111 lines
2.9 KiB
TypeScript
111 lines
2.9 KiB
TypeScript
import { ROLES, type LegalRole } from '~/server/utils/permissions'
|
|
|
|
export function usePermissions() {
|
|
const { organization, activeMember } = useAuth()
|
|
|
|
const currentRole = computed((): LegalRole | null => {
|
|
return (activeMember.value?.role as LegalRole) || null
|
|
})
|
|
|
|
const hasPermission = (permissions: Record<string, string[]>): boolean => {
|
|
if (!currentRole.value) return false
|
|
|
|
return organization.checkRolePermission({
|
|
permissions,
|
|
role: currentRole.value
|
|
})
|
|
}
|
|
|
|
// Specific permission helpers
|
|
const canCreateApplicationForm = computed(() =>
|
|
hasPermission({ application_form: ["create"] })
|
|
)
|
|
|
|
const canApproveApplicationForm = computed(() =>
|
|
hasPermission({ application_form: ["approve"] })
|
|
)
|
|
|
|
const canSignAgreement = computed(() =>
|
|
hasPermission({ agreement: ["sign"] })
|
|
)
|
|
|
|
const canInviteMembers = computed(() =>
|
|
hasPermission({ invitation: ["create"] })
|
|
)
|
|
|
|
const canManageOrganization = computed(() =>
|
|
hasPermission({ organization: ["update"] })
|
|
)
|
|
|
|
// Role checks
|
|
const isEmployer = computed(() => currentRole.value === ROLES.EMPLOYER)
|
|
const isEmployee = computed(() => currentRole.value === ROLES.EMPLOYEE)
|
|
const isWorksCouncilMember = computed(() => currentRole.value === ROLES.WORKS_COUNCIL_MEMBER)
|
|
const isAdmin = computed(() => currentRole.value === ROLES.ADMIN)
|
|
const isOwner = computed(() => currentRole.value === ROLES.OWNER)
|
|
|
|
const getCurrentRoleInfo = () => {
|
|
const roleInfo = {
|
|
[ROLES.EMPLOYER]: {
|
|
name: 'Arbeitgeber',
|
|
description: 'Kann Anträge genehmigen und Vereinbarungen unterzeichnen',
|
|
color: 'blue',
|
|
icon: 'i-lucide-briefcase'
|
|
},
|
|
[ROLES.EMPLOYEE]: {
|
|
name: 'Arbeitnehmer',
|
|
description: 'Kann eigene Anträge einsehen und kommentieren',
|
|
color: 'green',
|
|
icon: 'i-lucide-user'
|
|
},
|
|
[ROLES.WORKS_COUNCIL_MEMBER]: {
|
|
name: 'Betriebsrat',
|
|
description: 'Kann Anträge prüfen und Vereinbarungen unterzeichnen',
|
|
color: 'purple',
|
|
icon: 'i-lucide-users'
|
|
},
|
|
[ROLES.ADMIN]: {
|
|
name: 'Administrator',
|
|
description: 'Vollzugriff auf Organisationsverwaltung',
|
|
color: 'red',
|
|
icon: 'i-lucide-settings'
|
|
},
|
|
[ROLES.OWNER]: {
|
|
name: 'Eigentümer',
|
|
description: 'Vollzugriff und Organisationsbesitz',
|
|
color: 'yellow',
|
|
icon: 'i-lucide-crown'
|
|
}
|
|
}
|
|
|
|
return currentRole.value && currentRole.value in roleInfo ? roleInfo[currentRole.value as LegalRole] : null
|
|
}
|
|
|
|
return {
|
|
// State
|
|
currentRole,
|
|
activeMember,
|
|
|
|
// Permission checks
|
|
hasPermission,
|
|
|
|
// Role checks
|
|
isEmployer,
|
|
isEmployee,
|
|
isWorksCouncilMember,
|
|
isAdmin,
|
|
isOwner,
|
|
|
|
// Computed permissions
|
|
canCreateApplicationForm,
|
|
canApproveApplicationForm,
|
|
canSignAgreement,
|
|
canInviteMembers,
|
|
canManageOrganization,
|
|
|
|
// Utilities
|
|
getCurrentRoleInfo,
|
|
ROLES
|
|
}
|
|
}
|