Permissions
Role-based permissions for the Issues dashboard (corp-user and manager).
Overview
This page summarizes permissions for the dashboard area for and . It mirrors the logic implemented in the dashboard code and in .
Role-based permissions for the Issues dashboard (corp-user and manager).
This page summarizes permissions for the dashboard area for and . It mirrors the logic implemented in the dashboard code and in .
docs/issues-permissions.mdDashboard behavior is driven by role-specific session fields returned from getSession().
| Role | Session fields | Notes |
|---|---|---|
| User | userId | No corporate context |
| Corp-user | corpUserIdcorpId | Belongs to exactly one corporation |
| Manager | managerIdcorpId | Manages exactly one corporation |
| Area / Action | User | Corp-user | Manager |
|---|---|---|---|
/dashboard/issues (can open page) | ✅ user view | ✅ corp-user view | ✅ manager view |
| See issues for own account | ✅ | ✅ created / assigned / team issues | ✅ via corp / team filters |
| See issues for other corp-users | ❌ | ✅ same corp, with relationship | ✅ any corp-user in corp |
| See issues for other corporations | ❌ | ❌ redirect + toast | ❌ redirect + toast |
| Change status / priority | ✅ own issues | ✅ authorized issues | ✅ any issue in corp they can view |
| Assign / reassign | ❌ | ✅ within corp, if authorized | ✅ within corp |
| Role | View? | Edit meta? | Assign / reassign? |
|---|---|---|---|
| User | Only own issues | ✅ own issues | ❌ |
| Corp-user | Issues they are related to (creator / assignee / team) | ✅ authorized issues | ✅ within same corporation |
| Manager | Any issue in their corporation | ✅ | ✅ within same corporation |