feat: Add module visibility API endpoints
- GET /modules/visibility - get visibility settings - PUT /modules/visibility - update visibility per role - Chef can configure which modules are visible to disponent/mitarbeiter/subunternehmer
This commit is contained in:
@@ -131,6 +131,76 @@ modulesRouter.get("/check/:moduleName", authMiddleware, async (ctx) => {
|
|||||||
};
|
};
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// ============ MODULE VISIBILITY ENDPOINTS ============
|
||||||
|
|
||||||
|
// Get module visibility settings for org
|
||||||
|
modulesRouter.get("/visibility", authMiddleware, async (ctx) => {
|
||||||
|
const { org_id: orgId, role } = ctx.state.auth.user;
|
||||||
|
|
||||||
|
const visibility = await query<{
|
||||||
|
module_key: string;
|
||||||
|
role_disponent: boolean;
|
||||||
|
role_mitarbeiter: boolean;
|
||||||
|
role_subunternehmer: boolean;
|
||||||
|
}>(
|
||||||
|
`SELECT module_key, role_disponent, role_mitarbeiter, role_subunternehmer
|
||||||
|
FROM module_visibility
|
||||||
|
WHERE org_id = $1`,
|
||||||
|
[orgId]
|
||||||
|
);
|
||||||
|
|
||||||
|
// For non-chef users, filter to only their visible modules
|
||||||
|
if (role !== 'chef') {
|
||||||
|
const roleColumn = role === 'disponent' ? 'role_disponent' :
|
||||||
|
role === 'mitarbeiter' ? 'role_mitarbeiter' :
|
||||||
|
'role_subunternehmer';
|
||||||
|
|
||||||
|
const visibleModules = await query<{ module_key: string }>(
|
||||||
|
`SELECT module_key FROM module_visibility
|
||||||
|
WHERE org_id = $1 AND ${roleColumn} = true`,
|
||||||
|
[orgId]
|
||||||
|
);
|
||||||
|
|
||||||
|
ctx.response.body = {
|
||||||
|
visibility: visibleModules.map(m => m.module_key),
|
||||||
|
role
|
||||||
|
};
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
ctx.response.body = { visibility };
|
||||||
|
});
|
||||||
|
|
||||||
|
// Update module visibility (Chef only)
|
||||||
|
modulesRouter.put("/visibility", requireChef, async (ctx) => {
|
||||||
|
const { org_id: orgId } = ctx.state.auth.user;
|
||||||
|
const body = await ctx.request.body.json();
|
||||||
|
const { settings } = body;
|
||||||
|
|
||||||
|
if (!settings || !Array.isArray(settings)) {
|
||||||
|
throw new AppError("settings array required", 400);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Update each module visibility setting
|
||||||
|
for (const setting of settings) {
|
||||||
|
const { module_key, role_disponent, role_mitarbeiter, role_subunternehmer } = setting;
|
||||||
|
|
||||||
|
await execute(
|
||||||
|
`INSERT INTO module_visibility (org_id, module_key, role_disponent, role_mitarbeiter, role_subunternehmer)
|
||||||
|
VALUES ($1, $2, $3, $4, $5)
|
||||||
|
ON CONFLICT (org_id, module_key)
|
||||||
|
DO UPDATE SET
|
||||||
|
role_disponent = $3,
|
||||||
|
role_mitarbeiter = $4,
|
||||||
|
role_subunternehmer = $5,
|
||||||
|
updated_at = NOW()`,
|
||||||
|
[orgId, module_key, role_disponent ?? true, role_mitarbeiter ?? true, role_subunternehmer ?? false]
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
ctx.response.body = { message: "Module visibility updated" };
|
||||||
|
});
|
||||||
|
|
||||||
// ============ DEVELOPER PANEL ENDPOINTS ============
|
// ============ DEVELOPER PANEL ENDPOINTS ============
|
||||||
// These require the 'developer' module to be enabled and special permissions
|
// These require the 'developer' module to be enabled and special permissions
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user