sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cb3bc3c1182381b0fd98206f834ce9275878f4d3
orion/app/templates/store/base.html
Samir Boulahtit cb3bc3c118
Some checks failed
CI / pytest (push) Failing after 45m29s
Details
CI / validate (push) Successful in 24s
Details
CI / dependency-scanning (push) Successful in 28s
Details
CI / docs (push) Has been skipped
Details
CI / deploy (push) Has been skipped
Details
CI / ruff (push) Successful in 9s
Details
feat: implement complete RBAC access control with tests 
Add 4-layer access control stack (subscription → module → menu → permissions):
- P1: Wire requires_permission into menu sidebar filtering
- P2: Expose window.USER_PERMISSIONS for Alpine.js client-side gating
- P3: Add page-level permission guards on store routes
- P4: Role CRUD API endpoints and role editor UI
- P5: Audit trail for all role/permission changes

Includes unit tests (menu permission filtering, role CRUD service) and
integration tests (role API endpoints). All 404 core+tenancy tests pass.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-26 18:26:59 +01:00

120 lines
5.0 KiB
HTML
Raw Blame History

{# app/templates/store/base.html #}
{% from 'shared/macros/modals.html' import confirm_modal_dynamic %}
<!DOCTYPE html>
<html :class="{ 'dark': dark }" x-data="{% block alpine_data %}data(){% endblock %}" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>{% block title %}Store Panel{% endblock %} - {{ store.name if store else 'Multi-Tenant Platform' }}</title>
<!-- Fonts: Local fallback + Google Fonts -->
<link href="/static/shared/fonts/inter.css" rel="stylesheet" />
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800&display=swap" rel="stylesheet" />
<!-- Tailwind CSS v4 (built locally via standalone CLI) -->
<link rel="stylesheet" href="{{ url_for('static', path='store/css/tailwind.output.css') }}" />
<!-- Flag Icons for Language Selector with local fallback -->
<link
rel="stylesheet"
href="https://cdn.jsdelivr.net/npm/flag-icons@7.2.3/css/flag-icons.min.css"
onerror="this.onerror=null; this.href='{{ url_for('static', path='shared/css/store/flag-icons.min.css') }}';"
/>
<!-- Alpine Cloak -->
<style>
[x-cloak] { display: none !important; }
</style>
{% block extra_head %}{% endblock %}
</head>
<body x-cloak>
<div class="flex h-screen bg-gray-50 dark:bg-gray-900" :class="{ 'overflow-hidden': isSideMenuOpen }">
<!-- Sidebar (server-side included) -->
{% include 'store/partials/sidebar.html' %}
<div class="flex flex-col flex-1 w-full">
<!-- Header (server-side included) -->
{% include 'store/partials/header.html' %}
<!-- Main Content -->
<main class="h-full overflow-y-auto">
<div class="container px-6 mx-auto grid">
{% block content %}{% endblock %}
</div>
</main>
</div>
</div>
<!-- Upgrade Limit Reached Confirm Modal -->
{{ confirm_modal_dynamic('limitReachedConfirm', 'Usage Limit Reached', '$store.upgrade.limitReachedMessage', '$store.upgrade.confirmUpgrade()', '$store.upgrade.showLimitReachedConfirm', 'Go to Billing', 'Dismiss', 'warning') }}
<!-- Core Scripts - ORDER MATTERS! -->
<!-- 1. FIRST: Log Configuration -->
<script defer src="{{ url_for('static', path='shared/js/log-config.js') }}"></script>
<!-- 1.5: Store Configuration (resolved via PlatformSettingsService) -->
<script>
window.STORE_CODE = '{{ store_code | default("") }}';
window.STORE_CONFIG = {
locale: '{{ storefront_locale }}',
currency: '{{ storefront_currency }}',
dashboardLanguage: '{{ dashboard_language }}'
};
window.USER_PERMISSIONS = {{ user_permissions | default([]) | tojson }};
</script>
<!-- 2. SECOND: Icons (before Alpine.js) -->
<script defer src="{{ url_for('static', path='shared/js/icons.js') }}"></script>
<!-- 3. THIRD: Alpine.js Base Data -->
<script src="{{ url_for('core_static', path='store/js/init-alpine.js') }}"></script>
<!-- 4. FOURTH: Utils (standalone utilities) -->
<script defer src="{{ url_for('static', path='shared/js/utils.js') }}"></script>
<!-- 4b. i18n Support -->
<script defer src="{{ url_for('static', path='shared/js/i18n.js') }}"></script>
<script>
// Initialize i18n with dashboard language and preload modules
// Wrapped in DOMContentLoaded so deferred i18n.js has loaded
document.addEventListener('DOMContentLoaded', async function() {
const modules = {% block i18n_modules %}[]{% endblock %};
await I18n.init('{{ dashboard_language | default("en") }}', modules);
});
</script>
<!-- 5. FIFTH: API Client (depends on Utils) -->
<script defer src="{{ url_for('static', path='shared/js/api-client.js') }}"></script>
<!-- 6. SIXTH: Feature Store (depends on API Client, registers with Alpine) -->
<script defer src="{{ url_for('billing_static', path='shared/js/feature-store.js') }}"></script>
<!-- 7. SEVENTH: Upgrade Prompts (depends on API Client, registers with Alpine) -->
<script defer src="{{ url_for('billing_static', path='shared/js/upgrade-prompts.js') }}"></script>
<!-- 8. EIGHTH: Alpine.js v3 with CDN fallback (with defer) -->
<script>
(function() {
var script = document.createElement('script');
script.defer = true;
script.src = 'https://cdn.jsdelivr.net/npm/alpinejs@3.13.3/dist/cdn.min.js';
script.onerror = function() {
console.warn('Alpine.js CDN failed, loading local copy...');
var fallbackScript = document.createElement('script');
fallbackScript.defer = true;
fallbackScript.src = '{{ url_for("static", path="shared/js/lib/alpine.min.js") }}';
document.head.appendChild(fallbackScript);
};
document.head.appendChild(script);
})();
</script>
<!-- 9. LAST: Page-specific scripts -->
{% block extra_scripts %}{% endblock %}
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink