From 6034f774ed783ff58f0f6db96f14940e8e2cd61a Mon Sep 17 00:00:00 2001
From: Talal Sharabi <code14devops@gmail.com>
Date: Sun, 22 Feb 2026 14:49:27 +0400
Subject: [PATCH] Fix: wildcard permissions (GM modules visible), Admin link
 and module card

Co-authored-by: Cursor <cursoragent@cursor.com>
---
 frontend/src/app/dashboard/page.tsx   | 12 ++++++++++-
 frontend/src/contexts/AuthContext.tsx | 30 +++++++++++++++++----------
 2 files changed, 30 insertions(+), 12 deletions(-)

diff --git a/frontend/src/app/dashboard/page.tsx b/frontend/src/app/dashboard/page.tsx
index a978e9b..21601cb 100644
--- a/frontend/src/app/dashboard/page.tsx
+++ b/frontend/src/app/dashboard/page.tsx
@@ -83,6 +83,16 @@ function DashboardContent() {
       href: '/marketing',
       description: 'الحملات التسويقية والعملاء المحتملين',
       permission: 'marketing'
+    },
+    {
+      id: 'admin',
+      name: 'لوحة الإدارة',
+      nameEn: 'Admin Panel',
+      icon: Shield,
+      color: 'bg-red-500',
+      href: '/admin',
+      description: 'إدارة المستخدمين والأدوار وسجل العمليات',
+      permission: 'admin'
     }
   ]
 
@@ -118,7 +128,7 @@ function DashboardContent() {
               </div>
 
               {/* Admin Panel Link - Only for admins */}
-              {user?.role?.name === 'المدير العام' && (
+              {(hasPermission('admin', 'view') || user?.role?.name === 'المدير العام' || user?.role?.nameEn === 'General Manager') && (
                 <Link
                   href="/admin"
                   className="p-2 hover:bg-red-50 rounded-lg transition-colors relative group"
diff --git a/frontend/src/contexts/AuthContext.tsx b/frontend/src/contexts/AuthContext.tsx
index 1e79505..02c9a32 100644
--- a/frontend/src/contexts/AuthContext.tsx
+++ b/frontend/src/contexts/AuthContext.tsx
@@ -59,18 +59,26 @@ export function AuthProvider({ children }: { children: React.ReactNode }) {
   }, [])
 
   // Transform backend permissions format to frontend format
+  // Backend uses actions: ['*'] or ['read','create',...] - wildcard grants all
   const transformPermissions = (permissions: any[]): Permission[] => {
-    return permissions.map(p => ({
-      id: p.id,
-      module: p.module,
-      actions: p.actions,
-      canView: p.actions?.includes('read') || false,
-      canCreate: p.actions?.includes('create') || false,
-      canEdit: p.actions?.includes('update') || false,
-      canDelete: p.actions?.includes('delete') || false,
-      canExport: p.actions?.includes('export') || false,
-      canApprove: p.actions?.includes('approve') || false,
-    }))
+    const hasWildcard = (actions: string[] | any) => {
+      const arr = Array.isArray(actions) ? actions : []
+      return arr.includes('*') || arr.includes('all')
+    }
+    return permissions.map(p => {
+      const wildcard = hasWildcard(p.actions)
+      return {
+        id: p.id,
+        module: p.module,
+        actions: p.actions,
+        canView: wildcard || p.actions?.includes('read') || false,
+        canCreate: wildcard || p.actions?.includes('create') || false,
+        canEdit: wildcard || p.actions?.includes('update') || false,
+        canDelete: wildcard || p.actions?.includes('delete') || false,
+        canExport: wildcard || p.actions?.includes('export') || false,
+        canApprove: wildcard || p.actions?.includes('approve') || false,
+      }
+    })
   }
 
   const fetchUserData = async (token: string) => {