feat: Implement user permissions retrieval and normalization in UserManagement

Author: Ngonie69

ShopInventory.Web/Components/Pages/UserManagement.razor

@@ -3091,7 +3091,7 @@
 
     private bool showPermissionsModal = false;
     private UserDisplayModel? selectedUserForPermissions;
-    private HashSet<string> selectedPermissions = new();
+    private HashSet<string> selectedPermissions = new(StringComparer.OrdinalIgnoreCase);
     private bool useRoleDefaults = false;
 
     // Security stats
@@ -3546,12 +3546,22 @@ new();
         }
     }
 
-    private void ShowPermissionsModal(UserDisplayModel user)
+    private async Task ShowPermissionsModal(UserDisplayModel user)
     {
-        selectedUserForPermissions = user;
-        selectedPermissions = new HashSet<string>(user.Permissions ?? new List<string>());
-        useRoleDefaults = selectedPermissions.Count == 0;
-        showPermissionsModal = true;
+        CloseActionMenu();
+
+        try
+        {
+            var permissions = await UserService.GetUserPermissionsAsync(user.Id);
+            selectedUserForPermissions = user;
+            selectedPermissions = new HashSet<string>(permissions.EffectivePermissions, StringComparer.OrdinalIgnoreCase);
+            useRoleDefaults = permissions.UsesRoleDefaults;
+            showPermissionsModal = true;
+        }
+        catch (Exception ex)
+        {
+            Snackbar.Add(ex.Message, Severity.Error);
+        }
     }
 
     private void ClosePermissionsModal()
@@ -3602,7 +3612,9 @@ new();
         {
             var userId = selectedUserForPermissions.Id;
             var username = selectedUserForPermissions.Username;
-            var permissions = useRoleDefaults ? new List<string>() : selectedPermissions.ToList();
+            var permissions = useRoleDefaults
+                ? new List<string>()
+                : selectedPermissions.OrderBy(permission => permission, StringComparer.OrdinalIgnoreCase).ToList();
             await UserService.UpdateUserPermissionsAsync(userId, permissions);
             Snackbar.Add("Permissions updated successfully", Severity.Success);
             ClosePermissionsModal();

ShopInventory.Web/Services/UserManagementService.cs

@@ -20,6 +20,7 @@ public interface IUserManagementService
 {
     Task<UserListResponse> GetUsersAsync(int page = 1, int pageSize = 20, string? search = null, string? role = null, string? status = null);
     Task<UserModel?> GetUserAsync(Guid id);
+    Task<(List<string> DirectPermissions, List<string> EffectivePermissions, bool UsesRoleDefaults)> GetUserPermissionsAsync(Guid id);
     Task CreateUserAsync(string username, string email, string password, string role);
     Task CreateUserAsync(UserFormModel model);
     Task CreateMerchandiserAccountAsync(CreateMerchandiserAccountFormModel model, CancellationToken cancellationToken = default);
@@ -100,6 +101,25 @@ public async Task<UserListResponse> GetUsersAsync(int page = 1, int pageSize = 2
         }
     }
 
+    public async Task<(List<string> DirectPermissions, List<string> EffectivePermissions, bool UsesRoleDefaults)> GetUserPermissionsAsync(Guid id)
+    {
+        var client = await CreateAuthenticatedClientAsync();
+        var response = await client.GetAsync($"api/usermanagement/{id}/permissions");
+
+        if (!response.IsSuccessStatusCode)
+        {
+            await ThrowApiExceptionAsync(response, "Failed to load user permissions.");
+        }
+
+        using var document = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+        var root = document.RootElement;
+
+        return (
+            ReadStringListProperty(root, "permissions"),
+            ReadStringListProperty(root, "effectivePermissions"),
+            ReadBooleanProperty(root, "usesRoleDefaults"));
+    }
+
     public async Task CreateUserAsync(string username, string email, string password, string role)
     {
         var client = await CreateAuthenticatedClientAsync();
@@ -471,6 +491,48 @@ private static async Task ThrowApiExceptionAsync(HttpResponseMessage response, s
             response.StatusCode);
     }
 
+    private static List<string> ReadStringListProperty(JsonElement root, string propertyName)
+    {
+        if (!TryGetPropertyIgnoreCase(root, propertyName, out var propertyElement) || propertyElement.ValueKind != JsonValueKind.Array)
+        {
+            return new List<string>();
+        }
+
+        return propertyElement.EnumerateArray()
+            .Where(item => item.ValueKind == JsonValueKind.String)
+            .Select(item => item.GetString())
+            .Where(value => !string.IsNullOrWhiteSpace(value))
+            .Select(value => value!.Trim())
+            .Distinct(StringComparer.OrdinalIgnoreCase)
+            .OrderBy(value => value, StringComparer.OrdinalIgnoreCase)
+            .ToList();
+    }
+
+    private static bool ReadBooleanProperty(JsonElement root, string propertyName)
+    {
+        return TryGetPropertyIgnoreCase(root, propertyName, out var propertyElement)
+            && (propertyElement.ValueKind == JsonValueKind.True || propertyElement.ValueKind == JsonValueKind.False)
+            && propertyElement.GetBoolean();
+    }
+
+    private static bool TryGetPropertyIgnoreCase(JsonElement root, string propertyName, out JsonElement propertyElement)
+    {
+        if (root.ValueKind == JsonValueKind.Object)
+        {
+            foreach (var property in root.EnumerateObject())
+            {
+                if (string.Equals(property.Name, propertyName, StringComparison.OrdinalIgnoreCase))
+                {
+                    propertyElement = property.Value;
+                    return true;
+                }
+            }
+        }
+
+        propertyElement = default;
+        return false;
+    }
+
     private static string ExtractApiErrorMessage(
         string errorBody,
         HttpStatusCode? statusCode = null,

ShopInventory/DTOs/SecurityDto.cs

@@ -426,6 +426,7 @@ public class UserPermissionsResponse
     public string Role { get; set; } = string.Empty;
     public List<string> Permissions { get; set; } = new();
     public List<string> EffectivePermissions { get; set; } = new();
+    public bool UsesRoleDefaults { get; set; }
 }
 
 /// <summary>

ShopInventory/Services/UserManagementService.cs

@@ -281,15 +281,19 @@ public async Task<ServiceResult> DeleteUserAsync(Guid userId)
             }
         }
 
-        var effectivePermissions = await GetEffectivePermissionsAsync(userId);
+        var normalizedDirectPermissions = NormalizePermissions(directPermissions);
+        var effectivePermissions = NormalizePermissions(await GetEffectivePermissionsAsync(userId));
+        var roleDefaultPermissions = Permission.GetDefaultPermissionsForRole(user.Role);
 
         return new UserPermissionsResponse
         {
             UserId = user.Id,
             Username = user.Username,
             Role = user.Role,
-            Permissions = directPermissions,
-            EffectivePermissions = effectivePermissions
+            Permissions = normalizedDirectPermissions,
+            EffectivePermissions = effectivePermissions,
+            UsesRoleDefaults = normalizedDirectPermissions.Count == 0 ||
+                HasSamePermissions(normalizedDirectPermissions, roleDefaultPermissions)
         };
     }
 
@@ -478,6 +482,23 @@ private void InvalidateEffectivePermissionsCache(Guid userId)
         _memoryCache.Remove(GetEffectivePermissionsCacheKey(userId));
     }
 
+    private static bool HasSamePermissions(IEnumerable<string> permissions, IEnumerable<string> otherPermissions)
+    {
+        return NormalizePermissions(permissions)
+            .SequenceEqual(NormalizePermissions(otherPermissions), StringComparer.OrdinalIgnoreCase);
+    }
+
+    private static List<string> NormalizePermissions(IEnumerable<string>? permissions)
+    {
+        return permissions?
+            .Where(permission => !string.IsNullOrWhiteSpace(permission))
+            .Select(permission => permission.Trim())
+            .Distinct(StringComparer.OrdinalIgnoreCase)
+            .OrderBy(permission => permission, StringComparer.OrdinalIgnoreCase)
+            .ToList()
+            ?? new List<string>();
+    }
+
     private static UserDetailDto MapToUserDetailDto(User user)
     {
         var permissions = new List<string>();