import { computed } from "vue"; import { useUserStore } from "@/stores/user"; // ============================================================================ // TYPES // ============================================================================ export interface MenuItem { id?: string; title?: string; icon?: string; to?: string; divider?: boolean; chip?: string; chipColor?: string; chipVariant?: string; chipIcon?: string; children?: MenuItem[]; disabled?: boolean; type?: string; subCaption?: string; permissions?: string[]; permissionLogic?: "AND" | "OR"; roles?: string[]; roleLogic?: "AND" | "OR"; } // ============================================================================ // MENU CONFIGURATION // ============================================================================ const rawSidebarItems: MenuItem[] = [ { title: "Dashboard", icon: "custom-home-trend", to: "/dashboard", }, // ======================================================================== // SHAREHOLDER MANAGEMENT // ======================================================================== { title: "Shareholders", icon: "custom-users", to: "/shareholders", permissions: ["view shareholders", "manage shareholders"], permissionLogic: "OR", roles: ["Admin", "Finance", "SystemOwner"], roleLogic: "OR", }, { title: "Add Shareholder", icon: "custom-user-add", to: "/shareholders/create", permissions: ["manage shareholders"], roles: ["Admin", "SystemOwner"], roleLogic: "OR", }, // ======================================================================== // PAYMENTS // ======================================================================== { title: "Payments", icon: "custom-wallet", to: "/payments", permissions: ["view payments", "manage payments", "view own data"], permissionLogic: "OR", roles: ["Admin", "Finance", "SystemOwner", "Shareholder"], roleLogic: "OR", }, { title: "Record Payment", icon: "custom-shopping-bag", to: "/payments/create", permissions: ["manage payments"], roles: ["Admin", "Finance", "SystemOwner"], roleLogic: "OR", }, // ======================================================================== // INVOICES // ======================================================================== { title: "Invoices", icon: "custom-invoice", to: "/invoices", permissions: ["view invoices", "manage invoices", "view own data"], permissionLogic: "OR", roles: ["Admin", "Finance", "SystemOwner", "Shareholder"], roleLogic: "OR", }, { title: "Create Invoice", icon: "custom-table", to: "/invoices/create", permissions: ["manage invoices"], roles: ["Admin", "Finance", "SystemOwner"], roleLogic: "OR", }, // ======================================================================== // DIVIDENDS // ======================================================================== { title: "Financial Years", icon: "custom-dollar-fill", to: "/financial-years", permissions: ["view invoices", "manage invoices"], permissionLogic: "OR", roles: ["Admin", "Finance", "SystemOwner"], roleLogic: "OR", }, // ======================================================================== // REPORTS // ======================================================================== { title: "Reports", icon: "custom-graph", to: "/reports", permissions: ["view reports"], roles: ["Admin", "Finance", "SystemOwner"], roleLogic: "OR", children: [ { title: "Shareholder Summary", to: "/reports/shareholder-summary", permissions: ["view reports"], }, { title: "Payment History", to: "/reports/payment-history", permissions: ["view reports"], }, { title: "Arrears Report", to: "/reports/arrears", permissions: ["view reports"], }, { title: "Monthly Contributions", to: "/reports/monthly-contributions", permissions: ["view reports"], }, ], }, { title: "My Statement", icon: "custom-document-text", to: "/statement", permissions: ["view own data"], roles: ["Shareholder"], }, // ======================================================================== // USER MANAGEMENT // ======================================================================== { title: "User Management", icon: "custom-setting-fill", to: "/users", permissions: ["manage users"], roles: ["Admin", "SystemOwner"], roleLogic: "OR", children: [ { title: "All Users", to: "/users", permissions: ["manage users"], }, { title: "Create User", to: "/users/create", permissions: ["manage users"], }, { title: "Roles & Permissions", to: "/users/roles", permissions: ["manage roles"], }, ], }, // ======================================================================== // PROFILE // ======================================================================== { title: "My Profile", icon: "custom-user", to: "/profile", }, // ======================================================================== // AUDIT TRAIL // ======================================================================== { title: "Audit Trail", icon: "custom-history", to: "/audit-logs", permissions: ["view audit logs"], roles: ["SystemOwner"], }, ]; // ============================================================================ // UTILITY FUNCTIONS // ============================================================================ /** * Extract permission names from user permissions array */ function extractPermissionNames(permissions: any[]): string[] { if (!Array.isArray(permissions)) return []; return permissions.map((p) => (typeof p === "string" ? p : p.name)); } /** * Extract role names from user roles array */ function extractRoleNames(roles: any[]): string[] { if (!Array.isArray(roles)) return []; return roles.map((r) => (typeof r === "string" ? r : r.name)); } /** * Check if conditions match using AND/OR logic */ function checkConditions( requiredItems: string[], availableItems: string[], logic: "AND" | "OR" = "AND", ): boolean { if (requiredItems.length === 0) return true; return logic === "OR" ? requiredItems.some((item) => availableItems.includes(item)) : requiredItems.every((item) => availableItems.includes(item)); } // ============================================================================ // PERMISSION & ROLE CHECKING // ============================================================================ /** * Check if user has required permissions */ function hasRequiredPermissions( item: MenuItem, userPermissions: string[], ): boolean { if (!item.permissions?.length) return true; const logic = item.permissionLogic || "AND"; return checkConditions(item.permissions, userPermissions, logic); } /** * Check if user has required roles */ function hasRequiredRoles(item: MenuItem, userRoles: string[]): boolean { if (!item.roles?.length) return true; const logic = item.roleLogic || "AND"; return checkConditions(item.roles, userRoles, logic); } // ============================================================================ // MENU FILTERING // ============================================================================ /** * Filter menu items recursively based on permissions and roles */ function filterMenuItems( items: MenuItem[], userPermissions: string[], userRoles: string[], ): MenuItem[] { return items .filter((item) => { // Check permissions if (!hasRequiredPermissions(item, userPermissions)) { return false; } // Check roles if (!hasRequiredRoles(item, userRoles)) { return false; } return true; }) .map((item) => { if (!item.children?.length) return item; // Recursively filter children const filteredChildren = filterMenuItems( item.children, userPermissions, userRoles, ); // If parent has no valid children, hide it if (filteredChildren.length === 0) { return null; } return { ...item, children: filteredChildren }; }) .filter(Boolean) as MenuItem[]; } // ============================================================================ // REACTIVE SIDEBAR ITEMS // ============================================================================ export const sidebarItems = computed(() => { const userStore = useUserStore(); // 1. If we have a token but user not loaded → trigger fetch (non-blocking) if (userStore.token && !userStore.isLoaded && !userStore.isLoading) { userStore.fetchUser().catch(() => { // Silently fail — navigation guard will redirect anyway }); } // 2. While loading or not ready → return empty menu (no flicker) if (!userStore.isLoaded || !userStore.user) { return []; } // 3. User is fully loaded → build menu // Use abilityRules directly (your Spatie permissions) const userPermissions = userStore.abilityRules || []; const userRole = userStore.user.user_role || ""; // Optional: fallback for old role field (if you still have it) const userRoles = userStore.user.role ? [userStore.user.role] : [userRole]; return filterMenuItems(rawSidebarItems, userPermissions, userRoles); }); // ============================================================================ // COMPOSABLE API // ============================================================================ export const useFilteredMenu = () => { const userStore = useUserStore(); const refreshMenu = async () => { if (!userStore.isLoaded || !userStore.user) { await userStore.fetchUser(); } return sidebarItems.value; }; const getUserPermissions = (): string[] => { return extractPermissionNames(userStore.user?.permissions || []); }; const getUserRoles = (): string[] => { return extractRoleNames(userStore.user?.roles || []); }; const hasPermission = (permission: string): boolean => { const permissions = getUserPermissions(); return permissions.includes(permission); }; const hasAnyPermission = (permissions: string[]): boolean => { const userPermissions = getUserPermissions(); return permissions.some((p) => userPermissions.includes(p)); }; const hasAllPermissions = (permissions: string[]): boolean => { const userPermissions = getUserPermissions(); return permissions.every((p) => userPermissions.includes(p)); }; const hasRole = (role: string): boolean => { const roles = getUserRoles(); return roles.includes(role); }; const hasAnyRole = (roles: string[]): boolean => { const userRoles = getUserRoles(); return roles.some((r) => userRoles.includes(r)); }; const hasAllRoles = (roles: string[]): boolean => { const userRoles = getUserRoles(); return roles.every((r) => userRoles.includes(r)); }; return { sidebarItems, refreshMenu, getUserPermissions, getUserRoles, hasPermission, hasAnyPermission, hasAllPermissions, hasRole, hasAnyRole, hasAllRoles, }; }; export default sidebarItems;