letsbe/pn-new-crm
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
459c68a2c3b6f910bccb2f64c847500b7c05ebe4
pn-new-crm/src/components/layout/mobile/mobile-bottom-tabs.tsx
Matt 459c68a2c3
All checks were successful
Build & Push Docker Images / lint (push) Successful in 3m0s
Details
Build & Push Docker Images / build-and-push (push) Successful in 8m32s
Details
feat(rbac): residential-partner route lockdown + role-aware mobile nav 
UAT (residential partners must have zero access to anything non-residential;
no marina dashboard). Server-side their permission map already 403s every
marina domain — this locks the client surface to match:

- AppShell: a residential-only user (residential_clients.view && !clients.view,
  non-super-admin) is redirected off ANY non-residential route to
  /residential/clients. Blocks the marina dashboard + every marina page in one
  place; personal surfaces (settings, inbox) stay reachable. (Fixes F4 — they
  no longer land on a marina dashboard of 403-ing empty widgets.)
- Mobile bottom tabs were hardcoded Dashboard/Clients/Berths regardless of role;
  now role-aware — residential-only users get Residential Clients/Interests
  instead of marina tabs they 403 on. (Fixes F5.)
- e2e: stale `#email` login selector → `#identifier` (smoke helper) — a real
  reason the smoke auth specs fail independent of the dev-server OOM.
- New crash-safe `matrix` Playwright project (role×viewport access matrix +
  responsive overflow sweep) — lean alternative to the full suite which
  OOM-crashes next dev locally.

Verified: matrix run shows residential_partner redirected to residential +
residential-scoped mobile tabs; 403s unchanged; tsc + eslint + 42 permission
tests pass.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-22 15:53:22 +02:00

119 lines
4.4 KiB
TypeScript
Raw Blame History

'use client';
import Link from 'next/link';
import { usePathname } from 'next/navigation';
import { Anchor, ClipboardList, LayoutDashboard, Menu, Search, Users } from 'lucide-react';
import { cn } from '@/lib/utils';
import { usePermissions } from '@/hooks/use-permissions';
type TabSpec = {
label: string;
icon: typeof LayoutDashboard;
segment: string; // route segment after /[portSlug]/
};
// Marina users: Dashboard, Clients | Berths. Search center, More right.
const MARINA_TABS_LEFT: TabSpec[] = [
{ label: 'Dashboard', icon: LayoutDashboard, segment: 'dashboard' },
{ label: 'Clients', icon: Users, segment: 'clients' },
];
const MARINA_TABS_RIGHT: TabSpec[] = [{ label: 'Berths', icon: Anchor, segment: 'berths' }];
// Residential-only users (e.g. residential partners) never have marina access,
// so the bottom tabs mirror their residential-only sidebar instead of showing
// Clients/Berths they 403 on (matches the AppShell route lockdown).
const RESIDENTIAL_TABS_LEFT: TabSpec[] = [
{ label: 'Clients', icon: Users, segment: 'residential/clients' },
{ label: 'Interests', icon: ClipboardList, segment: 'residential/interests' },
];
const RESIDENTIAL_TABS_RIGHT: TabSpec[] = [];
interface MobileBottomTabsProps {
onMoreClick: () => void;
onSearchClick: () => void;
}
export function MobileBottomTabs({ onMoreClick, onSearchClick }: MobileBottomTabsProps) {
const pathname = usePathname();
const portSlug = pathname.split('/').filter(Boolean)[0] ?? 'port-nimara';
const { can, isSuperAdmin } = usePermissions();
const residentialOnly =
!isSuperAdmin && can('residential_clients', 'view') && !can('clients', 'view');
const tabsLeft = residentialOnly ? RESIDENTIAL_TABS_LEFT : MARINA_TABS_LEFT;
const tabsRight = residentialOnly ? RESIDENTIAL_TABS_RIGHT : MARINA_TABS_RIGHT;
function isActive(segment: string): boolean {
return pathname.startsWith(`/${portSlug}/${segment}`);
}
return (
<nav
aria-label="Primary navigation"
className={cn(
'fixed bottom-0 inset-x-0 z-40 bg-background border-t border-border',
'pb-safe-bottom',
// 5 equal-flex slots.
'flex items-end',
)}
>
{tabsLeft.map((tab) => (
<NavTab key={tab.segment} tab={tab} portSlug={portSlug} active={isActive(tab.segment)} />
))}
{/* Search button - styled identically to the other navbar tabs. */}
<button
type="button"
onClick={onSearchClick}
className="relative flex h-14 flex-1 flex-col items-center justify-center gap-0.5 text-xs text-muted-foreground transition-colors"
>
<Search className="relative size-5" aria-hidden />
<span className="relative font-medium">Search</span>
</button>
{tabsRight.map((tab) => (
<NavTab key={tab.segment} tab={tab} portSlug={portSlug} active={isActive(tab.segment)} />
))}
<button
type="button"
onClick={onMoreClick}
className="relative flex h-14 flex-1 flex-col items-center justify-center gap-0.5 text-xs text-muted-foreground transition-colors"
>
<Menu className="relative size-5" aria-hidden />
<span className="relative font-medium">More</span>
</button>
</nav>
);
}
function NavTab({ tab, portSlug, active }: { tab: TabSpec; portSlug: string; active: boolean }) {
const Icon = tab.icon;
return (
<Link
// eslint-disable-next-line @typescript-eslint/no-explicit-any
href={`/${portSlug}/${tab.segment}` as any}
aria-current={active ? 'page' : undefined}
className={cn(
'relative flex flex-1 flex-col items-center justify-center gap-0.5 h-14 text-xs transition-colors',
active ? 'text-primary' : 'text-muted-foreground',
)}
>
{/* iOS-native active indicator: a 2px accent bar at the top of
the active tab. Cleaner than a colored pill - relies on the
icon + label color change (text-primary above) to do the
primary signaling, with this bar adding just enough visual
anchor to read as "selected". */}
<span
aria-hidden
className={cn(
'absolute inset-x-0 top-0 mx-auto h-[2px] w-8 rounded-full transition-opacity',
active ? 'bg-primary opacity-100' : 'opacity-0',
)}
/>
<Icon className="relative size-5" aria-hidden />
<span className="relative font-medium">{tab.label}</span>
</Link>
);
}
Reference in New Issue View Git Blame Copy Permalink