Implement Trigger Permission System
Add new user permission for triggering integration webhooks, separate from admin-only configuration access.
- Add
canTriggerIntegrationsboolean to User model (default: false); migration sets true for Admin/Super Admin @CanTriggerIntegrations()decorator for route protection; returns 403 if unauthorized- User form checkbox: "Can Trigger Integrations" (Admin/Super Admin only; disabled for admin users)
- Permission check:
canTriggerIntegrationsOR Admin OR Super Admin - 403 message: "User does not have permission to trigger integrations"
Example:
User form with trigger permission checkbox:
┌─ Edit User: John Doe ───────────────────────┐
│ Name: John Doe │
│ Email: john@example.com │
│ User Type: [Client ▼] │
│ │
│ Permissions: │
│ ☑ Can Trigger Integrations │
│ Allow this user to manually trigger │
│ integration webhooks │
│ │
│ [Save] [Cancel] │
└───────────────────────────────────────────────┘
Authorization decorator implementation pattern:
@Post(':id/trigger')
@CanTriggerIntegrations()
async triggerWebhook(
@Param('id') id: number,
@Body() body: TriggerWebhookDto,
@CurrentUser() user: User
) {
// Implementation
}