194 lines
5.0 KiB
Markdown
194 lines
5.0 KiB
Markdown
# Frontend Role Migration - isAdmin → role
|
|
|
|
## 🎯 Overview
|
|
|
|
Migrated frontend from `isAdmin: boolean` to `role: 'USER' | 'MANAGEMENT' | 'ADMIN'` to match the new backend RBAC system.
|
|
|
|
---
|
|
|
|
## ✅ Files Updated
|
|
|
|
### 1. **Type Definitions**
|
|
|
|
#### `src/contexts/AuthContext.tsx`
|
|
- ✅ Updated `User` interface: `isAdmin?: boolean` → `role?: 'USER' | 'MANAGEMENT' | 'ADMIN'`
|
|
- ✅ Added helper functions:
|
|
- `isAdmin(user)` - Checks if user is ADMIN
|
|
- `isManagement(user)` - Checks if user is MANAGEMENT
|
|
- `hasManagementAccess(user)` - Checks if user is MANAGEMENT or ADMIN
|
|
- `hasAdminAccess(user)` - Checks if user is ADMIN (same as isAdmin)
|
|
|
|
#### `src/services/authApi.ts`
|
|
- ✅ Updated `TokenExchangeResponse` interface: `isAdmin: boolean` → `role: 'USER' | 'MANAGEMENT' | 'ADMIN'`
|
|
|
|
---
|
|
|
|
### 2. **Components Updated**
|
|
|
|
#### `src/pages/Dashboard/Dashboard.tsx`
|
|
**Changes:**
|
|
- ✅ Imported `isAdmin as checkIsAdmin` from AuthContext
|
|
- ✅ Updated role check: `(user as any)?.isAdmin || false` → `checkIsAdmin(user)`
|
|
- ✅ All conditional rendering now uses the helper function
|
|
|
|
**Admin Features (shown only for ADMIN role):**
|
|
- Organization-wide analytics
|
|
- Admin View badge
|
|
- Export button
|
|
- Department-wise workflow summary
|
|
- Priority distribution report
|
|
- TAT breach report
|
|
- AI remark utilization report
|
|
- Approver performance report
|
|
|
|
---
|
|
|
|
#### `src/pages/Settings/Settings.tsx`
|
|
**Changes:**
|
|
- ✅ Imported `isAdmin as checkIsAdmin` from AuthContext
|
|
- ✅ Updated role check: `(user as any)?.isAdmin` → `checkIsAdmin(user)`
|
|
|
|
**Admin Features:**
|
|
- Configuration Manager tab
|
|
- Holiday Manager tab
|
|
- System Settings tab
|
|
|
|
---
|
|
|
|
#### `src/pages/Profile/Profile.tsx`
|
|
**Changes:**
|
|
- ✅ Imported `isAdmin` and `isManagement` helpers from AuthContext
|
|
- ✅ Added `Users` icon import for Management badge
|
|
- ✅ Updated all `user?.isAdmin` checks to use `isAdmin(user)`
|
|
- ✅ Added Management badge display for MANAGEMENT role
|
|
- ✅ Updated role display to show:
|
|
- **Administrator** badge (yellow) for ADMIN
|
|
- **Management** badge (blue) for MANAGEMENT
|
|
- **User** badge (gray) for USER
|
|
|
|
**New Visual Indicators:**
|
|
- 🟡 Yellow shield icon for ADMIN users
|
|
- 🔵 Blue users icon for MANAGEMENT users
|
|
- Role badge on profile card
|
|
- Role badge in header section
|
|
|
|
---
|
|
|
|
#### `src/pages/Auth/AuthenticatedApp.tsx`
|
|
**Changes:**
|
|
- ✅ Updated console log: `'Is Admin:', user.isAdmin` → `'Role:', user.role`
|
|
|
|
---
|
|
|
|
## 🎨 **Visual Changes**
|
|
|
|
### Profile Page Badges
|
|
|
|
**Before:**
|
|
```
|
|
🟡 Administrator (only for admins)
|
|
```
|
|
|
|
**After:**
|
|
```
|
|
🟡 Administrator (for ADMIN)
|
|
🔵 Management (for MANAGEMENT)
|
|
```
|
|
|
|
### Role Display
|
|
|
|
**Before:**
|
|
- Administrator / User
|
|
|
|
**After:**
|
|
- Administrator (yellow badge, green checkmark)
|
|
- Management (blue badge, green checkmark)
|
|
- User (gray badge, no checkmark)
|
|
|
|
---
|
|
|
|
## 🔧 **Helper Functions Usage**
|
|
|
|
### In Components:
|
|
|
|
```typescript
|
|
import { useAuth, isAdmin, isManagement, hasManagementAccess } from '@/contexts/AuthContext';
|
|
|
|
const { user } = useAuth();
|
|
|
|
// Check if user is admin
|
|
if (isAdmin(user)) {
|
|
// Show admin-only features
|
|
}
|
|
|
|
// Check if user is management
|
|
if (isManagement(user)) {
|
|
// Show management-only features
|
|
}
|
|
|
|
// Check if user has management access (MANAGEMENT or ADMIN)
|
|
if (hasManagementAccess(user)) {
|
|
// Show features for both management and admin
|
|
}
|
|
```
|
|
|
|
---
|
|
|
|
## 🚀 **Migration Benefits**
|
|
|
|
1. **Type Safety** - Role is now a union type, catching errors at compile time
|
|
2. **Flexibility** - Easy to add more roles (e.g., AUDITOR, VIEWER)
|
|
3. **Granular Access** - Can differentiate between MANAGEMENT and ADMIN
|
|
4. **Consistency** - Frontend now matches backend RBAC system
|
|
5. **Helper Functions** - Cleaner code with reusable role checks
|
|
|
|
---
|
|
|
|
## 📊 **Access Levels**
|
|
|
|
| Feature | USER | MANAGEMENT | ADMIN |
|
|
|---------|------|------------|-------|
|
|
| View own requests | ✅ | ✅ | ✅ |
|
|
| View own dashboard | ✅ | ✅ | ✅ |
|
|
| View all requests | ❌ | ✅ | ✅ |
|
|
| View organization-wide analytics | ❌ | ✅ | ✅ |
|
|
| Export data | ❌ | ❌ | ✅ |
|
|
| Manage system configuration | ❌ | ❌ | ✅ |
|
|
| Manage holidays | ❌ | ❌ | ✅ |
|
|
| View TAT breach reports | ❌ | ❌ | ✅ |
|
|
| View approver performance | ❌ | ❌ | ✅ |
|
|
|
|
---
|
|
|
|
## ✅ **Testing Checklist**
|
|
|
|
- [ ] Login as USER - verify limited access
|
|
- [ ] Login as MANAGEMENT - verify read access to all data
|
|
- [ ] Login as ADMIN - verify full access
|
|
- [ ] Profile page shows correct role badge
|
|
- [ ] Dashboard shows appropriate views per role
|
|
- [ ] Settings page shows tabs only for ADMIN
|
|
- [ ] No console errors related to role checks
|
|
|
|
---
|
|
|
|
## 🔄 **Backward Compatibility**
|
|
|
|
**None** - This is a breaking change. All users must be assigned a role in the database:
|
|
|
|
```sql
|
|
-- Default all users to USER role
|
|
UPDATE users SET role = 'USER' WHERE role IS NULL;
|
|
|
|
-- Assign specific roles
|
|
UPDATE users SET role = 'ADMIN' WHERE email = 'admin@royalenfield.com';
|
|
UPDATE users SET role = 'MANAGEMENT' WHERE email = 'manager@royalenfield.com';
|
|
```
|
|
|
|
---
|
|
|
|
## 🎉 **Deployment Ready**
|
|
|
|
All changes are complete and linter-clean. Frontend now fully supports the new RBAC system!
|
|
|