Imporve the role based forntend protected roles

frontend/src/types/roles.ts

@@ -0,0 +1,83 @@
+/**
+ * Role Types - Must match backend role definitions exactly
+ */
+
+// Global User Roles (Auth Service)
+export const GLOBAL_USER_ROLES = {
+  USER: 'user',
+  ADMIN: 'admin',
+  MANAGER: 'manager',
+  SUPER_ADMIN: 'super_admin',
+} as const;
+
+// Tenant-Specific Roles (Tenant Service)
+export const TENANT_ROLES = {
+  OWNER: 'owner',
+  ADMIN: 'admin', 
+  MEMBER: 'member',
+  VIEWER: 'viewer',
+} as const;
+
+// Combined role types
+export type GlobalUserRole = typeof GLOBAL_USER_ROLES[keyof typeof GLOBAL_USER_ROLES];
+export type TenantRole = typeof TENANT_ROLES[keyof typeof TENANT_ROLES];
+export type Role = GlobalUserRole | TenantRole;
+
+// Role hierarchy for permission checking
+export const ROLE_HIERARCHY = {
+  // Global roles (highest to lowest)
+  global: [
+    GLOBAL_USER_ROLES.SUPER_ADMIN,
+    GLOBAL_USER_ROLES.ADMIN,
+    GLOBAL_USER_ROLES.MANAGER,
+    GLOBAL_USER_ROLES.USER,
+  ],
+  // Tenant roles (highest to lowest)
+  tenant: [
+    TENANT_ROLES.OWNER,
+    TENANT_ROLES.ADMIN,
+    TENANT_ROLES.MEMBER,
+    TENANT_ROLES.VIEWER,
+  ],
+} as const;
+
+// Permission helper functions
+export const hasGlobalRole = (userRole: string, requiredRole: GlobalUserRole): boolean => {
+  const userIndex = ROLE_HIERARCHY.global.indexOf(userRole as GlobalUserRole);
+  const requiredIndex = ROLE_HIERARCHY.global.indexOf(requiredRole);
+  return userIndex !== -1 && requiredIndex !== -1 && userIndex <= requiredIndex;
+};
+
+export const hasTenantRole = (userRole: string, requiredRole: TenantRole): boolean => {
+  const userIndex = ROLE_HIERARCHY.tenant.indexOf(userRole as TenantRole);
+  const requiredIndex = ROLE_HIERARCHY.tenant.indexOf(requiredRole);
+  return userIndex !== -1 && requiredIndex !== -1 && userIndex <= requiredIndex;
+};
+
+export const hasAnyRole = (userRoles: string[], requiredRoles: Role[]): boolean => {
+  return requiredRoles.some(requiredRole => userRoles.includes(requiredRole));
+};
+
+// Common role combinations for easy reuse
+export const ROLE_COMBINATIONS = {
+  // Administrative access (global admin or tenant owner)
+  ADMIN_ACCESS: [GLOBAL_USER_ROLES.ADMIN, GLOBAL_USER_ROLES.SUPER_ADMIN, TENANT_ROLES.OWNER],
+  
+  // Management access (admin + manager + tenant admin)
+  MANAGEMENT_ACCESS: [
+    GLOBAL_USER_ROLES.ADMIN,
+    GLOBAL_USER_ROLES.SUPER_ADMIN,
+    GLOBAL_USER_ROLES.MANAGER,
+    TENANT_ROLES.OWNER,
+    TENANT_ROLES.ADMIN,
+  ],
+  
+  // Owner-only access (super admin or tenant owner)
+  OWNER_ACCESS: [GLOBAL_USER_ROLES.SUPER_ADMIN, TENANT_ROLES.OWNER],
+  
+  // Basic access (any authenticated user with any role)
+  BASIC_ACCESS: [
+    ...Object.values(GLOBAL_USER_ROLES),
+    ...Object.values(TENANT_ROLES),
+  ],
+} as const;