ebfcd60c71
Unassigned (no agency) non-admin users previously saw ALL campaigns due to a truthiness check that treated None agency_id as "no filter". This was a security bug — they should see NO campaigns and be blocked from creating them. Backend: Add _NO_AGENCY sentinel to distinguish "no filter" from "no agency", add early-returns at all 5 list/analytics endpoints, fix _check_campaign_access to explicitly reject unassigned users, and block campaign creation with 403. Frontend: Add isUnassigned boolean to UserContext, show informational empty state on Campaigns view, and reinforce readOnly for defense-in-depth. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
89 lines
3 KiB
TypeScript
89 lines
3 KiB
TypeScript
import React, { createContext, useContext, useState, useEffect } from 'react';
|
|
import apiService from '../services/apiService';
|
|
import type { UserRole, AppUser } from '../types';
|
|
|
|
interface UserContextValue {
|
|
user: AppUser | null;
|
|
isLoading: boolean;
|
|
/** Convenience booleans derived from user.role */
|
|
isSuperAdmin: boolean;
|
|
isOversightAdmin: boolean;
|
|
canWrite: boolean;
|
|
canSeeAnalytics: boolean;
|
|
canSeeAuditing: boolean;
|
|
canSeeKnowledgeBase: boolean;
|
|
canSeeSettings: boolean;
|
|
canSeeUserManagement: boolean;
|
|
canEditSettings: boolean;
|
|
/** True when the user exists but has no agency and is not an admin */
|
|
isUnassigned: boolean;
|
|
/** Re-fetch user from backend (e.g. after role change) */
|
|
refresh: () => Promise<void>;
|
|
}
|
|
|
|
const UserContext = createContext<UserContextValue>({
|
|
user: null,
|
|
isLoading: true,
|
|
isSuperAdmin: false,
|
|
isOversightAdmin: false,
|
|
canWrite: false,
|
|
canSeeAnalytics: false,
|
|
canSeeAuditing: false,
|
|
canSeeKnowledgeBase: false,
|
|
canSeeSettings: false,
|
|
canSeeUserManagement: false,
|
|
canEditSettings: false,
|
|
isUnassigned: false,
|
|
refresh: async () => {},
|
|
});
|
|
|
|
export const useUser = () => useContext(UserContext);
|
|
|
|
export const UserProvider: React.FC<{ children: React.ReactNode }> = ({ children }) => {
|
|
const [user, setUser] = useState<AppUser | null>(null);
|
|
const [isLoading, setIsLoading] = useState(true);
|
|
|
|
const fetchUser = async () => {
|
|
try {
|
|
const me = await apiService.getMe();
|
|
setUser({
|
|
id: me.id,
|
|
email: me.email,
|
|
name: me.name,
|
|
role: me.role as UserRole,
|
|
agencyId: me.agency_id,
|
|
agencyName: me.agency_name,
|
|
});
|
|
} catch (error) {
|
|
console.error('Failed to fetch current user:', error);
|
|
setUser(null);
|
|
} finally {
|
|
setIsLoading(false);
|
|
}
|
|
};
|
|
|
|
useEffect(() => {
|
|
fetchUser();
|
|
}, []);
|
|
|
|
const role = user?.role;
|
|
|
|
const value: UserContextValue = {
|
|
user,
|
|
isLoading,
|
|
isSuperAdmin: role === 'super_admin',
|
|
isOversightAdmin: role === 'oversight_admin',
|
|
canWrite: role === 'super_admin' || role === 'agency_admin' || role === 'basic_user',
|
|
canSeeAnalytics: role === 'super_admin' || role === 'oversight_admin' || role === 'agency_admin',
|
|
canSeeAuditing: role === 'super_admin' || role === 'oversight_admin',
|
|
canSeeKnowledgeBase: role === 'super_admin',
|
|
canSeeSettings: role === 'super_admin' || role === 'oversight_admin' || role === 'agency_admin',
|
|
canSeeUserManagement: role === 'super_admin',
|
|
canEditSettings: role === 'super_admin',
|
|
isUnassigned: user != null && user.agencyId == null
|
|
&& role !== 'super_admin' && role !== 'oversight_admin',
|
|
refresh: fetchUser,
|
|
};
|
|
|
|
return <UserContext.Provider value={value}>{children}</UserContext.Provider>;
|
|
};
|