counterweight
1008eea2d9
- Updated auth-context.tsx to use new exchange permissions (CREATE_EXCHANGE, VIEW_OWN_EXCHANGES, etc.) instead of old appointment permissions (BOOK_APPOINTMENT, etc.) - Updated exchange/page.tsx, trades/page.tsx, admin/trades/page.tsx to use correct permission constants - Updated profile/page.test.tsx mock permissions - Updated admin/availability/page.tsx to use constants.exchange instead of constants.booking - Added /api/exchange/slots endpoint to return available slots for a date, filtering out already booked slots - Fixed E2E tests: - exchange.spec.ts: Wait for button to be enabled before clicking - permissions.spec.ts: Use more specific heading selector - price-history.spec.ts: Expect /exchange redirect for regular users
141 lines
3.9 KiB
TypeScript
141 lines
3.9 KiB
TypeScript
"use client";
|
|
|
|
import { createContext, useContext, useState, useEffect, useCallback, ReactNode } from "react";
|
|
|
|
import { api, ApiError } from "./api";
|
|
import { components } from "./generated/api";
|
|
|
|
// Permission type from generated OpenAPI schema
|
|
export type PermissionType = components["schemas"]["Permission"];
|
|
|
|
// Permission constants - derived from backend's Permission enum via OpenAPI.
|
|
// The type annotation ensures compile-time validation against the generated schema.
|
|
// Adding a new permission in the backend will cause a type error here until updated.
|
|
export const Permission: Record<string, PermissionType> = {
|
|
VIEW_AUDIT: "view_audit",
|
|
FETCH_PRICE: "fetch_price",
|
|
MANAGE_OWN_PROFILE: "manage_own_profile",
|
|
MANAGE_INVITES: "manage_invites",
|
|
VIEW_OWN_INVITES: "view_own_invites",
|
|
// Exchange permissions (regular users)
|
|
CREATE_EXCHANGE: "create_exchange",
|
|
VIEW_OWN_EXCHANGES: "view_own_exchanges",
|
|
CANCEL_OWN_EXCHANGE: "cancel_own_exchange",
|
|
// Availability/Exchange permissions (admin)
|
|
MANAGE_AVAILABILITY: "manage_availability",
|
|
VIEW_ALL_EXCHANGES: "view_all_exchanges",
|
|
CANCEL_ANY_EXCHANGE: "cancel_any_exchange",
|
|
COMPLETE_EXCHANGE: "complete_exchange",
|
|
} as const;
|
|
|
|
// Use generated type from OpenAPI schema
|
|
type User = components["schemas"]["UserResponse"];
|
|
|
|
interface AuthContextType {
|
|
user: User | null;
|
|
isLoading: boolean;
|
|
login: (email: string, password: string) => Promise<void>;
|
|
register: (email: string, password: string, inviteIdentifier: string) => Promise<void>;
|
|
logout: () => Promise<void>;
|
|
hasPermission: (permission: PermissionType) => boolean;
|
|
hasRole: (role: string) => boolean;
|
|
}
|
|
|
|
const AuthContext = createContext<AuthContextType | null>(null);
|
|
|
|
export function AuthProvider({ children }: { children: ReactNode }) {
|
|
const [user, setUser] = useState<User | null>(null);
|
|
const [isLoading, setIsLoading] = useState(true);
|
|
|
|
useEffect(() => {
|
|
checkAuth();
|
|
}, []);
|
|
|
|
const checkAuth = async () => {
|
|
try {
|
|
const userData = await api.get<User>("/api/auth/me");
|
|
setUser(userData);
|
|
} catch {
|
|
// Not authenticated
|
|
} finally {
|
|
setIsLoading(false);
|
|
}
|
|
};
|
|
|
|
const login = async (email: string, password: string) => {
|
|
try {
|
|
const userData = await api.post<User>("/api/auth/login", { email, password });
|
|
setUser(userData);
|
|
} catch (err) {
|
|
if (err instanceof ApiError) {
|
|
const data = err.data as { detail?: string };
|
|
throw new Error(data?.detail || "Login failed");
|
|
}
|
|
throw err;
|
|
}
|
|
};
|
|
|
|
const register = async (email: string, password: string, inviteIdentifier: string) => {
|
|
try {
|
|
const userData = await api.post<User>("/api/auth/register", {
|
|
email,
|
|
password,
|
|
invite_identifier: inviteIdentifier,
|
|
});
|
|
setUser(userData);
|
|
} catch (err) {
|
|
if (err instanceof ApiError) {
|
|
const data = err.data as { detail?: string };
|
|
throw new Error(data?.detail || "Registration failed");
|
|
}
|
|
throw err;
|
|
}
|
|
};
|
|
|
|
const logout = async () => {
|
|
try {
|
|
await api.post("/api/auth/logout");
|
|
} catch {
|
|
// Ignore errors on logout
|
|
}
|
|
setUser(null);
|
|
};
|
|
|
|
const hasPermission = useCallback(
|
|
(permission: PermissionType): boolean => {
|
|
return user?.permissions.includes(permission) ?? false;
|
|
},
|
|
[user]
|
|
);
|
|
|
|
const hasRole = useCallback(
|
|
(role: string): boolean => {
|
|
return user?.roles.includes(role) ?? false;
|
|
},
|
|
[user]
|
|
);
|
|
|
|
return (
|
|
<AuthContext.Provider
|
|
value={{
|
|
user,
|
|
isLoading,
|
|
login,
|
|
register,
|
|
logout,
|
|
hasPermission,
|
|
hasRole,
|
|
}}
|
|
>
|
|
{children}
|
|
</AuthContext.Provider>
|
|
);
|
|
}
|
|
|
|
export function useAuth() {
|
|
const context = useContext(AuthContext);
|
|
if (!context) {
|
|
throw new Error("useAuth must be used within an AuthProvider");
|
|
}
|
|
return context;
|
|
}
|