This PR lays the groundwork for a role-based permission system that will be used to provide fine-grained controls over which users can access specific dashboard features.
Most of the work is in the backend to create database tables and authentication system triggers that link a signed-in user to available permissions.
Some initial UI elements have been added including a user profile which shows available deployment permissions, and reusable code to handle hiding from view specific features dependent on user role (not fully implement for all existing pages)
Main Changes
[x] DB types and table to support auth roles
[x] DB function to assign user JWT token based on auth roles
[x] UI directive to limit access dependent on roles
[x] Dashboard pages to view current user role
[x] Deployment default role settings
Follow-ups (TODO)
[ ] Update all existing UI to restrict features as required
[ ] Update seed scripts to include means to assign roles to demo users
[ ] Super-admin priviledges for setting user roles
[ ] Enable hook once deployed to production
[ ] Add created_by to all tables to allow users to edit own content
[ ] Migrate to docs repo
Discussion
Initial feedback from UoR
Default roles (all have view access to translations and resources)
How best to communicate with in-country partners?
What permissions should technical team and UoR have?
Preview
Link to app preview if relevant
Screenshots / Videos
Example - sign-in and sign-out, profile display page with available deployments and specific per-deployment permissions. Example UI update to hide Deployments navbar menu item when user does not have deployments admin permission
Description
This PR lays the groundwork for a role-based permission system that will be used to provide fine-grained controls over which users can access specific dashboard features.
Most of the work is in the backend to create database tables and authentication system triggers that link a signed-in user to available permissions.
Some initial UI elements have been added including a user profile which shows available deployment permissions, and reusable code to handle hiding from view specific features dependent on user role (not fully implement for all existing pages)
Main Changes
Follow-ups (TODO)
Discussion
Preview
Link to app preview if relevant
Screenshots / Videos
Example - sign-in and sign-out, profile display page with available deployments and specific per-deployment permissions. Example UI update to hide
Deploymentsnavbar menu item when user does not havedeployments adminpermissionScreenity video - Apr 1, 2024.webm