package rbac import "Yimaru-Backend/internal/domain" var AllPermissions = []domain.PermissionSeed{ // Course Management - Categories {Key: "course_categories.create", Name: "Create Course Category", Description: "Create a new course category", GroupName: "Course Categories"}, {Key: "course_categories.list", Name: "List Course Categories", Description: "List all course categories", GroupName: "Course Categories"}, {Key: "course_categories.get", Name: "Get Course Category", Description: "Get a course category by ID", GroupName: "Course Categories"}, {Key: "course_categories.update", Name: "Update Course Category", Description: "Update a course category", GroupName: "Course Categories"}, {Key: "course_categories.delete", Name: "Delete Course Category", Description: "Delete a course category", GroupName: "Course Categories"}, {Key: "course_categories.reorder", Name: "Reorder Course Categories", Description: "Reorder course categories", GroupName: "Course Categories"}, // Course Management - Courses {Key: "courses.create", Name: "Create Course", Description: "Create a new course", GroupName: "Courses"}, {Key: "courses.get", Name: "Get Course", Description: "Get a course by ID", GroupName: "Courses"}, {Key: "courses.list_by_category", Name: "List Courses by Category", Description: "List courses by category", GroupName: "Courses"}, {Key: "courses.update", Name: "Update Course", Description: "Update a course", GroupName: "Courses"}, {Key: "courses.upload_thumbnail", Name: "Upload Course Thumbnail", Description: "Upload course thumbnail image", GroupName: "Courses"}, {Key: "courses.delete", Name: "Delete Course", Description: "Delete a course", GroupName: "Courses"}, {Key: "courses.reorder", Name: "Reorder Courses", Description: "Reorder courses", GroupName: "Courses"}, // Course Management - Sub-courses {Key: "subcourses.create", Name: "Create Sub-course", Description: "Create a new sub-course", GroupName: "Sub-courses"}, {Key: "subcourses.get", Name: "Get Sub-course", Description: "Get a sub-course by ID", GroupName: "Sub-courses"}, {Key: "subcourses.list_by_course", Name: "List Sub-courses by Course", Description: "List sub-courses by course", GroupName: "Sub-courses"}, {Key: "subcourses.list_by_course_list", Name: "List Sub-courses by Course (list)", Description: "List sub-courses by course (list view)", GroupName: "Sub-courses"}, {Key: "subcourses.list_active", Name: "List Active Sub-courses", Description: "List active sub-courses", GroupName: "Sub-courses"}, {Key: "subcourses.update", Name: "Update Sub-course", Description: "Update a sub-course", GroupName: "Sub-courses"}, {Key: "subcourses.upload_thumbnail", Name: "Upload Sub-course Thumbnail", Description: "Upload sub-course thumbnail", GroupName: "Sub-courses"}, {Key: "subcourses.deactivate", Name: "Deactivate Sub-course", Description: "Deactivate a sub-course", GroupName: "Sub-courses"}, {Key: "subcourses.delete", Name: "Delete Sub-course", Description: "Delete a sub-course", GroupName: "Sub-courses"}, {Key: "subcourses.reorder", Name: "Reorder Sub-courses", Description: "Reorder sub-courses", GroupName: "Sub-courses"}, // Course Management - Videos {Key: "videos.create", Name: "Create Video", Description: "Create a sub-course video", GroupName: "Videos"}, {Key: "videos.create_vimeo", Name: "Create Vimeo Video", Description: "Create a video with Vimeo", GroupName: "Videos"}, {Key: "videos.upload", Name: "Upload Video", Description: "Upload a video file", GroupName: "Videos"}, {Key: "videos.import_vimeo", Name: "Import Vimeo Video", Description: "Import video from Vimeo ID", GroupName: "Videos"}, {Key: "videos.get", Name: "Get Video", Description: "Get video by ID", GroupName: "Videos"}, {Key: "videos.list_by_subcourse", Name: "List Videos by Sub-course", Description: "List videos by sub-course", GroupName: "Videos"}, {Key: "videos.list_published", Name: "List Published Videos", Description: "List published videos by sub-course", GroupName: "Videos"}, {Key: "videos.publish", Name: "Publish Video", Description: "Publish a video", GroupName: "Videos"}, {Key: "videos.update", Name: "Update Video", Description: "Update a video", GroupName: "Videos"}, {Key: "videos.delete", Name: "Delete Video", Description: "Delete a video", GroupName: "Videos"}, {Key: "videos.reorder", Name: "Reorder Videos", Description: "Reorder videos", GroupName: "Videos"}, // Learning Tree {Key: "learning_tree.get", Name: "Get Learning Tree", Description: "Get full learning tree", GroupName: "Learning Tree"}, {Key: "practices.reorder", Name: "Reorder Practices", Description: "Reorder practices", GroupName: "Learning Tree"}, // Questions {Key: "questions.create", Name: "Create Question", Description: "Create a new question", GroupName: "Questions"}, {Key: "questions.list", Name: "List Questions", Description: "List all questions", GroupName: "Questions"}, {Key: "questions.search", Name: "Search Questions", Description: "Search questions", GroupName: "Questions"}, {Key: "questions.get", Name: "Get Question", Description: "Get question by ID", GroupName: "Questions"}, {Key: "questions.update", Name: "Update Question", Description: "Update a question", GroupName: "Questions"}, {Key: "questions.delete", Name: "Delete Question", Description: "Delete a question", GroupName: "Questions"}, // Question Sets {Key: "question_sets.create", Name: "Create Question Set", Description: "Create a question set", GroupName: "Question Sets"}, {Key: "question_sets.list", Name: "List Question Sets", Description: "List question sets by type", GroupName: "Question Sets"}, {Key: "question_sets.list_by_owner", Name: "List Question Sets by Owner", Description: "List question sets by owner", GroupName: "Question Sets"}, {Key: "question_sets.get", Name: "Get Question Set", Description: "Get question set by ID", GroupName: "Question Sets"}, {Key: "question_sets.update", Name: "Update Question Set", Description: "Update a question set", GroupName: "Question Sets"}, {Key: "question_sets.delete", Name: "Delete Question Set", Description: "Delete a question set", GroupName: "Question Sets"}, // Question Set Items {Key: "question_set_items.add", Name: "Add Question to Set", Description: "Add a question to a set", GroupName: "Question Set Items"}, {Key: "question_set_items.list", Name: "List Questions in Set", Description: "List questions in a set", GroupName: "Question Set Items"}, {Key: "question_set_items.remove", Name: "Remove Question from Set", Description: "Remove a question from a set", GroupName: "Question Set Items"}, {Key: "question_set_items.update_order", Name: "Update Question Order", Description: "Update question order in set", GroupName: "Question Set Items"}, // Question Set Personas {Key: "question_set_personas.list", Name: "List Personas", Description: "List personas in a question set", GroupName: "Question Set Personas"}, {Key: "question_set_personas.add", Name: "Add Persona", Description: "Add persona to question set", GroupName: "Question Set Personas"}, {Key: "question_set_personas.remove", Name: "Remove Persona", Description: "Remove persona from question set", GroupName: "Question Set Personas"}, // Subscription Plans {Key: "subscription_plans.create", Name: "Create Subscription Plan", Description: "Create a subscription plan", GroupName: "Subscription Plans"}, {Key: "subscription_plans.update", Name: "Update Subscription Plan", Description: "Update a subscription plan", GroupName: "Subscription Plans"}, {Key: "subscription_plans.delete", Name: "Delete Subscription Plan", Description: "Delete a subscription plan", GroupName: "Subscription Plans"}, // Subscriptions {Key: "subscriptions.create", Name: "Create Subscription", Description: "Create subscription (admin)", GroupName: "Subscriptions"}, {Key: "subscriptions.checkout", Name: "Checkout Subscription", Description: "Initiate subscription payment", GroupName: "Subscriptions"}, {Key: "subscriptions.get_mine", Name: "Get My Subscription", Description: "Get own subscription", GroupName: "Subscriptions"}, {Key: "subscriptions.history", Name: "Subscription History", Description: "Get subscription history", GroupName: "Subscriptions"}, {Key: "subscriptions.status", Name: "Check Subscription Status", Description: "Check subscription status", GroupName: "Subscriptions"}, {Key: "subscriptions.cancel", Name: "Cancel Subscription", Description: "Cancel a subscription", GroupName: "Subscriptions"}, {Key: "subscriptions.set_auto_renew", Name: "Set Auto Renew", Description: "Set auto-renew on subscription", GroupName: "Subscriptions"}, // Payments {Key: "payments.initiate", Name: "Initiate Payment", Description: "Initiate subscription payment", GroupName: "Payments"}, {Key: "payments.verify", Name: "Verify Payment", Description: "Verify a payment", GroupName: "Payments"}, {Key: "payments.list_mine", Name: "List My Payments", Description: "List own payments", GroupName: "Payments"}, {Key: "payments.get", Name: "Get Payment", Description: "Get payment by ID", GroupName: "Payments"}, {Key: "payments.cancel", Name: "Cancel Payment", Description: "Cancel a payment", GroupName: "Payments"}, {Key: "payments.direct_initiate", Name: "Initiate Direct Payment", Description: "Initiate direct payment", GroupName: "Payments"}, {Key: "payments.direct_verify_otp", Name: "Verify Direct Payment OTP", Description: "Verify OTP for direct payment", GroupName: "Payments"}, // Users {Key: "users.list", Name: "List Users", Description: "List all users", GroupName: "Users"}, {Key: "users.get", Name: "Get User", Description: "Get user by ID", GroupName: "Users"}, {Key: "users.update_self", Name: "Update Own Profile", Description: "Update own user profile", GroupName: "Users"}, {Key: "users.update_status", Name: "Update User Status", Description: "Activate/deactivate users", GroupName: "Users"}, {Key: "users.delete", Name: "Delete User", Description: "Delete a user", GroupName: "Users"}, {Key: "users.delete_self", Name: "Request Own Account Deletion", Description: "Request own account deletion with grace period", GroupName: "Users"}, {Key: "users.cancel_delete_self", Name: "Cancel Own Account Deletion", Description: "Cancel own pending account deletion request", GroupName: "Users"}, {Key: "users.purge_due_deletions", Name: "Purge Due Account Deletions", Description: "Purge users whose deletion grace period has elapsed", GroupName: "Users"}, {Key: "users.deletion_requests.list", Name: "List Account Deletion Requests", Description: "List account deletion requests for admin tracking", GroupName: "Users"}, {Key: "users.search", Name: "Search Users", Description: "Search users by name or phone", GroupName: "Users"}, {Key: "users.profile_completed", Name: "Check Profile Completed", Description: "Check if user profile is completed", GroupName: "Users"}, {Key: "users.upload_profile_picture", Name: "Upload Profile Picture", Description: "Upload user profile picture", GroupName: "Users"}, {Key: "users.admin_profile", Name: "View Admin Profile", Description: "View admin profile", GroupName: "Users"}, {Key: "users.user_profile", Name: "View User Profile", Description: "View user profile", GroupName: "Users"}, // Admins {Key: "admins.list", Name: "List Admins", Description: "List all admin users", GroupName: "Admins"}, {Key: "admins.get", Name: "Get Admin", Description: "Get admin by ID", GroupName: "Admins"}, {Key: "admins.create", Name: "Create Admin", Description: "Create a new admin", GroupName: "Admins"}, {Key: "admins.update", Name: "Update Admin", Description: "Update an admin", GroupName: "Admins"}, // Logs {Key: "logs.list", Name: "List Logs", Description: "List system logs", GroupName: "Logs"}, {Key: "activity_logs.list", Name: "List Activity Logs", Description: "List activity logs", GroupName: "Logs"}, {Key: "activity_logs.get", Name: "Get Activity Log", Description: "Get activity log by ID", GroupName: "Logs"}, // Notifications {Key: "notifications.ws_connect", Name: "WebSocket Connect", Description: "Connect to WebSocket notifications", GroupName: "Notifications"}, {Key: "notifications.list_mine", Name: "List My Notifications", Description: "List own notifications", GroupName: "Notifications"}, {Key: "notifications.list_all", Name: "List All Notifications", Description: "List all notifications", GroupName: "Notifications"}, {Key: "notifications.mark_read", Name: "Mark Notification Read", Description: "Mark a notification as read", GroupName: "Notifications"}, {Key: "notifications.mark_all_read", Name: "Mark All Read", Description: "Mark all notifications as read", GroupName: "Notifications"}, {Key: "notifications.mark_unread", Name: "Mark Notification Unread", Description: "Mark a notification as unread", GroupName: "Notifications"}, {Key: "notifications.mark_all_unread", Name: "Mark All Unread", Description: "Mark all notifications as unread", GroupName: "Notifications"}, {Key: "notifications.delete_mine", Name: "Delete My Notifications", Description: "Delete own notifications", GroupName: "Notifications"}, {Key: "notifications.count_unread", Name: "Count Unread", Description: "Count unread notifications", GroupName: "Notifications"}, {Key: "notifications.create", Name: "Create Notification", Description: "Create and send a notification", GroupName: "Notifications"}, {Key: "notifications.test_push", Name: "Test Push Notification", Description: "Send a test push notification", GroupName: "Notifications"}, {Key: "notifications.bulk_push", Name: "Bulk Push Notification", Description: "Send bulk push notifications", GroupName: "Notifications"}, {Key: "notifications.bulk_sms", Name: "Bulk SMS", Description: "Send bulk SMS notifications", GroupName: "Notifications"}, {Key: "notifications.send_email", Name: "Send Email", Description: "Send a single email", GroupName: "Notifications"}, {Key: "notifications.bulk_email", Name: "Bulk Email", Description: "Send bulk emails", GroupName: "Notifications"}, // Scheduled Notifications {Key: "notifications_scheduled.list", Name: "List Scheduled Notifications", Description: "List scheduled notifications", GroupName: "Scheduled Notifications"}, {Key: "notifications_scheduled.get", Name: "Get Scheduled Notification", Description: "Get scheduled notification by ID", GroupName: "Scheduled Notifications"}, {Key: "notifications_scheduled.cancel", Name: "Cancel Scheduled Notification", Description: "Cancel a scheduled notification", GroupName: "Scheduled Notifications"}, // Issues {Key: "issues.create", Name: "Create Issue", Description: "Report a new issue", GroupName: "Issues"}, {Key: "issues.list_mine", Name: "List My Issues", Description: "List own issues", GroupName: "Issues"}, {Key: "issues.list_by_user", Name: "List User Issues", Description: "List issues by user", GroupName: "Issues"}, {Key: "issues.list_all", Name: "List All Issues", Description: "List all issues", GroupName: "Issues"}, {Key: "issues.get", Name: "Get Issue", Description: "Get issue by ID", GroupName: "Issues"}, {Key: "issues.update_status", Name: "Update Issue Status", Description: "Update issue status", GroupName: "Issues"}, {Key: "issues.delete", Name: "Delete Issue", Description: "Delete an issue", GroupName: "Issues"}, // Devices {Key: "devices.register", Name: "Register Device", Description: "Register a device token", GroupName: "Devices"}, {Key: "devices.unregister", Name: "Unregister Device", Description: "Unregister a device token", GroupName: "Devices"}, // Settings {Key: "settings.list", Name: "List Settings", Description: "List all settings", GroupName: "Settings"}, {Key: "settings.get", Name: "Get Setting", Description: "Get setting by key", GroupName: "Settings"}, {Key: "settings.update", Name: "Update Settings", Description: "Update settings", GroupName: "Settings"}, // Analytics {Key: "analytics.dashboard", Name: "View Dashboard", Description: "View analytics dashboard", GroupName: "Analytics"}, // Vimeo {Key: "vimeo.videos.get", Name: "Get Vimeo Video", Description: "Get Vimeo video details", GroupName: "Vimeo"}, {Key: "vimeo.videos.embed", Name: "Get Embed Code", Description: "Get Vimeo embed code", GroupName: "Vimeo"}, {Key: "vimeo.videos.status", Name: "Get Transcode Status", Description: "Get Vimeo transcode status", GroupName: "Vimeo"}, {Key: "vimeo.videos.delete", Name: "Delete Vimeo Video", Description: "Delete a Vimeo video", GroupName: "Vimeo"}, {Key: "vimeo.uploads.pull", Name: "Create Pull Upload", Description: "Create Vimeo pull upload", GroupName: "Vimeo"}, {Key: "vimeo.uploads.tus", Name: "Create TUS Upload", Description: "Create Vimeo TUS upload", GroupName: "Vimeo"}, // Team {Key: "team.profile.get_mine", Name: "Get My Team Profile", Description: "Get own team profile", GroupName: "Team"}, {Key: "team.stats", Name: "Get Team Stats", Description: "Get team member statistics", GroupName: "Team"}, {Key: "team.members.list", Name: "List Team Members", Description: "List all team members", GroupName: "Team"}, {Key: "team.members.create", Name: "Create Team Member", Description: "Create a team member", GroupName: "Team"}, {Key: "team.members.get", Name: "Get Team Member", Description: "Get team member by ID", GroupName: "Team"}, {Key: "team.members.update", Name: "Update Team Member", Description: "Update a team member", GroupName: "Team"}, {Key: "team.members.update_status", Name: "Update Team Member Status", Description: "Update team member status", GroupName: "Team"}, {Key: "team.members.delete", Name: "Delete Team Member", Description: "Delete a team member", GroupName: "Team"}, {Key: "team.members.change_password", Name: "Change Team Password", Description: "Change team member password", GroupName: "Team"}, // Sub-course Prerequisites {Key: "subcourse_prerequisites.add", Name: "Add Prerequisite", Description: "Add sub-course prerequisite", GroupName: "Sub-course Prerequisites"}, {Key: "subcourse_prerequisites.list", Name: "List Prerequisites", Description: "List sub-course prerequisites", GroupName: "Sub-course Prerequisites"}, {Key: "subcourse_prerequisites.remove", Name: "Remove Prerequisite", Description: "Remove sub-course prerequisite", GroupName: "Sub-course Prerequisites"}, // Progress {Key: "progress.start", Name: "Start Sub-course", Description: "Start a sub-course", GroupName: "Progress"}, {Key: "progress.update", Name: "Update Progress", Description: "Update sub-course progress", GroupName: "Progress"}, {Key: "progress.complete", Name: "Complete Sub-course", Description: "Complete a sub-course", GroupName: "Progress"}, {Key: "progress.check_access", Name: "Check Access", Description: "Check sub-course access", GroupName: "Progress"}, {Key: "progress.get_course", Name: "Get Course Progress", Description: "Get user course progress", GroupName: "Progress"}, {Key: "progress.get_any_user", Name: "Get Any User Course Progress", Description: "Get course progress for any user (admin)", GroupName: "Progress"}, // Ratings {Key: "ratings.submit", Name: "Submit Rating", Description: "Submit a rating", GroupName: "Ratings"}, {Key: "ratings.list_by_target", Name: "List Ratings", Description: "List ratings by target", GroupName: "Ratings"}, {Key: "ratings.summary", Name: "Rating Summary", Description: "Get rating summary", GroupName: "Ratings"}, {Key: "ratings.get_mine", Name: "Get My Rating", Description: "Get own rating", GroupName: "Ratings"}, {Key: "ratings.list_mine", Name: "List My Ratings", Description: "List all own ratings", GroupName: "Ratings"}, {Key: "ratings.delete", Name: "Delete Rating", Description: "Delete a rating", GroupName: "Ratings"}, // Auth (protected endpoints only) {Key: "auth.logout", Name: "Logout", Description: "Log out user", GroupName: "Auth"}, // RBAC Management {Key: "rbac.roles.list", Name: "List Roles", Description: "List all roles", GroupName: "RBAC"}, {Key: "rbac.roles.get", Name: "Get Role", Description: "Get role by ID", GroupName: "RBAC"}, {Key: "rbac.roles.create", Name: "Create Role", Description: "Create a new role", GroupName: "RBAC"}, {Key: "rbac.roles.update", Name: "Update Role", Description: "Update a role", GroupName: "RBAC"}, {Key: "rbac.roles.delete", Name: "Delete Role", Description: "Delete a role", GroupName: "RBAC"}, {Key: "rbac.roles.set_permissions", Name: "Set Role Permissions", Description: "Set permissions for a role", GroupName: "RBAC"}, {Key: "rbac.roles.get_permissions", Name: "Get Role Permissions", Description: "Get permissions for a role", GroupName: "RBAC"}, {Key: "rbac.permissions.list", Name: "List Permissions", Description: "List all permissions", GroupName: "RBAC"}, {Key: "rbac.permissions.groups", Name: "List Permission Groups", Description: "List permission groups", GroupName: "RBAC"}, {Key: "rbac.permissions.sync", Name: "Sync Permissions", Description: "Sync permissions from code", GroupName: "RBAC"}, } // DefaultRolePermissions maps each system role to the permission keys it should // have by default. This preserves the previous middleware behavior: // - ADMIN: everything that was previously OnlyAdminAndAbove + SuperAdminOnly + all authenticated routes // - STUDENT/INSTRUCTOR/SUPPORT: only self-service endpoints (profile, courses, progress, etc.) var DefaultRolePermissions = map[string][]string{ "ADMIN": { // Course Management (full access) "course_categories.create", "course_categories.list", "course_categories.get", "course_categories.update", "course_categories.delete", "course_categories.reorder", "courses.create", "courses.get", "courses.list_by_category", "courses.update", "courses.upload_thumbnail", "courses.delete", "courses.reorder", "subcourses.create", "subcourses.get", "subcourses.list_by_course", "subcourses.list_by_course_list", "subcourses.list_active", "subcourses.update", "subcourses.upload_thumbnail", "subcourses.deactivate", "subcourses.delete", "subcourses.reorder", "videos.create", "videos.create_vimeo", "videos.upload", "videos.import_vimeo", "videos.get", "videos.list_by_subcourse", "videos.list_published", "videos.publish", "videos.update", "videos.delete", "videos.reorder", "learning_tree.get", "practices.reorder", // Questions (full access) "questions.create", "questions.list", "questions.search", "questions.get", "questions.update", "questions.delete", "question_sets.create", "question_sets.list", "question_sets.list_by_owner", "question_sets.get", "question_sets.update", "question_sets.delete", "question_set_items.add", "question_set_items.list", "question_set_items.remove", "question_set_items.update_order", "question_set_personas.list", "question_set_personas.add", "question_set_personas.remove", // Subscriptions & Payments (full access) "subscription_plans.create", "subscription_plans.update", "subscription_plans.delete", "subscriptions.create", "subscriptions.checkout", "subscriptions.get_mine", "subscriptions.history", "subscriptions.status", "subscriptions.cancel", "subscriptions.set_auto_renew", "payments.initiate", "payments.verify", "payments.list_mine", "payments.get", "payments.cancel", "payments.direct_initiate", "payments.direct_verify_otp", // Users (full access) "users.list", "users.get", "users.update_self", "users.update_status", "users.delete", "users.delete_self", "users.cancel_delete_self", "users.purge_due_deletions", "users.deletion_requests.list", "users.search", "users.profile_completed", "users.upload_profile_picture", "users.admin_profile", "users.user_profile", // Admin management "admins.list", "admins.get", "admins.create", "admins.update", // Logs (previously OnlyAdminAndAbove) "logs.list", "activity_logs.list", "activity_logs.get", // Notifications (full access including bulk) "notifications.ws_connect", "notifications.list_mine", "notifications.list_all", "notifications.mark_read", "notifications.mark_all_read", "notifications.mark_unread", "notifications.mark_all_unread", "notifications.delete_mine", "notifications.count_unread", "notifications.create", "notifications.test_push", "notifications.bulk_push", "notifications.bulk_sms", "notifications.send_email", "notifications.bulk_email", "notifications_scheduled.list", "notifications_scheduled.get", "notifications_scheduled.cancel", // Issues (full access including admin views) "issues.create", "issues.list_mine", "issues.list_by_user", "issues.list_all", "issues.get", "issues.update_status", "issues.delete", // Devices "devices.register", "devices.unregister", // Settings (previously SuperAdminOnly, now accessible to ADMIN too) "settings.list", "settings.get", "settings.update", // Analytics (previously OnlyAdminAndAbove) "analytics.dashboard", // Vimeo "vimeo.videos.get", "vimeo.videos.embed", "vimeo.videos.status", "vimeo.videos.delete", "vimeo.uploads.pull", "vimeo.uploads.tus", // Team (full access) "team.profile.get_mine", "team.stats", "team.members.list", "team.members.create", "team.members.get", "team.members.update", "team.members.update_status", "team.members.delete", "team.members.change_password", // Sub-course Prerequisites "subcourse_prerequisites.add", "subcourse_prerequisites.list", "subcourse_prerequisites.remove", // Progress "progress.start", "progress.update", "progress.complete", "progress.check_access", "progress.get_course", "progress.get_any_user", // Ratings "ratings.submit", "ratings.list_by_target", "ratings.summary", "ratings.get_mine", "ratings.list_mine", "ratings.delete", // Auth "auth.logout", // RBAC management "rbac.roles.list", "rbac.roles.get", "rbac.roles.create", "rbac.roles.update", "rbac.roles.delete", "rbac.roles.set_permissions", "rbac.roles.get_permissions", "rbac.permissions.list", "rbac.permissions.groups", "rbac.permissions.sync", }, "STUDENT": { // Course browsing "course_categories.list", "course_categories.get", "courses.get", "courses.list_by_category", "subcourses.get", "subcourses.list_by_course", "subcourses.list_by_course_list", "subcourses.list_active", "videos.get", "videos.list_by_subcourse", "videos.list_published", "learning_tree.get", // Questions (read + attempt) "questions.list", "questions.search", "questions.get", "question_sets.list", "question_sets.list_by_owner", "question_sets.get", "question_set_items.list", "question_set_personas.list", // Subscriptions & Payments (own) "subscriptions.checkout", "subscriptions.get_mine", "subscriptions.history", "subscriptions.status", "subscriptions.cancel", "subscriptions.set_auto_renew", "payments.initiate", "payments.verify", "payments.list_mine", "payments.get", "payments.cancel", "payments.direct_initiate", "payments.direct_verify_otp", // User (self-service) "users.update_self", "users.delete_self", "users.cancel_delete_self", "users.profile_completed", "users.upload_profile_picture", "users.user_profile", // Notifications (own) "notifications.ws_connect", "notifications.list_mine", "notifications.list_all", "notifications.mark_read", "notifications.mark_all_read", "notifications.mark_unread", "notifications.mark_all_unread", "notifications.delete_mine", "notifications.count_unread", "notifications.test_push", // Issues (own) "issues.create", "issues.list_mine", // Devices "devices.register", "devices.unregister", // Progress "progress.start", "progress.update", "progress.complete", "progress.check_access", "progress.get_course", // Sub-course Prerequisites (read) "subcourse_prerequisites.list", // Ratings "ratings.submit", "ratings.list_by_target", "ratings.summary", "ratings.get_mine", "ratings.list_mine", "ratings.delete", // Auth "auth.logout", }, "INSTRUCTOR": { // Course browsing + management "course_categories.list", "course_categories.get", "courses.get", "courses.list_by_category", "subcourses.get", "subcourses.list_by_course", "subcourses.list_by_course_list", "subcourses.list_active", "videos.get", "videos.list_by_subcourse", "videos.list_published", "learning_tree.get", // Questions (full — instructors create content) "questions.create", "questions.list", "questions.search", "questions.get", "questions.update", "questions.delete", "question_sets.create", "question_sets.list", "question_sets.list_by_owner", "question_sets.get", "question_sets.update", "question_sets.delete", "question_set_items.add", "question_set_items.list", "question_set_items.remove", "question_set_items.update_order", "question_set_personas.list", "question_set_personas.add", "question_set_personas.remove", // Subscriptions & Payments (own) "subscriptions.checkout", "subscriptions.get_mine", "subscriptions.history", "subscriptions.status", "subscriptions.cancel", "subscriptions.set_auto_renew", "payments.initiate", "payments.verify", "payments.list_mine", "payments.get", "payments.cancel", "payments.direct_initiate", "payments.direct_verify_otp", // User (self-service) "users.update_self", "users.delete_self", "users.cancel_delete_self", "users.profile_completed", "users.upload_profile_picture", "users.user_profile", // Notifications (own) "notifications.ws_connect", "notifications.list_mine", "notifications.list_all", "notifications.mark_read", "notifications.mark_all_read", "notifications.mark_unread", "notifications.mark_all_unread", "notifications.delete_mine", "notifications.count_unread", "notifications.test_push", // Issues (own) "issues.create", "issues.list_mine", // Devices "devices.register", "devices.unregister", // Progress "progress.start", "progress.update", "progress.complete", "progress.check_access", "progress.get_course", // Sub-course Prerequisites "subcourse_prerequisites.list", // Ratings "ratings.submit", "ratings.list_by_target", "ratings.summary", "ratings.get_mine", "ratings.list_mine", "ratings.delete", // Auth "auth.logout", }, "SUPPORT": { // Course browsing (read-only) "course_categories.list", "course_categories.get", "courses.get", "courses.list_by_category", "subcourses.get", "subcourses.list_by_course", "subcourses.list_by_course_list", "subcourses.list_active", "videos.get", "videos.list_by_subcourse", "videos.list_published", "learning_tree.get", // Questions (read) "questions.list", "questions.search", "questions.get", "question_sets.list", "question_sets.list_by_owner", "question_sets.get", "question_set_items.list", "question_set_personas.list", // Users (view + search for support) "users.list", "users.get", "users.search", "users.update_self", "users.delete_self", "users.cancel_delete_self", "users.profile_completed", "users.upload_profile_picture", "users.user_profile", // Notifications (own) "notifications.ws_connect", "notifications.list_mine", "notifications.list_all", "notifications.mark_read", "notifications.mark_all_read", "notifications.mark_unread", "notifications.mark_all_unread", "notifications.delete_mine", "notifications.count_unread", "notifications.test_push", // Issues (own + view all for support) "issues.create", "issues.list_mine", "issues.list_by_user", "issues.list_all", "issues.get", "issues.update_status", // Devices "devices.register", "devices.unregister", // Progress (read) "progress.check_access", "progress.get_course", // Sub-course Prerequisites (read) "subcourse_prerequisites.list", // Ratings (read) "ratings.list_by_target", "ratings.summary", "ratings.get_mine", "ratings.list_mine", // Auth "auth.logout", }, }