refactor: recon - update recon resources for rendering sidebar values…

… based on permissions (#1787)

src/container/MerchantAccountContainer.res

@@ -7,7 +7,12 @@ let make = () => {
   open HyperswitchAtom
   let url = RescriptReactRouter.useUrl()
   let (surveyModal, setSurveyModal) = React.useState(_ => false)
-  let {userHasAccess, hasAnyGroupAccess, hasAllGroupsAccess} = GroupACLHooks.useUserGroupACLHook()
+  let {
+    userHasAccess,
+    hasAnyGroupAccess,
+    hasAllGroupsAccess,
+    userHasResourceAccess,
+  } = GroupACLHooks.useUserGroupACLHook()
   let featureFlagDetails = featureFlagAtom->Recoil.useRecoilValueFromAtom
   let fetchConnectorListResponse = ConnectorListHook.useFetchConnectorList()
   let fetchBusinessProfiles = BusinessProfileHook.useFetchBusinessProfiles()
@@ -44,17 +49,44 @@ let make = () => {
 
       | list{"recon"} =>
         <AccessControl
-          isEnabled={featureFlagDetails.recon && !checkUserEntity([#Profile])} authorization=Access>
+          isEnabled={featureFlagDetails.recon && !checkUserEntity([#Profile])}
+          authorization={userHasResourceAccess(~resourceAccess=ReconToken)}>
           <Recon />
         </AccessControl>
-      | list{"upload-files"}
-      | list{"run-recon"}
-      | list{"recon-analytics"}
-      | list{"reports"}
-      | list{"config-settings"}
+      | list{"upload-files"} =>
+        <AccessControl
+          isEnabled={featureFlagDetails.recon && !checkUserEntity([#Profile])}
+          authorization={userHasResourceAccess(~resourceAccess=ReconUpload)}>
+          <ReconModule urlList={url.path->urlPath} />
+        </AccessControl>
+      | list{"run-recon"} =>
+        <AccessControl
+          isEnabled={featureFlagDetails.recon && !checkUserEntity([#Profile])}
+          authorization={userHasResourceAccess(~resourceAccess=RunRecon)}>
+          <ReconModule urlList={url.path->urlPath} />
+        </AccessControl>
+      | list{"recon-analytics"} =>
+        <AccessControl
+          isEnabled={featureFlagDetails.recon && !checkUserEntity([#Profile])}
+          authorization={userHasResourceAccess(~resourceAccess=ReconAndSettlementAnalytics)}>
+          <ReconModule urlList={url.path->urlPath} />
+        </AccessControl>
+      | list{"reports"} =>
+        <AccessControl
+          isEnabled={featureFlagDetails.recon && !checkUserEntity([#Profile])}
+          authorization={userHasResourceAccess(~resourceAccess=ReconReports)}>
+          <ReconModule urlList={url.path->urlPath} />
+        </AccessControl>
+      | list{"config-settings"} =>
+        <AccessControl
+          isEnabled={featureFlagDetails.recon && !checkUserEntity([#Profile])}
+          authorization={userHasResourceAccess(~resourceAccess=ReconConfig)}>
+          <ReconModule urlList={url.path->urlPath} />
+        </AccessControl>
       | list{"file-processor"} =>
         <AccessControl
-          isEnabled={featureFlagDetails.recon && !checkUserEntity([#Profile])} authorization=Access>
+          isEnabled={featureFlagDetails.recon && !checkUserEntity([#Profile])}
+          authorization={userHasResourceAccess(~resourceAccess=ReconFiles)}>
           <ReconModule urlList={url.path->urlPath} />
         </AccessControl>
       | list{"sdk"} =>

src/entryPoints/SidebarValues.res

@@ -610,26 +610,41 @@ let reconFileProcessor = {
 
 let reconAndSettlement = (recon, isReconEnabled, checkUserEntity, userHasResourceAccess) => {
   switch (recon, isReconEnabled, checkUserEntity([#Merchant, #Organization])) {
-  | (true, true, true) =>
-    Section({
-      name: "Recon And Settlement",
-      icon: "recon",
-      showSection: true,
-      links: [
-        uploadReconFiles,
-        runRecon,
-        reconAnalytics,
-        reconReports,
-        reconConfigurator,
-        reconFileProcessor,
-      ],
-    })
+  | (true, true, true) => {
+      let links = []
+      if userHasResourceAccess(~resourceAccess=ReconFiles) == CommonAuthTypes.Access {
+        links->Array.push(uploadReconFiles)
+      }
+      if userHasResourceAccess(~resourceAccess=RunRecon) == CommonAuthTypes.Access {
+        links->Array.push(runRecon)
+      }
+      if (
+        userHasResourceAccess(~resourceAccess=ReconAndSettlementAnalytics) == CommonAuthTypes.Access
+      ) {
+        links->Array.push(reconAnalytics)
+      }
+      if userHasResourceAccess(~resourceAccess=ReconReports) == CommonAuthTypes.Access {
+        links->Array.push(reconReports)
+      }
+      if userHasResourceAccess(~resourceAccess=ReconConfig) == CommonAuthTypes.Access {
+        links->Array.push(reconConfigurator)
+      }
+      if userHasResourceAccess(~resourceAccess=ReconFiles) == CommonAuthTypes.Access {
+        links->Array.push(reconFileProcessor)
+      }
+      Section({
+        name: "Recon And Settlement",
+        icon: "recon",
+        showSection: true,
+        links,
+      })
+    }
   | (true, false, true) =>
     Link({
       name: "Reconciliation",
       icon: isReconEnabled ? "recon" : "recon-lock",
       link: `/recon`,
-      access: userHasResourceAccess(~resourceAccess=Recon),
+      access: userHasResourceAccess(~resourceAccess=ReconToken),
     })
 
   | _ => emptyComponent

src/screens/UserManagement/UserRevamp/UserManagementTypes.res

@@ -33,7 +33,13 @@ type resourceAccessType =
   | Routing
   | ThreeDsDecisionManager
   | SurchargeDecisionManager
-  | Recon
+  | ReconToken
+  | ReconFiles
+  | ReconAndSettlementAnalytics
+  | ReconUpload
+  | ReconReports
+  | RunRecon
+  | ReconConfig
   | Account
   | ApiKey
   | User

src/utils/Mappers/GroupACLMapper.res

@@ -57,7 +57,13 @@ let mapStringToResourceAccessType = val =>
   | "webhook_event" => WebhookEvent
   | "payout" => Payout
   | "report" => Report
-  | "recon" => Recon
+  | "recon_token" => ReconToken
+  | "recon_files" => ReconFiles
+  | "recon_and_settlement_analytics" => ReconAndSettlementAnalytics
+  | "recon_upload" => ReconUpload
+  | "recon_reports" => ReconReports
+  | "run_recon" => RunRecon
+  | "recon_config" => ReconConfig
   | _ => UnknownResourceAccess(val)
   }