vietreport-admin/solution-erp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
702411fcc883bc8c1e38b0a8fdb2a41ea9ab4421
solution-erp/.claude/skills/permission-matrix/SKILL.md
pqhuy1987 25dad7f36f [CLAUDE] Scaffold: khoi tao SOLUTION_ERP Phase 0 
- .NET 10 Clean Architecture: Domain/Application/Infrastructure/Api (4 project)
- 2 React + Vite + TS app: fe-admin (:8082), fe-user (:8080) voi proxy /api
- Node engines >=20, .nvmrc = 20 cho CI (bai hoc NamGroup)
- SQL Server 2022 qua docker-compose (dev)
- Parse 8 FORM -> docs/forms-spec.md (catalog + ma HD format RG-001)
- Parse QUY_TRINH -> docs/workflow-contract.md (9 phase state machine + role matrix)
- docs: CLAUDE.md, STATUS.md, PROJECT-MAP.md, migration-todos.md (roadmap 5 phase)
- .claude/skills: 3 placeholder (contract-workflow, form-engine, permission-matrix)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 10:37:34 +07:00

1.5 KiB
Raw Blame History

name, description, when-to-use
name description when-to-use
permission-matrix Hệ thống phân quyền Role × MenuKey × CRUD. Sidebar gating, permission guard, seed default, reset password. Dùng khi debug access denied, gán role, menu không hiện.
permission denied
access denied
menu không hiện
gán role cho user
reset password
seed permission

Permission Matrix Skill

Phase 1 deliverable. Hiện tại skill này là PLACEHOLDER.

Context

Pattern copy từ NamGroup skill permission-system nhưng đơn giản hóa:

  • 1 User có N Role
  • 1 Role có ma trận (MenuKey, CRUD flags) — Permission table
  • Không có per-user override (giữ đơn giản cho Phase 1)
  • Menu tree flat 2 cấp, hardcode MenuKey

Tech

  • BE: [Authorize(Policy = "Menu.Read")] attribute
  • FE: <PermissionGuard menuKey="Contracts" action="Update"> + usePermission().can("Contracts", "Update")
  • Resolution: API /api/menus/me trả về tree + permissions đã resolved theo user's roles

Code pointers (sẽ có sau Phase 1)

  • src/Backend/SolutionErp.Domain/Identity/Permission.cs
  • src/Backend/SolutionErp.Application/Permissions/Queries/GetMyMenuTreeQuery.cs
  • fe-admin/src/components/PermissionGuard.tsx
  • fe-admin/src/hooks/usePermission.ts

Common pitfalls (dự kiến)

  • Quên refresh token sau khi admin update permission → user phải logout/login mới thấy
  • MenuKey hardcode dễ typo → tập trung vào file src/lib/menuKeys.ts (FE) + MenuKeys.cs (BE const)