leaudit-platform-backend

TanWenyan/leaudit-platform-backend

Fork 0

Commit Graph

Author	SHA1	Message	Date
wren	33255e823f	fix: enforce fine-grained rbac permissions on role CRUD endpoints Add _assertPermission() that checks role_permissions table for specific permission keys (super_admin bypasses). Wire it into CreateRole (rbac:roles:create), UpdateRole (rbac:roles:update), and DeleteRole (rbac:roles:delete). Previously only the coarse can_manage role check was enforced, making the permission grants in role_permissions purely cosmetic for these endpoints.	2026-04-30 10:36:38 +08:00
wren	3a58f19d6c	feat: add rbac-backed settings modules	2026-04-29 22:25:06 +08:00

Author

SHA1

Message

Date

wren

33255e823f

fix: enforce fine-grained rbac permissions on role CRUD endpoints

Add _assertPermission() that checks role_permissions table for
specific permission keys (super_admin bypasses). Wire it into
CreateRole (rbac:roles:create), UpdateRole (rbac:roles:update),
and DeleteRole (rbac:roles:delete). Previously only the coarse
can_manage role check was enforced, making the permission grants
in role_permissions purely cosmetic for these endpoints.

2026-04-30 10:36:38 +08:00

wren

3a58f19d6c

feat: add rbac-backed settings modules

2026-04-29 22:25:06 +08:00

2 Commits