soroush.asadi
aebfa825cd
- Owner can define named custom roles (e.g. Barista, Supervisor) with
color, description, and a fine-grained permission set (21 permissions
across 7 categories: admin, menu, staff, customer, reports, ops, kitchen)
- Employee assigned a custom role gets its permissions embedded in the
JWT at login (customPerms claim) and parsed by TenantMiddleware —
overrides the static EmployeeRole matrix for all API permission checks
- New endpoints: GET/POST/PATCH/DELETE /api/cafes/{id}/custom-roles and
PUT /api/cafes/{id}/employees/{id}/custom-role for assignment
- Dashboard Settings → Team & Staff → Custom Roles panel with grouped
checkbox matrix, group-level toggles, color preset picker, CRUD forms,
and employee-count display; translations in fa/en/ar
- EF migration adds CustomRoles table + nullable CustomRoleId FK on Employees
- POS slip now shows per-item notes on both thermal print and bill preview
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
25 lines
829 B
C#
25 lines
829 B
C#
using Meezi.Core.Authorization;
|
|
using Meezi.Core.Enums;
|
|
|
|
namespace Meezi.Core.Interfaces;
|
|
|
|
public interface ITenantContext
|
|
{
|
|
string? UserId { get; }
|
|
string? CafeId { get; }
|
|
EmployeeRole? Role { get; }
|
|
PlanTier? PlanTier { get; }
|
|
string? Language { get; }
|
|
/// <summary>Active branch from JWT when employee is branch-scoped.</summary>
|
|
string? BranchId { get; }
|
|
bool IsSystemAdmin { get; }
|
|
bool IsAuthenticated { get; }
|
|
bool IsCafeOwner => Role == EmployeeRole.Owner;
|
|
/// <summary>
|
|
/// When non-null the employee has a custom role. These permissions override the static
|
|
/// <see cref="RolePermissions"/> matrix; the base <see cref="Role"/> still governs
|
|
/// café-wide vs. branch-scoped behaviour.
|
|
/// </summary>
|
|
IReadOnlySet<Permission>? CustomPermissions { get; }
|
|
}
|