All files / web/src/hooks useAccessControl.tsx

99.09% Statements 219/221
97.5% Branches 39/40
100% Functions 7/7
99.09% Lines 219/221

Press n or j to go to the next uncovered block, b, p or k for the previous block. 



1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
2221x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
123x
1x
1x
1x
70x
70x
 
 
70x
70x
1x
1x
1x
3x
3x
3x
3x
3x
3x
2x
2x
2x
2x
2x
2x
2x
1x
1x
1x
56x
56x
56x
56x
56x
56x
56x
56x
56x
3x
3x
3x
3x
3x
3x
3x
3x
53x
56x
56x
56x
56x
56x
56x
56x
56x
56x
56x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
5x
5x
5x
5x
5x
5x
5x
2x
2x
3x
5x
1x
1x
2x
2x
2x
2x
2x
2x
2x
2x
2x
2x
2x
2x
5x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
53x
53x
53x
2x
2x
2x
1x
1x
1x
1x
2x
2x
2x
2x
50x
50x
50x
1x
1x
1x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
103x
 
'use client'
 
import { createContext, type ReactNode, useContext } from 'react'
import type { AccessContext, Permission, UserRole } from '../types/tutorial'
 
// Default context value (no permissions)
const defaultAccessContext: AccessContext = {
  userId: undefined,
  roles: [],
  isAuthenticated: false,
  isAdmin: false,
  canEdit: false,
  canPublish: false,
  canDelete: false,
}
 
// Create context
const AccessControlContext = createContext<AccessContext>(defaultAccessContext)
 
// Provider component
interface AccessControlProviderProps {
  children: ReactNode
  userId?: string
  roles?: UserRole[]
  isAuthenticated?: boolean
}
 
export function AccessControlProvider({
  children,
  userId,
  roles = [],
  isAuthenticated = false,
}: AccessControlProviderProps) {
  // Calculate permissions based on roles
  const permissions = roles.flatMap((role) => role.permissions)
 
  // Check if user has admin role
  const isAdmin = roles.some((role) => role.name === 'admin' || role.name === 'superuser')
 
  // Check specific permissions
  const canEdit =
    isAdmin || permissions.some((p) => p.resource === 'tutorial' && p.actions.includes('update'))
 
  const canPublish =
    isAdmin || permissions.some((p) => p.resource === 'tutorial' && p.actions.includes('publish'))
 
  const canDelete =
    isAdmin || permissions.some((p) => p.resource === 'tutorial' && p.actions.includes('delete'))
 
  const accessContext: AccessContext = {
    userId,
    roles,
    isAuthenticated,
    isAdmin,
    canEdit,
    canPublish,
    canDelete,
  }
 
  return (
    <AccessControlContext.Provider value={accessContext}>{children}</AccessControlContext.Provider>
  )
}
 
// Hook to use access control
export function useAccessControl(): AccessContext {
  const context = useContext(AccessControlContext)
  if (!context) {
    throw new Error('useAccessControl must be used within an AccessControlProvider')
  }
  return context
}
 
// Hook for conditional rendering based on permissions
export function usePermission(
  resource: Permission['resource'],
  action: Permission['actions'][number]
): boolean {
  const { isAdmin, roles } = useAccessControl()
 
  if (isAdmin) return true
 
  return roles.some((role) =>
    role.permissions.some(
      (permission) => permission.resource === resource && permission.actions.includes(action)
    )
  )
}
 
// Hook for editor access specifically
export function useEditorAccess(): {
  canAccessEditor: boolean
  canEditTutorials: boolean
  canPublishTutorials: boolean
  canDeleteTutorials: boolean
  reason?: string
} {
  const { isAuthenticated, isAdmin, canEdit, canPublish, canDelete } = useAccessControl()
 
  if (!isAuthenticated) {
    return {
      canAccessEditor: false,
      canEditTutorials: false,
      canPublishTutorials: false,
      canDeleteTutorials: false,
      reason: 'Authentication required',
    }
  }
 
  const canAccessEditor = isAdmin || canEdit
 
  return {
    canAccessEditor,
    canEditTutorials: canEdit,
    canPublishTutorials: canPublish,
    canDeleteTutorials: canDelete,
    reason: canAccessEditor ? undefined : 'Insufficient permissions',
  }
}
 
// Higher-order component for protecting routes
interface ProtectedComponentProps {
  children: ReactNode
  fallback?: ReactNode
  requirePermissions?: {
    resource: Permission['resource']
    actions: Permission['actions']
  }[]
}
 
export function ProtectedComponent({
  children,
  fallback = <div>Access denied</div>,
  requirePermissions = [],
}: ProtectedComponentProps) {
  const { isAuthenticated, roles, isAdmin } = useAccessControl()
 
  if (!isAuthenticated) {
    return <>{fallback}</>
  }
 
  if (isAdmin) {
    return <>{children}</>
  }
 
  // Check if user has all required permissions
  const hasAllPermissions = requirePermissions.every(({ resource, actions }) =>
    roles.some((role) =>
      role.permissions.some(
        (permission) =>
          permission.resource === resource &&
          actions.every((action) => permission.actions.includes(action))
      )
    )
  )
 
  if (!hasAllPermissions) {
    return <>{fallback}</>
  }
 
  return <>{children}</>
}
 
// Component for editor-specific protection
interface EditorProtectedProps {
  children: ReactNode
  fallback?: ReactNode
}
 
export function EditorProtected({ children, fallback }: EditorProtectedProps) {
  const { canAccessEditor, reason } = useEditorAccess()
 
  if (!canAccessEditor) {
    return (
      <>
        {fallback || (
          <div className="text-center p-8">
            <h2 className="text-xl font-semibold mb-2">Access Restricted</h2>
            <p className="text-gray-600">{reason}</p>
          </div>
        )}
      </>
    )
  }
 
  return <>{children}</>
}
 
// Dev mode provider (for development without auth)
export function DevAccessProvider({ children }: { children: ReactNode }) {
  const devRoles: UserRole[] = [
    {
      id: 'dev-admin',
      name: 'admin',
      permissions: [
        {
          resource: 'tutorial',
          actions: ['create', 'read', 'update', 'delete', 'publish'],
        },
        {
          resource: 'step',
          actions: ['create', 'read', 'update', 'delete'],
        },
        {
          resource: 'user',
          actions: ['read', 'update'],
        },
        {
          resource: 'system',
          actions: ['read'],
        },
      ],
    },
  ]
 
  return (
    <AccessControlProvider userId="dev-user" roles={devRoles} isAuthenticated={true}>
      {children}
    </AccessControlProvider>
  )
}
 
Code coverage generated by istanbul at 2026-05-21T17:07:01.861Z