Version stable - Authentifiaction Ok + Dashboard SuperAdmin

2025-09-19 18:34:04 +00:00
parent 3f2398a55d
commit a1214bc116
4 changed files with 899 additions and 395 deletions
--- a/unionflow-mobile-apps/lib/core/auth/services/keycloak_role_mapper.dart
+++ b/unionflow-mobile-apps/lib/core/auth/services/keycloak_role_mapper.dart
@@ -11,22 +11,28 @@ class KeycloakRoleMapper {
  /// Mapping des rôles Keycloak vers UserRole
  static const Map<String, UserRole> _keycloakToUserRole = {
    // Rôles administratifs
+    'SUPER_ADMINISTRATEUR': UserRole.superAdmin,
    'ADMIN': UserRole.superAdmin,
+    'ADMINISTRATEUR_ORGANISATION': UserRole.orgAdmin,
    'PRESIDENT': UserRole.orgAdmin,
-    
+
    // Rôles de gestion
+    'RESPONSABLE_TECHNIQUE': UserRole.moderator,
+    'RESPONSABLE_MEMBRES': UserRole.moderator,
    'TRESORIER': UserRole.moderator,
    'SECRETAIRE': UserRole.moderator,
    'GESTIONNAIRE_MEMBRE': UserRole.moderator,
    'ORGANISATEUR_EVENEMENT': UserRole.moderator,
-    
+
    // Rôles membres
+    'MEMBRE_ACTIF': UserRole.activeMember,
+    'MEMBRE_SIMPLE': UserRole.simpleMember,
    'MEMBRE': UserRole.activeMember,
  };
  
  /// Mapping des rôles Keycloak vers permissions spécifiques
  static const Map<String, List<String>> _keycloakToPermissions = {
-    'ADMIN': [
+    'SUPER_ADMINISTRATEUR': [
      // Permissions Super Admin - Accès total
      PermissionMatrix.SYSTEM_ADMIN,
      PermissionMatrix.SYSTEM_CONFIG,
@@ -46,7 +52,41 @@ class KeycloakRoleMapper {
      PermissionMatrix.REPORTS_GENERATE,
      PermissionMatrix.DASHBOARD_ANALYTICS,
    ],
-    
+    'ADMIN': [
+      // Permissions Super Admin - Accès total (compatibilité)
+      PermissionMatrix.SYSTEM_ADMIN,
+      PermissionMatrix.SYSTEM_CONFIG,
+      PermissionMatrix.SYSTEM_SECURITY,
+      PermissionMatrix.ORG_CREATE,
+      PermissionMatrix.ORG_DELETE,
+      PermissionMatrix.ORG_CONFIG,
+      PermissionMatrix.MEMBERS_VIEW_ALL,
+      PermissionMatrix.MEMBERS_EDIT_ALL,
+      PermissionMatrix.MEMBERS_DELETE_ALL,
+      PermissionMatrix.FINANCES_VIEW_ALL,
+      PermissionMatrix.FINANCES_EDIT_ALL,
+      PermissionMatrix.EVENTS_VIEW_ALL,
+      PermissionMatrix.EVENTS_EDIT_ALL,
+      PermissionMatrix.SOLIDARITY_VIEW_ALL,
+      PermissionMatrix.SOLIDARITY_EDIT_ALL,
+      PermissionMatrix.REPORTS_GENERATE,
+      PermissionMatrix.DASHBOARD_ANALYTICS,
+    ],
+    'ADMINISTRATEUR_ORGANISATION': [
+      // Permissions Admin Organisation
+      PermissionMatrix.ORG_CONFIG,
+      PermissionMatrix.MEMBERS_VIEW_ALL,
+      PermissionMatrix.MEMBERS_EDIT_ALL,
+      PermissionMatrix.FINANCES_VIEW_ALL,
+      PermissionMatrix.FINANCES_EDIT_ALL,
+      PermissionMatrix.EVENTS_VIEW_ALL,
+      PermissionMatrix.EVENTS_EDIT_ALL,
+      PermissionMatrix.SOLIDARITY_VIEW_ALL,
+      PermissionMatrix.SOLIDARITY_EDIT_ALL,
+      PermissionMatrix.REPORTS_GENERATE,
+      PermissionMatrix.DASHBOARD_ANALYTICS,
+    ],
+
    'PRESIDENT': [
      // Permissions Président - Gestion organisation
      PermissionMatrix.ORG_CONFIG,
@@ -62,7 +102,32 @@ class KeycloakRoleMapper {
      PermissionMatrix.DASHBOARD_ANALYTICS,
      PermissionMatrix.COMM_SEND_ALL,
    ],
-    
+
+    'RESPONSABLE_TECHNIQUE': [
+      // Permissions Responsable Technique
+      PermissionMatrix.SYSTEM_MONITORING,
+      PermissionMatrix.SYSTEM_MAINTENANCE,
+      PermissionMatrix.MEMBERS_VIEW_ALL,
+      PermissionMatrix.MEMBERS_EDIT_BASIC,
+      PermissionMatrix.EVENTS_VIEW_ALL,
+      PermissionMatrix.EVENTS_EDIT_ALL,
+      PermissionMatrix.DASHBOARD_VIEW,
+      PermissionMatrix.REPORTS_GENERATE,
+    ],
+
+    'RESPONSABLE_MEMBRES': [
+      // Permissions Responsable Membres
+      PermissionMatrix.MEMBERS_VIEW_ALL,
+      PermissionMatrix.MEMBERS_EDIT_ALL,
+      PermissionMatrix.MEMBERS_DELETE_ALL,
+      PermissionMatrix.EVENTS_VIEW_ALL,
+      PermissionMatrix.EVENTS_EDIT_ALL,
+      PermissionMatrix.SOLIDARITY_VIEW_ALL,
+      PermissionMatrix.SOLIDARITY_EDIT_ALL,
+      PermissionMatrix.DASHBOARD_VIEW,
+      PermissionMatrix.REPORTS_GENERATE,
+    ],
+
    'TRESORIER': [
      // Permissions Trésorier - Focus finances
      PermissionMatrix.FINANCES_VIEW_ALL,
@@ -106,9 +171,36 @@ class KeycloakRoleMapper {
      PermissionMatrix.DASHBOARD_VIEW,
      PermissionMatrix.COMM_SEND_MEMBERS,
    ],
-    
+
+    'MEMBRE_ACTIF': [
+      // Permissions Membre Actif
+      PermissionMatrix.MEMBERS_VIEW_OWN,
+      PermissionMatrix.MEMBERS_EDIT_OWN,
+      PermissionMatrix.EVENTS_VIEW_ALL,
+      PermissionMatrix.EVENTS_PARTICIPATE,
+      PermissionMatrix.EVENTS_CREATE,
+      PermissionMatrix.SOLIDARITY_VIEW_ALL,
+      PermissionMatrix.SOLIDARITY_PARTICIPATE,
+      PermissionMatrix.SOLIDARITY_CREATE,
+      PermissionMatrix.FINANCES_VIEW_OWN,
+      PermissionMatrix.DASHBOARD_VIEW,
+      PermissionMatrix.COMM_SEND_MEMBERS,
+    ],
+
+    'MEMBRE_SIMPLE': [
+      // Permissions Membre Simple
+      PermissionMatrix.MEMBERS_VIEW_OWN,
+      PermissionMatrix.MEMBERS_EDIT_OWN,
+      PermissionMatrix.EVENTS_VIEW_PUBLIC,
+      PermissionMatrix.EVENTS_PARTICIPATE,
+      PermissionMatrix.SOLIDARITY_VIEW_PUBLIC,
+      PermissionMatrix.SOLIDARITY_PARTICIPATE,
+      PermissionMatrix.FINANCES_VIEW_OWN,
+      PermissionMatrix.DASHBOARD_VIEW,
+    ],
+
    'MEMBRE': [
-      // Permissions Membre Standard
+      // Permissions Membre Standard (compatibilité)
      PermissionMatrix.MEMBERS_VIEW_OWN,
      PermissionMatrix.MEMBERS_EDIT_OWN,
      PermissionMatrix.EVENTS_VIEW_PUBLIC,
@@ -124,12 +216,18 @@ class KeycloakRoleMapper {
  static UserRole mapToUserRole(List<String> keycloakRoles) {
    // Priorité des rôles (du plus élevé au plus bas)
    const List<String> rolePriority = [
+      'SUPER_ADMINISTRATEUR',
      'ADMIN',
+      'ADMINISTRATEUR_ORGANISATION',
      'PRESIDENT',
+      'RESPONSABLE_TECHNIQUE',
+      'RESPONSABLE_MEMBRES',
      'TRESORIER',
      'SECRETAIRE',
      'GESTIONNAIRE_MEMBRE',
      'ORGANISATEUR_EVENEMENT',
+      'MEMBRE_ACTIF',
+      'MEMBRE_SIMPLE',
      'MEMBRE',
    ];