Skip to content

📌 Roles & Permissions Summary (📂 Tracking Issue) #79

Description

@TryOmar

📌 Roles & Permissions Summary (📂 Tracking Issue)

This issue is for tracking the current state of roles and permissions across the platform, and to help visualize who can access what instead of referring directly to code.

If you want to propose a change in permissions or access, feel free to comment below — this is the central place for discussion and iteration.


🧩 Source of Truth

This setup is based on logic defined in these two files:

  • icpc-platform/src/lib/permissions/getUserTrainingPermissions.ts
  • icpc-platform/src/middlewares/training/index.ts

👤 Roles & Their Permissions

Role Permissions Summary
Head View:standing, Edit:standing, View:material, Edit:material, Edit:contest, Edit:block, View:practice, Edit:practice, View:attendance, Edit:attendance, Edit:staff, View:trainee Has full control over all training operations and management.
Manager View:standing, Edit:standing, View:material, Edit:material, View:practice, Edit:practice, View:attendance, Edit:attendance, View:contest, Edit:contest, View:block, Edit:block, View:training, Edit:training, View:trainee Manages nearly all aspects of the training including structure and content (except staff edits).
Instructor View:material, Edit:material Responsible for managing training materials.
Mentor View:practice, Edit:practice Focuses on guiding trainees through practice problems.
Staff (default) View:standing, View:material, View:practice, View:attendance, Edit:attendance, View:trainee Can monitor most training components, edit attendance only.
Trainee View:trainee Can only view their own trainee-specific content.

🛡️ Permissions Description

Permissions follow the format: Action:Target, where:

  • Action = View or Edit
  • Target = standing, material, block, training, practice, attendance, contest, staff, or trainee

🧭 Route Access Based on Permissions

Below is a simplified table from middleware/index.ts showing what permissions are required to access specific paths:

Path Pattern Required Permissions
/protected/trainings/:trainingId(/:tail*) View:trainee
/protected/trainings/:trainingId/staff/materials View:material
/protected/trainings/:trainingId/staff/materials/edit-materials/:materialId View:material, Edit:material
/protected/trainings/:trainingId/staff/contests View:contest
/protected/trainings/:trainingId/staff/contests/:contestId/edit-contest View:contest, Edit:contest
/protected/trainings/:trainingId/staff/edit-blocks View:block, Edit:block
/protected/trainings/:trainingId/staff/edit-blocks/:blockId View:block, Edit:block
/protected/trainings/:trainingId/staff/edit-standing-view Edit:training
/protected/trainings/:trainingId/staff/edit-training Edit:training
/protected/trainings/:trainingId/staff/staff-management(/:tail*) Edit:staff

🔧 Suggestions

To change or propose improvements to this permissions structure:

  • Add a comment below with your suggested permission updates.
  • Mention which role should gain or lose which permission.
  • Mention any path or action you want to allow/block.

Let’s keep this issue up-to-date to ensure smooth collaboration!


Maintainers: Please update this issue whenever new permissions are added or paths change in the system.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions