4e6467ffb0
- Build complete Next.js CRM for commercial real estate - Add authentication with JWT sessions and role-based access - Add GoHighLevel API integration for contacts, conversations, opportunities - Add AI-powered Control Center with tool calling - Add Setup page with onboarding checklist (/setup) - Add sidebar navigation with Setup menu item - Fix type errors in onboarding API, GHL services, and control center tools - Add Prisma schema with SQLite for local development - Add UI components with clay morphism design system Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
81 lines
2.3 KiB
TypeScript
81 lines
2.3 KiB
TypeScript
import { Role } from '@/types/auth';
|
|
|
|
export const PERMISSIONS = {
|
|
// User permissions
|
|
VIEW_DASHBOARD: 'view_dashboard',
|
|
VIEW_CONTACTS: 'view_contacts',
|
|
MANAGE_CONTACTS: 'manage_contacts',
|
|
VIEW_CONVERSATIONS: 'view_conversations',
|
|
SEND_MESSAGES: 'send_messages',
|
|
VIEW_OPPORTUNITIES: 'view_opportunities',
|
|
MANAGE_OPPORTUNITIES: 'manage_opportunities',
|
|
VIEW_REPORTS: 'view_reports',
|
|
|
|
// Admin permissions
|
|
VIEW_ALL_USERS: 'view_all_users',
|
|
MANAGE_USERS: 'manage_users',
|
|
VIEW_SETTINGS: 'view_settings',
|
|
MANAGE_SETTINGS: 'manage_settings',
|
|
VIEW_AUDIT_LOG: 'view_audit_log',
|
|
|
|
// Super Admin permissions
|
|
MANAGE_API_KEYS: 'manage_api_keys',
|
|
MANAGE_SYSTEM: 'manage_system',
|
|
IMPERSONATE_USER: 'impersonate_user',
|
|
} as const;
|
|
|
|
export type Permission = typeof PERMISSIONS[keyof typeof PERMISSIONS];
|
|
|
|
export const ROLE_PERMISSIONS: Record<Role, Permission[]> = {
|
|
USER: [
|
|
PERMISSIONS.VIEW_DASHBOARD,
|
|
PERMISSIONS.VIEW_CONTACTS,
|
|
PERMISSIONS.MANAGE_CONTACTS,
|
|
PERMISSIONS.VIEW_CONVERSATIONS,
|
|
PERMISSIONS.SEND_MESSAGES,
|
|
PERMISSIONS.VIEW_OPPORTUNITIES,
|
|
PERMISSIONS.MANAGE_OPPORTUNITIES,
|
|
PERMISSIONS.VIEW_REPORTS,
|
|
],
|
|
ADMIN: [
|
|
// All USER permissions
|
|
PERMISSIONS.VIEW_DASHBOARD,
|
|
PERMISSIONS.VIEW_CONTACTS,
|
|
PERMISSIONS.MANAGE_CONTACTS,
|
|
PERMISSIONS.VIEW_CONVERSATIONS,
|
|
PERMISSIONS.SEND_MESSAGES,
|
|
PERMISSIONS.VIEW_OPPORTUNITIES,
|
|
PERMISSIONS.MANAGE_OPPORTUNITIES,
|
|
PERMISSIONS.VIEW_REPORTS,
|
|
// Plus ADMIN permissions
|
|
PERMISSIONS.VIEW_ALL_USERS,
|
|
PERMISSIONS.MANAGE_USERS,
|
|
PERMISSIONS.VIEW_SETTINGS,
|
|
PERMISSIONS.VIEW_AUDIT_LOG,
|
|
],
|
|
SUPER_ADMIN: [
|
|
// All permissions
|
|
...Object.values(PERMISSIONS),
|
|
],
|
|
};
|
|
|
|
export function hasPermission(role: Role, permission: Permission): boolean {
|
|
return ROLE_PERMISSIONS[role]?.includes(permission) ?? false;
|
|
}
|
|
|
|
export function hasAnyPermission(role: Role, permissions: Permission[]): boolean {
|
|
return permissions.some(p => hasPermission(role, p));
|
|
}
|
|
|
|
export function hasAllPermissions(role: Role, permissions: Permission[]): boolean {
|
|
return permissions.every(p => hasPermission(role, p));
|
|
}
|
|
|
|
export function isAdmin(role: Role): boolean {
|
|
return role === 'ADMIN' || role === 'SUPER_ADMIN';
|
|
}
|
|
|
|
export function isSuperAdmin(role: Role): boolean {
|
|
return role === 'SUPER_ADMIN';
|
|
}
|