Scott.Idem/OSIT-AE-App-Svelte
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Stabilized hierarchical permissions and implemented strict visibility gating.

Browse Source 
Standardized access level hierarchy (super > manager > administrator > trusted) and added hierarchical comparison utilities to 'ae_util'.

Refactored IDAA layout to use an 'Upgrade-Only' permission strategy, preventing context-specific identifications from downgrading global Manager privileges.

Implemented strict gated filtering in the Journal Entry list: hidden and disabled items now correctly require both the appropriate hierarchical role (Trusted/Admin) AND active Edit Mode.
This commit is contained in:
Scott Idem
2026-02-16 17:12:24 -05:00
parent fb724411d3
commit f96f7069a4
8 changed files with 95 additions and 121 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/lib/ae_utils/ae_utils.ts
View File

@@ -9,7 +9,7 @@ import {
import { get_obj_li_w_match_prop } from './ae_utils__get_obj_li_w_match_prop';
import { file_extension_icon } from './ae_utils__file_extension_icon';
import { file_extension_icon_lucide } from './ae_utils__file_extension_icon_lucide';
import { process_permission_checks } from './ae_utils__perm_checks';
import { process_permission_checks, compare_access_levels } from './ae_utils__perm_checks';
import { iso_datetime_formatter } from './ae_utils__datetime_format';
import { is_datetime_recent } from './ae_utils__is_datetime_recent';
import { extract_prefixed_form_data } from './ae_utils__extract_prefixed_form_data';
@@ -331,6 +331,7 @@ function shorten_filename({
export const ae_util = {
is_datetime_recent: is_datetime_recent,
process_permission_checks: process_permission_checks,
compare_access_levels: compare_access_levels,
iso_datetime_formatter: iso_datetime_formatter,
clean_filename: clean_filename,
format_bytes: format_bytes,

27
src/lib/ae_utils/ae_utils__perm_checks.ts
View File

@@ -2,7 +2,34 @@ type key_val = {
[key: string]: any;
};
// Hierarchical Order (Highest to Lowest)
export const access_level_order = [
'super',
'manager',
'administrator',
'trusted',
'public',
'authenticated',
'anonymous'
];
/**
* Compares two access levels based on the hierarchy.
* @returns 1 if level_a is higher, -1 if level_b is higher, 0 if equal.
*/
export const compare_access_levels = function (level_a: string, level_b: string): number {
const index_a = access_level_order.indexOf(level_a || 'anonymous');
const index_b = access_level_order.indexOf(level_b || 'anonymous');
// LOWER index means HIGHER priority in the array
if (index_a < index_b) return 1;
if (index_a > index_b) return -1;
return 0;
};
// NOTE: I know there is a better more efficient way to do this, but I don't have time for that right now.
// Reminder: super > manager > administrator > trusted > public > authenticated > anonymous
// Super is the highest level. Anonymous is the lowest level.
export const process_permission_checks = function process_permission_checks(access_type: string) {
// let access_checks = { 'access_type': null, 'super_check': null };
const access_checks: key_val = {};