diff --git a/client/src/app/pages/archetypes/archetypes-page.tsx b/client/src/app/pages/archetypes/archetypes-page.tsx index 82eefd106b..1174837001 100644 --- a/client/src/app/pages/archetypes/archetypes-page.tsx +++ b/client/src/app/pages/archetypes/archetypes-page.tsx @@ -59,6 +59,13 @@ import { SimplePagination } from "@app/components/SimplePagination"; import { TablePersistenceKeyPrefix } from "@app/Constants"; import { useDeleteAssessmentMutation } from "@app/queries/assessments"; import { useDeleteReviewMutation } from "@app/queries/reviews"; +import { + assessmentWriteScopes, + reviewsWriteScopes, + archetypesWriteScopes, +} from "@app/rbac"; +import { checkAccess } from "@app/utils/rbac-utils"; +import keycloak from "@app/keycloak"; const Archetypes: React.FC = () => { const { t } = useTranslation(); @@ -272,6 +279,12 @@ const Archetypes: React.FC = () => { } }; + const token = keycloak.tokenParsed; + const userScopes: string[] = token?.scope.split(" ") || [], + archetypeWriteAccess = checkAccess(userScopes, archetypesWriteScopes), + assessmentWriteAccess = checkAccess(userScopes, assessmentWriteScopes), + reviewsWriteAccess = checkAccess(userScopes, reviewsWriteScopes); + return ( <> @@ -367,26 +380,44 @@ const Archetypes: React.FC = () => { - setArchetypeToDuplicate(archetype), - }, - { - title: t("actions.assess"), - onClick: () => - assessSelectedArchetype(archetype), - }, - { - title: t("actions.review"), - onClick: () => - reviewSelectedArchetype(archetype), - }, - { - title: t("actions.edit"), - onClick: () => setArchetypeToEdit(archetype), - }, - ...(archetype?.assessments?.length + ...(archetypeWriteAccess + ? [ + { + title: t("actions.duplicate"), + onClick: () => + setArchetypeToDuplicate(archetype), + }, + ] + : []), + ...(assessmentWriteAccess + ? [ + { + title: t("actions.assess"), + onClick: () => + assessSelectedArchetype(archetype), + }, + ] + : []), + ...(reviewsWriteAccess + ? [ + { + title: t("actions.review"), + onClick: () => + reviewSelectedArchetype(archetype), + }, + ] + : []), + ...(archetypeWriteAccess + ? [ + { + title: t("actions.edit"), + onClick: () => + setArchetypeToEdit(archetype), + }, + ] + : []), + ...(archetype?.assessments?.length && + assessmentWriteAccess ? [ { title: t("actions.discardAssessment"), @@ -395,7 +426,7 @@ const Archetypes: React.FC = () => { }, ] : []), - ...(archetype?.review + ...(archetype?.review && reviewsWriteAccess ? [ { title: t("actions.discardReview"), @@ -405,11 +436,16 @@ const Archetypes: React.FC = () => { ] : []), { isSeparator: true }, - { - title: t("actions.delete"), - onClick: () => setArchetypeToDelete(archetype), - isDanger: true, - }, + ...(archetypeWriteAccess + ? [ + { + title: t("actions.delete"), + onClick: () => + setArchetypeToDelete(archetype), + isDanger: true, + }, + ] + : []), ]} /> diff --git a/client/src/app/rbac.ts b/client/src/app/rbac.ts index aa4845c7d4..cf136ff19e 100644 --- a/client/src/app/rbac.ts +++ b/client/src/app/rbac.ts @@ -104,6 +104,12 @@ export const applicationsWriteScopes = [ "applications:delete", ]; +export const archetypesWriteScopes = [ + "archetypes:put", + "archetypes:post", + "archetypes:delete", +]; + export const analysisWriteScopes = [ "applications.analysis:put", "applications.analysis:post",