n create: true,\n view: true,\n update: true,\n delete: true,\n export: true,\n import: true,\n approve: true,\n reject: true,\n };\n }\n\n const permissions = user.permissions || [];\n const permissionKeys = new Set(\n permissions.map((p) => `${p.resourceCode}:${p.actionCode}`),\n );\n\n const hasPermission = (action: string) => {\n const key = `${entity}:${action}`;\n return permissionKeys.has(key);\n };\n\n return {\n create: hasPermission(getActionCode(\"create\")),\n view: hasPermission(getActionCode(\"view\")),\n update: hasPermission(getActionCode(\"update\")),\n delete: hasPermission(getActionCode(\"delete\")),\n export: hasPermission(getActionCode(\"export\")),\n import: hasPermission(getActionCode(\"import\")),\n approve: hasPermission(getActionCode(\"approve\")),\n reject: hasPermission(getActionCode(\"reject\")),\n };\n}\n","import type { CrudPermissions, EntityConfig } from \"../../types\";\nimport type { Session } from \"next-auth\";\n\nimport { getCrudPermissionsFromSession } from \"../../rbac/permissions\";\n\n/**\n * Get CRUD permissions for a user based on their session\n * Permissions are read from session (loaded from cache in session callback)\n * Uses memoization to return stable object references with TTL\n */\nexport async function getCrudPermissions(\n session: Session | null,\n entity: string,\n): Promise<CrudPermissions> {\n // Get permissions from session (already loaded in JWT)\n const perms = getCrudPermissionsFromSession(session, entity);\n return {\n create: perms.create,\n read: perms.view,\n update: perms.update,\n delete: perms.delete,\n export: perms.export,\n import: perms.import,\n approve: perms.approve,\n reject: perms.reject,\n };\n}\n\n/**\n * Merge config permissions with user permissions\n * User permissions take precedence\n * Config permissions are optional, so undefined means \"allow if user has permission\"\n */\nexport function mergePermissions(\n configPermissions: EntityConfig[\"permissions\"],\n userPermissions: CrudPermissions,\n): CrudPermissions {\n if (!configPermissions) {\n return userPermissions;\n }\n\n return {\n create: (configPermissions.create ?? true) && userPermissions.create,\n read: (configPermissions.read ?? true) && userPermissions.read,\n update: (configPermissions.update ?? true) && userPermissions.update,\n delete: (configPermissions.delete ?? true) && userPermissions.delete,\n export: (configPermissions.export ?? true) && userPermissions.export,\n import: (configPermissions.import ?? true) && userPermissions.import,\n approve: (configPermissions.approve ?? true) && userPermissions.approve,\n reject: (configPermissions.reject ?? true) && userPermissions.reject,\n };\n}\n"]}
|
|
@@ -0,0 +1,120 @@
|
|
|
1
|
+
// src/rbac/permissions.ts
|
|
2
|
+
var CRUD_ACTIONS = {
|
|
3
|
+
create: "create",
|
|
4
|
+
view: "view",
|
|
5
|
+
update: "update",
|
|
6
|
+
delete: "delete",
|
|
7
|
+
export: "export",
|
|
8
|
+
import: "import",
|
|
9
|
+
approve: "approve",
|
|
10
|
+
reject: "reject"
|
|
11
|
+
};
|
|
12
|
+
function getActionCode(operation) {
|
|
13
|
+
return CRUD_ACTIONS[operation];
|
|
14
|
+
}
|
|
15
|
+
var BYPASS_AUTH = process.env.BYPASS_AUTH === "true" || process.env.BYPASS_AUTH === "1";
|
|
16
|
+
var ADMIN_ROLE_CODES = ["admin", "SUPER_ADMIN"];
|
|
17
|
+
function getCrudPermissionsFromSession(session, entity) {
|
|
18
|
+
if (BYPASS_AUTH) {
|
|
19
|
+
return {
|
|
20
|
+
create: true,
|
|
21
|
+
view: true,
|
|
22
|
+
update: true,
|
|
23
|
+
delete: true,
|
|
24
|
+
export: true,
|
|
25
|
+
import: true,
|
|
26
|
+
approve: true,
|
|
27
|
+
reject: true
|
|
28
|
+
};
|
|
29
|
+
}
|
|
30
|
+
if (!session?.user) {
|
|
31
|
+
return {
|
|
32
|
+
create: false,
|
|
33
|
+
view: false,
|
|
34
|
+
update: false,
|
|
35
|
+
delete: false,
|
|
36
|
+
export: false,
|
|
37
|
+
import: false,
|
|
38
|
+
approve: false,
|
|
39
|
+
reject: false
|
|
40
|
+
};
|
|
41
|
+
}
|
|
42
|
+
const user = session.user;
|
|
43
|
+
if (!user.id) {
|
|
44
|
+
return {
|
|
45
|
+
create: false,
|
|
46
|
+
view: false,
|
|
47
|
+
update: false,
|
|
48
|
+
delete: false,
|
|
49
|
+
export: false,
|
|
50
|
+
import: false,
|
|
51
|
+
approve: false,
|
|
52
|
+
reject: false
|
|
53
|
+
};
|
|
54
|
+
}
|
|
55
|
+
const isAdmin = user.roles?.some((role) => ADMIN_ROLE_CODES.includes(role));
|
|
56
|
+
if (isAdmin) {
|
|
57
|
+
return {
|
|
58
|
+
create: true,
|
|
59
|
+
view: true,
|
|
60
|
+
update: true,
|
|
61
|
+
delete: true,
|
|
62
|
+
export: true,
|
|
63
|
+
import: true,
|
|
64
|
+
approve: true,
|
|
65
|
+
reject: true
|
|
66
|
+
};
|
|
67
|
+
}
|
|
68
|
+
const permissions = user.permissions || [];
|
|
69
|
+
const permissionKeys = new Set(
|
|
70
|
+
permissions.map((p) => `${p.resourceCode}:${p.actionCode}`)
|
|
71
|
+
);
|
|
72
|
+
const hasPermission = (action) => {
|
|
73
|
+
const key = `${entity}:${action}`;
|
|
74
|
+
return permissionKeys.has(key);
|
|
75
|
+
};
|
|
76
|
+
return {
|
|
77
|
+
create: hasPermission(getActionCode("create")),
|
|
78
|
+
view: hasPermission(getActionCode("view")),
|
|
79
|
+
update: hasPermission(getActionCode("update")),
|
|
80
|
+
delete: hasPermission(getActionCode("delete")),
|
|
81
|
+
export: hasPermission(getActionCode("export")),
|
|
82
|
+
import: hasPermission(getActionCode("import")),
|
|
83
|
+
approve: hasPermission(getActionCode("approve")),
|
|
84
|
+
reject: hasPermission(getActionCode("reject"))
|
|
85
|
+
};
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
// src/crud/lib/permissions.ts
|
|
89
|
+
async function getCrudPermissions(session, entity) {
|
|
90
|
+
const perms = getCrudPermissionsFromSession(session, entity);
|
|
91
|
+
return {
|
|
92
|
+
create: perms.create,
|
|
93
|
+
read: perms.view,
|
|
94
|
+
update: perms.update,
|
|
95
|
+
delete: perms.delete,
|
|
96
|
+
export: perms.export,
|
|
97
|
+
import: perms.import,
|
|
98
|
+
approve: perms.approve,
|
|
99
|
+
reject: perms.reject
|
|
100
|
+
};
|
|
101
|
+
}
|
|
102
|
+
function mergePermissions(configPermissions, userPermissions) {
|
|
103
|
+
if (!configPermissions) {
|
|
104
|
+
return userPermissions;
|
|
105
|
+
}
|
|
106
|
+
return {
|
|
107
|
+
create: (configPermissions.create ?? true) && userPermissions.create,
|
|
108
|
+
read: (configPermissions.read ?? true) && userPermissions.read,
|
|
109
|
+
update: (configPermissions.update ?? true) && userPermissions.update,
|
|
110
|
+
delete: (configPermissions.delete ?? true) && userPermissions.delete,
|
|
111
|
+
export: (configPermissions.export ?? true) && userPermissions.export,
|
|
112
|
+
import: (configPermissions.import ?? true) && userPermissions.import,
|
|
113
|
+
approve: (configPermissions.approve ?? true) && userPermissions.approve,
|
|
114
|
+
reject: (configPermissions.reject ?? true) && userPermissions.reject
|
|
115
|
+
};
|
|
116
|
+
}
|
|
117
|
+
|
|
118
|
+
export { getCrudPermissions, mergePermissions };
|
|
119
|
+
//# sourceMappingURL=server.mjs.map
|
|
120
|
+
//# sourceMappingURL=server.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/rbac/permissions.ts","../../src/crud/lib/permissions.ts"],"names":[],"mappings":";AAWO,IAAM,YAAA,GAAe;AAAA,EAC1B,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,MAAA;AAAA,EACN,MAAA,EAAQ,QAAA;AAAA,EACR,MAAA,EAAQ,QAAA;AAAA,EACR,MAAA,EAAQ,QAAA;AAAA,EACR,MAAA,EAAQ,QAAA;AAAA,EACR,OAAA,EAAS,SAAA;AAAA,EACT,MAAA,EAAQ;AACV,CAAA;AAIO,SAAS,cAAc,SAAA,EAA+B;AAC3D,EAAA,OAAO,aAAa,SAAS,CAAA;AAC/B;AAeA,IAAM,cACJ,OAAA,CAAQ,GAAA,CAAI,gBAAgB,MAAA,IAAU,OAAA,CAAQ,IAAI,WAAA,KAAgB,GAAA;AAEpE,IAAM,gBAAA,GAAmB,CAAC,OAAA,EAAS,aAAa,CAAA;AAEzC,SAAS,6BAAA,CACd,SACA,MAAA,EAUA;AACA,EAAA,IAAI,WAAA,EAAa;AACf,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,IAAA;AAAA,MACR,IAAA,EAAM,IAAA;AAAA,MACN,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,OAAA,EAAS,IAAA;AAAA,MACT,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,SAAS,IAAA,EAAM;AAClB,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,KAAA;AAAA,MACR,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,KAAA;AAAA,MACR,OAAA,EAAS,KAAA;AAAA,MACT,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAEA,EAAA,MAAM,OAAO,OAAA,CAAQ,IAAA;AAErB,EAAA,IAAI,CAAC,KAAK,EAAA,EAAI;AACZ,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,KAAA;AAAA,MACR,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,KAAA;AAAA,MACR,OAAA,EAAS,KAAA;AAAA,MACT,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAEA,EAAA,MAAM,OAAA,GAAU,KAAK,KAAA,EAAO,IAAA,CAAK,CAAC,IAAA,KAAS,gBAAA,CAAiB,QAAA,CAAS,IAAI,CAAC,CAAA;AAC1E,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,IAAA;AAAA,MACR,IAAA,EAAM,IAAA;AAAA,MACN,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,OAAA,EAAS,IAAA;AAAA,MACT,MAAA,EAAQ;AAAA,KACV;AAAA,EACF;AAEA,EAAA,MAAM,WAAA,GAAc,IAAA,CAAK,WAAA,IAAe,EAAC;AACzC,EAAA,MAAM,iBAAiB,IAAI,GAAA;AAAA,IACzB,WAAA,CAAY,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,EAAG,EAAE,YAAY,CAAA,CAAA,EAAI,CAAA,CAAE,UAAU,CAAA,CAAE;AAAA,GAC5D;AAEA,EAAA,MAAM,aAAA,GAAgB,CAAC,MAAA,KAAmB;AACxC,IAAA,MAAM,GAAA,GAAM,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA;AAC/B,IAAA,OAAO,cAAA,CAAe,IAAI,GAAG,CAAA;AAAA,EAC/B,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,aAAA,CAAc,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,IAC7C,IAAA,EAAM,aAAA,CAAc,aAAA,CAAc,MAAM,CAAC,CAAA;AAAA,IACzC,MAAA,EAAQ,aAAA,CAAc,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,IAC7C,MAAA,EAAQ,aAAA,CAAc,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,IAC7C,MAAA,EAAQ,aAAA,CAAc,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,IAC7C,MAAA,EAAQ,aAAA,CAAc,aAAA,CAAc,QAAQ,CAAC,CAAA;AAAA,IAC7C,OAAA,EAAS,aAAA,CAAc,aAAA,CAAc,SAAS,CAAC,CAAA;AAAA,IAC/C,MAAA,EAAQ,aAAA,CAAc,aAAA,CAAc,QAAQ,CAAC;AAAA,GAC/C;AACF;;;AC5HA,eAAsB,kBAAA,CACpB,SACA,MAAA,EAC0B;AAE1B,EAAA,MAAM,KAAA,GAAQ,6BAAA,CAA8B,OAAA,EAAS,MAAM,CAAA;AAC3D,EAAA,OAAO;AAAA,IACL,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,MAAM,KAAA,CAAM,IAAA;AAAA,IACZ,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,SAAS,KAAA,CAAM,OAAA;AAAA,IACf,QAAQ,KAAA,CAAM;AAAA,GAChB;AACF;AAOO,SAAS,gBAAA,CACd,mBACA,eAAA,EACiB;AACjB,EAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,IAAA,OAAO,eAAA;AAAA,EACT;AAEA,EAAA,OAAO;AAAA,IACL,MAAA,EAAA,CAAS,iBAAA,CAAkB,MAAA,IAAU,IAAA,KAAS,eAAA,CAAgB,MAAA;AAAA,IAC9D,IAAA,EAAA,CAAO,iBAAA,CAAkB,IAAA,IAAQ,IAAA,KAAS,eAAA,CAAgB,IAAA;AAAA,IAC1D,MAAA,EAAA,CAAS,iBAAA,CAAkB,MAAA,IAAU,IAAA,KAAS,eAAA,CAAgB,MAAA;AAAA,IAC9D,MAAA,EAAA,CAAS,iBAAA,CAAkB,MAAA,IAAU,IAAA,KAAS,eAAA,CAAgB,MAAA;AAAA,IAC9D,MAAA,EAAA,CAAS,iBAAA,CAAkB,MAAA,IAAU,IAAA,KAAS,eAAA,CAAgB,MAAA;AAAA,IAC9D,MAAA,EAAA,CAAS,iBAAA,CAAkB,MAAA,IAAU,IAAA,KAAS,eAAA,CAAgB,MAAA;AAAA,IAC9D,OAAA,EAAA,CAAU,iBAAA,CAAkB,OAAA,IAAW,IAAA,KAAS,eAAA,CAAgB,OAAA;AAAA,IAChE,MAAA,EAAA,CAAS,iBAAA,CAAkB,MAAA,IAAU,IAAA,KAAS,eAAA,CAAgB;AAAA,GAChE;AACF","file":"server.mjs","sourcesContent":["// @goerp/core/rbac/permissions\n// Server-only permission utilities - no client/UI imports\n// Use this in Server Components and API routes to avoid bundling client code\n\nimport type { Permission } from \"../types\";\nimport type { Session } from \"next-auth\";\n\n// ============================================================================\n// Action Mapping\n// ============================================================================\n\nexport const CRUD_ACTIONS = {\n create: \"create\",\n view: \"view\",\n update: \"update\",\n delete: \"delete\",\n export: \"export\",\n import: \"import\",\n approve: \"approve\",\n reject: \"reject\",\n} as const;\n\nexport type CrudAction = keyof typeof CRUD_ACTIONS;\n\nexport function getActionCode(operation: CrudAction): string {\n return CRUD_ACTIONS[operation];\n}\n\n// ============================================================================\n// Permission Helpers\n// ============================================================================\n\ninterface ExtendedUser {\n id: string;\n name?: string | null;\n email?: string | null;\n image?: string | null;\n roles?: string[];\n permissions?: Permission[];\n}\n\nconst BYPASS_AUTH =\n process.env.BYPASS_AUTH === \"true\" || process.env.BYPASS_AUTH === \"1\";\n\nconst ADMIN_ROLE_CODES = [\"admin\", \"SUPER_ADMIN\"];\n\nexport function getCrudPermissionsFromSession(\n session: Session | null,\n entity: string,\n): {\n create: boolean;\n view: boolean;\n update: boolean;\n delete: boolean;\n export: boolean;\n import: boolean;\n approve: boolean;\n reject: boolean;\n} {\n if (BYPASS_AUTH) {\n return {\n create: true,\n view: true,\n update: true,\n delete: true,\n export: true,\n import: true,\n approve: true,\n reject: true,\n };\n }\n\n if (!session?.user) {\n return {\n create: false,\n view: false,\n update: false,\n delete: false,\n export: false,\n import: false,\n approve: false,\n reject: false,\n };\n }\n\n const user = session.user as ExtendedUser;\n\n if (!user.id) {\n return {\n create: false,\n view: false,\n update: false,\n delete: false,\n export: false,\n import: false,\n approve: false,\n reject: false,\n };\n }\n\n const isAdmin = user.roles?.some((role) => ADMIN_ROLE_CODES.includes(role));\n if (isAdmin) {\n return {\n create: true,\n view: true,\n update: true,\n delete: true,\n export: true,\n import: true,\n approve: true,\n reject: true,\n };\n }\n\n const permissions = user.permissions || [];\n const permissionKeys = new Set(\n permissions.map((p) => `${p.resourceCode}:${p.actionCode}`),\n );\n\n const hasPermission = (action: string) => {\n const key = `${entity}:${action}`;\n return permissionKeys.has(key);\n };\n\n return {\n create: hasPermission(getActionCode(\"create\")),\n view: hasPermission(getActionCode(\"view\")),\n update: hasPermission(getActionCode(\"update\")),\n delete: hasPermission(getActionCode(\"delete\")),\n export: hasPermission(getActionCode(\"export\")),\n import: hasPermission(getActionCode(\"import\")),\n approve: hasPermission(getActionCode(\"approve\")),\n reject: hasPermission(getActionCode(\"reject\")),\n };\n}\n","import type { CrudPermissions, EntityConfig } from \"../../types\";\nimport type { Session } from \"next-auth\";\n\nimport { getCrudPermissionsFromSession } from \"../../rbac/permissions\";\n\n/**\n * Get CRUD permissions for a user based on their session\n * Permissions are read from session (loaded from cache in session callback)\n * Uses memoization to return stable object references with TTL\n */\nexport async function getCrudPermissions(\n session: Session | null,\n entity: string,\n): Promise<CrudPermissions> {\n // Get permissions from session (already loaded in JWT)\n const perms = getCrudPermissionsFromSession(session, entity);\n return {\n create: perms.create,\n read: perms.view,\n update: perms.update,\n delete: perms.delete,\n export: perms.export,\n import: perms.import,\n approve: perms.approve,\n reject: perms.reject,\n };\n}\n\n/**\n * Merge config permissions with user permissions\n * User permissions take precedence\n * Config permissions are optional, so undefined means \"allow if user has permission\"\n */\nexport function mergePermissions(\n configPermissions: EntityConfig[\"permissions\"],\n userPermissions: CrudPermissions,\n): CrudPermissions {\n if (!configPermissions) {\n return userPermissions;\n }\n\n return {\n create: (configPermissions.create ?? true) && userPermissions.create,\n read: (configPermissions.read ?? true) && userPermissions.read,\n update: (configPermissions.update ?? true) && userPermissions.update,\n delete: (configPermissions.delete ?? true) && userPermissions.delete,\n export: (configPermissions.export ?? true) && userPermissions.export,\n import: (configPermissions.import ?? true) && userPermissions.import,\n approve: (configPermissions.approve ?? true) && userPermissions.approve,\n reject: (configPermissions.reject ?? true) && userPermissions.reject,\n };\n}\n"]}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
import * as react_jsx_runtime from 'react/jsx-runtime';
|
|
2
|
+
|
|
3
|
+
interface DataTableSkeletonProps {
|
|
4
|
+
/**
|
|
5
|
+
* Number of columns to render
|
|
6
|
+
*/
|
|
7
|
+
columns: number;
|
|
8
|
+
/**
|
|
9
|
+
* Number of rows to render
|
|
10
|
+
* @default 5
|
|
11
|
+
*/
|
|
12
|
+
rows?: number;
|
|
13
|
+
/**
|
|
14
|
+
* Height of each skeleton cell
|
|
15
|
+
* @default "h-5"
|
|
16
|
+
*/
|
|
17
|
+
cellHeight?: string;
|
|
18
|
+
/**
|
|
19
|
+
* Show checkbox column skeleton
|
|
20
|
+
* @default false
|
|
21
|
+
*/
|
|
22
|
+
showCheckbox?: boolean;
|
|
23
|
+
/**
|
|
24
|
+
* Show row number column skeleton
|
|
25
|
+
* @default false
|
|
26
|
+
*/
|
|
27
|
+
showRowNumber?: boolean;
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* Skeleton loading state for DataTable
|
|
31
|
+
* Renders loading placeholder rows while data is being fetched
|
|
32
|
+
*/
|
|
33
|
+
declare function DataTableSkeleton({ columns, rows, cellHeight, showCheckbox, showRowNumber, }: DataTableSkeletonProps): react_jsx_runtime.JSX.Element;
|
|
34
|
+
/**
|
|
35
|
+
* Full table skeleton including header
|
|
36
|
+
*/
|
|
37
|
+
declare function DataTableFullSkeleton({ columns, rows, showCheckbox, showRowNumber, }: DataTableSkeletonProps): react_jsx_runtime.JSX.Element;
|
|
38
|
+
|
|
39
|
+
export { DataTableFullSkeleton as D, DataTableSkeleton as a, type DataTableSkeletonProps as b };
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
import * as react_jsx_runtime from 'react/jsx-runtime';
|
|
2
|
+
|
|
3
|
+
interface DataTableSkeletonProps {
|
|
4
|
+
/**
|
|
5
|
+
* Number of columns to render
|
|
6
|
+
*/
|
|
7
|
+
columns: number;
|
|
8
|
+
/**
|
|
9
|
+
* Number of rows to render
|
|
10
|
+
* @default 5
|
|
11
|
+
*/
|
|
12
|
+
rows?: number;
|
|
13
|
+
/**
|
|
14
|
+
* Height of each skeleton cell
|
|
15
|
+
* @default "h-5"
|
|
16
|
+
*/
|
|
17
|
+
cellHeight?: string;
|
|
18
|
+
/**
|
|
19
|
+
* Show checkbox column skeleton
|
|
20
|
+
* @default false
|
|
21
|
+
*/
|
|
22
|
+
showCheckbox?: boolean;
|
|
23
|
+
/**
|
|
24
|
+
* Show row number column skeleton
|
|
25
|
+
* @default false
|
|
26
|
+
*/
|
|
27
|
+
showRowNumber?: boolean;
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* Skeleton loading state for DataTable
|
|
31
|
+
* Renders loading placeholder rows while data is being fetched
|
|
32
|
+
*/
|
|
33
|
+
declare function DataTableSkeleton({ columns, rows, cellHeight, showCheckbox, showRowNumber, }: DataTableSkeletonProps): react_jsx_runtime.JSX.Element;
|
|
34
|
+
/**
|
|
35
|
+
* Full table skeleton including header
|
|
36
|
+
*/
|
|
37
|
+
declare function DataTableFullSkeleton({ columns, rows, showCheckbox, showRowNumber, }: DataTableSkeletonProps): react_jsx_runtime.JSX.Element;
|
|
38
|
+
|
|
39
|
+
export { DataTableFullSkeleton as D, DataTableSkeleton as a, type DataTableSkeletonProps as b };
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import * as react_jsx_runtime from 'react/jsx-runtime';
|
|
2
|
+
import * as React from 'react';
|
|
3
|
+
import * as DialogPrimitive from '@radix-ui/react-dialog';
|
|
4
|
+
|
|
5
|
+
declare const Dialog: React.FC<DialogPrimitive.DialogProps>;
|
|
6
|
+
declare const DialogTrigger: React.ForwardRefExoticComponent<DialogPrimitive.DialogTriggerProps & React.RefAttributes<HTMLButtonElement>>;
|
|
7
|
+
declare const DialogPortal: React.FC<DialogPrimitive.DialogPortalProps>;
|
|
8
|
+
declare const DialogClose: React.ForwardRefExoticComponent<DialogPrimitive.DialogCloseProps & React.RefAttributes<HTMLButtonElement>>;
|
|
9
|
+
declare const DialogOverlay: React.ForwardRefExoticComponent<Omit<DialogPrimitive.DialogOverlayProps & React.RefAttributes<HTMLDivElement>, "ref"> & React.RefAttributes<HTMLDivElement>>;
|
|
10
|
+
declare const DialogContent: React.ForwardRefExoticComponent<Omit<DialogPrimitive.DialogContentProps & React.RefAttributes<HTMLDivElement>, "ref"> & React.RefAttributes<HTMLDivElement>>;
|
|
11
|
+
declare const DialogHeader: {
|
|
12
|
+
({ className, ...props }: React.HTMLAttributes<HTMLDivElement>): react_jsx_runtime.JSX.Element;
|
|
13
|
+
displayName: string;
|
|
14
|
+
};
|
|
15
|
+
declare const DialogFooter: {
|
|
16
|
+
({ className, ...props }: React.HTMLAttributes<HTMLDivElement>): react_jsx_runtime.JSX.Element;
|
|
17
|
+
displayName: string;
|
|
18
|
+
};
|
|
19
|
+
declare const DialogTitle: React.ForwardRefExoticComponent<Omit<DialogPrimitive.DialogTitleProps & React.RefAttributes<HTMLHeadingElement>, "ref"> & React.RefAttributes<HTMLHeadingElement>>;
|
|
20
|
+
declare const DialogDescription: React.ForwardRefExoticComponent<Omit<DialogPrimitive.DialogDescriptionProps & React.RefAttributes<HTMLParagraphElement>, "ref"> & React.RefAttributes<HTMLParagraphElement>>;
|
|
21
|
+
|
|
22
|
+
export { Dialog as D, DialogClose as a, DialogContent as b, DialogDescription as c, DialogFooter as d, DialogHeader as e, DialogOverlay as f, DialogPortal as g, DialogTitle as h, DialogTrigger as i };
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import * as react_jsx_runtime from 'react/jsx-runtime';
|
|
2
|
+
import * as React from 'react';
|
|
3
|
+
import * as DialogPrimitive from '@radix-ui/react-dialog';
|
|
4
|
+
|
|
5
|
+
declare const Dialog: React.FC<DialogPrimitive.DialogProps>;
|
|
6
|
+
declare const DialogTrigger: React.ForwardRefExoticComponent<DialogPrimitive.DialogTriggerProps & React.RefAttributes<HTMLButtonElement>>;
|
|
7
|
+
declare const DialogPortal: React.FC<DialogPrimitive.DialogPortalProps>;
|
|
8
|
+
declare const DialogClose: React.ForwardRefExoticComponent<DialogPrimitive.DialogCloseProps & React.RefAttributes<HTMLButtonElement>>;
|
|
9
|
+
declare const DialogOverlay: React.ForwardRefExoticComponent<Omit<DialogPrimitive.DialogOverlayProps & React.RefAttributes<HTMLDivElement>, "ref"> & React.RefAttributes<HTMLDivElement>>;
|
|
10
|
+
declare const DialogContent: React.ForwardRefExoticComponent<Omit<DialogPrimitive.DialogContentProps & React.RefAttributes<HTMLDivElement>, "ref"> & React.RefAttributes<HTMLDivElement>>;
|
|
11
|
+
declare const DialogHeader: {
|
|
12
|
+
({ className, ...props }: React.HTMLAttributes<HTMLDivElement>): react_jsx_runtime.JSX.Element;
|
|
13
|
+
displayName: string;
|
|
14
|
+
};
|
|
15
|
+
declare const DialogFooter: {
|
|
16
|
+
({ className, ...props }: React.HTMLAttributes<HTMLDivElement>): react_jsx_runtime.JSX.Element;
|
|
17
|
+
displayName: string;
|
|
18
|
+
};
|
|
19
|
+
declare const DialogTitle: React.ForwardRefExoticComponent<Omit<DialogPrimitive.DialogTitleProps & React.RefAttributes<HTMLHeadingElement>, "ref"> & React.RefAttributes<HTMLHeadingElement>>;
|
|
20
|
+
declare const DialogDescription: React.ForwardRefExoticComponent<Omit<DialogPrimitive.DialogDescriptionProps & React.RefAttributes<HTMLParagraphElement>, "ref"> & React.RefAttributes<HTMLParagraphElement>>;
|
|
21
|
+
|
|
22
|
+
export { Dialog as D, DialogClose as a, DialogContent as b, DialogDescription as c, DialogFooter as d, DialogHeader as e, DialogOverlay as f, DialogPortal as g, DialogTitle as h, DialogTrigger as i };
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import * as react_jsx_runtime from 'react/jsx-runtime';
|
|
2
|
+
import { LucideProps, icons } from 'lucide-react';
|
|
3
|
+
|
|
4
|
+
type DynamicIconNameType = keyof typeof icons;
|
|
5
|
+
interface DynamicIconProps extends LucideProps {
|
|
6
|
+
name?: DynamicIconNameType;
|
|
7
|
+
}
|
|
8
|
+
declare function DynamicIcon({ name, ...props }: DynamicIconProps): react_jsx_runtime.JSX.Element | null;
|
|
9
|
+
|
|
10
|
+
export { DynamicIcon as D, type DynamicIconNameType as a };
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import * as react_jsx_runtime from 'react/jsx-runtime';
|
|
2
|
+
import { LucideProps, icons } from 'lucide-react';
|
|
3
|
+
|
|
4
|
+
type DynamicIconNameType = keyof typeof icons;
|
|
5
|
+
interface DynamicIconProps extends LucideProps {
|
|
6
|
+
name?: DynamicIconNameType;
|
|
7
|
+
}
|
|
8
|
+
declare function DynamicIcon({ name, ...props }: DynamicIconProps): react_jsx_runtime.JSX.Element | null;
|
|
9
|
+
|
|
10
|
+
export { DynamicIcon as D, type DynamicIconNameType as a };
|