refactor: migrate cedar policy and group management to Angular signals

frontend/angular.json

@@ -27,6 +27,11 @@
 								"glob": "**/*",
 								"input": "./node_modules/monaco-editor/min",
 								"output": "./assets/monaco"
+							},
+							{
+								"glob": "cedar_wasm_bg.wasm",
+								"input": "./node_modules/@cedar-policy/cedar-wasm/web",
+								"output": "./assets/cedar-wasm"
 							}
 						],
 						"styles": [

frontend/package.json

@@ -28,6 +28,7 @@
 		"@angular/platform-browser-dynamic": "~20.3.16",
 		"@angular/router": "~20.3.16",
 		"@brumeilde/ngx-theme": "^1.2.1",
+		"@cedar-policy/cedar-wasm": "^4.9.1",
 		"@fontsource/ibm-plex-mono": "^5.2.7",
 		"@fontsource/noto-sans": "^5.2.10",
 		"@jsonurl/jsonurl": "^1.1.8",

frontend/src/app/components/connect-db/connect-db.component.html

@@ -333,7 +333,7 @@ <h1 class="mat-h1 connectForm__fullLine">
         </div>
 
         <!-- edit connection actions -->
-        <div class="actions" *ngIf="accessLevel && db.id && accessLevel === 'edit' && !db.isTestConnection">
+        <div class="actions" *ngIf="canEditConnection() && db.id && !db.isTestConnection">
             <button type="button" mat-button color="warn"
                 class="delete-button"
                 data-testid="edit-connection-actions-delete-button"

frontend/src/app/components/connect-db/connect-db.component.spec.ts

@@ -38,6 +38,7 @@ describe('ConnectDBComponent', () => {
 		updateConnection: vi.fn(),
 		getCurrentConnectionTitle: vi.fn(),
 		currentConnectionID: '9d5f6d0f-9516-4598-91c4-e4fe6330b4d4',
+		canEditConnection: vi.fn().mockReturnValue(true),
 	};
 
 	const connectionCredsApp = {

frontend/src/app/components/connect-db/connect-db.component.ts

@@ -169,6 +169,8 @@ export class ConnectDBComponent implements OnInit {
 		return this._connections.currentConnection;
 	}
 
+	protected canEditConnection = () => this._connections.canEditConnection();
+
 	get accessLevel(): AccessLevel {
 		return this._connections.currentConnectionAccessLevel;
 	}

frontend/src/app/components/connection-settings/connection-settings.component.html

@@ -22,11 +22,11 @@ <h3 class='mat-subheading-2'>Rocketadmin can not find any tables</h3>
             <p class="mat-body-1">{{serverError.abstract}}</p>
         </ng-template>
         <div class="error-actions">
-            <a mat-stroked-button *ngIf="accessLevel === 'edit'"
+            <a mat-stroked-button *ngIf="canEditConnection()"
                 routerLink="/edit-db/{{connectionID}}">
                 Check database credentials
             </a>
-            <button *ngIf="isSaas" mat-flat-button color="warn" (click)="openIntercome()">Chat with support</button>
+            <button type="button" *ngIf="isSaas" mat-flat-button color="warn" (click)="openIntercome()">Chat with support</button>
             <a *ngIf="!isSaas" mat-flat-button color="warn"
                 href="https://github.com/rocket-admin/rocketadmin/issues" target="_blank">
                 Report a bug
@@ -147,7 +147,7 @@ <h3 class='mat-subheading-2'>Rocketadmin can not find any tables</h3>
                 Log changes in tables
             </mat-slide-toggle>
         </div>
-        <div *ngIf="accessLevel !== 'readonly'" class="actions">
+        <div *ngIf="canEditConnection()" class="actions">
             <button mat-flat-button color="warn"
                 type="button"
                 [disabled]="!isSettingsExist || submitting || connectionSettingsForm.form.invalid"

frontend/src/app/components/connection-settings/connection-settings.component.ts

@@ -15,7 +15,6 @@ import { take } from 'rxjs';
 import { ServerError } from 'src/app/models/alert';
 import { ConnectionSettings } from 'src/app/models/connection';
 import { TableProperties } from 'src/app/models/table';
-import { AccessLevel } from 'src/app/models/user';
 import { CompanyService } from 'src/app/services/company.service';
 import { ConnectionsService } from 'src/app/services/connections.service';
 import { TablesService } from 'src/app/services/tables.service';
@@ -113,9 +112,7 @@ export class ConnectionSettingsComponent implements OnInit {
 		return this._connections.currentConnection.title || this._connections.currentConnection.database;
 	}
 
-	get accessLevel(): AccessLevel {
-		return this._connections.currentConnectionAccessLevel;
-	}
+	protected canEditConnection = () => this._connections.canEditConnection();
 
 	getSettings() {
 		this._connections.getConnectionSettings(this.connectionID).subscribe((res: any) => {

frontend/src/app/components/dashboard/dashboard.component.html

@@ -9,11 +9,11 @@
         <p class="mat-body-1">{{serverError.abstract}}</p>
     </ng-template>
     <div class="error-actions">
-            <a mat-stroked-button *ngIf="currentConnectionAccessLevel === 'edit'"
+            <a mat-stroked-button *ngIf="canEditConnection()"
                 routerLink="/edit-db/{{connectionID}}">
                 Check database credentials
             </a>
-            <button *ngIf="isSaas" mat-flat-button color="warn" (click)="openIntercome()">Chat with support</button>
+            <button type="button" *ngIf="isSaas" mat-flat-button color="warn" (click)="openIntercome()">Chat with support</button>
             <a *ngIf="!isSaas" mat-flat-button color="warn"
                 href="https://github.com/rocket-admin/rocketadmin/issues" target="_blank">
                 Report a bug
@@ -74,15 +74,14 @@ <h3 class='mat-subheading-2'>Rocketadmin can not find any tables</h3>
                 [connectionID]="connectionID"
                 [selectedTable]="selectedTableName"
                 [uiSettings]="uiSettings"
-                [accessLevel]="currentConnectionAccessLevel"
                 (expandSidebar)="toggleSideBar()">
             </app-db-tables-list>
         </mat-sidenav>
         <mat-sidenav-content class="table-preview">
             <div class="table-preview-content">
                 <div class="alerts">
                     <app-alert></app-alert>
-                    <div *ngIf="dataSource.alert_settingsInfo" class="ai-config-alert">
+                    <div *ngIf="dataSource.alert_settingsInfo && canEditConnection()" class="ai-config-alert">
                         <mat-icon class="ai-config-alert__icon">auto_awesome</mat-icon>
                         <div class="ai-config-alert__message mat-body-1">
                             <strong class="ai-config-alert__title">New: AI Configuration</strong>
@@ -106,7 +105,6 @@ <h3 class='mat-subheading-2'>Rocketadmin can not find any tables</h3>
                     [selection]="selection"
                     [connectionID]="connectionID"
                     [isTestConnection]="currentConnectionIsTest"
-                    [accessLevel]="currentConnectionAccessLevel"
                     [tableFolders]="tableFolders"
                     (openFilters)="openTableFilters($event)"
                     (removeFilter)="removeFilter($event)"

frontend/src/app/components/dashboard/dashboard.component.spec.ts

@@ -24,6 +24,7 @@ describe('DashboardComponent', () => {
 			return AccessLevel.None;
 		},
 		getTablesFolders: () => of([]),
+		canEditConnection: () => false,
 	};
 	const fakeRouter = {
 		navigate: vi.fn().mockReturnValue(Promise.resolve('')),

frontend/src/app/components/dashboard/dashboard.component.ts

@@ -114,6 +114,8 @@ export class DashboardComponent implements OnInit, OnDestroy {
 		private angulartics2: Angulartics2,
 	) {}
 
+	protected canEditConnection = () => this._connections.canEditConnection();
+
 	get currentConnectionAccessLevel() {
 		return this._connections.currentConnectionAccessLevel;
 	}
@@ -159,66 +161,68 @@ export class DashboardComponent implements OnInit, OnDestroy {
 	getData() {
 		console.log('getData');
 
-		this._tables.fetchTablesFolders(this.connectionID).subscribe((res) => {
-			const tables = res.find((item) => item.category_id === 'all-tables-kitten')?.tables || [];
-
-			this.tableFolders = res;
-
-			if (tables && tables.length === 0) {
-				this.noTablesError = true;
-				this.loading = false;
-				this.title.setTitle(`No tables | ${this._company.companyTabTitle || 'Rocketadmin'}`);
-			} else if (tables) {
-				this.formatTableNames();
-				this.route.paramMap
-					.pipe(
-						map((params: ParamMap) => {
-							let tableName = params.get('table-name');
-							if (tableName) {
-								this.selectedTableName = tableName;
-								this.setTable(tableName);
-								console.log('setTable from getData paramMap');
-								this.title.setTitle(
-									`${this.selectedTableDisplayName} table | ${this._company.companyTabTitle || 'Rocketadmin'}`,
-								);
-								this.selection.clear();
-							} else {
-								if (this.defaultTableToOpen) {
-									tableName = this.defaultTableToOpen;
+		this._tables.fetchTablesFolders(this.connectionID).subscribe(
+			(res) => {
+				const tables = res.find((item) => item.category_id === 'all-tables-kitten')?.tables || [];
+
+				this.tableFolders = res;
+
+				if (tables && tables.length === 0) {
+					this.noTablesError = true;
+					this.loading = false;
+					this.title.setTitle(`No tables | ${this._company.companyTabTitle || 'Rocketadmin'}`);
+				} else if (tables) {
+					this.formatTableNames();
+					this.route.paramMap
+						.pipe(
+							map((params: ParamMap) => {
+								let tableName = params.get('table-name');
+								if (tableName) {
+									this.selectedTableName = tableName;
+									this.setTable(tableName);
+									console.log('setTable from getData paramMap');
+									this.title.setTitle(
+										`${this.selectedTableDisplayName} table | ${this._company.companyTabTitle || 'Rocketadmin'}`,
+									);
+									this.selection.clear();
 								} else {
-									tableName = this.allTables[0]?.table;
+									if (this.defaultTableToOpen) {
+										tableName = this.defaultTableToOpen;
+									} else {
+										tableName = this.allTables[0]?.table;
+									}
+									this.router.navigate([`/dashboard/${this.connectionID}/${tableName}`], { replaceUrl: true });
+									this.selectedTableName = tableName;
 								}
-								this.router.navigate([`/dashboard/${this.connectionID}/${tableName}`], { replaceUrl: true });
-								this.selectedTableName = tableName;
-							}
-						}),
-					)
-					.subscribe();
-				this._tableRow.cast.subscribe((arg) => {
-					if (arg === 'delete row' && this.selectedTableName) {
-						this.setTable(this.selectedTableName);
-						console.log('setTable from getData _tableRow cast');
-						this.selection.clear();
-					}
-				});
-				this._tables.cast.subscribe((arg) => {
-					if ((arg === 'delete rows' || arg === 'import') && this.selectedTableName) {
-						this.setTable(this.selectedTableName);
-						console.log('setTable from getData _tables cast');
-						this.selection.clear();
-					}
-					if (arg === 'activate actions') {
-						this.selection.clear();
-					}
-				});
-			}
-		},
-		(err) => {	
-			this.isServerError = true;
-			this.serverError = { abstract: err.error?.message || err.message, details: err.error?.originalMessage };
-			this.loading = false;
-			this.title.setTitle(`Error | ${this._company.companyTabTitle || 'Rocketadmin'}`);
-		});
+							}),
+						)
+						.subscribe();
+					this._tableRow.cast.subscribe((arg) => {
+						if (arg === 'delete row' && this.selectedTableName) {
+							this.setTable(this.selectedTableName);
+							console.log('setTable from getData _tableRow cast');
+							this.selection.clear();
+						}
+					});
+					this._tables.cast.subscribe((arg) => {
+						if ((arg === 'delete rows' || arg === 'import') && this.selectedTableName) {
+							this.setTable(this.selectedTableName);
+							console.log('setTable from getData _tables cast');
+							this.selection.clear();
+						}
+						if (arg === 'activate actions') {
+							this.selection.clear();
+						}
+					});
+				}
+			},
+			(err) => {
+				this.isServerError = true;
+				this.serverError = { abstract: err.error?.message || err.message, details: err.error?.originalMessage };
+				this.loading = false;
+				this.title.setTitle(`Error | ${this._company.companyTabTitle || 'Rocketadmin'}`);
+			},
+		);
 	}
 
 	formatTableNames() {