Skip to content

feat: Add role-based permissions system (#78)#256

Draft
akash2017sky wants to merge 1 commit into
mainfrom
feat/issue-78-permissions
Draft

feat: Add role-based permissions system (#78)#256
akash2017sky wants to merge 1 commit into
mainfrom
feat/issue-78-permissions

Conversation

@akash2017sky
Copy link
Copy Markdown
Collaborator

@akash2017sky akash2017sky commented Mar 5, 2026
edited
Loading

Summary

  • Implement comprehensive RBAC with 3 roles: Admin, Agent, Client
  • Guard all ~20 API routes with requirePermission()/requireAuth() server-side checks
  • Add PermissionProvider React context with usePermissions() hook for client-side gating
  • Filter sidebar navigation, ticket actions, and internal notes by user permissions
  • Add permission management API routes (config, user overrides, audit log)
  • Add admin Permissions tab with user role overrides, role definitions display, and audit log viewer
  • JWT enrichment — permissions resolved at sign-in, no per-request disk reads

New Files

  • src/lib/permissions.ts — Core permissions service (file-based config)
  • src/lib/api-auth.ts — Server-side auth guards
  • src/components/providers/PermissionProvider.tsx — React context
  • src/components/common/PermissionGate.tsx — Conditional render component
  • src/components/common/AccessDenied.tsx — Access denied UI
  • src/components/admin/PermissionsManager.tsx — Admin permissions panel
  • src/app/api/permissions/* — 5 permission management API routes
  • data/permissions.json — Default config with role definitions

Test plan

  • Sign out and sign back in to refresh JWT with permissions
  • Verify admin user sees all sidebar nav items and admin page
  • Verify /api/permissions returns correct role and permissions
  • Test Admin > Permissions tab: change default role, add/remove user overrides
  • Verify agent role hides Admin page but shows everything else
  • Verify client role only sees own tickets, no internal notes, no admin/team/reporting
  • Verify audit log records permission changes

Closes #78

🤖 Generated with Claude Code

@akash2017sky @claude
feat: Add role-based permissions system (#78)
976f284 
Implement comprehensive RBAC with 3 roles (Admin, Agent, Client):
- Add permission types, core service, and JWT enrichment
- Guard all API routes with requirePermission/requireAuth
- Add PermissionProvider context, PermissionGate, and AccessDenied UI
- Filter sidebar nav and ticket actions by user permissions
- Add permission management API routes (config, users, audit)
- Add admin Permissions tab with user overrides and audit log

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@akash2017sky akash2017sky self-assigned this Mar 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@akash2017sky akash2017sky

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[FEAT] Permissions Management

1 participant

@akash2017sky