refactor(directory) : gate report actions via RBAC permissions + guard report deletion

- replace hardcoded ROLE_ADMIN check with usePermissions().can('directory.{clients,prospects}.manage') - rename misleading isAdmin prop to canManage in CommercialReportTab and ReportDocumentList - add busy guard on delete confirmation modal to prevent duplicate DELETE on double-click
2026-06-24 10:06:25 +02:00
parent 80b2fa5ce6
commit 0f14f26fd3
5 changed files with 33 additions and 21 deletions
@@ -99,7 +99,7 @@
                </template>

                <template #report>
-                    <CommercialReportTab :owner="owner" :is-admin="isAdmin" />
+                    <CommercialReportTab :owner="owner" :can-manage="canManage" />
                </template>
            </MalioTabList>
        </template>
@@ -137,8 +137,8 @@ const {
    load,
 } = useDirectoryDetail(owner)

-const authStore = useAuthStore()
-const isAdmin = computed(() => authStore.user?.roles?.includes('ROLE_ADMIN') ?? false)
+const { can } = usePermissions()
+const canManage = computed(() => can('directory.clients.manage'))

 const client = ref<Client | null>(null)
 const loading = ref(true)
@@ -119,7 +119,7 @@
                </template>

                <template #report>
-                    <CommercialReportTab :owner="owner" :is-admin="isAdmin" />
+                    <CommercialReportTab :owner="owner" :can-manage="canManage" />
                </template>
            </MalioTabList>
        </template>
@@ -157,8 +157,8 @@ const {
    load,
 } = useDirectoryDetail(owner)

-const authStore = useAuthStore()
-const isAdmin = computed(() => authStore.user?.roles?.includes('ROLE_ADMIN') ?? false)
+const { can } = usePermissions()
+const canManage = computed(() => can('directory.prospects.manage'))

 const prospect = ref<Prospect | null>(null)
 const loading = ref(true)