From 912e6ff2a3ef7da5089e72b66d2db219ba25e296 Mon Sep 17 00:00:00 2001
From: "Builder.io" <builder-bot@builder.io>
Date: Sat, 18 Oct 2025 22:59:26 +0000
Subject: [PATCH] Add RequireAccess component for realm/role gating

cgen-7acaacfaa72b49948eb8871637992878
---
 client/components/RequireAccess.tsx | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 client/components/RequireAccess.tsx

diff --git a/client/components/RequireAccess.tsx b/client/components/RequireAccess.tsx
new file mode 100644
index 00000000..36b0f776
--- /dev/null
+++ b/client/components/RequireAccess.tsx
@@ -0,0 +1,21 @@
+import { Navigate, useLocation } from "react-router-dom";
+import { useAuth } from "@/contexts/AuthContext";
+
+interface RequireAccessProps {
+  allowedRealms?: Array<"game_developer" | "client" | "community_member" | "customer" | "staff">;
+  allowedRoles?: string[];
+  children: React.ReactElement;
+}
+
+export default function RequireAccess({ allowedRealms, allowedRoles, children }: RequireAccessProps) {
+  const { user, profile, roles } = useAuth();
+  const location = useLocation();
+
+  const realmOk = !allowedRealms || allowedRealms.includes((profile as any)?.user_type);
+  const rolesOk = !allowedRoles || (Array.isArray(roles) && roles.some(r => allowedRoles.includes(r.toLowerCase())));
+
+  if (!user) return <Navigate to={`/onboarding?next=${encodeURIComponent(location.pathname + location.search)}`} replace />;
+  if (!realmOk || !rolesOk) return <Navigate to="/realms" replace />;
+
+  return children;
+}