Add role based permissions for maintenance form generation and editing

Author: Warren-SJ

backend/src/main/java/com/apexgrid/transformertracker/auth/LoginResponse.java

@@ -1,3 +1,3 @@
 package com.apexgrid.transformertracker.auth;
 
-public record LoginResponse(String token, long expiresIn, String username, String image) { }
+public record LoginResponse(String token, long expiresIn, String username, String image, String role) { }

backend/src/main/java/com/apexgrid/transformertracker/model/User.java

@@ -25,6 +25,9 @@ public class User {
     @Column(name = "image", columnDefinition = "text")
     private String image;
 
+    @Column(name = "role")
+    private String role;
+
     public String getId() { return id; }
     public void setId(String id) { this.id = id; }
     public String getUsername() { return username; }
@@ -35,4 +38,6 @@ public class User {
     public void setCreatedAt(Instant createdAt) { this.createdAt = createdAt; }
     public String getImage() { return image; }
     public void setImage(String image) { this.image = image; }
+    public String getRole() { return role; }
+    public void setRole(String role) { this.role = role; }
 }

backend/src/main/java/com/apexgrid/transformertracker/web/AuthController.java

@@ -46,7 +46,8 @@ public ResponseEntity<?> login(@Valid @RequestBody LoginRequest request) {
                     token,
                     jwtService.getExpirySeconds(),
                     user.getUsername(),
-                    user.getImage() != null ? user.getImage() : ""
+                    user.getImage() != null ? user.getImage() : "",
+                    user.getRole() != null ? user.getRole() : ""
             );
             return ResponseEntity.ok(response);
         } catch (BadCredentialsException ex) {

frontend/app/inspections/[id]/page.tsx

@@ -21,6 +21,7 @@ const InspectionDetailPage = () => {
   const [inspection, setInspection] = useState<Inspection | null>(null);
   const inspectionRef = useRef<Inspection | null>(null);
   const [username, setUsername] = useState<string | null>(null);
+  const [userRole, setUserRole] = useState<string | null>(null);
   const [profileSrc, setProfileSrc] = useState<string>("/avatar.png");
   const [isLoading, setIsLoading] = useState(true);
   const [loadingMessage, setLoadingMessage] = useState<string>("Loading inspection...");
@@ -48,6 +49,7 @@ const InspectionDetailPage = () => {
       }
       if (typeof window !== "undefined") {
         setUsername(localStorage.getItem("username"));
+        setUserRole(localStorage.getItem("userRole"));
         const stored = localStorage.getItem("userImage");
         if (stored && stored.length > 0) {
           setProfileSrc(stored);
@@ -183,6 +185,7 @@ const InspectionDetailPage = () => {
               <span className="text-sm text-gray-700">
                 Logged in as:{" "}
                 <span className="font-medium">{username || "unknown"}</span>
+                {userRole && <span className="font-normal"> ({userRole})</span>}
               </span>
               <button
                 onClick={() => router.push("/profile")}

frontend/app/inspections/page.tsx

@@ -24,6 +24,7 @@ const InspectionsPage = () => {
   const [isEditOpen, setIsEditOpen] = useState(false);
   const [editingIndex, setEditingIndex] = useState<number | null>(null);
   const [username, setUsername] = useState<string | null>(null);
+  const [userRole, setUserRole] = useState<string | null>(null);
   // Ensure client/server render the same initial avatar; update after mount from localStorage
   const [profileSrc, setProfileSrc] = useState<string>("/avatar.png");
 
@@ -45,6 +46,7 @@ const InspectionsPage = () => {
       }
       if (typeof window !== "undefined") {
         setUsername(localStorage.getItem("username"));
+        setUserRole(localStorage.getItem("userRole"));
         const stored = localStorage.getItem("userImage");
         if (stored && stored.length > 0) {
           setProfileSrc(stored);
@@ -151,6 +153,7 @@ const InspectionsPage = () => {
               <span className="text-sm text-gray-700">
                 Logged in as:{" "}
                 <span className="font-medium">{username || "unknown"}</span>
+                {userRole && <span className="font-normal"> ({userRole})</span>}
               </span>
               <button
                 onClick={() => router.push("/profile")}

frontend/app/page.tsx

@@ -37,6 +37,7 @@ export default function Home() {
           image: data.image,
           token: data.token,
           expiresIn: data.expiresIn,
+          role: data.role,
         },
         username
       );

frontend/app/profile/page.tsx

@@ -9,6 +9,7 @@ import ThemeToggle from "@/components/ThemeToggle";
 export default function ProfilePage() {
   const router = useRouter();
   const [username, setUsername] = useState<string | null>(null);
+  const [userRole, setUserRole] = useState<string | null>(null);
   const [image, setImage] = useState<string | null>(null);
   const [hasPickedImage, setHasPickedImage] = useState(false);
   const [currentPassword, setCurrentPassword] = useState("");
@@ -27,6 +28,9 @@ export default function ProfilePage() {
     const u =
       typeof window !== "undefined" ? localStorage.getItem("username") : null;
     setUsername(u);
+    const storedRole =
+      typeof window !== "undefined" ? localStorage.getItem("userRole") : null;
+    setUserRole(storedRole);
     fetch(apiUrl("/api/profile"), { headers: authHeaders() })
       .then((r) => (r.ok ? r.json() : Promise.reject(r)))
       .then((data) => {
@@ -147,7 +151,10 @@ export default function ProfilePage() {
           <div className="text-gray-700 dark:text-gray-300 text-sm">
             Logged in as
           </div>
-          <div className="font-medium">{username}</div>
+          <div className="font-medium">
+            {username}
+            {userRole && <span className="font-normal"> ({userRole})</span>}
+          </div>
         </div>
       </div>
 

frontend/app/transformer/[id]/page.tsx

@@ -37,6 +37,7 @@ const TransformerDetailPage = () => {
 
   const [transformer, setTransformer] = useState<Transformer | null>(null);
   const [username, setUsername] = useState<string | null>(null);
+  const [userRole, setUserRole] = useState<string | null>(null);
   const [profileSrc, setProfileSrc] = useState<string>("/avatar.png");
   const [isLoading, setIsLoading] = useState(true);
   const [loadingMessage, setLoadingMessage] = useState<string>("Loading transformer...");
@@ -55,6 +56,7 @@ const TransformerDetailPage = () => {
       }
       if (typeof window !== "undefined") {
         setUsername(localStorage.getItem("username"));
+        setUserRole(localStorage.getItem("userRole"));
         const stored = localStorage.getItem("userImage");
         if (stored && stored.length > 0) {
           setProfileSrc(stored);
@@ -240,6 +242,7 @@ const TransformerDetailPage = () => {
               <span className="text-sm text-gray-700">
                 Logged in as:{" "}
                 <span className="font-medium">{username || "unknown"}</span>
+                {userRole && <span className="font-normal"> ({userRole})</span>}
               </span>
               <button
                 onClick={() => router.push("/profile")}

frontend/app/transformer/page.tsx

@@ -24,6 +24,7 @@ const TransformerPage = () => {
   const [isEditOpen, setIsEditOpen] = useState(false);
   const [editingIndex, setEditingIndex] = useState<number | null>(null);
   const [username, setUsername] = useState<string | null>(null);
+  const [userRole, setUserRole] = useState<string | null>(null);
   // Preserve avatar between SSR and first client render
   const [profileSrc, setProfileSrc] = useState<string>("/avatar.png");
 
@@ -46,6 +47,7 @@ const TransformerPage = () => {
       }
       if (typeof window !== "undefined") {
         setUsername(localStorage.getItem("username"));
+        setUserRole(localStorage.getItem("userRole"));
         const stored = localStorage.getItem("userImage");
         if (stored && stored.length > 0) {
           setProfileSrc(stored);
@@ -148,6 +150,7 @@ const TransformerPage = () => {
               <span className="text-sm text-gray-700">
                 Logged in as:{" "}
                 <span className="font-medium">{username || "unknown"}</span>
+                {userRole && <span className="font-normal"> ({userRole})</span>}
               </span>
               <button
                 onClick={() => router.push("/profile")}

frontend/components/InspectionDetailsPanel.tsx

@@ -465,6 +465,12 @@ const InspectionDetailsPanel = ({
   const [showMaintenanceModal, setShowMaintenanceModal] = useState(false);
   const [isSavingMaintenance, setIsSavingMaintenance] = useState(false);
   const [isReportGenerating, setIsReportGenerating] = useState(false);
+  const [userRole, setUserRole] = useState<string | null>(null);
+
+  const isEngineer = useMemo(() => {
+    if (!userRole) return false;
+    return userRole.trim().toLowerCase() === "engineer";
+  }, [userRole]);
 
   const transformer = useMemo(
     () =>
@@ -707,6 +713,12 @@ const InspectionDetailsPanel = ({
     setPendingRect(null);
   };
 
+  useEffect(() => {
+    if (typeof window !== "undefined") {
+      setUserRole(localStorage.getItem("userRole"));
+    }
+  }, []);
+
   // When switching to a different inspection, reinitialize weather and image state
   useEffect(() => {
     setTuneModelEnabled(true);
@@ -1695,9 +1707,9 @@ const InspectionDetailsPanel = ({
           <button
             type="button"
             onClick={openMaintenanceForm}
-            disabled={maintenanceLoading}
+            disabled={maintenanceLoading || !isEngineer}
             className="inline-flex items-center gap-2 px-3 py-1 text-sm border rounded custombutton disabled:opacity-60 disabled:cursor-not-allowed"
-            title="Generate or update a maintenance record for this inspection"
+            title={isEngineer ? "Generate or update a maintenance record for this inspection" : "Only engineers can generate or update maintenance records"}
           >
             <svg
               className="w-4 h-4"