import { InitialStateResponse } from './app'; import { SGW_ROLE } from './constants/slave/sgw'; export default (initialState: InitialStateResponse) => { // Lấy role của user hiện tại const userType = initialState?.currentUserProfile?.metadata?.user_type; // Lấy biến môi trường domain const env = process.env.DOMAIN_ENV; // Khởi tạo object quyền mặc định (tất cả là false) let permissions = { canAdmin: false, canAdmin_SysAdmin: false, canEndUser_Admin: false, canEndUser_User_Admin: false, canEndUser_User: false, canEndUser: false, canAll: true, // Cờ đánh dấu Domain hiện tại isSGW: env === 'sgw' || !env, isGMS: env === 'gms', isSpole: env === 'spole', }; // Switch case để xử lý logic quyền riêng cho từng Domain switch (env) { case 'gms': if (userType) { permissions.canAdmin = userType === SGW_ROLE.ADMIN; permissions.canAdmin_SysAdmin = userType === SGW_ROLE.SYSADMIN || userType === SGW_ROLE.ADMIN; permissions.canEndUser_Admin = userType === SGW_ROLE.ENDUSER || userType === SGW_ROLE.ADMIN; permissions.canEndUser_User_Admin = [ SGW_ROLE.ENDUSER, SGW_ROLE.USERS, SGW_ROLE.ADMIN, ].includes(userType as SGW_ROLE); permissions.canEndUser_User = [ SGW_ROLE.ENDUSER, SGW_ROLE.USERS, ].includes(userType as SGW_ROLE); permissions.canEndUser = userType === SGW_ROLE.ENDUSER; } break; case 'spole': if (userType) { permissions.canAdmin = userType === SGW_ROLE.ADMIN; permissions.canAdmin_SysAdmin = userType === SGW_ROLE.SYSADMIN || userType === SGW_ROLE.ADMIN; permissions.canEndUser_Admin = userType === SGW_ROLE.ENDUSER || userType === SGW_ROLE.ADMIN; permissions.canEndUser_User_Admin = [ SGW_ROLE.ENDUSER, SGW_ROLE.USERS, SGW_ROLE.ADMIN, ].includes(userType as SGW_ROLE); permissions.canEndUser_User = [ SGW_ROLE.ENDUSER, SGW_ROLE.USERS, ].includes(userType as SGW_ROLE); permissions.canEndUser = userType === SGW_ROLE.ENDUSER; } break; case 'sgw': if (userType) { permissions.canAdmin = userType === SGW_ROLE.ADMIN; permissions.canAdmin_SysAdmin = userType === SGW_ROLE.SYSADMIN || userType === SGW_ROLE.ADMIN; permissions.canEndUser_Admin = userType === SGW_ROLE.ENDUSER || userType === SGW_ROLE.ADMIN; permissions.canEndUser_User_Admin = [ SGW_ROLE.ENDUSER, SGW_ROLE.USERS, SGW_ROLE.ADMIN, ].includes(userType as SGW_ROLE); permissions.canEndUser_User = [ SGW_ROLE.ENDUSER, SGW_ROLE.USERS, ].includes(userType as SGW_ROLE); permissions.canEndUser = userType === SGW_ROLE.ENDUSER; } break; default: // Logic phân quyền cho SGW if (userType) { permissions.canAdmin = userType === SGW_ROLE.ADMIN; permissions.canAdmin_SysAdmin = userType === SGW_ROLE.SYSADMIN || userType === SGW_ROLE.ADMIN; permissions.canEndUser_Admin = userType === SGW_ROLE.ENDUSER || userType === SGW_ROLE.ADMIN; permissions.canEndUser_User_Admin = [ SGW_ROLE.ENDUSER, SGW_ROLE.USERS, SGW_ROLE.ADMIN, ].includes(userType as SGW_ROLE); permissions.canEndUser_User = [ SGW_ROLE.ENDUSER, SGW_ROLE.USERS, ].includes(userType as SGW_ROLE); permissions.canEndUser = userType === SGW_ROLE.ENDUSER; } break; } return permissions; };