saufi/eCert-MBIP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: two-role system — super_admin & admin program (Fasa 12)

Browse Source 
- Replace is_admin boolean with role enum('super_admin','admin') via migration
- ProgramPolicy: admin program can only view/edit/delete own programs
- EnsureIsAdmin: accepts both roles; EnsureSuperAdmin: super_admin only
- UserController + views: super_admin can manage admin accounts
- Sidebar: user management link & role badge gated on isSuperAdmin()
- Fix Controller base class: add AuthorizesRequests trait
- Fix tests: replace nonAdmin() (invalid enum) with adminProgram() against super_admin-only route

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Saufi
2026-05-18 08:47:58 +08:00
parent 700fbd1bcc
commit c9b50ccc5e
18 changed files with 503 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
app/Policies/ProgramPolicy.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
namespace App\Policies;
use App\Models\Program;
use App\Models\User;
class ProgramPolicy
{
public function viewAny(User $user): bool
{
return true; // Both roles can see programs list (scoped per controller)
}
public function view(User $user, Program $program): bool
{
return $user->canAccessProgram($program);
}
public function create(User $user): bool
{
return true; // Both roles can create programs
}
public function update(User $user, Program $program): bool
{
return $user->canAccessProgram($program);
}
public function delete(User $user, Program $program): bool
{
return $user->canAccessProgram($program);
}
}