import { getSession } from '@/lib/auth' import { prisma } from '@/lib/db' import { queryJobPanelDb } from '@/lib/job-panel-db' import { getGameDbConfig, getGameDbPool } from '@/lib/game-db' import type { RowDataPacket } from 'mysql2' export interface PanelAccess { canAccess: boolean isSuperadmin: boolean isLeader: boolean isCoLeader: boolean isMember: boolean citizenId?: string jobGrade?: number permissions: Record panelId: string } /** * Check if a user has access to a job panel and get their permissions */ export async function checkPanelAccess(panelId: string): Promise { const session = await getSession() if (!session) { return null } // Get user from database const user = await prisma.user.findUnique({ where: { id: session.userId }, }) if (!user) { return null } const result: PanelAccess = { canAccess: false, isSuperadmin: session.role === 'SUPERADMIN', isLeader: false, isCoLeader: false, isMember: false, permissions: {}, panelId, } // Superadmins have full access if (result.isSuperadmin) { result.canAccess = true // Grant all permissions result.permissions = { view_data: true, edit_records: true, create_entries: true, delete_entries: true, manage_employees: true, manage_vehicles: true, access_storage: true, access_logs: true, manage_ranks: true, send_invoices: true, } return result } // Check if user is a panel leader/member const members = await queryJobPanelDb( 'SELECT * FROM job_panel_members WHERE panel_id = ? AND discord_id = ?', [panelId, session.discordId] ) if (members.length > 0) { const member = members[0] result.canAccess = true result.isLeader = member.role === 'LEADER' result.isCoLeader = member.role === 'CO_LEADER' result.isMember = member.role === 'MEMBER' // Leaders and co-leaders get full permissions if (result.isLeader || result.isCoLeader) { result.permissions = { view_data: true, edit_records: true, create_entries: true, delete_entries: true, manage_employees: result.isLeader, manage_vehicles: true, access_storage: true, access_logs: true, manage_ranks: result.isLeader, send_invoices: true, } } return result } // Check if user is a faction employee const panel = await queryJobPanelDb( 'SELECT job_name FROM job_panels WHERE id = ?', [panelId] ) if (panel.length === 0) { return null } const jobName = panel[0].job_name // Get player's job from game database const config = await getGameDbConfig() if (!config) return result const pool = await getGameDbPool() if (!pool) return result try { let playerJob: string | null = null let playerGrade: number | null = null let citizenId: string | null = null if (config.framework === 'QBCORE') { // Find player by discord (through identifier mapping) const [mapping] = await pool.query( `SELECT gameIdentifier FROM identifier_mappings WHERE discordId = ?`, [session.discordId] ) // Check all players with this job const [players] = await pool.query(` SELECT citizenid, JSON_UNQUOTE(JSON_EXTRACT(job, '$.name')) as jobName, CAST(JSON_UNQUOTE(JSON_EXTRACT(job, '$.grade.level')) AS UNSIGNED) as jobGrade FROM players WHERE JSON_UNQUOTE(JSON_EXTRACT(job, '$.name')) = ? `, [jobName]) // Try to match by discord ID in identifiers for (const player of players) { if (mapping.length > 0 && mapping[0].gameIdentifier === player.citizenid) { playerJob = player.jobName playerGrade = player.jobGrade citizenId = player.citizenid break } } } else { // ESX - check by discord identifier const [players] = await pool.query(` SELECT identifier, job, job_grade FROM users WHERE identifier = ? AND job = ? `, [`discord:${session.discordId}`, jobName]) if (players.length > 0) { playerJob = players[0].job playerGrade = players[0].job_grade citizenId = players[0].identifier } } if (playerJob === jobName && playerGrade !== null) { result.canAccess = true result.citizenId = citizenId! result.jobGrade = playerGrade // Get rank permissions const rankPerms = await queryJobPanelDb( 'SELECT permissions FROM job_panel_rank_permissions WHERE panel_id = ? AND rank_grade = ?', [panelId, playerGrade] ) if (rankPerms.length > 0 && rankPerms[0].permissions) { result.permissions = JSON.parse(rankPerms[0].permissions) } else { // Default permissions for faction members result.permissions = { view_data: true, edit_records: false, create_entries: false, delete_entries: false, manage_employees: false, manage_vehicles: false, access_storage: false, access_logs: false, manage_ranks: false, send_invoices: false, } } } } catch (error) { console.error('[PanelPermissions] Error checking player job:', error) } return result } /** * Check if a feature is enabled for a panel */ export async function isFeatureEnabled(panelId: string, featureKey: string): Promise { const features = await queryJobPanelDb( 'SELECT is_enabled FROM job_panel_features WHERE panel_id = ? AND feature_key = ?', [panelId, featureKey] ) if (features.length === 0) { return false } // Handle different possible values: 1, true, "1", "true" const isEnabled = features[0].is_enabled return isEnabled === 1 || isEnabled === true || isEnabled === '1' || isEnabled === 'true' } /** * Get all enabled features for a panel */ export async function getEnabledFeatures(panelId: string): Promise { const features = await queryJobPanelDb( 'SELECT feature_key, is_enabled FROM job_panel_features WHERE panel_id = ?', [panelId] ) // Filter enabled features handling different possible values return features .filter(f => f.is_enabled === 1 || f.is_enabled === true || f.is_enabled === '1' || f.is_enabled === 'true') .map(f => f.feature_key) } /** * Check if user has a specific permission */ export function hasPermission(access: PanelAccess, permission: string): boolean { if (access.isSuperadmin || access.isLeader) { return true } return access.permissions[permission] === true }