Polish role admin speech flow and permission tooltips

2026-02-27 04:12:37 -05:00
parent d114e0d532
commit 84db109e63
6 changed files with 88 additions and 49 deletions
--- a/server/app/auth_service.py
+++ b/server/app/auth_service.py
@@ -46,6 +46,25 @@ PERMISSIONS: tuple[str, ...] = (
    "server.manage_settings",
 )

+PERMISSION_DESCRIPTIONS: dict[str, str] = {
+    "item.create": "Allow creating new items.",
+    "item.edit.own": "Allow editing items created by this user.",
+    "item.edit.any": "Allow editing any item.",
+    "item.delete.own": "Allow deleting items created by this user.",
+    "item.delete.any": "Allow deleting any item.",
+    "item.use": "Allow using item primary and secondary actions.",
+    "item.pickup_drop.own": "Allow picking up and dropping items created by this user.",
+    "item.pickup_drop.any": "Allow picking up and dropping any item.",
+    "chat.send": "Allow sending chat messages.",
+    "voice.send": "Allow transmitting microphone audio.",
+    "profile.update_nickname": "Allow changing nickname.",
+    "account.delete.any": "Allow deleting other user accounts.",
+    "user.ban_unban": "Allow banning and unbanning users.",
+    "user.change_role": "Allow assigning user roles.",
+    "role.manage": "Allow creating, editing, and deleting roles.",
+    "server.manage_settings": "Allow changing server settings.",
+}
+
 DEFAULT_ROLE_PERMISSIONS: dict[str, set[str]] = {
    "admin": set(PERMISSIONS),
    "editor": {
@@ -185,6 +204,11 @@ class AuthService:

        return list(PERMISSIONS)

+    def list_all_permission_descriptions(self) -> dict[str, str]:
+        """Return canonical permission tooltip text keyed by permission id."""
+
+        return {key: PERMISSION_DESCRIPTIONS.get(key, key) for key in PERMISSIONS}
+
    def get_user_permissions(self, user_id: str) -> set[str]:
        """Return current permission set for one user id."""

@@ -829,7 +853,7 @@ class AuthService:

        now_ms = self.now_ms()
        for key in PERMISSIONS:
-            description = f"Permission: {key}"
+            description = PERMISSION_DESCRIPTIONS.get(key, key)
            self._db_execute(
                "INSERT OR IGNORE INTO permissions (key, description) VALUES (?, ?)",
                (key, description),
--- a/server/app/models.py
+++ b/server/app/models.py
@@ -416,6 +416,7 @@ class AdminRolesListResultPacket(BasePacket):
    type: Literal["admin_roles_list"]
    roles: list[AdminRoleSummary]
    permissionKeys: list[str]
+    permissionTooltips: dict[str, str] | None = None


 class AdminUserSummary(BaseModel):
--- a/server/app/server.py
+++ b/server/app/server.py
@@ -1607,6 +1607,7 @@ class SignalingServer:
                    type="admin_roles_list",
                    roles=roles,
                    permissionKeys=self.auth_service.list_all_permissions(),
+                    permissionTooltips=self.auth_service.list_all_permission_descriptions(),
                ),
            )
            return True