saufi/eCert-MBIP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: security hardening (Fasa 10)

Browse Source 
- EnsureIsAdmin middleware: gates all admin routes on is_admin flag
- Apply admin middleware to entire admin route group
- Fix questionnaire resource route parameter name mismatch ({set})
- Audit log on questionnaire confirmation

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Saufi
2026-05-16 23:54:11 +08:00
parent 165f22fe6f
commit a41ff59009
4 changed files with 27 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
bootstrap/app.php
View File

@@ -11,7 +11,9 @@ return Application::configure(basePath: dirname(__DIR__))
health: '/up',
)
->withMiddleware(function (Middleware $middleware): void {
//
$middleware->alias([
'admin' => \App\Http\Middleware\EnsureIsAdmin::class,
]);
})
->withExceptions(function (Exceptions $exceptions): void {
//