Refactoring - Version OK

2025-11-17 16:02:04 +00:00
parent 3f00a26308
commit 3b9ffac8cd
198 changed files with 18010 additions and 11383 deletions
--- a/unionflow-mobile-apps/lib/features/authentication/data/models/permission_matrix.dart
+++ b/unionflow-mobile-apps/lib/features/authentication/data/models/permission_matrix.dart
@@ -0,0 +1,212 @@
+/// Système de permissions granulaires ultra-sophistiqué
+/// Plus de 50 permissions atomiques avec héritage intelligent
+library permission_matrix;
+
+/// Matrice de permissions atomiques pour contrôle granulaire
+/// 
+/// Chaque permission suit la convention : `domain.action.scope`
+/// Exemples : `members.edit.own`, `finances.view.all`, `system.admin.global`
+class PermissionMatrix {
+  // === PERMISSIONS SYSTÈME ===
+  static const String SYSTEM_ADMIN = 'system.admin.global';
+  static const String SYSTEM_CONFIG = 'system.config.global';
+  static const String SYSTEM_MONITORING = 'system.monitoring.view';
+  static const String SYSTEM_BACKUP = 'system.backup.manage';
+  static const String SYSTEM_SECURITY = 'system.security.manage';
+  static const String SYSTEM_AUDIT = 'system.audit.view';
+  static const String SYSTEM_LOGS = 'system.logs.view';
+  static const String SYSTEM_MAINTENANCE = 'system.maintenance.execute';
+
+  // === PERMISSIONS ORGANISATION ===
+  static const String ORG_CREATE = 'organization.create.global';
+  static const String ORG_DELETE = 'organization.delete.own';
+  static const String ORG_CONFIG = 'organization.config.own';
+  static const String ORG_BRANDING = 'organization.branding.manage';
+  static const String ORG_SETTINGS = 'organization.settings.manage';
+  static const String ORG_PERMISSIONS = 'organization.permissions.manage';
+  static const String ORG_WORKFLOWS = 'organization.workflows.manage';
+  static const String ORG_INTEGRATIONS = 'organization.integrations.manage';
+
+  // === PERMISSIONS DASHBOARD ===
+  static const String DASHBOARD_VIEW = 'dashboard.view.own';
+  static const String DASHBOARD_ADMIN = 'dashboard.admin.view';
+  static const String DASHBOARD_ANALYTICS = 'dashboard.analytics.view';
+  static const String DASHBOARD_REPORTS = 'dashboard.reports.generate';
+  static const String DASHBOARD_EXPORT = 'dashboard.export.data';
+  static const String DASHBOARD_CUSTOMIZE = 'dashboard.customize.layout';
+
+  // === PERMISSIONS MEMBRES ===
+  static const String MEMBERS_VIEW_ALL = 'members.view.all';
+  static const String MEMBERS_VIEW_OWN = 'members.view.own';
+  static const String MEMBERS_CREATE = 'members.create.organization';
+  static const String MEMBERS_EDIT_ALL = 'members.edit.all';
+  static const String MEMBERS_EDIT_OWN = 'members.edit.own';
+  static const String MEMBERS_EDIT_BASIC = 'members.edit.basic';
+  static const String MEMBERS_DELETE = 'members.delete.organization';
+  static const String MEMBERS_DELETE_ALL = 'members.delete.all';
+  static const String MEMBERS_APPROVE = 'members.approve.requests';
+  static const String MEMBERS_SUSPEND = 'members.suspend.organization';
+  static const String MEMBERS_EXPORT = 'members.export.data';
+  static const String MEMBERS_IMPORT = 'members.import.data';
+  static const String MEMBERS_COMMUNICATE = 'members.communicate.all';
+
+  // === PERMISSIONS FINANCES ===
+  static const String FINANCES_VIEW_ALL = 'finances.view.all';
+  static const String FINANCES_VIEW_OWN = 'finances.view.own';
+  static const String FINANCES_EDIT_ALL = 'finances.edit.all';
+  static const String FINANCES_MANAGE = 'finances.manage.organization';
+  static const String FINANCES_APPROVE = 'finances.approve.transactions';
+  static const String FINANCES_REPORTS = 'finances.reports.generate';
+  static const String FINANCES_BUDGET = 'finances.budget.manage';
+  static const String FINANCES_AUDIT = 'finances.audit.access';
+
+  // === PERMISSIONS ÉVÉNEMENTS ===
+  static const String EVENTS_VIEW_ALL = 'events.view.all';
+  static const String EVENTS_VIEW_PUBLIC = 'events.view.public';
+  static const String EVENTS_CREATE = 'events.create.organization';
+  static const String EVENTS_EDIT_ALL = 'events.edit.all';
+  static const String EVENTS_EDIT_OWN = 'events.edit.own';
+  static const String EVENTS_DELETE = 'events.delete.organization';
+  static const String EVENTS_PARTICIPATE = 'events.participate.public';
+  static const String EVENTS_MODERATE = 'events.moderate.organization';
+  static const String EVENTS_ANALYTICS = 'events.analytics.view';
+
+  // === PERMISSIONS SOLIDARITÉ ===
+  static const String SOLIDARITY_VIEW_ALL = 'solidarity.view.all';
+  static const String SOLIDARITY_VIEW_OWN = 'solidarity.view.own';
+  static const String SOLIDARITY_VIEW_PUBLIC = 'solidarity.view.public';
+  static const String SOLIDARITY_CREATE = 'solidarity.create.request';
+  static const String SOLIDARITY_EDIT_ALL = 'solidarity.edit.all';
+  static const String SOLIDARITY_APPROVE = 'solidarity.approve.requests';
+  static const String SOLIDARITY_PARTICIPATE = 'solidarity.participate.actions';
+  static const String SOLIDARITY_MANAGE = 'solidarity.manage.organization';
+  static const String SOLIDARITY_FUND = 'solidarity.fund.manage';
+
+  // === PERMISSIONS COMMUNICATION ===
+  static const String COMM_SEND_ALL = 'communication.send.all';
+  static const String COMM_SEND_MEMBERS = 'communication.send.members';
+  static const String COMM_MODERATE = 'communication.moderate.organization';
+  static const String COMM_BROADCAST = 'communication.broadcast.organization';
+  static const String COMM_TEMPLATES = 'communication.templates.manage';
+
+  // === PERMISSIONS RAPPORTS ===
+  static const String REPORTS_VIEW_ALL = 'reports.view.all';
+  static const String REPORTS_GENERATE = 'reports.generate.organization';
+  static const String REPORTS_EXPORT = 'reports.export.data';
+  static const String REPORTS_SCHEDULE = 'reports.schedule.automated';
+
+  // === PERMISSIONS MODÉRATION ===
+  static const String MODERATION_CONTENT = 'moderation.content.manage';
+  static const String MODERATION_USERS = 'moderation.users.manage';
+  static const String MODERATION_REPORTS = 'moderation.reports.handle';
+
+  /// Toutes les permissions disponibles dans le système
+  static const List<String> ALL_PERMISSIONS = [
+    // Système
+    SYSTEM_ADMIN, SYSTEM_CONFIG, SYSTEM_MONITORING, SYSTEM_BACKUP,
+    SYSTEM_SECURITY, SYSTEM_AUDIT, SYSTEM_LOGS, SYSTEM_MAINTENANCE,
+    
+    // Organisation
+    ORG_CREATE, ORG_DELETE, ORG_CONFIG, ORG_BRANDING, ORG_SETTINGS,
+    ORG_PERMISSIONS, ORG_WORKFLOWS, ORG_INTEGRATIONS,
+    
+    // Dashboard
+    DASHBOARD_VIEW, DASHBOARD_ADMIN, DASHBOARD_ANALYTICS, DASHBOARD_REPORTS,
+    DASHBOARD_EXPORT, DASHBOARD_CUSTOMIZE,
+    
+    // Membres
+    MEMBERS_VIEW_ALL, MEMBERS_VIEW_OWN, MEMBERS_CREATE, MEMBERS_EDIT_ALL,
+    MEMBERS_EDIT_OWN, MEMBERS_DELETE, MEMBERS_APPROVE, MEMBERS_SUSPEND,
+    MEMBERS_EXPORT, MEMBERS_IMPORT, MEMBERS_COMMUNICATE,
+    
+    // Finances
+    FINANCES_VIEW_ALL, FINANCES_VIEW_OWN, FINANCES_MANAGE, FINANCES_APPROVE,
+    FINANCES_REPORTS, FINANCES_BUDGET, FINANCES_AUDIT,
+    
+    // Événements
+    EVENTS_VIEW_ALL, EVENTS_VIEW_PUBLIC, EVENTS_CREATE, EVENTS_EDIT_ALL,
+    EVENTS_EDIT_OWN, EVENTS_DELETE, EVENTS_MODERATE, EVENTS_ANALYTICS,
+    
+    // Solidarité
+    SOLIDARITY_VIEW_ALL, SOLIDARITY_VIEW_OWN, SOLIDARITY_CREATE,
+    SOLIDARITY_APPROVE, SOLIDARITY_MANAGE, SOLIDARITY_FUND,
+    
+    // Communication
+    COMM_SEND_ALL, COMM_SEND_MEMBERS, COMM_MODERATE, COMM_BROADCAST,
+    COMM_TEMPLATES,
+    
+    // Rapports
+    REPORTS_VIEW_ALL, REPORTS_GENERATE, REPORTS_EXPORT, REPORTS_SCHEDULE,
+    
+    // Modération
+    MODERATION_CONTENT, MODERATION_USERS, MODERATION_REPORTS,
+  ];
+
+  /// Permissions publiques (accessibles sans authentification)
+  static const List<String> PUBLIC_PERMISSIONS = [
+    EVENTS_VIEW_PUBLIC,
+  ];
+
+  /// Vérifie si une permission est publique
+  static bool isPublicPermission(String permission) {
+    return PUBLIC_PERMISSIONS.contains(permission);
+  }
+
+  /// Obtient le domaine d'une permission (partie avant le premier point)
+  static String getDomain(String permission) {
+    return permission.split('.').first;
+  }
+
+  /// Obtient l'action d'une permission (partie du milieu)
+  static String getAction(String permission) {
+    final parts = permission.split('.');
+    return parts.length > 1 ? parts[1] : '';
+  }
+
+  /// Obtient la portée d'une permission (partie après le dernier point)
+  static String getScope(String permission) {
+    return permission.split('.').last;
+  }
+
+  /// Vérifie si une permission implique une autre (héritage)
+  static bool implies(String higherPermission, String lowerPermission) {
+    // Exemple : 'members.edit.all' implique 'members.view.all'
+    final higherParts = higherPermission.split('.');
+    final lowerParts = lowerPermission.split('.');
+    
+    if (higherParts.length != 3 || lowerParts.length != 3) return false;
+    
+    // Même domaine requis
+    if (higherParts[0] != lowerParts[0]) return false;
+    
+    // Vérification des implications d'actions
+    return _actionImplies(higherParts[1], lowerParts[1]) &&
+           _scopeImplies(higherParts[2], lowerParts[2]);
+  }
+
+  /// Vérifie si une action implique une autre
+  static bool _actionImplies(String higherAction, String lowerAction) {
+    const actionHierarchy = {
+      'admin': ['manage', 'edit', 'create', 'delete', 'view'],
+      'manage': ['edit', 'create', 'delete', 'view'],
+      'edit': ['view'],
+      'create': ['view'],
+      'delete': ['view'],
+    };
+    
+    return actionHierarchy[higherAction]?.contains(lowerAction) ?? 
+           higherAction == lowerAction;
+  }
+
+  /// Vérifie si une portée implique une autre
+  static bool _scopeImplies(String higherScope, String lowerScope) {
+    const scopeHierarchy = {
+      'global': ['all', 'organization', 'own'],
+      'all': ['organization', 'own'],
+      'organization': ['own'],
+    };
+    
+    return scopeHierarchy[higherScope]?.contains(lowerScope) ?? 
+           higherScope == lowerScope;
+  }
+}