type Action = 'view' | 'create' | 'edit' | 'delete' | 'approve' type Module = 'dashboard' | 'destinations' | 'trip-sources' | 'suppliers' | 'drivers' | 'inventory' | 'queries' | 'quotes' | 'bookings' | 'payments' | 'operations' | 'settings' | 'reports' | 'invoicing' | 'tasks' | 'reminders' | 'sic-tours' | 'calendar' const PERMISSIONS: Record> = { ADMIN: { dashboard: ['view'], destinations: ['view', 'create', 'edit', 'delete'], 'trip-sources': ['view', 'create', 'edit', 'delete'], suppliers: ['view', 'create', 'edit', 'delete'], drivers: ['view', 'create', 'edit', 'delete'], inventory: ['view', 'create', 'edit', 'delete'], queries: ['view', 'create', 'edit', 'delete'], quotes: ['view', 'create', 'edit', 'delete'], bookings: ['view', 'create', 'edit', 'delete'], payments: ['view', 'create', 'edit', 'approve'], operations: ['view', 'create', 'edit'], settings: ['view', 'create', 'edit', 'delete'], reports: ['view'], invoicing: ['view', 'create', 'edit', 'delete'], tasks: ['view', 'create', 'edit', 'delete'], reminders: ['view', 'create', 'edit', 'delete'], 'sic-tours': ['view', 'create', 'edit', 'delete'], calendar: ['view'], }, OPERATIONS: { dashboard: ['view'], destinations: ['view', 'create', 'edit'], 'trip-sources': ['view'], suppliers: ['view', 'create', 'edit'], drivers: ['view', 'create', 'edit'], inventory: ['view', 'create', 'edit'], queries: ['view', 'create', 'edit'], quotes: ['view', 'create', 'edit'], bookings: ['view', 'create', 'edit'], payments: ['view'], operations: ['view', 'create', 'edit'], settings: [], reports: ['view'], invoicing: ['view'], tasks: ['view', 'create', 'edit'], reminders: ['view', 'create', 'edit'], 'sic-tours': ['view', 'create', 'edit'], calendar: ['view'], }, SALES: { dashboard: ['view'], destinations: ['view'], 'trip-sources': ['view', 'create', 'edit'], suppliers: ['view'], drivers: ['view'], inventory: ['view'], queries: ['view', 'create', 'edit'], quotes: ['view', 'create', 'edit'], bookings: ['view', 'create'], payments: ['view'], operations: ['view'], settings: [], reports: ['view'], invoicing: ['view'], tasks: ['view', 'create', 'edit'], reminders: ['view', 'create', 'edit'], 'sic-tours': ['view'], calendar: ['view'], }, FINANCE: { dashboard: ['view'], destinations: ['view'], 'trip-sources': ['view'], suppliers: ['view'], drivers: ['view'], inventory: ['view'], queries: ['view'], quotes: ['view'], bookings: ['view'], payments: ['view', 'create', 'edit', 'approve'], operations: ['view'], settings: [], reports: ['view'], invoicing: ['view', 'create', 'edit'], tasks: ['view', 'create', 'edit'], reminders: ['view', 'create'], 'sic-tours': ['view'], calendar: ['view'], }, } export function hasPermission(role: string, module: Module, action: Action): boolean { const rolePermissions = PERMISSIONS[role] if (!rolePermissions) return false const modulePermissions = rolePermissions[module] if (!modulePermissions) return false return modulePermissions.includes(action) } export function getModulesForRole(role: string): Module[] { const rolePermissions = PERMISSIONS[role] if (!rolePermissions) return [] return Object.entries(rolePermissions) .filter(([, actions]) => actions.includes('view')) .map(([module]) => module as Module) } export function canAccessModule(role: string, module: Module): boolean { return hasPermission(role, module, 'view') }