153 lines
4.3 KiB
TypeScript
153 lines
4.3 KiB
TypeScript
export type Permission =
|
|
| 'application-form:read'
|
|
| 'application-form:write'
|
|
| 'application-form:sign'
|
|
| 'application-form-template:add'
|
|
| 'application-form-template:edit'
|
|
| 'application-form-template:delete'
|
|
| 'comment:add'
|
|
| 'comment:edit'
|
|
| 'comment:delete'
|
|
|
|
export type Role =
|
|
| 'CHIEF_EXECUTIVE_OFFICER'
|
|
| 'BUSINESS_DEPARTMENT'
|
|
| 'IT_DEPARTMENT'
|
|
| 'HUMAN_RESOURCES'
|
|
| 'HEAD_OF_WORKS_COUNCIL'
|
|
| 'WORKS_COUNCIL'
|
|
| 'EMPLOYEE'
|
|
|
|
const ROLE_PERMISSIONS: Record<Role, Permission[]> = {
|
|
CHIEF_EXECUTIVE_OFFICER: [
|
|
'application-form:read',
|
|
'application-form:write',
|
|
'application-form:sign',
|
|
'application-form-template:add',
|
|
'application-form-template:edit',
|
|
'application-form-template:delete',
|
|
'comment:add',
|
|
'comment:edit',
|
|
'comment:delete'
|
|
],
|
|
HEAD_OF_WORKS_COUNCIL: [
|
|
'application-form:read',
|
|
'application-form:write',
|
|
'application-form:sign',
|
|
'application-form-template:add',
|
|
'application-form-template:edit',
|
|
'application-form-template:delete',
|
|
'comment:add',
|
|
'comment:edit',
|
|
'comment:delete'
|
|
],
|
|
BUSINESS_DEPARTMENT: [
|
|
'application-form:read',
|
|
'application-form:write',
|
|
'application-form-template:add',
|
|
'application-form-template:edit',
|
|
'application-form-template:delete',
|
|
'comment:add',
|
|
'comment:edit',
|
|
'comment:delete'
|
|
],
|
|
IT_DEPARTMENT: [
|
|
'application-form:read',
|
|
'application-form:write',
|
|
'application-form-template:add',
|
|
'application-form-template:edit',
|
|
'application-form-template:delete',
|
|
'comment:add',
|
|
'comment:edit',
|
|
'comment:delete'
|
|
],
|
|
HUMAN_RESOURCES: [
|
|
'application-form:read',
|
|
'application-form:write',
|
|
'application-form-template:add',
|
|
'application-form-template:edit',
|
|
'application-form-template:delete',
|
|
'comment:add',
|
|
'comment:edit',
|
|
'comment:delete'
|
|
],
|
|
WORKS_COUNCIL: [
|
|
'application-form:read',
|
|
'application-form:write',
|
|
'application-form-template:add',
|
|
'application-form-template:edit',
|
|
'application-form-template:delete',
|
|
'comment:add',
|
|
'comment:edit',
|
|
'comment:delete'
|
|
],
|
|
EMPLOYEE: ['application-form:read', 'comment:add', 'comment:edit']
|
|
}
|
|
|
|
export const usePermissions = () => {
|
|
const { user } = useUserSession()
|
|
|
|
const userRoles = computed<Role[]>(() => {
|
|
return (user.value?.roles ?? []) as Role[]
|
|
})
|
|
|
|
const userPermissions = computed<Permission[]>(() => {
|
|
const permissions = new Set<Permission>()
|
|
userRoles.value.forEach((role) => {
|
|
const rolePermissions = ROLE_PERMISSIONS[role] ?? []
|
|
rolePermissions.forEach((permission) => permissions.add(permission))
|
|
})
|
|
return Array.from(permissions)
|
|
})
|
|
|
|
const hasPermission = (permission: Permission): boolean => {
|
|
return userPermissions.value.includes(permission)
|
|
}
|
|
|
|
const hasAnyPermission = (permissions: Permission[]): boolean => {
|
|
return permissions.some((permission) => hasPermission(permission))
|
|
}
|
|
|
|
const hasAllPermissions = (permissions: Permission[]): boolean => {
|
|
return permissions.every((permission) => hasPermission(permission))
|
|
}
|
|
|
|
const hasRole = (role: Role): boolean => {
|
|
return userRoles.value.includes(role)
|
|
}
|
|
|
|
const hasAnyRole = (roles: Role[]): boolean => {
|
|
return roles.some((role) => hasRole(role))
|
|
}
|
|
|
|
const canReadApplicationForms = computed(() => hasPermission('application-form:read'))
|
|
const canWriteApplicationForms = computed(() => hasPermission('application-form:write'))
|
|
const canSignApplicationForms = computed(() => hasPermission('application-form:sign'))
|
|
const canAddTemplate = computed(() => hasPermission('application-form-template:add'))
|
|
const canEditTemplate = computed(() => hasPermission('application-form-template:edit'))
|
|
const canDeleteTemplate = computed(() => hasPermission('application-form-template:delete'))
|
|
const canAddComment = computed(() => hasPermission('comment:add'))
|
|
const canEditComment = computed(() => hasPermission('comment:edit'))
|
|
const canDeleteComment = computed(() => hasPermission('comment:delete'))
|
|
|
|
return {
|
|
userRoles,
|
|
userPermissions,
|
|
hasPermission,
|
|
hasAnyPermission,
|
|
hasAllPermissions,
|
|
hasRole,
|
|
hasAnyRole,
|
|
canReadApplicationForms,
|
|
canWriteApplicationForms,
|
|
canSignApplicationForms,
|
|
canAddTemplate,
|
|
canEditTemplate,
|
|
canDeleteTemplate,
|
|
canAddComment,
|
|
canEditComment,
|
|
canDeleteComment
|
|
}
|
|
}
|
|
|