Skip to content

Implement role-based UI enforcement for admin/member/viewer hierarchy#92

Draft
Copilot wants to merge 7 commits intomainfrom
copilot/implement-role-enforcement-ui
Draft

Implement role-based UI enforcement for admin/member/viewer hierarchy#92
Copilot wants to merge 7 commits intomainfrom
copilot/implement-role-enforcement-ui

Conversation

Copy link
Copy Markdown

Copilot AI commented Jan 27, 2026
edited
Loading

Frontend was using hardcoded isAdmin = true placeholders. Backend already has role system (admin/member/viewer) with JWT tokens containing role claims.

Changes

Auth utilities (frontend/src/utils/auth.js)

  • Extracts role from localStorage user object
  • Provides isAdmin(), isMember(), hasRole() helpers with hierarchical checks

Component updates

  • Navbar: Role badge with color coding (red/blue/gray)
  • BoardsList: Hide create button (member+), delete icons (admin)
  • BoardViewPage: Hide column/card creation (member+), column deletion (admin)
  • EditTicketModal: Disable all fields + hide save/delete for viewers
  • CommentThread: Hide comment input for viewers

Test infrastructure

  • create-test-users.js script for seeding admin/member/viewer accounts
  • Documentation with permission matrix and test cases

Example

// Before
const isAdmin = true;  // Hardcoded

// After
import { isAdmin, isMember } from '../utils/auth';

const userIsAdmin = isAdmin();
const userIsMember = isMember();

{userIsMember && <Button>Create Board</Button>}
{userIsAdmin && <IconButton><DeleteIcon /></IconButton>}

Role hierarchy enforced: viewers read-only, members create/edit, admins delete boards/columns.

Original prompt

This section details on the original issue you should resolve

<issue_title>(CT) Role Enforcement UI/UX</issue_title>
<issue_description>Backend provides user role/permissions
Frontend shows/hides features based on roles
Test permission boundaries</issue_description>

Comments on the Issue (you are @copilot in this section)

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI and others added 6 commits January 27, 2026 18:59
@Olu1111
feat: implement role-based UI/UX with actual user role enforcement
faeb0cc 
Co-authored-by: Olu1111 <164207207+Olu1111@users.noreply.github.com>
@Olu1111
docs: add comprehensive role enforcement testing documentation and te…
a72e706 
…st user creation script

Co-authored-by: Olu1111 <164207207+Olu1111@users.noreply.github.com>
@Olu1111
feat: restrict ticket editing and commenting to members/admins only
6d6dfe6 
Co-authored-by: Olu1111 <164207207+Olu1111@users.noreply.github.com>
@Olu1111
fix: use consistent canEdit variable for role checking in EditTicketM…
1252b61 
…odal

Co-authored-by: Olu1111 <164207207+Olu1111@users.noreply.github.com>
@Olu1111
docs: add comprehensive implementation summary
1d9bfd6 
Co-authored-by: Olu1111 <164207207+Olu1111@users.noreply.github.com>
@Olu1111
docs: add visual guide for UI changes
ea13c33 
Co-authored-by: Olu1111 <164207207+Olu1111@users.noreply.github.com>
Copilot AI changed the title [WIP] Add role enforcement UI/UX for user permissions Implement role-based UI enforcement for admin/member/viewer hierarchy Jan 27, 2026
Copilot AI requested a review from Olu1111 January 27, 2026 19:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Olu1111 Olu1111 Awaiting requested review from Olu1111

Assignees

@Olu1111 Olu1111

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

(CT) Role Enforcement UI/UX

2 participants

@Olu1111