data-exports) permission should be able to receive restricted saved reports (non-public allowedUserIds) the same way office staff can—including inspectors.allowedUserIds empty) are visible to everyone in the company who can call GET /data-exports; list filtering treats empty lists as company-wide (attik-backend/src/routes/dataExport.ts).allowedUserIds (or they are the creator). Access checks use res.locals.membership?.employeeId || res.locals.membership?._officeStaffId in several places—not _inspectorId (dataExport.ts).UserSelector, which only loads active office staff from office-staff and never lists inspectors (attik-frontend/src/components/data-exports/UserSelector.tsx).attik-frontend/src/app/tools/data-exports/page.tsx).employeeId may point to either office staff or inspector per schema (attik-backend/src/models/membershipSchema.ts); align UI and API so inspector recipients work end-to-end.allowedUserIds to include inspectors (e.g. merge office staff + inspectors, clear labeling, same active/relevant filters as elsewhere). Any list/detail UI that assumes “office staff only” for share display may need updates.userCanAccessReport and all data-exports routes that gate on currentUserEmployeeId resolve the current user consistently for inspector memberships (employeeId and/or _inspectorId as needed) so shared reports are visible, editable, and exportable per existing rules.tests/integration/dataExport.sharedAccess.test.ts for an inspector recipient.attik-frontend/src/components/data-exports/UserSelector.tsxattik-frontend/src/app/tools/data-exports/CreateReportForm.tsx (Access Permissions)attik-backend/src/routes/dataExport.ts (userCanAccessReport, GET /, GET /:id, export routes)attik-backend/src/models/membershipSchema.tsPlease authenticate to join the conversation.
Completed
Main App
2 months ago
Linear
Get notified by email when there are changes.
Completed
Main App
2 months ago
Linear
Get notified by email when there are changes.