 Server : Apache/2 System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : gositeme ( 1004) PHP Version : 8.2.29 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory : /home/gositeme/domains/lavocat.ca/public_html/src/lib/ |
import { prisma } from './prisma';
export interface ChatPermission {
canJoin: boolean;
canRead: boolean;
canWrite: boolean;
canManage: boolean;
canDelete: boolean;
}
// Define which roles can access which types of rooms
const ROOM_ACCESS_MATRIX = {
// Public rooms - everyone can join
'public': {
'SUPERADMIN': { canJoin: true, canRead: true, canWrite: true, canManage: true, canDelete: true },
'ADMIN': { canJoin: true, canRead: true, canWrite: true, canManage: true, canDelete: true },
'LAWYER': { canJoin: true, canRead: true, canWrite: true, canManage: false, canDelete: false },
'SECRETARY': { canJoin: true, canRead: true, canWrite: true, canManage: false, canDelete: false },
'CLERK': { canJoin: true, canRead: true, canWrite: true, canManage: false, canDelete: false },
'ASSISTANT': { canJoin: true, canRead: true, canWrite: true, canManage: false, canDelete: false },
'USER': { canJoin: true, canRead: true, canWrite: true, canManage: false, canDelete: false }
},
// Legal support rooms - legal professionals only
'legal_support': {
'SUPERADMIN': { canJoin: true, canRead: true, canWrite: true, canManage: true, canDelete: true },
'ADMIN': { canJoin: true, canRead: true, canWrite: true, canManage: true, canDelete: true },
'LAWYER': { canJoin: true, canRead: true, canWrite: true, canManage: false, canDelete: false },
'SECRETARY': { canJoin: true, canRead: true, canWrite: true, canManage: false, canDelete: false },
'CLERK': { canJoin: true, canRead: true, canWrite: true, canManage: false, canDelete: false },
'ASSISTANT': { canJoin: true, canRead: true, canWrite: true, canManage: false, canDelete: false },
'USER': { canJoin: false, canRead: false, canWrite: false, canManage: false, canDelete: false }
},
// Admin rooms - admins only
'admin': {
'SUPERADMIN': { canJoin: true, canRead: true, canWrite: true, canManage: true, canDelete: true },
'ADMIN': { canJoin: true, canRead: true, canWrite: true, canManage: true, canDelete: true },
'LAWYER': { canJoin: false, canRead: false, canWrite: false, canManage: false, canDelete: false },
'SECRETARY': { canJoin: false, canRead: false, canWrite: false, canManage: false, canDelete: false },
'CLERK': { canJoin: false, canRead: false, canWrite: false, canManage: false, canDelete: false },
'ASSISTANT': { canJoin: false, canRead: false, canWrite: false, canManage: false, canDelete: false },
'USER': { canJoin: false, canRead: false, canWrite: false, canManage: false, canDelete: false }
}
};
// Map room names to their access types
const ROOM_TYPE_MAPPING = {
// Public rooms - everyone can access
'public': [
'Général', 'General', 'Announcements',
'E.D. d\'Amos', 'E.D. de Rimouski', 'E.D. de Québec – F', 'E.D. de Québec – M',
'E.D. de Baie-Comeau', 'E.D. de Sept-Îles', 'E.D. de Sherbrooke', 'E.D. de New Carlisle',
'E.D. de Percé', 'E.D. de Havre-Aubert', 'E.D. de Hull', 'E.D. de Saint-Jérôme',
'E.L. de Laval', 'E.D. de Trois-Rivières', 'E.D. de Sorel-Tracy', 'E.D. de Montréal (Bordeaux)',
'E.D. de Rivière-des-Prairies', 'E.D. de Roberval', 'Bordeaux (Montréal)', 'Rivière-des-Prairies (Montréal)',
'Leclerc (Laval)', 'Orsainville (Québec) - Hommes', 'Orsainville (Québec) - Femmes',
'Baie-Comeau', 'Sept-Îles', 'Port-Cartier', 'Sherbrooke', 'Trois-Rivières', 'Saint-Jérôme',
'Hull (Gatineau)', 'Roberval', 'Rimouski', 'Sorel-Tracy', 'Saint-Hyacinthe', 'Amos',
'New Carlisle', 'Percé', 'Havre-Aubert (Îles-de-la-Madeleine)', 'Maison Tanguay (Femmes)',
'Joliette (Femmes Fédéral)', 'Cité-des-Prairies (Jeunes)', 'Archambault (Fédéral)',
'Cowansville (Fédéral)', 'Donnacona (Fédéral)', 'La Macaza (Fédéral)', 'Sainte-Anne-des-Plaines (Fédéral)',
'Aide Juridique Générale', 'Transferts et Transport', 'Visites Familiales', 'Libération Conditionnelle',
'Soins Médicaux', 'Support Communautaire', 'Réintégration Sociale'
],
// Legal support rooms - legal professionals only
'legal_support': [
'Legal Support'
],
// Admin rooms - admins only
'admin': [
'Admin', 'System', 'Moderation'
]
};
// Get room access type based on room name
export function getRoomAccessType(roomName: string): string {
const normalizedName = roomName.toLowerCase();
for (const [accessType, roomNames] of Object.entries(ROOM_TYPE_MAPPING)) {
if (roomNames.some(name => normalizedName.includes(name.toLowerCase()))) {
return accessType;
}
}
// Default to public if no specific mapping found
return 'public';
}
// Get chat permissions for a user and room
export function getChatPermissions(userRole: string, roomName: string): ChatPermission {
const accessType = getRoomAccessType(roomName);
const rolePermissions = ROOM_ACCESS_MATRIX[accessType as keyof typeof ROOM_ACCESS_MATRIX];
if (!rolePermissions) {
// Default to public permissions
return ROOM_ACCESS_MATRIX.public[userRole as keyof typeof ROOM_ACCESS_MATRIX.public] ||
{ canJoin: false, canRead: false, canWrite: false, canManage: false, canDelete: false };
}
return rolePermissions[userRole as keyof typeof rolePermissions] ||
{ canJoin: false, canRead: false, canWrite: false, canManage: false, canDelete: false };
}
// Check if user can access a room (for API endpoints)
export function canAccessRoom(userRole: string, roomName: string, action: 'read' | 'write' | 'manage' | 'delete' = 'read'): boolean {
const permissions = getChatPermissions(userRole, roomName);
switch (action) {
case 'read':
return permissions.canRead;
case 'write':
return permissions.canWrite;
case 'manage':
return permissions.canManage;
case 'delete':
return permissions.canDelete;
default:
return false;
}
}
// Get rooms that a user can access
export async function getAccessibleRooms(userRole: string): Promise<string[]> {
const allRooms = await prisma.chatRoom.findMany({
select: { name: true }
});
return allRooms
.filter(room => canAccessRoom(userRole, room.name, 'read'))
.map(room => room.name);
}
// Auto-add users to rooms they should have access to
export async function autoAddUserToRelevantRooms(userId: string, userRole: string): Promise<void> {
const allRooms = await prisma.chatRoom.findMany({
select: { id: true, name: true }
});
for (const room of allRooms) {
const permissions = getChatPermissions(userRole, room.name);
if (permissions.canJoin) {
// Check if user is already a participant
const existingParticipant = await prisma.chatParticipant.findUnique({
where: {
userId_chatRoomId: {
userId,
chatRoomId: room.id
}
}
});
if (!existingParticipant) {
// Add user to room
await prisma.chatParticipant.create({
data: {
userId,
chatRoomId: room.id,
role: userRole === 'SUPERADMIN' || userRole === 'SUPERADMIN' || userRole === 'ADMIN' ? 'ADMIN' : 'MEMBER'
}
});
console.log(`Auto-added user ${userId} to room: ${room.name}`);
}
}
}
}