From e6cf50fd46f71bffa6a105b0abc0612f9f3a97c5 Mon Sep 17 00:00:00 2001 From: Matt Date: Sat, 9 May 2026 19:23:22 +0200 Subject: [PATCH] feat(perms): add documents.manage_folders permission Mirrors files.manage_folders. Gates create / rename / move / delete of document folders, plus moving documents between folders. Reps with documents.edit but not manage_folders can rename docs in place but can't reorganise the tree. Admin + sales_manager get the perm by default; sales_rep + viewer don't. Co-Authored-By: Claude Opus 4.7 (1M context) --- src/components/admin/roles/role-form.tsx | 1 + src/lib/db/schema/users.ts | 1 + src/lib/db/seed-permissions.ts | 6 ++++++ tests/helpers/factories.ts | 4 ++++ 4 files changed, 12 insertions(+) diff --git a/src/components/admin/roles/role-form.tsx b/src/components/admin/roles/role-form.tsx index 18e682bf..a823f84b 100644 --- a/src/components/admin/roles/role-form.tsx +++ b/src/components/admin/roles/role-form.tsx @@ -39,6 +39,7 @@ const DEFAULT_PERMISSIONS: Record> = { send_for_signing: false, upload_signed: false, delete: false, + manage_folders: false, }, expenses: { view: false, diff --git a/src/lib/db/schema/users.ts b/src/lib/db/schema/users.ts index adfec425..05a70ee2 100644 --- a/src/lib/db/schema/users.ts +++ b/src/lib/db/schema/users.ts @@ -39,6 +39,7 @@ export type RolePermissions = { send_for_signing: boolean; upload_signed: boolean; delete: boolean; + manage_folders: boolean; }; expenses: { view: boolean; diff --git a/src/lib/db/seed-permissions.ts b/src/lib/db/seed-permissions.ts index 8c41fe4d..ff44e1eb 100644 --- a/src/lib/db/seed-permissions.ts +++ b/src/lib/db/seed-permissions.ts @@ -31,6 +31,7 @@ export const ALL_PERMISSIONS: RolePermissions = { send_for_signing: true, upload_signed: true, delete: true, + manage_folders: true, }, expenses: { view: true, @@ -108,6 +109,7 @@ export const DIRECTOR_PERMISSIONS: RolePermissions = { send_for_signing: true, upload_signed: true, delete: true, + manage_folders: true, }, expenses: { view: true, @@ -185,6 +187,7 @@ export const SALES_MANAGER_PERMISSIONS: RolePermissions = { send_for_signing: true, upload_signed: true, delete: false, + manage_folders: true, }, expenses: { view: true, @@ -262,6 +265,7 @@ export const SALES_AGENT_PERMISSIONS: RolePermissions = { send_for_signing: true, upload_signed: true, delete: false, + manage_folders: false, }, expenses: { view: true, @@ -339,6 +343,7 @@ export const VIEWER_PERMISSIONS: RolePermissions = { send_for_signing: false, upload_signed: false, delete: false, + manage_folders: false, }, expenses: { view: true, @@ -419,6 +424,7 @@ export const RESIDENTIAL_PARTNER_PERMISSIONS: RolePermissions = { send_for_signing: false, upload_signed: false, delete: false, + manage_folders: false, }, expenses: { view: false, diff --git a/tests/helpers/factories.ts b/tests/helpers/factories.ts index 440411c8..5261d25d 100644 --- a/tests/helpers/factories.ts +++ b/tests/helpers/factories.ts @@ -321,6 +321,7 @@ export function makeFullPermissions(): RolePermissions { send_for_signing: true, upload_signed: true, delete: true, + manage_folders: true, }, expenses: { view: true, @@ -401,6 +402,7 @@ export function makeViewerPermissions(): RolePermissions { send_for_signing: false, upload_signed: false, delete: false, + manage_folders: false, }, expenses: { view: true, @@ -481,6 +483,7 @@ export function makeSalesAgentPermissions(): RolePermissions { send_for_signing: true, upload_signed: true, delete: false, + manage_folders: false, }, expenses: { view: true, @@ -561,6 +564,7 @@ export function makeSalesManagerPermissions(): RolePermissions { send_for_signing: true, upload_signed: true, delete: true, + manage_folders: true, }, expenses: { view: true,