Skip to content

Add admin bypass in hasPermission composable to prevent FE lockout #6113

New issue
New issue
Open
Open
Add admin bypass in hasPermission composable to prevent FE lockout#6113
Labels
taskA piece of work that isn't necessarily tied to a specific Epic or Story.
@cstns

Description

@cstns
cstns
opened on Oct 8, 2025

Description

Context / Problem
Current hasPermission(scope, teamMembership, context) can deny admins when application-level roles are lower than team role. This risks locking out admins in the UI. Add an early return that grants all permissions if teamMembership.role === 'admin' (or equivalent numeric) or user.admin === true (from the account store).

Acceptance criteria

  • hasPermission returns true immediately when:
    • teamMembership.role is admin, or
    • user.admin === true.
  • Bypass applies before any application-level role checks or feature-flag logic.
  • Non-admin behavior remains unchanged, including application-scoped role resolution.
  • No server-side authorization changes. FE-only safeguard.

Epic/Story

No response

Have you provided an initial effort estimate for this issue?

I have provided an initial effort estimate

Metadata

Metadata

Assignees

No one assigned

    Labels

    taskA piece of work that isn't necessarily tied to a specific Epic or Story.

    Type

    No type

    Projects

    ☁️ Product Planning

    Status

    No status

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions