forked from baron/baron-sso
feat: implement role-based UI filtering for overview and navigation
This commit is contained in:
@@ -52,9 +52,15 @@ function AppLayout() {
|
||||
const isTenantAdmin = profile?.role === "tenant_admin";
|
||||
const manageableCount = profile?.manageableTenants?.length ?? 0;
|
||||
|
||||
// Filter out restricted items for non-super admins
|
||||
const filteredItems = items.filter(item => {
|
||||
if (item.to === "/api-keys") return isSuperAdmin;
|
||||
return true;
|
||||
});
|
||||
|
||||
if (isSuperAdmin) {
|
||||
// Super Admin sees everything
|
||||
items.splice(1, 0, {
|
||||
filteredItems.splice(1, 0, {
|
||||
label: "ui.admin.nav.tenants",
|
||||
to: "/tenants",
|
||||
icon: Building2,
|
||||
@@ -62,14 +68,14 @@ function AppLayout() {
|
||||
} else if (isTenantAdmin) {
|
||||
if (manageableCount <= 1 && profile?.tenantId) {
|
||||
// Direct link if only one (or zero in array but has tenantId) tenant
|
||||
items.splice(1, 0, {
|
||||
filteredItems.splice(1, 0, {
|
||||
label: "ui.admin.nav.my_tenant",
|
||||
to: `/tenants/${profile.tenantId}`,
|
||||
icon: Building2,
|
||||
});
|
||||
} else if (manageableCount > 1) {
|
||||
// Show list menu if multiple tenants
|
||||
items.splice(1, 0, {
|
||||
filteredItems.splice(1, 0, {
|
||||
label: "ui.admin.nav.tenants",
|
||||
to: "/tenants",
|
||||
icon: Building2,
|
||||
@@ -77,7 +83,7 @@ function AppLayout() {
|
||||
}
|
||||
}
|
||||
|
||||
return items;
|
||||
return filteredItems;
|
||||
}, [profile]);
|
||||
|
||||
const handleLogout = () => {
|
||||
|
||||
@@ -17,6 +17,7 @@ import {
|
||||
CardTitle,
|
||||
} from "../../components/ui/card";
|
||||
import { t } from "../../lib/i18n";
|
||||
import { RoleGuard } from "../../components/auth/RoleGuard";
|
||||
import PermissionChecker from "./components/PermissionChecker";
|
||||
|
||||
const summaryCards = [
|
||||
@@ -178,16 +179,18 @@ function GlobalOverviewPage() {
|
||||
</CardDescription>
|
||||
</CardHeader>
|
||||
<CardContent className="space-y-3">
|
||||
<Button
|
||||
asChild
|
||||
className="w-full justify-between"
|
||||
variant="outline"
|
||||
>
|
||||
<Link to="/tenants/new">
|
||||
{t("ui.admin.overview.quick_links.add_tenant", "테넌트 추가")}
|
||||
<ArrowUpRight size={16} />
|
||||
</Link>
|
||||
</Button>
|
||||
<RoleGuard roles={["super_admin"]}>
|
||||
<Button
|
||||
asChild
|
||||
className="w-full justify-between"
|
||||
variant="outline"
|
||||
>
|
||||
<Link to="/tenants/new">
|
||||
{t("ui.admin.overview.quick_links.add_tenant", "테넌트 추가")}
|
||||
<ArrowUpRight size={16} />
|
||||
</Link>
|
||||
</Button>
|
||||
</RoleGuard>
|
||||
<Button
|
||||
asChild
|
||||
className="w-full justify-between"
|
||||
@@ -201,19 +204,21 @@ function GlobalOverviewPage() {
|
||||
<ArrowUpRight size={16} />
|
||||
</Link>
|
||||
</Button>
|
||||
<Button
|
||||
asChild
|
||||
className="w-full justify-between"
|
||||
variant="outline"
|
||||
>
|
||||
<Link to="/api-keys">
|
||||
{t(
|
||||
"ui.admin.overview.quick_links.api_key_management",
|
||||
"API 키 관리",
|
||||
)}
|
||||
<ArrowUpRight size={16} />
|
||||
</Link>
|
||||
</Button>
|
||||
<RoleGuard roles={["super_admin"]}>
|
||||
<Button
|
||||
asChild
|
||||
className="w-full justify-between"
|
||||
variant="outline"
|
||||
>
|
||||
<Link to="/api-keys">
|
||||
{t(
|
||||
"ui.admin.overview.quick_links.api_key_management",
|
||||
"API 키 관리",
|
||||
)}
|
||||
<ArrowUpRight size={16} />
|
||||
</Link>
|
||||
</Button>
|
||||
</RoleGuard>
|
||||
<Button
|
||||
asChild
|
||||
className="w-full justify-between"
|
||||
@@ -231,7 +236,9 @@ function GlobalOverviewPage() {
|
||||
</Card>
|
||||
</div>
|
||||
|
||||
<PermissionChecker />
|
||||
<RoleGuard roles={["super_admin"]}>
|
||||
<PermissionChecker />
|
||||
</RoleGuard>
|
||||
</div>
|
||||
);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user