feat(tags): enhance tag management with permission checks

- Integrated user permissions for tag creation, updating, and deletion in the TagManager component.
- Updated API routes to enforce permission checks for tag operations.
- Added new permissions for managing tags in the roles configuration.
- Improved error handling for unauthorized access in tag-related operations.
This commit is contained in:
Mauricio Siu
2026-03-19 01:27:54 -06:00
parent aca1c6f621
commit fff91157c4
6 changed files with 127 additions and 40 deletions

View File

@@ -84,11 +84,9 @@ export const apiCreateTag = createSchema.pick({
color: true,
});
export const apiFindOneTag = createSchema
.pick({
tagId: true,
})
.required();
export const apiFindOneTag = z.object({
tagId: z.string().min(1),
});
export const apiRemoveTag = createSchema
.pick({

View File

@@ -44,6 +44,7 @@ export const statements = {
domain: ["read", "create", "delete"],
destination: ["read", "create", "delete"],
notification: ["read", "create", "update", "delete"],
tag: ["read", "create", "update", "delete"],
logs: ["read"],
monitoring: ["read"],
auditLog: ["read"],
@@ -69,6 +70,7 @@ export const enterpriseOnlyResources = new Set<string>([
"domain",
"destination",
"notification",
"tag",
"logs",
"monitoring",
"auditLog",
@@ -107,6 +109,7 @@ export const ownerRole = ac.newRole({
domain: ["read", "create", "delete"],
destination: ["read", "create", "delete"],
notification: ["read", "create", "update", "delete"],
tag: ["read", "create", "update", "delete"],
logs: ["read"],
monitoring: ["read"],
auditLog: ["read"],
@@ -143,6 +146,7 @@ export const adminRole = ac.newRole({
domain: ["read", "create", "delete"],
destination: ["read", "create", "delete"],
notification: ["read", "create", "update", "delete"],
tag: ["read", "create", "update", "delete"],
logs: ["read"],
monitoring: ["read"],
auditLog: ["read"],
@@ -186,5 +190,6 @@ export const memberRole = ac.newRole({
certificate: [],
destination: [],
notification: [],
tag: ["read"],
auditLog: [],
});