Skip to content

feat(web): two-tab Read/Write permissions editor (#1125)#1126

Merged
chronoai-shining merged 5 commits into
developfrom
feature/1125-permissions-read-write-tabs
Jun 16, 2026
Merged

feat(web): two-tab Read/Write permissions editor (#1125)#1126
chronoai-shining merged 5 commits into
developfrom
feature/1125-permissions-read-write-tabs

Conversation

@chronoai-shining

@chronoai-shining chronoai-shining commented Jun 16, 2026

Copy link
Copy Markdown
Collaborator

Summary

Redesigns Manage Permissions into a two-tab editor that cleanly separates read and write access, so an owner can set combinations the old single-visibility-ladder couldn't reach — notably public read + organization/user write.

Closes #1125

What changed (frontend only)

  • Read tab — Public toggle (everyone reads) OR a restricted set of orgs/users who can read.
  • Write tab — orgs/users who can edit (read + write); no public option; editors implicitly read.
  • Save composes the typed grants: read-tab → read, write-tab → read_write (write wins on overlap; read grants dropped when public), with isPrivate from the Read tab.
  • Extracted a shared PrincipalSelector + PermissionsEditor used by both the skill and skillset modals (removed the near-duplicate). Skillsets gain the read/read-write level support they lacked.

Not changed

  • No backend changes — the grants model + canReadSkill/canWriteSkill already supported every combination (public + write grants included). Verified no code path clears grants when public.

Verification

  • typecheck:web clean; full web vitest suite 564 pass; lint 0 errors.
  • Tests: public-read + org-write round-trip emits { isPrivate:false, grants:[{org, read_write}] }; Write tab seeded from an existing read_write grant; no-change short-circuit; skillset hook-isolation guard retained.

🤖 Generated with Claude Code

@chronoai-shining
feat(web): add typed grants to skillset frontend types (#1125)
9886cdd 
`SkillsetDetail` gains the optional `grants` field and
`SkillsetPermissionsInput` accepts `grants` (legacy `sharedWith*` arrays
made optional) — parity with the skill types from #1123, which the web
side hadn't mirrored for skillsets yet. Additive; no behaviour change.

Part of #1125
@chronoai-shining
feat(web): shared two-tab Read/Write permissions editor (#1125)
bb7cdd5 
Add the reusable building blocks that separate read and write access:

- `PrincipalSelector` — org checkboxes (incl. unresolved-grant handling) +
  user email typeahead chips for one audience, emitting a flat Principal[].
  Consolidates the org/user picking logic previously duplicated in the
  skill and skillset modals.
- `PermissionsEditor` — a Read tab (Public toggle, or restricted orgs/users)
  and a Write tab (orgs/users who can edit; no public option). Save composes
  the canonical `grants` (read-tab → read, write-tab → read_write, write
  wins on overlap; read grants dropped when public since everyone reads) and
  carries `isPrivate` from the Read tab — so "public read + org/user write"
  is finally expressible.
- `initialGrants` helper — seed the editor from a skill/skillset detail
  (canonical grants, or read-level derived from legacy lists) + a reset-key
  signature.

Standalone (wired into the modals next).

Part of #1125
@chronoai-shining
feat(web): skill permissions modal uses the two-tab editor (#1125)
d4ec61d 
Replace the single-visibility-ladder PermissionsModal (and the #1123 inline
per-grant level toggles) with a thin wrapper around the shared
`PermissionsEditor`. An owner can now set independent read/write audiences —
notably public read + org/user write, which the old modal couldn't express
because turning on Public disabled the grant pickers.

Tests rewritten for the new UI: public-read + org-write round-trip, Write
tab seeded from an existing read_write grant, and the no-change
short-circuit.

Part of #1125
@chronoai-shining
feat(web): skillset permissions modal uses the two-tab editor (#1125)
659cd44 
Rewire SkillsetPermissionsModal to the shared `PermissionsEditor`, keeping
it in lock-step with the skill modal and removing the near-duplicate
single-ladder implementation. This also brings skillsets the read /
read-write level support they never had. Test updated to the new
`{ isPrivate, grants }` payload; the skills-hook-isolation guard stays.

Part of #1125
@chronoai-shining
docs: changeset for read/write permissions tabs (#1125)
858dc22 
Part of #1125
@chronoai-shining chronoai-shining merged commit bf8efbc into develop Jun 16, 2026
17 checks passed
@chronoai-shining chronoai-shining deleted the feature/1125-permissions-read-write-tabs branch June 16, 2026 06:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Feature] Separate read/write access in Manage Permissions (two-tab editor)

1 participant

@chronoai-shining