feat(rbac): residential-partner route lockdown + role-aware mobile nav
UAT (residential partners must have zero access to anything non-residential; no marina dashboard). Server-side their permission map already 403s every marina domain — this locks the client surface to match: - AppShell: a residential-only user (residential_clients.view && !clients.view, non-super-admin) is redirected off ANY non-residential route to /residential/clients. Blocks the marina dashboard + every marina page in one place; personal surfaces (settings, inbox) stay reachable. (Fixes F4 — they no longer land on a marina dashboard of 403-ing empty widgets.) - Mobile bottom tabs were hardcoded Dashboard/Clients/Berths regardless of role; now role-aware — residential-only users get Residential Clients/Interests instead of marina tabs they 403 on. (Fixes F5.) - e2e: stale `#email` login selector → `#identifier` (smoke helper) — a real reason the smoke auth specs fail independent of the dev-server OOM. - New crash-safe `matrix` Playwright project (role×viewport access matrix + responsive overflow sweep) — lean alternative to the full suite which OOM-crashes next dev locally. Verified: matrix run shows residential_partner redirected to residential + residential-scoped mobile tabs; 403s unchanged; tsc + eslint + 42 permission tests pass. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -1,8 +1,10 @@
|
||||
'use client';
|
||||
|
||||
import { useEffect, useState, type ComponentProps, type ReactNode } from 'react';
|
||||
import { usePathname, useRouter } from 'next/navigation';
|
||||
|
||||
import { cn } from '@/lib/utils';
|
||||
import { usePermissions } from '@/hooks/use-permissions';
|
||||
import { Sidebar } from '@/components/layout/sidebar';
|
||||
import { Topbar } from '@/components/layout/topbar';
|
||||
import { NavigationHistoryTracker } from '@/components/layout/navigation-history-tracker';
|
||||
@@ -112,6 +114,30 @@ export function AppShell({
|
||||
const currentPortId = useUIStore((s) => s.currentPortId);
|
||||
const logoUrl = currentPortSlug ? portLogoUrls[currentPortSlug] : null;
|
||||
|
||||
// Residential lockdown: a residential-only user (residential access, no
|
||||
// marina `clients.view`) must never see marina pages — including the marina
|
||||
// dashboard. The API already 403s their data; this guard blocks the *routes*,
|
||||
// redirecting any non-residential path to their residential home. Personal
|
||||
// surfaces (settings, inbox) stay reachable.
|
||||
const pathname = usePathname();
|
||||
const router = useRouter();
|
||||
const { can } = usePermissions();
|
||||
const residentialOnly =
|
||||
!isSuperAdmin && can('residential_clients', 'view') && !can('clients', 'view');
|
||||
useEffect(() => {
|
||||
if (!residentialOnly || !pathname) return;
|
||||
const [portSeg, ...rest] = pathname.split('/').filter(Boolean);
|
||||
const sub = rest.join('/');
|
||||
const allowed =
|
||||
sub === '' ||
|
||||
sub.startsWith('residential') ||
|
||||
sub.startsWith('settings') ||
|
||||
sub.startsWith('inbox');
|
||||
if (!allowed && portSeg) {
|
||||
router.replace(`/${portSeg}/residential/clients`);
|
||||
}
|
||||
}, [residentialOnly, pathname, router]);
|
||||
|
||||
useEffect(() => {
|
||||
const mqMobile = window.matchMedia(MOBILE_QUERY);
|
||||
const mqTablet = window.matchMedia(TABLET_QUERY);
|
||||
|
||||
@@ -2,9 +2,10 @@
|
||||
|
||||
import Link from 'next/link';
|
||||
import { usePathname } from 'next/navigation';
|
||||
import { Anchor, LayoutDashboard, Menu, Search, Users } from 'lucide-react';
|
||||
import { Anchor, ClipboardList, LayoutDashboard, Menu, Search, Users } from 'lucide-react';
|
||||
|
||||
import { cn } from '@/lib/utils';
|
||||
import { usePermissions } from '@/hooks/use-permissions';
|
||||
|
||||
type TabSpec = {
|
||||
label: string;
|
||||
@@ -12,16 +13,21 @@ type TabSpec = {
|
||||
segment: string; // route segment after /[portSlug]/
|
||||
};
|
||||
|
||||
// Left-of-center: Dashboard, Clients. Right-of-center: Berths, More.
|
||||
// Search occupies the center slot. Documents demoted to the MoreSheet -
|
||||
// reps reach docs less often than berths during a walking inventory check,
|
||||
// and pinned-to-client documents are accessed via the client detail anyway.
|
||||
const TABS_LEFT: TabSpec[] = [
|
||||
// Marina users: Dashboard, Clients | Berths. Search center, More right.
|
||||
const MARINA_TABS_LEFT: TabSpec[] = [
|
||||
{ label: 'Dashboard', icon: LayoutDashboard, segment: 'dashboard' },
|
||||
{ label: 'Clients', icon: Users, segment: 'clients' },
|
||||
];
|
||||
const MARINA_TABS_RIGHT: TabSpec[] = [{ label: 'Berths', icon: Anchor, segment: 'berths' }];
|
||||
|
||||
const TABS_RIGHT: TabSpec[] = [{ label: 'Berths', icon: Anchor, segment: 'berths' }];
|
||||
// Residential-only users (e.g. residential partners) never have marina access,
|
||||
// so the bottom tabs mirror their residential-only sidebar instead of showing
|
||||
// Clients/Berths they 403 on (matches the AppShell route lockdown).
|
||||
const RESIDENTIAL_TABS_LEFT: TabSpec[] = [
|
||||
{ label: 'Clients', icon: Users, segment: 'residential/clients' },
|
||||
{ label: 'Interests', icon: ClipboardList, segment: 'residential/interests' },
|
||||
];
|
||||
const RESIDENTIAL_TABS_RIGHT: TabSpec[] = [];
|
||||
|
||||
interface MobileBottomTabsProps {
|
||||
onMoreClick: () => void;
|
||||
@@ -31,6 +37,11 @@ interface MobileBottomTabsProps {
|
||||
export function MobileBottomTabs({ onMoreClick, onSearchClick }: MobileBottomTabsProps) {
|
||||
const pathname = usePathname();
|
||||
const portSlug = pathname.split('/').filter(Boolean)[0] ?? 'port-nimara';
|
||||
const { can, isSuperAdmin } = usePermissions();
|
||||
const residentialOnly =
|
||||
!isSuperAdmin && can('residential_clients', 'view') && !can('clients', 'view');
|
||||
const tabsLeft = residentialOnly ? RESIDENTIAL_TABS_LEFT : MARINA_TABS_LEFT;
|
||||
const tabsRight = residentialOnly ? RESIDENTIAL_TABS_RIGHT : MARINA_TABS_RIGHT;
|
||||
|
||||
function isActive(segment: string): boolean {
|
||||
return pathname.startsWith(`/${portSlug}/${segment}`);
|
||||
@@ -46,7 +57,7 @@ export function MobileBottomTabs({ onMoreClick, onSearchClick }: MobileBottomTab
|
||||
'flex items-end',
|
||||
)}
|
||||
>
|
||||
{TABS_LEFT.map((tab) => (
|
||||
{tabsLeft.map((tab) => (
|
||||
<NavTab key={tab.segment} tab={tab} portSlug={portSlug} active={isActive(tab.segment)} />
|
||||
))}
|
||||
|
||||
@@ -60,7 +71,7 @@ export function MobileBottomTabs({ onMoreClick, onSearchClick }: MobileBottomTab
|
||||
<span className="relative font-medium">Search</span>
|
||||
</button>
|
||||
|
||||
{TABS_RIGHT.map((tab) => (
|
||||
{tabsRight.map((tab) => (
|
||||
<NavTab key={tab.segment} tab={tab} portSlug={portSlug} active={isActive(tab.segment)} />
|
||||
))}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user