feat: two-role system — super_admin & admin program (Fasa 12)

- Replace is_admin boolean with role enum('super_admin','admin') via migration - ProgramPolicy: admin program can only view/edit/delete own programs - EnsureIsAdmin: accepts both roles; EnsureSuperAdmin: super_admin only - UserController + views: super_admin can manage admin accounts - Sidebar: user management link & role badge gated on isSuperAdmin() - Fix Controller base class: add AuthorizesRequests trait - Fix tests: replace nonAdmin() (invalid enum) with adminProgram() against super_admin-only route Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-18 08:47:58 +08:00
parent 700fbd1bcc
commit c9b50ccc5e
18 changed files with 503 additions and 12 deletions
--- a/app/Http/Controllers/Controller.php
+++ b/app/Http/Controllers/Controller.php
@@ -2,7 +2,9 @@

 namespace App\Http\Controllers;

+use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
+
 abstract class Controller
 {
-    //
+    use AuthorizesRequests;
 }