MALIO-DEV/Inventory_frontend
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f1cc21c31b41f6c047b9fa37b43e54d82f16c849
Inventory_frontend/app/composables/useProfileSession.ts
Matthieu cc70fe2b29 feat(permissions) : add role-based UI guards and readonly mode for viewers 
- Add usePermissions composable (isAdmin, canEdit, canView)
- Password-protected profile login with modal on profiles page
- Disable all form fields for ROLE_VIEWER across edit/create pages
- Show navigation buttons (Modifier/Consulter) for all roles, hide delete for viewers
- Add readonly prop to ModelTypeForm for category pages
- Disable modal fields (sites, constructeurs) for viewers
- Guard /admin routes in middleware

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-26 13:36:42 +01:00

79 lines
2.1 KiB
TypeScript
Raw Blame History

import { useState, useRuntimeConfig } from '#imports'
import type { Profile } from './useProfiles'
const buildUrl = (path: string): string => {
const config = useRuntimeConfig()
const base = ((config.public.apiBaseUrl as string) || '').replace(/\/$/, '')
return `${base}${path}`
}
export function useProfileSession() {
const activeProfile = useState<Profile | null>('profileSession:active', () => null)
const sessionLoaded = useState<boolean>('profileSession:loaded', () => false)
const loading = useState<boolean>('profileSession:loading', () => false)
const fetchCurrentProfile = async (): Promise<Profile | null> => {
loading.value = true
try {
activeProfile.value = await $fetch<Profile>(buildUrl('/session/profile'), {
method: 'GET',
credentials: 'include',
})
} catch (error) {
const err = error as { status?: number }
if (err?.status === 401) {
activeProfile.value = null
} else {
console.error('Erreur lors du chargement du profil actif', error)
activeProfile.value = null
}
} finally {
sessionLoaded.value = true
loading.value = false
}
return activeProfile.value
}
const ensureSession = (): Promise<Profile | null> => {
if (!sessionLoaded.value) {
return fetchCurrentProfile()
}
return Promise.resolve(activeProfile.value)
}
const activateProfile = async (profileId: string, password?: string): Promise<void> => {
const body: Record<string, string> = { profileId }
if (password) {
body.password = password
}
await $fetch(buildUrl('/session/profile'), {
method: 'POST',
credentials: 'include',
body,
})
await fetchCurrentProfile()
}
const logout = async (): Promise<void> => {
try {
await $fetch(buildUrl('/session/profile'), {
method: 'DELETE',
credentials: 'include',
})
} finally {
activeProfile.value = null
sessionLoaded.value = true
}
}
return {
activeProfile,
loading,
sessionLoaded,
ensureSession,
fetchCurrentProfile,
activateProfile,
logout,
}
}
Reference in New Issue View Git Blame Copy Permalink