From 31f560ecf14dc54bdc9e6380949d5726998ed384 Mon Sep 17 00:00:00 2001
From: wizardchen <wizardchen@tencent.com>
Date: Wed, 20 May 2026 16:42:25 +0800
Subject: [PATCH] fix(frontend): mirror cross-tenant superuser Admin role in UI
 gates

When a CanAccessAllTenants user switches into a tenant without a
tenant_members row, the backend grants temporary Admin via
resolveTenantRole step2 but currentTenantRole stayed empty, hiding
all mutation controls. Fall back to admin for UI gating only; Owner
surfaces remain hidden to match the server cap.
---
 frontend/src/stores/auth.ts | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/frontend/src/stores/auth.ts b/frontend/src/stores/auth.ts
index b1d4cf3a..96187cdc 100644
--- a/frontend/src/stores/auth.ts
+++ b/frontend/src/stores/auth.ts
@@ -114,7 +114,16 @@ export const useAuthStore = defineStore('auth', () => {
         : ''
     if (!tid) return ''
     const match = memberships.value.find((m) => String(m.tenant_id) === tid)
-    return match?.role || ''
+    if (match?.role) return match.role
+    // Cross-tenant superuser visiting a tenant they're not a member of:
+    // backend auth.go resolveTenantRole step2 grants a temporary Admin
+    // role without writing tenant_members. Mirror that here so mutation
+    // UIs aren't hidden in tenants the superuser switched into. Never
+    // surface Owner — the backend caps the temporary grant at Admin too
+    // (Owner-only ops like tenant deletion stay reserved for a real
+    // Owner inside the target tenant).
+    if (canAccessAllTenants.value) return 'admin'
+    return ''
   })
 
   // hasRole answers "is the current tenant role at least <min>?", used by