📌 Roles & Permissions Summary (📂 Tracking Issue)
This issue is for tracking the current state of roles and permissions across the platform, and to help visualize who can access what instead of referring directly to code.
If you want to propose a change in permissions or access, feel free to comment below — this is the central place for discussion and iteration.
🧩 Source of Truth
This setup is based on logic defined in these two files:
icpc-platform/src/lib/permissions/getUserTrainingPermissions.ts
icpc-platform/src/middlewares/training/index.ts
👤 Roles & Their Permissions
| Role |
Permissions |
Summary |
| Head |
View:standing, Edit:standing, View:material, Edit:material, Edit:contest, Edit:block, View:practice, Edit:practice, View:attendance, Edit:attendance, Edit:staff, View:trainee |
Has full control over all training operations and management. |
| Manager |
View:standing, Edit:standing, View:material, Edit:material, View:practice, Edit:practice, View:attendance, Edit:attendance, View:contest, Edit:contest, View:block, Edit:block, View:training, Edit:training, View:trainee |
Manages nearly all aspects of the training including structure and content (except staff edits). |
| Instructor |
View:material, Edit:material |
Responsible for managing training materials. |
| Mentor |
View:practice, Edit:practice |
Focuses on guiding trainees through practice problems. |
| Staff (default) |
View:standing, View:material, View:practice, View:attendance, Edit:attendance, View:trainee |
Can monitor most training components, edit attendance only. |
| Trainee |
View:trainee |
Can only view their own trainee-specific content. |
🛡️ Permissions Description
Permissions follow the format: Action:Target, where:
- Action =
View or Edit
- Target =
standing, material, block, training, practice, attendance, contest, staff, or trainee
🧭 Route Access Based on Permissions
Below is a simplified table from middleware/index.ts showing what permissions are required to access specific paths:
| Path Pattern |
Required Permissions |
/protected/trainings/:trainingId(/:tail*) |
View:trainee |
/protected/trainings/:trainingId/staff/materials |
View:material |
/protected/trainings/:trainingId/staff/materials/edit-materials/:materialId |
View:material, Edit:material |
/protected/trainings/:trainingId/staff/contests |
View:contest |
/protected/trainings/:trainingId/staff/contests/:contestId/edit-contest |
View:contest, Edit:contest |
/protected/trainings/:trainingId/staff/edit-blocks |
View:block, Edit:block |
/protected/trainings/:trainingId/staff/edit-blocks/:blockId |
View:block, Edit:block |
/protected/trainings/:trainingId/staff/edit-standing-view |
Edit:training |
/protected/trainings/:trainingId/staff/edit-training |
Edit:training |
/protected/trainings/:trainingId/staff/staff-management(/:tail*) |
Edit:staff |
🔧 Suggestions
To change or propose improvements to this permissions structure:
- Add a comment below with your suggested permission updates.
- Mention which role should gain or lose which permission.
- Mention any path or action you want to allow/block.
Let’s keep this issue up-to-date to ensure smooth collaboration!
✅ Maintainers: Please update this issue whenever new permissions are added or paths change in the system.
📌 Roles & Permissions Summary (📂 Tracking Issue)
This issue is for tracking the current state of roles and permissions across the platform, and to help visualize who can access what instead of referring directly to code.
If you want to propose a change in permissions or access, feel free to comment below — this is the central place for discussion and iteration.
🧩 Source of Truth
This setup is based on logic defined in these two files:
icpc-platform/src/lib/permissions/getUserTrainingPermissions.tsicpc-platform/src/middlewares/training/index.ts👤 Roles & Their Permissions
View:standing,Edit:standing,View:material,Edit:material,Edit:contest,Edit:block,View:practice,Edit:practice,View:attendance,Edit:attendance,Edit:staff,View:traineeView:standing,Edit:standing,View:material,Edit:material,View:practice,Edit:practice,View:attendance,Edit:attendance,View:contest,Edit:contest,View:block,Edit:block,View:training,Edit:training,View:traineeView:material,Edit:materialView:practice,Edit:practiceView:standing,View:material,View:practice,View:attendance,Edit:attendance,View:traineeView:trainee🛡️ Permissions Description
Permissions follow the format:
Action:Target, where:VieworEditstanding,material,block,training,practice,attendance,contest,staff, ortrainee🧭 Route Access Based on Permissions
Below is a simplified table from
middleware/index.tsshowing what permissions are required to access specific paths:/protected/trainings/:trainingId(/:tail*)View:trainee/protected/trainings/:trainingId/staff/materialsView:material/protected/trainings/:trainingId/staff/materials/edit-materials/:materialIdView:material,Edit:material/protected/trainings/:trainingId/staff/contestsView:contest/protected/trainings/:trainingId/staff/contests/:contestId/edit-contestView:contest,Edit:contest/protected/trainings/:trainingId/staff/edit-blocksView:block,Edit:block/protected/trainings/:trainingId/staff/edit-blocks/:blockIdView:block,Edit:block/protected/trainings/:trainingId/staff/edit-standing-viewEdit:training/protected/trainings/:trainingId/staff/edit-trainingEdit:training/protected/trainings/:trainingId/staff/staff-management(/:tail*)Edit:staff🔧 Suggestions
To change or propose improvements to this permissions structure:
Let’s keep this issue up-to-date to ensure smooth collaboration!
✅ Maintainers: Please update this issue whenever new permissions are added or paths change in the system.