saufi/eCert-MBIP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: two-role system — super_admin & admin program (Fasa 12)

Browse Source 
- Replace is_admin boolean with role enum('super_admin','admin') via migration
- ProgramPolicy: admin program can only view/edit/delete own programs
- EnsureIsAdmin: accepts both roles; EnsureSuperAdmin: super_admin only
- UserController + views: super_admin can manage admin accounts
- Sidebar: user management link & role badge gated on isSuperAdmin()
- Fix Controller base class: add AuthorizesRequests trait
- Fix tests: replace nonAdmin() (invalid enum) with adminProgram() against super_admin-only route

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Saufi
2026-05-18 08:47:58 +08:00
parent 700fbd1bcc
commit c9b50ccc5e
18 changed files with 503 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tests/Feature/AuthTest.php
View File

@@ -27,12 +27,12 @@ class AuthTest extends TestCase
$this->get('/admin/dashboard')->assertRedirect('/login');
}
public function test_non_admin_cannot_access_admin_routes(): void
public function test_admin_program_cannot_access_user_management(): void
{
$user = User::factory()->nonAdmin()->create();
$admin = User::factory()->adminProgram()->create();
$this->actingAs($user)
->get('/admin/dashboard')
$this->actingAs($admin)
->get('/admin/users')
->assertForbidden();
}