fix: enforce read-only restrictions for viewer role across 5 pages

Audit and fix viewer (read-only) user permissions: - Dashboard: hide health score refresh buttons - Accounts: hide investment edit icons - Invoices: hide Apply Late Fees and Generate Invoices buttons - Capital Planning: disable drag-and-drop, hide grip handles and edit buttons - Investment Planning: hide AI Recommendations refresh button Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-09 09:59:20 -04:00
parent 3bf6b8c6c9
commit 9d137a40d3
5 changed files with 60 additions and 42 deletions
--- a/frontend/src/pages/investment-planning/InvestmentPlanningPage.tsx
+++ b/frontend/src/pages/investment-planning/InvestmentPlanningPage.tsx
@@ -36,6 +36,7 @@ import {
 import { useQuery } from '@tanstack/react-query';
 import { notifications } from '@mantine/notifications';
 import api from '../../services/api';
+import { useIsReadOnly } from '../../stores/authStore';

 // ── Types ──

@@ -347,6 +348,7 @@ function RecommendationsDisplay({
 export function InvestmentPlanningPage() {
  const [ratesExpanded, setRatesExpanded] = useState(true);
  const [isTriggering, setIsTriggering] = useState(false);
+  const isReadOnly = useIsReadOnly();

  // Load financial snapshot on mount
  const { data: snapshot, isLoading: snapshotLoading } = useQuery<FinancialSnapshot>({
@@ -696,15 +698,17 @@ export function InvestmentPlanningPage() {
              </Text>
            </div>
          </Group>
-          <Button
-            leftSection={<IconSparkles size={16} />}
-            onClick={handleTriggerAI}
-            loading={isProcessing}
-            variant="gradient"
-            gradient={{ from: 'grape', to: 'violet' }}
-          >
-            {aiResult ? 'Refresh Recommendations' : 'Get AI Recommendations'}
-          </Button>
+          {!isReadOnly && (
+            <Button
+              leftSection={<IconSparkles size={16} />}
+              onClick={handleTriggerAI}
+              loading={isProcessing}
+              variant="gradient"
+              gradient={{ from: 'grape', to: 'violet' }}
+            >
+              {aiResult ? 'Refresh Recommendations' : 'Get AI Recommendations'}
+            </Button>
+          )}
        </Group>

        {/* Processing State */}