NextEdu/src/shared/lib/permissions.ts

import { Permissions, type Permission } from "@/shared/types/permissions"

// Role → Permission mapping
// New roles only need to add an entry here + seed the DB
export const ROLE_PERMISSIONS: Record<string, Permission[]> = {
  admin: [
    Permissions.EXAM_CREATE,
    Permissions.EXAM_READ,
    Permissions.EXAM_UPDATE,
    Permissions.EXAM_DELETE,
    Permissions.EXAM_DUPLICATE,
    Permissions.EXAM_PUBLISH,
    Permissions.EXAM_AI_GENERATE,
    Permissions.HOMEWORK_CREATE,
    Permissions.HOMEWORK_GRADE,
    Permissions.QUESTION_CREATE,
    Permissions.QUESTION_READ,
    Permissions.QUESTION_UPDATE,
    Permissions.QUESTION_DELETE,
    Permissions.TEXTBOOK_CREATE,
    Permissions.TEXTBOOK_READ,
    Permissions.TEXTBOOK_UPDATE,
    Permissions.TEXTBOOK_DELETE,
    Permissions.CLASS_CREATE,
    Permissions.CLASS_READ,
    Permissions.CLASS_UPDATE,
    Permissions.CLASS_DELETE,
    Permissions.CLASS_ENROLL,
    Permissions.CLASS_SCHEDULE,
    Permissions.SCHOOL_MANAGE,
    Permissions.GRADE_MANAGE,
    Permissions.USER_MANAGE,
    Permissions.AI_CHAT,
    Permissions.AI_CONFIGURE,
    Permissions.SETTINGS_ADMIN,
  ],
  teacher: [
    Permissions.EXAM_CREATE,
    Permissions.EXAM_READ,
    Permissions.EXAM_UPDATE,
    Permissions.EXAM_DELETE,
    Permissions.EXAM_DUPLICATE,
    Permissions.EXAM_PUBLISH,
    Permissions.EXAM_AI_GENERATE,
    Permissions.HOMEWORK_CREATE,
    Permissions.HOMEWORK_GRADE,
    Permissions.QUESTION_CREATE,
    Permissions.QUESTION_READ,
    Permissions.QUESTION_UPDATE,
    Permissions.QUESTION_DELETE,
    Permissions.TEXTBOOK_CREATE,
    Permissions.TEXTBOOK_READ,
    Permissions.TEXTBOOK_UPDATE,
    Permissions.CLASS_READ,
    Permissions.CLASS_ENROLL,
    Permissions.CLASS_SCHEDULE,
    Permissions.AI_CHAT,
  ],
  student: [
    Permissions.EXAM_READ,
    Permissions.HOMEWORK_SUBMIT,
    Permissions.QUESTION_READ,
    Permissions.TEXTBOOK_READ,
    Permissions.CLASS_READ,
    Permissions.AI_CHAT,
  ],
  parent: [
    Permissions.EXAM_READ,
    Permissions.TEXTBOOK_READ,
    Permissions.CLASS_READ,
  ],
  grade_head: [
    Permissions.EXAM_CREATE,
    Permissions.EXAM_READ,
    Permissions.EXAM_UPDATE,
    Permissions.EXAM_DELETE,
    Permissions.EXAM_DUPLICATE,
    Permissions.EXAM_PUBLISH,
    Permissions.EXAM_AI_GENERATE,
    Permissions.HOMEWORK_CREATE,
    Permissions.HOMEWORK_GRADE,
    Permissions.QUESTION_CREATE,
    Permissions.QUESTION_READ,
    Permissions.QUESTION_UPDATE,
    Permissions.QUESTION_DELETE,
    Permissions.TEXTBOOK_CREATE,
    Permissions.TEXTBOOK_READ,
    Permissions.TEXTBOOK_UPDATE,
    Permissions.CLASS_CREATE,
    Permissions.CLASS_READ,
    Permissions.CLASS_UPDATE,
    Permissions.CLASS_ENROLL,
    Permissions.CLASS_SCHEDULE,
    Permissions.GRADE_MANAGE,
    Permissions.AI_CHAT,
  ],
  teaching_head: [
    Permissions.EXAM_CREATE,
    Permissions.EXAM_READ,
    Permissions.EXAM_UPDATE,
    Permissions.EXAM_DELETE,
    Permissions.EXAM_DUPLICATE,
    Permissions.EXAM_PUBLISH,
    Permissions.EXAM_AI_GENERATE,
    Permissions.HOMEWORK_CREATE,
    Permissions.HOMEWORK_GRADE,
    Permissions.QUESTION_CREATE,
    Permissions.QUESTION_READ,
    Permissions.QUESTION_UPDATE,
    Permissions.QUESTION_DELETE,
    Permissions.TEXTBOOK_CREATE,
    Permissions.TEXTBOOK_READ,
    Permissions.TEXTBOOK_UPDATE,
    Permissions.CLASS_READ,
    Permissions.GRADE_MANAGE,
    Permissions.AI_CHAT,
  ],
}

/**
 * Merge permissions from all roles (deduplicated)
 */
export function resolvePermissions(roleNames: string[]): Permission[] {
  const set = new Set<Permission>()
  for (const name of roleNames) {
    const perms = ROLE_PERMISSIONS[name] ?? []
    for (const p of perms) set.add(p)
  }
  return Array.from(set)
}