feat: role-based sidebar visibility and landing redirect
- Vendor (platform:admin): sees only TENANTS in sidebar - Tenant admin (tenant:manage): sees Dashboard, License, OIDC, Team, Settings - Regular user (operator/viewer): redirected to server dashboard directly - LandingRedirect checks scopes in priority order: vendor > admin > server Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
@@ -6,6 +6,7 @@ import { OrgResolver } from './auth/OrgResolver';
|
||||
import { Layout } from './components/Layout';
|
||||
import { RequireScope } from './components/RequireScope';
|
||||
import { useScopes } from './auth/useScopes';
|
||||
import { useOrgStore } from './auth/useOrganization';
|
||||
|
||||
import { VendorTenantsPage } from './pages/vendor/VendorTenantsPage';
|
||||
import { CreateTenantPage } from './pages/vendor/CreateTenantPage';
|
||||
@@ -18,10 +19,21 @@ import { SettingsPage } from './pages/tenant/SettingsPage';
|
||||
|
||||
function LandingRedirect() {
|
||||
const scopes = useScopes();
|
||||
const { organizations, currentOrgId } = useOrgStore();
|
||||
const currentOrg = organizations.find((o) => o.id === currentOrgId);
|
||||
|
||||
// Vendor → vendor console
|
||||
if (scopes.has('platform:admin')) {
|
||||
return <Navigate to="/vendor/tenants" replace />;
|
||||
}
|
||||
return <Navigate to="/tenant" replace />;
|
||||
// Tenant admin → tenant portal
|
||||
if (scopes.has('tenant:manage')) {
|
||||
return <Navigate to="/tenant" replace />;
|
||||
}
|
||||
// Regular user (operator/viewer) → server dashboard directly
|
||||
const serverUrl = currentOrg?.slug ? `/t/${currentOrg.slug}/` : '/server/';
|
||||
window.location.href = serverUrl;
|
||||
return null;
|
||||
}
|
||||
|
||||
export function AppRouter() {
|
||||
|
||||
Reference in New Issue
Block a user