implemented operation based permissions

2025-12-24 19:22:20 -05:00
parent a9afa7ce13
commit 3d6aa856b4
18 changed files with 578 additions and 17 deletions
--- a/core/lib/Controllers/ModuleController.php
+++ b/core/lib/Controllers/ModuleController.php
@@ -13,7 +13,12 @@ class ModuleController extends ControllerAbstract
        private readonly ModuleManager $moduleManager
    ) { }

-    #[AuthenticatedRoute('/modules/list', name: 'modules.index', methods: ['GET'])]
+    #[AuthenticatedRoute(
+        '/modules/list', 
+        name: 'modules.index', 
+        methods: ['GET'],
+        permissions: ['module_manager.modules.view']
+    )]
    public function index(): JsonResponse
    {
        $modules = $this->moduleManager->list(false);
@@ -21,7 +26,12 @@ class ModuleController extends ControllerAbstract
        return new JsonResponse(['modules' => $modules]);
    }

-    #[AuthenticatedRoute('/modules/manage', name: 'modules.manage', methods: ['POST'])]
+    #[AuthenticatedRoute(
+        '/modules/manage', 
+        name: 'modules.manage', 
+        methods: ['POST'],
+        permissions: ['module_manager.modules.manage']
+    )]
    public function manage(string $handle, string $action): JsonResponse
    {
        // Verify module exists