major: Migration from better-auth to keycloak
This commit is contained in:
@@ -1,110 +0,0 @@
|
||||
import { ROLES, type LegalRole } from '~/server/utils/permissions'
|
||||
|
||||
export function usePermissions() {
|
||||
const { organization, activeMember } = useAuth()
|
||||
|
||||
const currentRole = computed((): LegalRole | null => {
|
||||
return (activeMember.value?.role as LegalRole) || null
|
||||
})
|
||||
|
||||
const hasPermission = (permissions: Record<string, string[]>): boolean => {
|
||||
if (!currentRole.value) return false
|
||||
|
||||
return organization.checkRolePermission({
|
||||
permissions,
|
||||
role: currentRole.value
|
||||
})
|
||||
}
|
||||
|
||||
// Specific permission helpers
|
||||
const canCreateApplicationForm = computed(() =>
|
||||
hasPermission({ application_form: ["create"] })
|
||||
)
|
||||
|
||||
const canApproveApplicationForm = computed(() =>
|
||||
hasPermission({ application_form: ["approve"] })
|
||||
)
|
||||
|
||||
const canSignAgreement = computed(() =>
|
||||
hasPermission({ agreement: ["sign"] })
|
||||
)
|
||||
|
||||
const canInviteMembers = computed(() =>
|
||||
hasPermission({ invitation: ["create"] })
|
||||
)
|
||||
|
||||
const canManageOrganization = computed(() =>
|
||||
hasPermission({ organization: ["update"] })
|
||||
)
|
||||
|
||||
// Role checks
|
||||
const isEmployer = computed(() => currentRole.value === ROLES.EMPLOYER)
|
||||
const isEmployee = computed(() => currentRole.value === ROLES.EMPLOYEE)
|
||||
const isWorksCouncilMember = computed(() => currentRole.value === ROLES.WORKS_COUNCIL_MEMBER)
|
||||
const isAdmin = computed(() => currentRole.value === ROLES.ADMIN)
|
||||
const isOwner = computed(() => currentRole.value === ROLES.OWNER)
|
||||
|
||||
const getCurrentRoleInfo = () => {
|
||||
const roleInfo = {
|
||||
[ROLES.EMPLOYER]: {
|
||||
name: 'Arbeitgeber',
|
||||
description: 'Kann Anträge genehmigen und Vereinbarungen unterzeichnen',
|
||||
color: 'blue',
|
||||
icon: 'i-lucide-briefcase'
|
||||
},
|
||||
[ROLES.EMPLOYEE]: {
|
||||
name: 'Arbeitnehmer',
|
||||
description: 'Kann eigene Anträge einsehen und kommentieren',
|
||||
color: 'green',
|
||||
icon: 'i-lucide-user'
|
||||
},
|
||||
[ROLES.WORKS_COUNCIL_MEMBER]: {
|
||||
name: 'Betriebsrat',
|
||||
description: 'Kann Anträge prüfen und Vereinbarungen unterzeichnen',
|
||||
color: 'purple',
|
||||
icon: 'i-lucide-users'
|
||||
},
|
||||
[ROLES.ADMIN]: {
|
||||
name: 'Administrator',
|
||||
description: 'Vollzugriff auf Organisationsverwaltung',
|
||||
color: 'red',
|
||||
icon: 'i-lucide-settings'
|
||||
},
|
||||
[ROLES.OWNER]: {
|
||||
name: 'Eigentümer',
|
||||
description: 'Vollzugriff und Organisationsbesitz',
|
||||
color: 'yellow',
|
||||
icon: 'i-lucide-crown'
|
||||
}
|
||||
}
|
||||
|
||||
return currentRole.value && currentRole.value in roleInfo ? roleInfo[currentRole.value as LegalRole] : null
|
||||
}
|
||||
|
||||
return {
|
||||
// State
|
||||
currentRole,
|
||||
activeMember,
|
||||
|
||||
// Permission checks
|
||||
hasPermission,
|
||||
|
||||
// Role checks
|
||||
isEmployer,
|
||||
isEmployee,
|
||||
isWorksCouncilMember,
|
||||
isAdmin,
|
||||
isOwner,
|
||||
|
||||
// Computed permissions
|
||||
canCreateApplicationForm,
|
||||
canApproveApplicationForm,
|
||||
canSignAgreement,
|
||||
canInviteMembers,
|
||||
canManageOrganization,
|
||||
|
||||
// Utilities
|
||||
getCurrentRoleInfo,
|
||||
ROLES
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user