feat(management-level): scope reads to planning audience

2026-03-30 10:45:44 +02:00
parent c2ca6a6d0d
commit 9b764008c3
5 changed files with 85 additions and 3 deletions
@@ -230,6 +230,7 @@ const PLANNING_READ_TOOLS = new Set([
  "list_demands",
  "list_clients",
  "list_roles",
+  "list_management_levels",
  "list_utilization_categories",
  "check_resource_availability",
  "get_staffing_suggestions",
@@ -8,19 +8,19 @@ import { TRPCError } from "@trpc/server";
 import { z } from "zod";
 import { findUniqueOrThrow } from "../db/helpers.js";
 import { createAuditEntry } from "../lib/audit.js";
-import { adminProcedure, createTRPCRouter, protectedProcedure } from "../trpc.js";
+import { adminProcedure, createTRPCRouter, planningReadProcedure } from "../trpc.js";

 export const managementLevelRouter = createTRPCRouter({
  // ─── Groups ─────────────────────────────────────────────

-  listGroups: protectedProcedure.query(async ({ ctx }) => {
+  listGroups: planningReadProcedure.query(async ({ ctx }) => {
    return ctx.db.managementLevelGroup.findMany({
      include: { levels: { orderBy: { name: "asc" } } },
      orderBy: { sortOrder: "asc" },
    });
  }),

-  getGroupById: protectedProcedure
+  getGroupById: planningReadProcedure
    .input(z.object({ id: z.string() }))
    .query(async ({ ctx, input }) => {
      const group = await findUniqueOrThrow(