Adds the ability to set up read only users, adds linking filtering

2024-01-03 21:42:30 -08:00
parent 48f70ef93d
commit 810c3aacb2
10 changed files with 192 additions and 63 deletions
--- a/src/cljc/auto_ap/permissions.cljc
+++ b/src/cljc/auto_ap/permissions.cljc
@@ -0,0 +1,55 @@
+(ns auto-ap.permissions)
+
+(defn can? [user {:keys [client subject activity]}]
+  (let [role (or (:user/role user) (:role user) user)]
+    (println "ROLE IS" role)
+    (cond (#{:user-role/admin "admin"} role)
+          true
+
+          (#{:user-role/power-user "power-user"} role)
+          (cond
+            (#{:invoice-page :payment-page :my-company-page :transaction-page :ledger-page} subject)
+            true
+
+            (= [:vendor :create] [subject activity])
+            true
+
+            (= [:vendor :edit] [subject activity])
+            true
+
+            :else false)
+
+          (#{:user-role/manager "manager"} role)
+          (cond
+            (#{:invoice-page :payment-page :my-company-page :transaction-page} subject)
+            true
+
+            (= [:vendor :create] [subject activity])
+            true
+
+            (= [:vendor :edit] [subject activity])
+            true
+
+            :else false)
+
+          (#{:user-role/read-only "read-only"} role)
+          (cond
+            (= :ledger-page subject) true
+
+            :else false)
+
+          (#{:user-role/user "user"} role)
+          (cond
+            (#{:invoice-page :payment-page :my-company-page :transaction-page :ledger-page} subject)
+            true
+
+            (= [:vendor :create] [subject activity])
+            true
+
+            (= [:vendor :edit] [subject activity])
+            true
+
+            :else false)
+
+          :else
+          false)))