Tag permissions need domain-specific checks #18
Description
Issue: Tag permissions need domain-specific checks
🚨 Problem
The current Tag card uses a single permission check, but tags have different domains with specific permissions:
📋 Correct Tag Domain Permissions
| Domain | Required Permission |
|---|---|
| Person-Tags | churchdb.edit masterdata |
| Group-Tags | churchgroup.edit masterdata |
| Song-Tags | churchservice.edit masterdata |
| Appointment-Tags | churchcal.admin appointment tags |
🔧 Current Implementation (Incorrect)
{
"tags": {
"module": "churchdb",
"permission": "view tags" // ❌ Too simplistic
}
}🎯 Required Solution
The Tag card should check if user has at least one of the domain-specific permissions:
const canSeeTags =
permissions.churchdb?.['edit masterdata'] ||
permissions.churchgroup?.['edit masterdata'] ||
permissions.churchservice?.['edit masterdata'] ||
permissions.churchcal?.['admin appointment tags']📁 Files to Modify
src/config/permissions.json- Update tag permission logicsrc/services/permissions.ts- Add multi-permission check supportsrc/components/tags/TagsCard.vue- Possibly filter tags by domain permissions
Priority: Medium
Complexity: Medium
Related: Issue #12 (Permission-based card visibility)