🏠 Overview 🧩 Components 🧩 Hierarchy Scope Resolver

Hierarchy Scope Resolver

Component Detail

Service Layer medium complexity Shared Component backend
1
Dependencies
0
Dependents
6
Entities
0
Integrations

Description

Resolves the effective organization scope for a given user based on their JWT claims and role assignments. Determines which organizations a user can view or manage, enabling Global Admins to bypass restrictions while Org Admins see only their subtree.

Feature: Multi-Organization Hierarchy

hierarchy-scope-resolver

Responsibilities

  • Extract organization scope from JWT claims
  • Resolve effective visibility scope based on user role and hierarchy position
  • Grant Global Admin unrestricted cross-organization access
  • Restrict Org Admin access to their own organization subtree

Interfaces

resolveScope(userId, jwtClaims): OrganizationScope
canAccessOrganization(userId, orgId): boolean
getVisibleOrganizationIds(userId): string[]
isGlobalAdmin(userId): boolean

Relationships

Dependencies (1)

Components this component depends on

data Hierarchy Store

Related Data Entities (6)

Data entities managed by this component

Local Associations 17 fields core Organizations 25 fields core User Local Associations 11 fields core User Role Assignments 12 fields core User Roles 13 fields core Users 26 fields core