450 lines
31 KiB
Go
450 lines
31 KiB
Go
package rbac
|
|
|
|
import "Yimaru-Backend/internal/domain"
|
|
|
|
var AllPermissions = []domain.PermissionSeed{
|
|
// Course Management - Categories
|
|
{Key: "course_categories.create", Name: "Create Course Category", Description: "Create a new course category", GroupName: "Course Categories"},
|
|
{Key: "course_categories.list", Name: "List Course Categories", Description: "List all course categories", GroupName: "Course Categories"},
|
|
{Key: "course_categories.get", Name: "Get Course Category", Description: "Get a course category by ID", GroupName: "Course Categories"},
|
|
{Key: "course_categories.update", Name: "Update Course Category", Description: "Update a course category", GroupName: "Course Categories"},
|
|
{Key: "course_categories.delete", Name: "Delete Course Category", Description: "Delete a course category", GroupName: "Course Categories"},
|
|
{Key: "course_categories.reorder", Name: "Reorder Course Categories", Description: "Reorder course categories", GroupName: "Course Categories"},
|
|
|
|
// Course Management - Courses
|
|
{Key: "courses.create", Name: "Create Course", Description: "Create a new course", GroupName: "Courses"},
|
|
{Key: "courses.get", Name: "Get Course", Description: "Get a course by ID", GroupName: "Courses"},
|
|
{Key: "courses.list_by_category", Name: "List Courses by Category", Description: "List courses by category", GroupName: "Courses"},
|
|
{Key: "courses.update", Name: "Update Course", Description: "Update a course", GroupName: "Courses"},
|
|
{Key: "courses.upload_thumbnail", Name: "Upload Course Thumbnail", Description: "Upload course thumbnail image", GroupName: "Courses"},
|
|
{Key: "courses.delete", Name: "Delete Course", Description: "Delete a course", GroupName: "Courses"},
|
|
{Key: "courses.reorder", Name: "Reorder Courses", Description: "Reorder courses", GroupName: "Courses"},
|
|
|
|
// Course Management - Sub-courses
|
|
{Key: "subcourses.create", Name: "Create Sub-course", Description: "Create a new sub-course", GroupName: "Sub-courses"},
|
|
{Key: "subcourses.get", Name: "Get Sub-course", Description: "Get a sub-course by ID", GroupName: "Sub-courses"},
|
|
{Key: "subcourses.list_by_course", Name: "List Sub-courses by Course", Description: "List sub-courses by course", GroupName: "Sub-courses"},
|
|
{Key: "subcourses.list_by_course_list", Name: "List Sub-courses by Course (list)", Description: "List sub-courses by course (list view)", GroupName: "Sub-courses"},
|
|
{Key: "subcourses.list_active", Name: "List Active Sub-courses", Description: "List active sub-courses", GroupName: "Sub-courses"},
|
|
{Key: "subcourses.update", Name: "Update Sub-course", Description: "Update a sub-course", GroupName: "Sub-courses"},
|
|
{Key: "subcourses.upload_thumbnail", Name: "Upload Sub-course Thumbnail", Description: "Upload sub-course thumbnail", GroupName: "Sub-courses"},
|
|
{Key: "subcourses.deactivate", Name: "Deactivate Sub-course", Description: "Deactivate a sub-course", GroupName: "Sub-courses"},
|
|
{Key: "subcourses.delete", Name: "Delete Sub-course", Description: "Delete a sub-course", GroupName: "Sub-courses"},
|
|
{Key: "subcourses.reorder", Name: "Reorder Sub-courses", Description: "Reorder sub-courses", GroupName: "Sub-courses"},
|
|
|
|
// Course Management - Videos
|
|
{Key: "videos.create", Name: "Create Video", Description: "Create a sub-course video", GroupName: "Videos"},
|
|
{Key: "videos.create_vimeo", Name: "Create Vimeo Video", Description: "Create a video with Vimeo", GroupName: "Videos"},
|
|
{Key: "videos.upload", Name: "Upload Video", Description: "Upload a video file", GroupName: "Videos"},
|
|
{Key: "videos.import_vimeo", Name: "Import Vimeo Video", Description: "Import video from Vimeo ID", GroupName: "Videos"},
|
|
{Key: "videos.get", Name: "Get Video", Description: "Get video by ID", GroupName: "Videos"},
|
|
{Key: "videos.list_by_subcourse", Name: "List Videos by Sub-course", Description: "List videos by sub-course", GroupName: "Videos"},
|
|
{Key: "videos.list_published", Name: "List Published Videos", Description: "List published videos by sub-course", GroupName: "Videos"},
|
|
{Key: "videos.publish", Name: "Publish Video", Description: "Publish a video", GroupName: "Videos"},
|
|
{Key: "videos.update", Name: "Update Video", Description: "Update a video", GroupName: "Videos"},
|
|
{Key: "videos.delete", Name: "Delete Video", Description: "Delete a video", GroupName: "Videos"},
|
|
{Key: "videos.reorder", Name: "Reorder Videos", Description: "Reorder videos", GroupName: "Videos"},
|
|
|
|
// Learning Tree
|
|
{Key: "learning_tree.get", Name: "Get Learning Tree", Description: "Get full learning tree", GroupName: "Learning Tree"},
|
|
{Key: "practices.reorder", Name: "Reorder Practices", Description: "Reorder practices", GroupName: "Learning Tree"},
|
|
|
|
// Questions
|
|
{Key: "questions.create", Name: "Create Question", Description: "Create a new question", GroupName: "Questions"},
|
|
{Key: "questions.list", Name: "List Questions", Description: "List all questions", GroupName: "Questions"},
|
|
{Key: "questions.search", Name: "Search Questions", Description: "Search questions", GroupName: "Questions"},
|
|
{Key: "questions.get", Name: "Get Question", Description: "Get question by ID", GroupName: "Questions"},
|
|
{Key: "questions.update", Name: "Update Question", Description: "Update a question", GroupName: "Questions"},
|
|
{Key: "questions.delete", Name: "Delete Question", Description: "Delete a question", GroupName: "Questions"},
|
|
|
|
// Question Sets
|
|
{Key: "question_sets.create", Name: "Create Question Set", Description: "Create a question set", GroupName: "Question Sets"},
|
|
{Key: "question_sets.list", Name: "List Question Sets", Description: "List question sets by type", GroupName: "Question Sets"},
|
|
{Key: "question_sets.list_by_owner", Name: "List Question Sets by Owner", Description: "List question sets by owner", GroupName: "Question Sets"},
|
|
{Key: "question_sets.get", Name: "Get Question Set", Description: "Get question set by ID", GroupName: "Question Sets"},
|
|
{Key: "question_sets.update", Name: "Update Question Set", Description: "Update a question set", GroupName: "Question Sets"},
|
|
{Key: "question_sets.delete", Name: "Delete Question Set", Description: "Delete a question set", GroupName: "Question Sets"},
|
|
|
|
// Question Set Items
|
|
{Key: "question_set_items.add", Name: "Add Question to Set", Description: "Add a question to a set", GroupName: "Question Set Items"},
|
|
{Key: "question_set_items.list", Name: "List Questions in Set", Description: "List questions in a set", GroupName: "Question Set Items"},
|
|
{Key: "question_set_items.remove", Name: "Remove Question from Set", Description: "Remove a question from a set", GroupName: "Question Set Items"},
|
|
{Key: "question_set_items.update_order", Name: "Update Question Order", Description: "Update question order in set", GroupName: "Question Set Items"},
|
|
|
|
// Question Set Personas
|
|
{Key: "question_set_personas.list", Name: "List Personas", Description: "List personas in a question set", GroupName: "Question Set Personas"},
|
|
{Key: "question_set_personas.add", Name: "Add Persona", Description: "Add persona to question set", GroupName: "Question Set Personas"},
|
|
{Key: "question_set_personas.remove", Name: "Remove Persona", Description: "Remove persona from question set", GroupName: "Question Set Personas"},
|
|
|
|
// Subscription Plans
|
|
{Key: "subscription_plans.create", Name: "Create Subscription Plan", Description: "Create a subscription plan", GroupName: "Subscription Plans"},
|
|
{Key: "subscription_plans.update", Name: "Update Subscription Plan", Description: "Update a subscription plan", GroupName: "Subscription Plans"},
|
|
{Key: "subscription_plans.delete", Name: "Delete Subscription Plan", Description: "Delete a subscription plan", GroupName: "Subscription Plans"},
|
|
|
|
// Subscriptions
|
|
{Key: "subscriptions.create", Name: "Create Subscription", Description: "Create subscription (admin)", GroupName: "Subscriptions"},
|
|
{Key: "subscriptions.checkout", Name: "Checkout Subscription", Description: "Initiate subscription payment", GroupName: "Subscriptions"},
|
|
{Key: "subscriptions.get_mine", Name: "Get My Subscription", Description: "Get own subscription", GroupName: "Subscriptions"},
|
|
{Key: "subscriptions.history", Name: "Subscription History", Description: "Get subscription history", GroupName: "Subscriptions"},
|
|
{Key: "subscriptions.status", Name: "Check Subscription Status", Description: "Check subscription status", GroupName: "Subscriptions"},
|
|
{Key: "subscriptions.cancel", Name: "Cancel Subscription", Description: "Cancel a subscription", GroupName: "Subscriptions"},
|
|
{Key: "subscriptions.set_auto_renew", Name: "Set Auto Renew", Description: "Set auto-renew on subscription", GroupName: "Subscriptions"},
|
|
|
|
// Payments
|
|
{Key: "payments.initiate", Name: "Initiate Payment", Description: "Initiate subscription payment", GroupName: "Payments"},
|
|
{Key: "payments.verify", Name: "Verify Payment", Description: "Verify a payment", GroupName: "Payments"},
|
|
{Key: "payments.list_mine", Name: "List My Payments", Description: "List own payments", GroupName: "Payments"},
|
|
{Key: "payments.get", Name: "Get Payment", Description: "Get payment by ID", GroupName: "Payments"},
|
|
{Key: "payments.cancel", Name: "Cancel Payment", Description: "Cancel a payment", GroupName: "Payments"},
|
|
{Key: "payments.direct_initiate", Name: "Initiate Direct Payment", Description: "Initiate direct payment", GroupName: "Payments"},
|
|
{Key: "payments.direct_verify_otp", Name: "Verify Direct Payment OTP", Description: "Verify OTP for direct payment", GroupName: "Payments"},
|
|
|
|
// Users
|
|
{Key: "users.list", Name: "List Users", Description: "List all users", GroupName: "Users"},
|
|
{Key: "users.get", Name: "Get User", Description: "Get user by ID", GroupName: "Users"},
|
|
{Key: "users.update_self", Name: "Update Own Profile", Description: "Update own user profile", GroupName: "Users"},
|
|
{Key: "users.update_status", Name: "Update User Status", Description: "Activate/deactivate users", GroupName: "Users"},
|
|
{Key: "users.delete", Name: "Delete User", Description: "Delete a user", GroupName: "Users"},
|
|
{Key: "users.delete_self", Name: "Request Own Account Deletion", Description: "Request own account deletion with grace period", GroupName: "Users"},
|
|
{Key: "users.cancel_delete_self", Name: "Cancel Own Account Deletion", Description: "Cancel own pending account deletion request", GroupName: "Users"},
|
|
{Key: "users.purge_due_deletions", Name: "Purge Due Account Deletions", Description: "Purge users whose deletion grace period has elapsed", GroupName: "Users"},
|
|
{Key: "users.deletion_requests.list", Name: "List Account Deletion Requests", Description: "List account deletion requests for admin tracking", GroupName: "Users"},
|
|
{Key: "users.search", Name: "Search Users", Description: "Search users by name or phone", GroupName: "Users"},
|
|
{Key: "users.profile_completed", Name: "Check Profile Completed", Description: "Check if user profile is completed", GroupName: "Users"},
|
|
{Key: "users.upload_profile_picture", Name: "Upload Profile Picture", Description: "Upload user profile picture", GroupName: "Users"},
|
|
{Key: "users.admin_profile", Name: "View Admin Profile", Description: "View admin profile", GroupName: "Users"},
|
|
{Key: "users.user_profile", Name: "View User Profile", Description: "View user profile", GroupName: "Users"},
|
|
|
|
// Admins
|
|
{Key: "admins.list", Name: "List Admins", Description: "List all admin users", GroupName: "Admins"},
|
|
{Key: "admins.get", Name: "Get Admin", Description: "Get admin by ID", GroupName: "Admins"},
|
|
{Key: "admins.create", Name: "Create Admin", Description: "Create a new admin", GroupName: "Admins"},
|
|
{Key: "admins.update", Name: "Update Admin", Description: "Update an admin", GroupName: "Admins"},
|
|
|
|
// Logs
|
|
{Key: "logs.list", Name: "List Logs", Description: "List system logs", GroupName: "Logs"},
|
|
{Key: "activity_logs.list", Name: "List Activity Logs", Description: "List activity logs", GroupName: "Logs"},
|
|
{Key: "activity_logs.get", Name: "Get Activity Log", Description: "Get activity log by ID", GroupName: "Logs"},
|
|
|
|
// Notifications
|
|
{Key: "notifications.ws_connect", Name: "WebSocket Connect", Description: "Connect to WebSocket notifications", GroupName: "Notifications"},
|
|
{Key: "notifications.list_mine", Name: "List My Notifications", Description: "List own notifications", GroupName: "Notifications"},
|
|
{Key: "notifications.list_all", Name: "List All Notifications", Description: "List all notifications", GroupName: "Notifications"},
|
|
{Key: "notifications.mark_read", Name: "Mark Notification Read", Description: "Mark a notification as read", GroupName: "Notifications"},
|
|
{Key: "notifications.mark_all_read", Name: "Mark All Read", Description: "Mark all notifications as read", GroupName: "Notifications"},
|
|
{Key: "notifications.mark_unread", Name: "Mark Notification Unread", Description: "Mark a notification as unread", GroupName: "Notifications"},
|
|
{Key: "notifications.mark_all_unread", Name: "Mark All Unread", Description: "Mark all notifications as unread", GroupName: "Notifications"},
|
|
{Key: "notifications.delete_mine", Name: "Delete My Notifications", Description: "Delete own notifications", GroupName: "Notifications"},
|
|
{Key: "notifications.count_unread", Name: "Count Unread", Description: "Count unread notifications", GroupName: "Notifications"},
|
|
{Key: "notifications.create", Name: "Create Notification", Description: "Create and send a notification", GroupName: "Notifications"},
|
|
{Key: "notifications.test_push", Name: "Test Push Notification", Description: "Send a test push notification", GroupName: "Notifications"},
|
|
{Key: "notifications.bulk_push", Name: "Bulk Push Notification", Description: "Send bulk push notifications", GroupName: "Notifications"},
|
|
{Key: "notifications.bulk_sms", Name: "Bulk SMS", Description: "Send bulk SMS notifications", GroupName: "Notifications"},
|
|
{Key: "notifications.send_email", Name: "Send Email", Description: "Send a single email", GroupName: "Notifications"},
|
|
{Key: "notifications.bulk_email", Name: "Bulk Email", Description: "Send bulk emails", GroupName: "Notifications"},
|
|
|
|
// Scheduled Notifications
|
|
{Key: "notifications_scheduled.list", Name: "List Scheduled Notifications", Description: "List scheduled notifications", GroupName: "Scheduled Notifications"},
|
|
{Key: "notifications_scheduled.get", Name: "Get Scheduled Notification", Description: "Get scheduled notification by ID", GroupName: "Scheduled Notifications"},
|
|
{Key: "notifications_scheduled.cancel", Name: "Cancel Scheduled Notification", Description: "Cancel a scheduled notification", GroupName: "Scheduled Notifications"},
|
|
|
|
// Issues
|
|
{Key: "issues.create", Name: "Create Issue", Description: "Report a new issue", GroupName: "Issues"},
|
|
{Key: "issues.list_mine", Name: "List My Issues", Description: "List own issues", GroupName: "Issues"},
|
|
{Key: "issues.list_by_user", Name: "List User Issues", Description: "List issues by user", GroupName: "Issues"},
|
|
{Key: "issues.list_all", Name: "List All Issues", Description: "List all issues", GroupName: "Issues"},
|
|
{Key: "issues.get", Name: "Get Issue", Description: "Get issue by ID", GroupName: "Issues"},
|
|
{Key: "issues.update_status", Name: "Update Issue Status", Description: "Update issue status", GroupName: "Issues"},
|
|
{Key: "issues.delete", Name: "Delete Issue", Description: "Delete an issue", GroupName: "Issues"},
|
|
|
|
// Devices
|
|
{Key: "devices.register", Name: "Register Device", Description: "Register a device token", GroupName: "Devices"},
|
|
{Key: "devices.unregister", Name: "Unregister Device", Description: "Unregister a device token", GroupName: "Devices"},
|
|
|
|
// Settings
|
|
{Key: "settings.list", Name: "List Settings", Description: "List all settings", GroupName: "Settings"},
|
|
{Key: "settings.get", Name: "Get Setting", Description: "Get setting by key", GroupName: "Settings"},
|
|
{Key: "settings.update", Name: "Update Settings", Description: "Update settings", GroupName: "Settings"},
|
|
|
|
// Analytics
|
|
{Key: "analytics.dashboard", Name: "View Dashboard", Description: "View analytics dashboard", GroupName: "Analytics"},
|
|
|
|
// Vimeo
|
|
{Key: "vimeo.videos.get", Name: "Get Vimeo Video", Description: "Get Vimeo video details", GroupName: "Vimeo"},
|
|
{Key: "vimeo.videos.embed", Name: "Get Embed Code", Description: "Get Vimeo embed code", GroupName: "Vimeo"},
|
|
{Key: "vimeo.videos.status", Name: "Get Transcode Status", Description: "Get Vimeo transcode status", GroupName: "Vimeo"},
|
|
{Key: "vimeo.videos.delete", Name: "Delete Vimeo Video", Description: "Delete a Vimeo video", GroupName: "Vimeo"},
|
|
{Key: "vimeo.uploads.pull", Name: "Create Pull Upload", Description: "Create Vimeo pull upload", GroupName: "Vimeo"},
|
|
{Key: "vimeo.uploads.tus", Name: "Create TUS Upload", Description: "Create Vimeo TUS upload", GroupName: "Vimeo"},
|
|
|
|
// Team
|
|
{Key: "team.profile.get_mine", Name: "Get My Team Profile", Description: "Get own team profile", GroupName: "Team"},
|
|
{Key: "team.stats", Name: "Get Team Stats", Description: "Get team member statistics", GroupName: "Team"},
|
|
{Key: "team.members.list", Name: "List Team Members", Description: "List all team members", GroupName: "Team"},
|
|
{Key: "team.members.create", Name: "Create Team Member", Description: "Create a team member", GroupName: "Team"},
|
|
{Key: "team.members.get", Name: "Get Team Member", Description: "Get team member by ID", GroupName: "Team"},
|
|
{Key: "team.members.update", Name: "Update Team Member", Description: "Update a team member", GroupName: "Team"},
|
|
{Key: "team.members.update_status", Name: "Update Team Member Status", Description: "Update team member status", GroupName: "Team"},
|
|
{Key: "team.members.delete", Name: "Delete Team Member", Description: "Delete a team member", GroupName: "Team"},
|
|
{Key: "team.members.change_password", Name: "Change Team Password", Description: "Change team member password", GroupName: "Team"},
|
|
|
|
// Sub-course Prerequisites
|
|
{Key: "subcourse_prerequisites.add", Name: "Add Prerequisite", Description: "Add sub-course prerequisite", GroupName: "Sub-course Prerequisites"},
|
|
{Key: "subcourse_prerequisites.list", Name: "List Prerequisites", Description: "List sub-course prerequisites", GroupName: "Sub-course Prerequisites"},
|
|
{Key: "subcourse_prerequisites.remove", Name: "Remove Prerequisite", Description: "Remove sub-course prerequisite", GroupName: "Sub-course Prerequisites"},
|
|
|
|
// Progress
|
|
{Key: "progress.start", Name: "Start Sub-course", Description: "Start a sub-course", GroupName: "Progress"},
|
|
{Key: "progress.update", Name: "Update Progress", Description: "Update sub-course progress", GroupName: "Progress"},
|
|
{Key: "progress.complete", Name: "Complete Sub-course", Description: "Complete a sub-course", GroupName: "Progress"},
|
|
{Key: "progress.check_access", Name: "Check Access", Description: "Check sub-course access", GroupName: "Progress"},
|
|
{Key: "progress.get_course", Name: "Get Course Progress", Description: "Get user course progress", GroupName: "Progress"},
|
|
{Key: "progress.get_any_user", Name: "Get Any User Course Progress", Description: "Get course progress for any user (admin)", GroupName: "Progress"},
|
|
|
|
// Ratings
|
|
{Key: "ratings.submit", Name: "Submit Rating", Description: "Submit a rating", GroupName: "Ratings"},
|
|
{Key: "ratings.list_by_target", Name: "List Ratings", Description: "List ratings by target", GroupName: "Ratings"},
|
|
{Key: "ratings.summary", Name: "Rating Summary", Description: "Get rating summary", GroupName: "Ratings"},
|
|
{Key: "ratings.get_mine", Name: "Get My Rating", Description: "Get own rating", GroupName: "Ratings"},
|
|
{Key: "ratings.list_mine", Name: "List My Ratings", Description: "List all own ratings", GroupName: "Ratings"},
|
|
{Key: "ratings.delete", Name: "Delete Rating", Description: "Delete a rating", GroupName: "Ratings"},
|
|
|
|
// Auth (protected endpoints only)
|
|
{Key: "auth.logout", Name: "Logout", Description: "Log out user", GroupName: "Auth"},
|
|
|
|
// RBAC Management
|
|
{Key: "rbac.roles.list", Name: "List Roles", Description: "List all roles", GroupName: "RBAC"},
|
|
{Key: "rbac.roles.get", Name: "Get Role", Description: "Get role by ID", GroupName: "RBAC"},
|
|
{Key: "rbac.roles.create", Name: "Create Role", Description: "Create a new role", GroupName: "RBAC"},
|
|
{Key: "rbac.roles.update", Name: "Update Role", Description: "Update a role", GroupName: "RBAC"},
|
|
{Key: "rbac.roles.delete", Name: "Delete Role", Description: "Delete a role", GroupName: "RBAC"},
|
|
{Key: "rbac.roles.set_permissions", Name: "Set Role Permissions", Description: "Set permissions for a role", GroupName: "RBAC"},
|
|
{Key: "rbac.roles.get_permissions", Name: "Get Role Permissions", Description: "Get permissions for a role", GroupName: "RBAC"},
|
|
{Key: "rbac.permissions.list", Name: "List Permissions", Description: "List all permissions", GroupName: "RBAC"},
|
|
{Key: "rbac.permissions.groups", Name: "List Permission Groups", Description: "List permission groups", GroupName: "RBAC"},
|
|
{Key: "rbac.permissions.sync", Name: "Sync Permissions", Description: "Sync permissions from code", GroupName: "RBAC"},
|
|
}
|
|
|
|
// DefaultRolePermissions maps each system role to the permission keys it should
|
|
// have by default. This preserves the previous middleware behavior:
|
|
// - ADMIN: everything that was previously OnlyAdminAndAbove + SuperAdminOnly + all authenticated routes
|
|
// - STUDENT/INSTRUCTOR/SUPPORT: only self-service endpoints (profile, courses, progress, etc.)
|
|
var DefaultRolePermissions = map[string][]string{
|
|
"ADMIN": {
|
|
// Course Management (full access)
|
|
"course_categories.create", "course_categories.list", "course_categories.get", "course_categories.update", "course_categories.delete", "course_categories.reorder",
|
|
"courses.create", "courses.get", "courses.list_by_category", "courses.update", "courses.upload_thumbnail", "courses.delete", "courses.reorder",
|
|
"subcourses.create", "subcourses.get", "subcourses.list_by_course", "subcourses.list_by_course_list", "subcourses.list_active",
|
|
"subcourses.update", "subcourses.upload_thumbnail", "subcourses.deactivate", "subcourses.delete", "subcourses.reorder",
|
|
"videos.create", "videos.create_vimeo", "videos.upload", "videos.import_vimeo", "videos.get",
|
|
"videos.list_by_subcourse", "videos.list_published", "videos.publish", "videos.update", "videos.delete", "videos.reorder",
|
|
"learning_tree.get", "practices.reorder",
|
|
|
|
// Questions (full access)
|
|
"questions.create", "questions.list", "questions.search", "questions.get", "questions.update", "questions.delete",
|
|
"question_sets.create", "question_sets.list", "question_sets.list_by_owner", "question_sets.get", "question_sets.update", "question_sets.delete",
|
|
"question_set_items.add", "question_set_items.list", "question_set_items.remove", "question_set_items.update_order",
|
|
"question_set_personas.list", "question_set_personas.add", "question_set_personas.remove",
|
|
|
|
// Subscriptions & Payments (full access)
|
|
"subscription_plans.create", "subscription_plans.update", "subscription_plans.delete",
|
|
"subscriptions.create", "subscriptions.checkout", "subscriptions.get_mine", "subscriptions.history",
|
|
"subscriptions.status", "subscriptions.cancel", "subscriptions.set_auto_renew",
|
|
"payments.initiate", "payments.verify", "payments.list_mine", "payments.get", "payments.cancel",
|
|
"payments.direct_initiate", "payments.direct_verify_otp",
|
|
|
|
// Users (full access)
|
|
"users.list", "users.get", "users.update_self", "users.update_status", "users.delete", "users.delete_self", "users.cancel_delete_self", "users.purge_due_deletions", "users.deletion_requests.list", "users.search",
|
|
"users.profile_completed", "users.upload_profile_picture", "users.admin_profile", "users.user_profile",
|
|
|
|
// Admin management
|
|
"admins.list", "admins.get", "admins.create", "admins.update",
|
|
|
|
// Logs (previously OnlyAdminAndAbove)
|
|
"logs.list", "activity_logs.list", "activity_logs.get",
|
|
|
|
// Notifications (full access including bulk)
|
|
"notifications.ws_connect", "notifications.list_mine", "notifications.list_all",
|
|
"notifications.mark_read", "notifications.mark_all_read", "notifications.mark_unread", "notifications.mark_all_unread",
|
|
"notifications.delete_mine", "notifications.count_unread", "notifications.create",
|
|
"notifications.test_push", "notifications.bulk_push", "notifications.bulk_sms", "notifications.send_email", "notifications.bulk_email",
|
|
"notifications_scheduled.list", "notifications_scheduled.get", "notifications_scheduled.cancel",
|
|
|
|
// Issues (full access including admin views)
|
|
"issues.create", "issues.list_mine", "issues.list_by_user", "issues.list_all", "issues.get", "issues.update_status", "issues.delete",
|
|
|
|
// Devices
|
|
"devices.register", "devices.unregister",
|
|
|
|
// Settings (previously SuperAdminOnly, now accessible to ADMIN too)
|
|
"settings.list", "settings.get", "settings.update",
|
|
|
|
// Analytics (previously OnlyAdminAndAbove)
|
|
"analytics.dashboard",
|
|
|
|
// Vimeo
|
|
"vimeo.videos.get", "vimeo.videos.embed", "vimeo.videos.status", "vimeo.videos.delete",
|
|
"vimeo.uploads.pull", "vimeo.uploads.tus",
|
|
|
|
// Team (full access)
|
|
"team.profile.get_mine", "team.stats", "team.members.list", "team.members.create",
|
|
"team.members.get", "team.members.update", "team.members.update_status", "team.members.delete", "team.members.change_password",
|
|
|
|
// Sub-course Prerequisites
|
|
"subcourse_prerequisites.add", "subcourse_prerequisites.list", "subcourse_prerequisites.remove",
|
|
|
|
// Progress
|
|
"progress.start", "progress.update", "progress.complete", "progress.check_access", "progress.get_course", "progress.get_any_user",
|
|
|
|
// Ratings
|
|
"ratings.submit", "ratings.list_by_target", "ratings.summary", "ratings.get_mine", "ratings.list_mine", "ratings.delete",
|
|
|
|
// Auth
|
|
"auth.logout",
|
|
|
|
// RBAC management
|
|
"rbac.roles.list", "rbac.roles.get", "rbac.roles.create", "rbac.roles.update", "rbac.roles.delete",
|
|
"rbac.roles.set_permissions", "rbac.roles.get_permissions",
|
|
"rbac.permissions.list", "rbac.permissions.groups", "rbac.permissions.sync",
|
|
},
|
|
|
|
"STUDENT": {
|
|
// Course browsing
|
|
"course_categories.list", "course_categories.get",
|
|
"courses.get", "courses.list_by_category",
|
|
"subcourses.get", "subcourses.list_by_course", "subcourses.list_by_course_list", "subcourses.list_active",
|
|
"videos.get", "videos.list_by_subcourse", "videos.list_published",
|
|
"learning_tree.get",
|
|
|
|
// Questions (read + attempt)
|
|
"questions.list", "questions.search", "questions.get",
|
|
"question_sets.list", "question_sets.list_by_owner", "question_sets.get",
|
|
"question_set_items.list",
|
|
"question_set_personas.list",
|
|
|
|
// Subscriptions & Payments (own)
|
|
"subscriptions.checkout", "subscriptions.get_mine", "subscriptions.history",
|
|
"subscriptions.status", "subscriptions.cancel", "subscriptions.set_auto_renew",
|
|
"payments.initiate", "payments.verify", "payments.list_mine", "payments.get", "payments.cancel",
|
|
"payments.direct_initiate", "payments.direct_verify_otp",
|
|
|
|
// User (self-service)
|
|
"users.update_self", "users.delete_self", "users.cancel_delete_self", "users.profile_completed", "users.upload_profile_picture", "users.user_profile",
|
|
|
|
// Notifications (own)
|
|
"notifications.ws_connect", "notifications.list_mine", "notifications.list_all",
|
|
"notifications.mark_read", "notifications.mark_all_read", "notifications.mark_unread", "notifications.mark_all_unread",
|
|
"notifications.delete_mine", "notifications.count_unread",
|
|
"notifications.test_push",
|
|
|
|
// Issues (own)
|
|
"issues.create", "issues.list_mine",
|
|
|
|
// Devices
|
|
"devices.register", "devices.unregister",
|
|
|
|
// Progress
|
|
"progress.start", "progress.update", "progress.complete", "progress.check_access", "progress.get_course",
|
|
|
|
// Sub-course Prerequisites (read)
|
|
"subcourse_prerequisites.list",
|
|
|
|
// Ratings
|
|
"ratings.submit", "ratings.list_by_target", "ratings.summary", "ratings.get_mine", "ratings.list_mine", "ratings.delete",
|
|
|
|
// Auth
|
|
"auth.logout",
|
|
},
|
|
|
|
"INSTRUCTOR": {
|
|
// Course browsing + management
|
|
"course_categories.list", "course_categories.get",
|
|
"courses.get", "courses.list_by_category",
|
|
"subcourses.get", "subcourses.list_by_course", "subcourses.list_by_course_list", "subcourses.list_active",
|
|
"videos.get", "videos.list_by_subcourse", "videos.list_published",
|
|
"learning_tree.get",
|
|
|
|
// Questions (full — instructors create content)
|
|
"questions.create", "questions.list", "questions.search", "questions.get", "questions.update", "questions.delete",
|
|
"question_sets.create", "question_sets.list", "question_sets.list_by_owner", "question_sets.get", "question_sets.update", "question_sets.delete",
|
|
"question_set_items.add", "question_set_items.list", "question_set_items.remove", "question_set_items.update_order",
|
|
"question_set_personas.list", "question_set_personas.add", "question_set_personas.remove",
|
|
|
|
// Subscriptions & Payments (own)
|
|
"subscriptions.checkout", "subscriptions.get_mine", "subscriptions.history",
|
|
"subscriptions.status", "subscriptions.cancel", "subscriptions.set_auto_renew",
|
|
"payments.initiate", "payments.verify", "payments.list_mine", "payments.get", "payments.cancel",
|
|
"payments.direct_initiate", "payments.direct_verify_otp",
|
|
|
|
// User (self-service)
|
|
"users.update_self", "users.delete_self", "users.cancel_delete_self", "users.profile_completed", "users.upload_profile_picture", "users.user_profile",
|
|
|
|
// Notifications (own)
|
|
"notifications.ws_connect", "notifications.list_mine", "notifications.list_all",
|
|
"notifications.mark_read", "notifications.mark_all_read", "notifications.mark_unread", "notifications.mark_all_unread",
|
|
"notifications.delete_mine", "notifications.count_unread",
|
|
"notifications.test_push",
|
|
|
|
// Issues (own)
|
|
"issues.create", "issues.list_mine",
|
|
|
|
// Devices
|
|
"devices.register", "devices.unregister",
|
|
|
|
// Progress
|
|
"progress.start", "progress.update", "progress.complete", "progress.check_access", "progress.get_course",
|
|
|
|
// Sub-course Prerequisites
|
|
"subcourse_prerequisites.list",
|
|
|
|
// Ratings
|
|
"ratings.submit", "ratings.list_by_target", "ratings.summary", "ratings.get_mine", "ratings.list_mine", "ratings.delete",
|
|
|
|
// Auth
|
|
"auth.logout",
|
|
},
|
|
|
|
"SUPPORT": {
|
|
// Course browsing (read-only)
|
|
"course_categories.list", "course_categories.get",
|
|
"courses.get", "courses.list_by_category",
|
|
"subcourses.get", "subcourses.list_by_course", "subcourses.list_by_course_list", "subcourses.list_active",
|
|
"videos.get", "videos.list_by_subcourse", "videos.list_published",
|
|
"learning_tree.get",
|
|
|
|
// Questions (read)
|
|
"questions.list", "questions.search", "questions.get",
|
|
"question_sets.list", "question_sets.list_by_owner", "question_sets.get",
|
|
"question_set_items.list",
|
|
"question_set_personas.list",
|
|
|
|
// Users (view + search for support)
|
|
"users.list", "users.get", "users.search", "users.update_self", "users.delete_self", "users.cancel_delete_self", "users.profile_completed",
|
|
"users.upload_profile_picture", "users.user_profile",
|
|
|
|
// Notifications (own)
|
|
"notifications.ws_connect", "notifications.list_mine", "notifications.list_all",
|
|
"notifications.mark_read", "notifications.mark_all_read", "notifications.mark_unread", "notifications.mark_all_unread",
|
|
"notifications.delete_mine", "notifications.count_unread",
|
|
"notifications.test_push",
|
|
|
|
// Issues (own + view all for support)
|
|
"issues.create", "issues.list_mine", "issues.list_by_user", "issues.list_all", "issues.get", "issues.update_status",
|
|
|
|
// Devices
|
|
"devices.register", "devices.unregister",
|
|
|
|
// Progress (read)
|
|
"progress.check_access", "progress.get_course",
|
|
|
|
// Sub-course Prerequisites (read)
|
|
"subcourse_prerequisites.list",
|
|
|
|
// Ratings (read)
|
|
"ratings.list_by_target", "ratings.summary", "ratings.get_mine", "ratings.list_mine",
|
|
|
|
// Auth
|
|
"auth.logout",
|
|
},
|
|
}
|