229 lines
7.9 KiB
TypeScript
229 lines
7.9 KiB
TypeScript
import { PrivilegeChecker } from '../core/PageManager/pageInterface';
|
|
|
|
// Function to get current user privilege from localStorage (where it's cached)
|
|
const getCurrentUserPrivilege = (): string | null => {
|
|
try {
|
|
const userData = localStorage.getItem('currentUser');
|
|
console.log('🔍 Raw user data from localStorage:', userData);
|
|
|
|
if (userData) {
|
|
const user = JSON.parse(userData);
|
|
console.log('🔍 Parsed user object:', user);
|
|
console.log('🔍 User privilege:', user.privilege);
|
|
return user.privilege || null;
|
|
}
|
|
console.log('❌ No user data found in localStorage');
|
|
return null;
|
|
} catch (error) {
|
|
console.error('Error getting user privilege from localStorage:', error);
|
|
return null;
|
|
}
|
|
};
|
|
|
|
// Generic privilege checker for localStorage-based data with expiration
|
|
export const createLocalStoragePrivilegeChecker = (
|
|
dataKey: string,
|
|
timestampKey: string,
|
|
expirationHours: number = 24
|
|
): PrivilegeChecker => {
|
|
return (): boolean => {
|
|
try {
|
|
const savedData = localStorage.getItem(dataKey);
|
|
const timestamp = localStorage.getItem(timestampKey);
|
|
|
|
console.log(`🔍 Checking privilege for ${dataKey}:`, {
|
|
savedData: !!savedData,
|
|
timestamp
|
|
});
|
|
|
|
if (savedData && timestamp) {
|
|
const dataTime = parseInt(timestamp);
|
|
const now = Date.now();
|
|
const hoursDiff = (now - dataTime) / (1000 * 60 * 60);
|
|
|
|
console.log(`📊 Privilege validation for ${dataKey}:`, {
|
|
dataTime,
|
|
now,
|
|
hoursDiff,
|
|
isValid: hoursDiff < expirationHours
|
|
});
|
|
|
|
return hoursDiff < expirationHours;
|
|
}
|
|
|
|
console.log(`❌ No privilege data found for ${dataKey}`);
|
|
return false;
|
|
} catch (error) {
|
|
console.error(`Error checking privilege for ${dataKey}:`, error);
|
|
return false;
|
|
}
|
|
};
|
|
};
|
|
|
|
// Generic privilege checker for user roles/permissions
|
|
export const createRolePrivilegeChecker = (
|
|
requiredRoles: string[],
|
|
getUserRoles: () => string[] | Promise<string[]>
|
|
): PrivilegeChecker => {
|
|
return async (): Promise<boolean> => {
|
|
try {
|
|
const userRoles = await getUserRoles();
|
|
const hasRequiredRole = requiredRoles.some(role => userRoles.includes(role));
|
|
|
|
console.log(`🔍 Checking role privilege:`, {
|
|
requiredRoles,
|
|
userRoles,
|
|
hasRequiredRole
|
|
});
|
|
|
|
return hasRequiredRole;
|
|
} catch (error) {
|
|
console.error('Error checking role privilege:', error);
|
|
return false;
|
|
}
|
|
};
|
|
};
|
|
|
|
// Generic privilege checker for feature flags
|
|
export const createFeatureFlagChecker = (
|
|
featureFlag: string,
|
|
getFeatureFlags: () => Record<string, boolean> | Promise<Record<string, boolean>>
|
|
): PrivilegeChecker => {
|
|
return async (): Promise<boolean> => {
|
|
try {
|
|
const flags = await getFeatureFlags();
|
|
const isEnabled = flags[featureFlag] === true;
|
|
|
|
console.log(`🔍 Checking feature flag ${featureFlag}:`, {
|
|
isEnabled,
|
|
allFlags: flags
|
|
});
|
|
|
|
return isEnabled;
|
|
} catch (error) {
|
|
console.error(`Error checking feature flag ${featureFlag}:`, error);
|
|
return false;
|
|
}
|
|
};
|
|
};
|
|
|
|
// Generic privilege checker for authentication status
|
|
export const createAuthPrivilegeChecker = (
|
|
isAuthenticated: () => boolean | Promise<boolean>
|
|
): PrivilegeChecker => {
|
|
return async (): Promise<boolean> => {
|
|
try {
|
|
const authenticated = await isAuthenticated();
|
|
console.log(`🔍 Checking authentication status:`, { authenticated });
|
|
return authenticated;
|
|
} catch (error) {
|
|
console.error('Error checking authentication status:', error);
|
|
return false;
|
|
}
|
|
};
|
|
};
|
|
|
|
// Helper function to create custom privilege checkers
|
|
export const createCustomPrivilegeChecker = (
|
|
checkFunction: () => boolean | Promise<boolean>
|
|
): PrivilegeChecker => {
|
|
return checkFunction;
|
|
};
|
|
|
|
// Predefined privilege checkers for common use cases
|
|
export const privilegeCheckers = {
|
|
// Speech signup checker (existing functionality)
|
|
speechSignup: createLocalStoragePrivilegeChecker(
|
|
'speechSignUpData',
|
|
'speechSignUpTimestamp',
|
|
24
|
|
),
|
|
|
|
// Admin role checker - for admin and sysadmin users
|
|
adminRole: createRolePrivilegeChecker(
|
|
['admin', 'sysadmin'],
|
|
() => {
|
|
const userPrivilege = getCurrentUserPrivilege();
|
|
console.log('🔍 Admin role check - user privilege:', userPrivilege);
|
|
console.log('🔍 Admin role check - required roles: [admin, sysadmin]');
|
|
console.log('🔍 Admin role check - user roles array:', userPrivilege ? [userPrivilege] : []);
|
|
return Promise.resolve(userPrivilege ? [userPrivilege] : []);
|
|
}
|
|
),
|
|
|
|
// Sysadmin role checker - for sysadmin only
|
|
sysadminRole: createRolePrivilegeChecker(
|
|
['sysadmin'],
|
|
() => {
|
|
const userPrivilege = getCurrentUserPrivilege();
|
|
return Promise.resolve(userPrivilege ? [userPrivilege] : []);
|
|
}
|
|
),
|
|
|
|
// Premium user checker
|
|
premiumUser: createLocalStoragePrivilegeChecker(
|
|
'premiumUserData',
|
|
'premiumUserTimestamp',
|
|
24 * 30 // 30 days
|
|
),
|
|
|
|
// Feature flag checker
|
|
betaFeatures: createFeatureFlagChecker(
|
|
'betaFeatures',
|
|
() => {
|
|
// This would typically come from your feature flag service
|
|
const flags = JSON.parse(localStorage.getItem('featureFlags') || '{}');
|
|
return Promise.resolve(flags);
|
|
}
|
|
),
|
|
|
|
// Authentication checker
|
|
authenticated: createAuthPrivilegeChecker(
|
|
() => {
|
|
// This would typically come from your auth context
|
|
const token = localStorage.getItem('authToken');
|
|
return Promise.resolve(!!token);
|
|
}
|
|
),
|
|
|
|
// User role checker - for user, admin, and sysadmin access
|
|
userRole: createRolePrivilegeChecker(
|
|
['user', 'admin', 'sysadmin'],
|
|
() => {
|
|
const userPrivilege = getCurrentUserPrivilege();
|
|
return Promise.resolve(userPrivilege ? [userPrivilege] : []);
|
|
}
|
|
),
|
|
|
|
// Viewer role checker - for viewer, user, admin, and sysadmin access (all levels)
|
|
viewerRole: createRolePrivilegeChecker(
|
|
['viewer', 'user', 'admin', 'sysadmin'],
|
|
() => {
|
|
const userPrivilege = getCurrentUserPrivilege();
|
|
console.log('🔍 Viewer role check - user privilege:', userPrivilege);
|
|
console.log('🔍 Viewer role check - required roles: [viewer, user, admin, sysadmin]');
|
|
console.log('🔍 Viewer role check - user roles array:', userPrivilege ? [userPrivilege] : []);
|
|
return Promise.resolve(userPrivilege ? [userPrivilege] : []);
|
|
}
|
|
),
|
|
|
|
// Subscription checker - for paid features
|
|
hasSubscription: createLocalStoragePrivilegeChecker(
|
|
'subscriptionData',
|
|
'subscriptionTimestamp',
|
|
24 * 7 // 7 days
|
|
),
|
|
|
|
// Mandate checker - for users who have submitted their mandate
|
|
hasMandate: createLocalStoragePrivilegeChecker(
|
|
'mandateData',
|
|
'mandateTimestamp',
|
|
24 * 30 // 30 days
|
|
),
|
|
|
|
// Always allow access (for public pages)
|
|
alwaysAllow: createCustomPrivilegeChecker(() => true),
|
|
|
|
// Never allow access (for disabled features)
|
|
neverAllow: createCustomPrivilegeChecker(() => false)
|
|
};
|