josh/BarangaySystem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
eb4a5731fb95119509c701c423a1bcb6ec62692b
BarangaySystem/.claude/plans/2e79878fa79727eedfab4ed9ab823fff-complete.md
Jonathan Sykes eb4a5731fb initial: bootstrap from BukidBountyApp base
2026-06-06 18:43:00 +08:00

7.4 KiB
Raw Blame History

task, cycles, context, private, started, finished
task cycles context private started finished
Enable accounting and sales reports access for STORE_OWNER and STORE_MANAGER — add permissions, open routes, and add Reports/Accounting shortcuts to HomeStoreOwner dashboard 5 true false 2026-05-16T00:00:00Z 2026-05-16T00:05:00Z

files

  • app/Http/Controllers/Helpers/Permissions/UserPermissions.php [lines 838-851] — STORE_OWNER block; missing ViewAccountingReports and ViewGlobalReports
  • app/Http/Controllers/Support/VueRouteMap.php [lines 249-254, 333-338] — /list-reports and /accounting-dashboard both exclude store owner and store manager
  • app/Http/Controllers/Accounting/AccountingController.php — gated by ViewAccountingReports; data is global, no store scope needed for demo
  • resources/js/Pages/Fragments/Home/HomeStoreOwner.vue — needs Reports and Accounting shortcut buttons added
  • resources/js/Pages/AccountingDashboard.vue — check if it has any UI that breaks for non-Big3 users (e.g. "Manage Accounts" button that should be hidden)
  • resources/js/Pages/ListReports.vue — check if it has any Big3-only controls that need conditional hiding

steps

  1. app/Http/Controllers/Helpers/Permissions/UserPermissions.php — Add to UserTypes::STORE_OWNER->value permissions array (after JoinCooperative):

    UserActions::ViewAccountingReports,
UserActions::ViewGlobalReports,
UserActions::ViewGlobalTransactions,

    Add to UserTypes::STORE_MANAGER->value permissions array (after JoinCooperative):

    UserActions::ViewAccountingReports,
UserActions::ViewGlobalReports,
UserActions::ViewGlobalTransactions,

  2. app/Http/Controllers/Support/VueRouteMap.php — Update allowedUserTypes for:

    • /list-reports (line ~251): change from ['ult', 'super operator', 'operator'] to ['ult', 'super operator', 'operator', 'store owner', 'store manager']
    • /accounting-dashboard (line ~336): change from ['ult', 'super operator', 'operator'] to ['ult', 'super operator', 'operator', 'store owner', 'store manager']

  3. resources/js/Pages/AccountingDashboard.vue — Audit for Big3-only controls:

    • Find any "Manage Accounts", "Create Account", "Delete Account" buttons
    • Wrap them in v-if="isUltimate || isSuperOperator || isOperator" using useAuth() composable
    • Store owners should see the read-only Tree/Leaf views and reports but not be able to create/delete accounting nodes
    • If the component already uses permission-based hiding, verify it works for STORE_OWNER

  4. resources/js/Pages/ListReports.vue — Audit for Big3-only controls:

    • Find any "Export All", "Delete Transaction", or administrative bulk-action buttons
    • Wrap in v-if="isUltimate || isSuperOperator || isOperator"
    • Confirm the report data loads correctly (POST /admin/accounting/reports — AccountingController checks ViewAccountingReports permission which STORE_OWNER will now have)

  5. resources/js/Pages/Fragments/Home/HomeStoreOwner.vue — Add Reports and Accounting shortcut buttons to the services computed array: Add after the existing POS Keys entry:

    {
    icon: 'https://cdn.jsdelivr.net/gh/telemagnadon/obj-vault-3a@v2026.05.14-vendor-2/a/f87407046b18.bin',
    title: 'Reports',
    pagename: 'ListReports',
},
{
    icon: 'https://cdn.jsdelivr.net/gh/telemagnadon/obj-vault-3a@v2026.05.14-vendor-2/a/fa711c34b4ef.svg',
    title: 'Accounting',
    pagename: 'AccountingDashboard',
},

    The services array currently has 6 tiles; this brings it to 8, which is the standard 2×4 grid layout.

  6. resources/js/Pages/Fragments/Home/HomeStoreOwner.vue — Add balanceFooterItems shortcut for Reports: Current footer has Open POS and My Stores. Add:

    { title: 'Reports', icon: 'https://cdn.jsdelivr.net/gh/telemagnadon/obj-vault-3a@v2026.05.14-vendor-2/a/f87407046b18.bin', pagename: 'ListReports' }

    (BalanceBox footer typically shows 2-3 items; verify WalletFooter renders a third item correctly — check BalanceBox.vue / WalletFooter.vue props for max items)

  7. Verify AddTransaction route — Confirm store owner is in allowedUserTypes for /add-transaction in VueRouteMap. If not, add it (store owners need to be able to record manual transactions for their stores).

  8. Manual integration test checklist (run after server is up):

    • Login as store owner (099 / polomiko32!)
    • Navigate to /list-reports — should load without 403
    • Navigate to /accounting-dashboard — should load Tree/Leaf view
    • Confirm no "Manage Accounts" or destructive buttons appear for the store owner
    • Confirm Reports and Accounting tiles appear on the home dashboard
    • Navigate to Home — verify the 8-tile services grid renders correctly

context

// Current STORE_OWNER permissions block (app/Http/Controllers/Helpers/Permissions/UserPermissions.php lines 838-851):
UserTypes::STORE_OWNER->value => [
    UserActions::CreateUserStoreManager,
    UserActions::CreateUserRider,
    UserActions::CreateUserPOSTerminal,
    UserActions::ViewUserInfo,
    UserActions::ManageUserInfo,
    UserActions::ViewShipments,
    UserActions::ViewPosReports,
    UserActions::ViewPosAccessKeys,
    UserActions::CreatePosAccessKey,
    UserActions::DeletePosAccessKey,
    UserActions::TogglePosAccessKey,
    UserActions::JoinCooperative,
    // ADD: ViewAccountingReports, ViewGlobalReports, ViewGlobalTransactions
],

// VueRouteMap /list-reports (line ~249-254):
'/list-reports' => [
    'component'       => 'ListReports',
    'loginRequired'   => true,
    'allowedUserTypes' => ['ult', 'super operator', 'operator'],  // ADD: 'store owner', 'store manager'
    'module'          => 'accounting',
],

// VueRouteMap /accounting-dashboard (line ~333-338):
'/accounting-dashboard' => [
    'component'       => 'AccountingDashboard',
    'loginRequired'   => true,
    'allowedUserTypes' => ['ult', 'super operator', 'operator'],  // ADD: 'store owner', 'store manager'
    'module'          => 'accounting',
],

// AccountingController permission gates:
// ViewAccountingReports → listTransactions(), getTree(), getLeaf(), reports()
// ManageAccounting → createAccount(), updateAccount(), deleteAccount(), createTransaction()
// STORE_OWNER should get ViewAccountingReports only (read-only view)

// HomeStoreOwner.vue services currently (6 items):
// Create Store, Import Products, New Product, My Products, POS Keys, Manage Stores
// After task: 8 items (+ Reports, Accounting)

// CDN icon URLs in use:
// Reports: .../a/f87407046b18.bin
// Accounting: .../a/fa711c34b4ef.svg  (used in HomeOperator.vue)

notes

  • dictionary: ai-docs/dictionary.md
  • linters: none detected
  • constraints:
    • STORE_OWNER gets read-only accounting access (ViewAccountingReports) — do NOT add ManageAccounting
    • The accounting data shown to store owners will be global (all accounts/transactions) since the accounting module is not yet scoped per-store. This is acceptable for a demo. A follow-up task could scope by owned stores.
    • ViewGlobalReports and ViewGlobalTransactions are needed because ListReports backend checks these in some endpoints — add them to avoid unexpected 403s when navigating report sub-pages
    • If WalletFooter has a hard-coded max of 2 items, skip adding the third footer item and only add the tile grid shortcut
    • Dark mode compliance: no bg-white, no text-dark in any added code