c9b50ccc5e
- Replace is_admin boolean with role enum('super_admin','admin') via migration
- ProgramPolicy: admin program can only view/edit/delete own programs
- EnsureIsAdmin: accepts both roles; EnsureSuperAdmin: super_admin only
- UserController + views: super_admin can manage admin accounts
- Sidebar: user management link & role badge gated on isSuperAdmin()
- Fix Controller base class: add AuthorizesRequests trait
- Fix tests: replace nonAdmin() (invalid enum) with adminProgram() against super_admin-only route
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
42 lines
1.1 KiB
PHP
42 lines
1.1 KiB
PHP
<?php
|
|
|
|
namespace App\Providers;
|
|
|
|
use App\Models\Program;
|
|
use App\Policies\ProgramPolicy;
|
|
use Illuminate\Cache\RateLimiting\Limit;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Pagination\Paginator;
|
|
use Illuminate\Support\Facades\Gate;
|
|
use Illuminate\Support\Facades\RateLimiter;
|
|
use Illuminate\Support\Facades\URL;
|
|
use Illuminate\Support\ServiceProvider;
|
|
|
|
class AppServiceProvider extends ServiceProvider
|
|
{
|
|
public function register(): void {}
|
|
|
|
public function boot(): void
|
|
{
|
|
// Policies
|
|
Gate::policy(Program::class, ProgramPolicy::class);
|
|
|
|
// Bootstrap pagination
|
|
Paginator::useBootstrapFive();
|
|
|
|
// Rate limiters for public routes
|
|
RateLimiter::for('checkin', fn(Request $request) =>
|
|
Limit::perMinute(60)->by($request->ip())
|
|
);
|
|
|
|
RateLimiter::for('certificate', fn(Request $request) =>
|
|
Limit::perMinute(30)->by($request->ip())
|
|
);
|
|
|
|
// Force HTTPS in production
|
|
if (app()->environment('production')) {
|
|
URL::forceScheme('https');
|
|
}
|
|
}
|
|
}
|