export type Permission = | 'application-form:read' | 'application-form:write' | 'application-form:sign' | 'application-form-template:add' | 'application-form-template:edit' | 'application-form-template:delete' | 'comment:add' | 'comment:edit' | 'comment:delete' export type Role = | 'CHIEF_EXECUTIVE_OFFICER' | 'BUSINESS_DEPARTMENT' | 'IT_DEPARTMENT' | 'HUMAN_RESOURCES' | 'HEAD_OF_WORKS_COUNCIL' | 'WORKS_COUNCIL' | 'EMPLOYEE' const ROLE_PERMISSIONS: Record = { CHIEF_EXECUTIVE_OFFICER: [ 'application-form:read', 'application-form:write', 'application-form:sign', 'application-form-template:add', 'application-form-template:edit', 'application-form-template:delete', 'comment:add', 'comment:edit', 'comment:delete' ], HEAD_OF_WORKS_COUNCIL: [ 'application-form:read', 'application-form:write', 'application-form:sign', 'application-form-template:add', 'application-form-template:edit', 'application-form-template:delete', 'comment:add', 'comment:edit', 'comment:delete' ], BUSINESS_DEPARTMENT: [ 'application-form:read', 'application-form:write', 'application-form-template:add', 'application-form-template:edit', 'application-form-template:delete', 'comment:add', 'comment:edit', 'comment:delete' ], IT_DEPARTMENT: [ 'application-form:read', 'application-form:write', 'application-form-template:add', 'application-form-template:edit', 'application-form-template:delete', 'comment:add', 'comment:edit', 'comment:delete' ], HUMAN_RESOURCES: [ 'application-form:read', 'application-form:write', 'application-form-template:add', 'application-form-template:edit', 'application-form-template:delete', 'comment:add', 'comment:edit', 'comment:delete' ], WORKS_COUNCIL: [ 'application-form:read', 'application-form:write', 'application-form-template:add', 'application-form-template:edit', 'application-form-template:delete', 'comment:add', 'comment:edit', 'comment:delete' ], EMPLOYEE: ['application-form:read', 'comment:add', 'comment:edit'] } export const usePermissions = () => { const { user } = useUserSession() const userRoles = computed(() => { return (user.value?.roles ?? []) as Role[] }) const userPermissions = computed(() => { const permissions = new Set() userRoles.value.forEach((role) => { const rolePermissions = ROLE_PERMISSIONS[role] ?? [] rolePermissions.forEach((permission) => permissions.add(permission)) }) return Array.from(permissions) }) const hasPermission = (permission: Permission): boolean => { return userPermissions.value.includes(permission) } const hasAnyPermission = (permissions: Permission[]): boolean => { return permissions.some((permission) => hasPermission(permission)) } const hasAllPermissions = (permissions: Permission[]): boolean => { return permissions.every((permission) => hasPermission(permission)) } const hasRole = (role: Role): boolean => { return userRoles.value.includes(role) } const hasAnyRole = (roles: Role[]): boolean => { return roles.some((role) => hasRole(role)) } const canReadApplicationForms = computed(() => hasPermission('application-form:read')) const canWriteApplicationForms = computed(() => hasPermission('application-form:write')) const canSignApplicationForms = computed(() => hasPermission('application-form:sign')) const canAddTemplate = computed(() => hasPermission('application-form-template:add')) const canEditTemplate = computed(() => hasPermission('application-form-template:edit')) const canDeleteTemplate = computed(() => hasPermission('application-form-template:delete')) const canAddComment = computed(() => hasPermission('comment:add')) const canEditComment = computed(() => hasPermission('comment:edit')) const canDeleteComment = computed(() => hasPermission('comment:delete')) return { userRoles, userPermissions, hasPermission, hasAnyPermission, hasAllPermissions, hasRole, hasAnyRole, canReadApplicationForms, canWriteApplicationForms, canSignApplicationForms, canAddTemplate, canEditTemplate, canDeleteTemplate, canAddComment, canEditComment, canDeleteComment } }