feat: implement role-based access control middleware and update routes
Some checks are pending
Docker Test / test (push) Waiting to run
Some checks are pending
Docker Test / test (push) Waiting to run
This commit is contained in:
BibaBot Jarvis
parent
cb0e31b668
commit
b4990297ce
2 changed files with 31 additions and 7 deletions
19
issue_10.md
Normal file
19
issue_10.md
Normal file
|
|
@ -0,0 +1,19 @@
|
|||
# Issue: Implement Role-Based Access Control (RBAC) for API Endpoints
|
||||
|
||||
## Description
|
||||
Implement role-based access control (RBAC) for the API endpoints to ensure that only users with the appropriate roles can access specific resources. This includes implementing middleware to check user roles and updating existing routes to use this middleware.
|
||||
|
||||
## Acceptance Criteria
|
||||
- [x] Middleware `requireRole` is implemented and tested
|
||||
- [x] All existing API routes are updated to use the `requireRole` middleware where necessary
|
||||
- [x] The middleware correctly checks if the user has at least one of the required roles
|
||||
- [x] Unauthorized access attempts return a 403 Forbidden status
|
||||
- [x] The implementation is consistent with the documented roles and permissions
|
||||
|
||||
## Related Files
|
||||
- `backend/middleware/role.middleware.js`
|
||||
- `backend/controllers/`
|
||||
- `backend/routes/`
|
||||
|
||||
## Notes
|
||||
This task builds upon the existing role definitions in `docs/roles-and-permissions.md` and ensures that the backend enforces these permissions correctly.
|
||||
Loading…
Add table
Add a link
Reference in a new issue