fix: permissions not restricted for certain management pages / actions (#1219)

* fix: restrict parts of manage navigation to admins

* fix: restrict stats cards on manage home page

* fix: restrict access to amount of certain stats for manage home

* fix: restrict visibility of board create button

* fix: restrict access to integration pages

* fix: restrict access to tools pages for admins

* fix: restrict access to user and group pages

* test: adjust tests to match permission changes for routes

* fix: remove certain pages from spotlight without admin

* fix: app management not restricted

packages/auth/permissions/integration-permissions.ts

@@ -12,15 +12,17 @@ export interface IntegrationPermissionsProps {
 }
 
 export const constructIntegrationPermissions = (integration: IntegrationPermissionsProps, session: Session | null) => {
+  const permissions = integration.userPermissions
+    .concat(integration.groupPermissions)
+    .map(({ permission }) => permission);
+
   return {
-    hasFullAccess: session?.user.permissions.includes("integration-full-all") ?? false,
+    hasFullAccess:
+      (session?.user.permissions.includes("integration-full-all") ?? false) || permissions.includes("full"),
     hasInteractAccess:
-      integration.userPermissions.some(({ permission }) => permission === "interact") ||
-      integration.groupPermissions.some(({ permission }) => permission === "interact") ||
+      permissions.includes("full") ||
+      permissions.includes("interact") ||
       (session?.user.permissions.includes("integration-interact-all") ?? false),
-    hasUseAccess:
-      integration.userPermissions.length >= 1 ||
-      integration.groupPermissions.length >= 1 ||
-      (session?.user.permissions.includes("integration-use-all") ?? false),
+    hasUseAccess: permissions.length >= 1 || (session?.user.permissions.includes("integration-use-all") ?? false),
   };
 };