Chris Chen
66 lines
1.9 KiB
TypeScript
66 lines
1.9 KiB
TypeScript
/** Effective action flags for one module — mirrors the C# ModuleActions DTO. */
|
|
export interface ModuleActions {
|
|
read: boolean;
|
|
write: boolean;
|
|
delete: boolean;
|
|
approve: boolean;
|
|
/** Computed server-side (true if any flag is set). */
|
|
any?: boolean;
|
|
}
|
|
|
|
export type PermissionAction = 'read' | 'write' | 'delete' | 'approve';
|
|
|
|
/**
|
|
* Canonical module names — must match the C# ROLAC.API.Authorization.Modules constants
|
|
* (PascalCase). Used by the permission directive, guard, nav, and admin page.
|
|
*/
|
|
export const PermissionModules = {
|
|
Members: 'Members',
|
|
Users: 'Users',
|
|
Givings: 'Givings',
|
|
GivingCategories: 'GivingCategories',
|
|
Expenses: 'Expenses',
|
|
ExpenseCategories: 'ExpenseCategories',
|
|
OfferingSessions: 'OfferingSessions',
|
|
Ministries: 'Ministries',
|
|
FinanceDashboard: 'FinanceDashboard',
|
|
MonthlyStatements: 'MonthlyStatements',
|
|
ChurchProfile: 'ChurchProfile',
|
|
Disbursements: 'Disbursements',
|
|
MealAttendance: 'MealAttendance',
|
|
Permissions: 'Permissions',
|
|
} as const;
|
|
|
|
/** A required permission, used in route data and the *appHasPermission directive. */
|
|
export interface PermissionRequirement {
|
|
module: string;
|
|
action: PermissionAction;
|
|
}
|
|
|
|
// ── Admin matrix DTOs (mirror C# DTOs.Permissions) ────────────────────────────
|
|
|
|
export interface ModulePermissionDto {
|
|
module: string;
|
|
canRead: boolean;
|
|
canWrite: boolean;
|
|
canDelete: boolean;
|
|
canApprove: boolean;
|
|
}
|
|
|
|
export interface RolePermissionRow {
|
|
roleName: string;
|
|
description?: string;
|
|
isSuperAdmin: boolean;
|
|
modules: ModulePermissionDto[];
|
|
}
|
|
|
|
export interface PermissionMatrixDto {
|
|
allModules: string[];
|
|
allActions: string[];
|
|
roles: RolePermissionRow[];
|
|
}
|
|
|
|
export interface UpdateRolePermissionsRequest {
|
|
modules: ModulePermissionDto[];
|
|
}
|