Added account permissions and ui for recipient

2025-11-26 13:03:52 +03:00
parent fcb5ab4f2c
commit 357af99564
23 changed files with 507 additions and 70 deletions
--- a/frontend/pweb/lib/services/permissions.dart
+++ b/frontend/pweb/lib/services/permissions.dart
@@ -0,0 +1,117 @@
+import 'package:pshared/models/describable.dart';
+import 'package:pshared/models/permissions/access.dart';
+import 'package:pshared/models/permissions/action.dart';
+import 'package:pshared/models/permissions/action_effect.dart';
+import 'package:pshared/models/permissions/data/permission.dart';
+import 'package:pshared/models/permissions/data/permissions.dart';
+import 'package:pshared/models/permissions/data/policy.dart';
+import 'package:pshared/models/permissions/data/role.dart';
+import 'package:pshared/models/permissions/descriptions/permissions.dart';
+import 'package:pshared/models/permissions/descriptions/policy.dart';
+import 'package:pshared/models/permissions/descriptions/role.dart';
+import 'package:pshared/models/permissions/effect.dart';
+import 'package:pshared/models/resources.dart';
+import 'package:pshared/models/storable.dart';
+
+import 'mock_ids.dart';
+
+class PermissionsService {
+  static const String _objectType = 'permissions';
+
+  Future<UserAccess> loadForAccount(String accountRef) async {
+    await Future.delayed(const Duration(milliseconds: 200));
+    final baseAccess = _buildMockUserAccess();
+
+    final roles = [...baseAccess.permissions.roles];
+    final permissions = [...baseAccess.permissions.permissions];
+    final policies = [...baseAccess.permissions.policies];
+
+    final hasAccount = roles.any((r) => r.accountRef == accountRef);
+    if (!hasAccount) {
+      roles.add(Role(accountRef: accountRef, descriptionRef: recipientRoleId, organizationRef: mockOrganizationRef));
+    }
+
+    final relevantRoleRefs = roles
+        .where((r) => r.accountRef == accountRef)
+        .map((r) => r.descriptionRef)
+        .toSet();
+
+    final filteredPolicies = permissions
+        .where((p) => p.accountRef == accountRef && relevantRoleRefs.contains(p.policy.roleDescriptionRef))
+        .toList();
+
+    return UserAccess(
+      descriptions: baseAccess.descriptions,
+      permissions: PermissionsData(
+        roles: roles.where((r) => r.accountRef == accountRef).toList(),
+        policies: policies.where((p) => relevantRoleRefs.contains(p.roleDescriptionRef)).toList(),
+        permissions: filteredPolicies,
+      ),
+    );
+  }
+
+  UserAccess _buildMockUserAccess() {
+    final roleDescriptions = [
+      RoleDescription(
+        storable: newStorable(id: companyRoleId),
+        describable: newDescribable(name: 'Компания'),
+        organizationRef: mockOrganizationRef,
+      ),
+      RoleDescription(
+        storable: newStorable(id: recipientRoleId),
+        describable: newDescribable(name: 'Получатель'),
+        organizationRef: mockOrganizationRef,
+      ),
+    ];
+
+    final policyDescriptions = [
+      PolicyDescription(
+        storable: newStorable(id: accountsPolicyDescriptionId),
+        describable: newDescribable(name: 'Управление аккаунтами'),
+        resourceTypes: const [ResourceType.accounts],
+        organizationRef: mockOrganizationRef,
+      ),
+      PolicyDescription(
+        storable: newStorable(id: rolesPolicyDescriptionId),
+        describable: newDescribable(name: 'Управление ролями'),
+        resourceTypes: const [ResourceType.roles],
+        organizationRef: mockOrganizationRef,
+      ),
+    ];
+
+    final companyAccountsPolicy = Policy(
+      roleDescriptionRef: companyRoleId,
+      organizationRef: mockOrganizationRef,
+      descriptionRef: accountsPolicyDescriptionId,
+      objectRef: null,
+      effect: const ActionEffect(action: Action.read, effect: Effect.allow),
+    );
+
+    final companyRolesPolicy = Policy(
+      roleDescriptionRef: companyRoleId,
+      organizationRef: mockOrganizationRef,
+      descriptionRef: rolesPolicyDescriptionId,
+      objectRef: null,
+      effect: const ActionEffect(action: Action.read, effect: Effect.allow),
+    );
+
+    final roles = [
+      Role(accountRef: companyAccountRef, descriptionRef: companyRoleId, organizationRef: mockOrganizationRef),
+      Role(accountRef: recipientAccountRef, descriptionRef: recipientRoleId, organizationRef: mockOrganizationRef),
+    ];
+
+    final permissions = [
+      Permission(policy: companyAccountsPolicy, accountRef: companyAccountRef),
+      Permission(policy: companyRolesPolicy, accountRef: companyAccountRef),
+    ];
+
+    return UserAccess(
+      descriptions: PermissionsDescription(roles: roleDescriptions, policies: policyDescriptions),
+      permissions: PermissionsData(
+        roles: roles,
+        policies: [companyAccountsPolicy, companyRolesPolicy],
+        permissions: permissions,
+      ),
+    );
+  }
+}