mirror of
https://github.com/simstudioai/sim.git
synced 2026-04-28 03:00:29 -04:00
4109feecf6
* feat(invitations): added invitations query hook, migrated all tool files to use absolute imports * ack PR comments * remove dead import * remove unused hook
93 lines
2.8 KiB
TypeScript
93 lines
2.8 KiB
TypeScript
import { useMemo } from 'react'
|
|
import { createLogger } from '@sim/logger'
|
|
import { useSession } from '@/lib/auth/auth-client'
|
|
import type { WorkspacePermissions } from '@/hooks/queries/workspace'
|
|
|
|
export type PermissionType = 'admin' | 'write' | 'read'
|
|
|
|
const logger = createLogger('useUserPermissions')
|
|
|
|
export interface WorkspaceUserPermissions {
|
|
// Core permission checks
|
|
canRead: boolean
|
|
canEdit: boolean
|
|
canAdmin: boolean
|
|
|
|
// Utility properties
|
|
userPermissions: PermissionType
|
|
isLoading: boolean
|
|
error: string | null
|
|
}
|
|
|
|
/**
|
|
* Custom hook to check current user's permissions within a workspace
|
|
* This version accepts workspace permissions to avoid duplicate API calls
|
|
*
|
|
* @param workspacePermissions - The workspace permissions data
|
|
* @param permissionsLoading - Whether permissions are currently loading
|
|
* @param permissionsError - Any error from fetching permissions
|
|
* @returns Object containing permission flags and utility properties
|
|
*/
|
|
export function useUserPermissions(
|
|
workspacePermissions: WorkspacePermissions | null,
|
|
permissionsLoading = false,
|
|
permissionsError: string | null = null
|
|
): WorkspaceUserPermissions {
|
|
const { data: session } = useSession()
|
|
|
|
const userPermissions = useMemo((): WorkspaceUserPermissions => {
|
|
const sessionEmail = session?.user?.email
|
|
if (permissionsLoading || !sessionEmail) {
|
|
return {
|
|
canRead: false,
|
|
canEdit: false,
|
|
canAdmin: false,
|
|
userPermissions: 'read',
|
|
isLoading: permissionsLoading,
|
|
error: permissionsError,
|
|
}
|
|
}
|
|
|
|
// Find current user in workspace permissions (case-insensitive)
|
|
const currentUser = workspacePermissions?.users?.find(
|
|
(user) => user.email.toLowerCase() === sessionEmail.toLowerCase()
|
|
)
|
|
|
|
// If user not found in workspace, they have no permissions
|
|
if (!currentUser) {
|
|
logger.warn('User not found in workspace permissions', {
|
|
userEmail: sessionEmail,
|
|
hasPermissions: !!workspacePermissions,
|
|
userCount: workspacePermissions?.users?.length || 0,
|
|
})
|
|
|
|
return {
|
|
canRead: false,
|
|
canEdit: false,
|
|
canAdmin: false,
|
|
userPermissions: 'read',
|
|
isLoading: false,
|
|
error: permissionsError || 'User not found in workspace',
|
|
}
|
|
}
|
|
|
|
const userPerms = currentUser.permissionType || 'read'
|
|
|
|
// Core permission checks
|
|
const canAdmin = userPerms === 'admin'
|
|
const canEdit = userPerms === 'write' || userPerms === 'admin'
|
|
const canRead = true // If user is found in workspace permissions, they have read access
|
|
|
|
return {
|
|
canRead,
|
|
canEdit,
|
|
canAdmin,
|
|
userPermissions: userPerms,
|
|
isLoading: false,
|
|
error: permissionsError,
|
|
}
|
|
}, [session, workspacePermissions, permissionsLoading, permissionsError])
|
|
|
|
return userPermissions
|
|
}
|