namespace BackOffice.BFF.Application.Common.Models; public static class RoleNames { // public const string SuperAdmin = "SuperAdmin"; public const string SuperAdmin = "Administrator"; public const string Admin = "Admin"; public const string Inspector = "Inspector"; } public static class PermissionNames { // Dashboard public const string DashboardView = "dashboard.view"; // Orders public const string OrdersView = "orders.view"; public const string OrdersCreate = "orders.create"; public const string OrdersUpdate = "orders.update"; public const string OrdersDelete = "orders.delete"; public const string OrdersCancel = "orders.cancel"; public const string OrdersApprove = "orders.approve"; // Products public const string ProductsView = "products.view"; public const string ProductsCreate = "products.create"; public const string ProductsUpdate = "products.update"; public const string ProductsDelete = "products.delete"; // Users public const string UsersView = "users.view"; public const string UsersUpdate = "users.update"; public const string UsersDelete = "users.delete"; // Commission / Withdrawal public const string CommissionView = "commission.view"; public const string CommissionApproveWithdrawal = "commission.approve_withdrawal"; // Public Messages public const string PublicMessagesView = "publicmessages.view"; public const string PublicMessagesCreate = "publicmessages.create"; public const string PublicMessagesUpdate = "publicmessages.update"; public const string PublicMessagesPublish = "publicmessages.publish"; // Manual Payments public const string ManualPaymentsView = "manualpayments.view"; public const string ManualPaymentsCreate = "manualpayments.create"; public const string ManualPaymentsApprove = "manualpayments.approve"; // Settings / Configuration / VAT public const string SettingsView = "settings.view"; public const string SettingsManageConfiguration = "settings.manage_configuration"; public const string SettingsManageVat = "settings.manage_vat"; // Reports public const string ReportsView = "reports.view"; } public static class RolePermissionConfig { private static readonly IReadOnlyDictionary RolePermissions = new Dictionary(StringComparer.OrdinalIgnoreCase) { // SuperAdmin: full access (wildcard) [RoleNames.SuperAdmin] = new[] { "*" }, // Admin: مدیریت سفارش‌ها، محصولات، بخشی از کمیسیون و پیام‌ها [RoleNames.Admin] = new[] { PermissionNames.DashboardView, PermissionNames.OrdersView, PermissionNames.OrdersCreate, PermissionNames.OrdersUpdate, PermissionNames.OrdersCancel, PermissionNames.ProductsView, PermissionNames.ProductsCreate, PermissionNames.ProductsUpdate, PermissionNames.ProductsDelete, PermissionNames.UsersView, PermissionNames.UsersUpdate, PermissionNames.CommissionView, PermissionNames.CommissionApproveWithdrawal, PermissionNames.PublicMessagesView, PermissionNames.PublicMessagesCreate, PermissionNames.PublicMessagesUpdate, PermissionNames.PublicMessagesPublish, PermissionNames.ManualPaymentsView, PermissionNames.ManualPaymentsCreate, PermissionNames.ReportsView }, // Inspector: فقط مشاهده [RoleNames.Inspector] = new[] { PermissionNames.DashboardView, PermissionNames.OrdersView, PermissionNames.UsersView, PermissionNames.CommissionView, PermissionNames.PublicMessagesView, PermissionNames.ReportsView } }; public static bool HasPermission(string role, string permission) { if (string.IsNullOrWhiteSpace(role) || string.IsNullOrWhiteSpace(permission)) { return false; } if (!RolePermissions.TryGetValue(role, out var permissions)) { return false; } if (permissions.Contains("*", StringComparer.OrdinalIgnoreCase)) { return true; } return permissions.Contains(permission, StringComparer.OrdinalIgnoreCase); } }