Hardik
da2d856b73
Gated behind NEXT_PUBLIC_SUBMITTER_VIEW_ALL_ENABLED (opt-in, "true"). When on, submitter roles (TECHNICAL/MANNING) get read-only access to every PO: the History page + report export, any other user's PO detail page, and the per-PO Export PDF/XLSX buttons. No approval/payment/edit rights are added. - lib/feature-flags.ts: SUBMITTER_VIEW_ALL_ENABLED flag - lib/permissions.ts: isSubmitterRole / submitterCanViewAll / canViewAllPos - po/[id] page + export route: gate via canViewAllPos - history page + reports/export route: OR submitterCanViewAll into export_reports - sidebar: show History to submitters when flag on - tests: permission helpers, both flag states - docs: .env.example, CLAUDE.md (wiki updated separately) Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
19 lines
940 B
TypeScript
19 lines
940 B
TypeScript
/**
|
|
* Feature flags — read from environment variables.
|
|
* NEXT_PUBLIC_ prefix makes them available in both server and client components.
|
|
*
|
|
* NEXT_PUBLIC_INVENTORY_ENABLED=false → hides inventory tracking (site qty/consumption)
|
|
* Vendor list, product catalogue, and cart remain available for PO creation regardless.
|
|
*
|
|
* NEXT_PUBLIC_SUBMITTER_VIEW_ALL_ENABLED=true → lets submitters (TECHNICAL / MANNING)
|
|
* read every PO (not just their own), open the History page, and use the export buttons.
|
|
* Opt-in (off unless explicitly "true") because it widens read access. Submitters stay
|
|
* read-only — it grants no approval, payment, or edit rights. See lib/permissions.ts
|
|
* (canViewAllPos / submitterCanViewAll).
|
|
*/
|
|
|
|
export const INVENTORY_ENABLED =
|
|
process.env.NEXT_PUBLIC_INVENTORY_ENABLED !== "false";
|
|
|
|
export const SUBMITTER_VIEW_ALL_ENABLED =
|
|
process.env.NEXT_PUBLIC_SUBMITTER_VIEW_ALL_ENABLED === "true";
|