Commit a2ab44a
docs(frontend): dashboard permissions are fetched from the API, not the JWT
The dashboard JWT carries only role names; auth-context.tsx fetches the
effective permission list from GET /api/v1/identity/permissions, caches it, and
exposes permissionsHydrated. Update the agent rules/skills to match the shipped
behavior, and align the Playwright auth-seed helper: permissions in the fake JWT
are inert (gated specs mock GET /identity/permissions instead).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>1 parent be91d4b commit a2ab44a
4 files changed
Lines changed: 15 additions & 7 deletions
File tree
- .agents
- rules/frontend
- skills
- add-permission
- add-react-page
- clients/dashboard/tests/helpers
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
10 | 10 | | |
11 | 11 | | |
12 | 12 | | |
13 | | - | |
| 13 | + | |
14 | 14 | | |
15 | | - | |
| 15 | + | |
16 | 16 | | |
17 | 17 | | |
18 | 18 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
61 | 61 | | |
62 | 62 | | |
63 | 63 | | |
64 | | - | |
| 64 | + | |
65 | 65 | | |
66 | 66 | | |
67 | 67 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
17 | 17 | | |
18 | 18 | | |
19 | 19 | | |
20 | | - | |
| 20 | + | |
21 | 21 | | |
22 | 22 | | |
23 | 23 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
7 | 7 | | |
8 | 8 | | |
9 | 9 | | |
10 | | - | |
11 | | - | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
12 | 15 | | |
13 | 16 | | |
14 | 17 | | |
15 | 18 | | |
16 | 19 | | |
17 | 20 | | |
18 | 21 | | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
19 | 27 | | |
20 | 28 | | |
21 | 29 | | |
| |||
36 | 44 | | |
37 | 45 | | |
38 | 46 | | |
39 | | - | |
| 47 | + | |
40 | 48 | | |
41 | 49 | | |
42 | 50 | | |
| |||
0 commit comments