openclaw/helpyourneighbour
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
helpyourneighbour/NEW_ISSUE.md
BibaBot 78480b31dc
Some checks are pending
Docker Test / test (push) Waiting to run
Details
feat: Add new issue for implementing RBAC in API endpoints
2026-03-18 09:06:39 +00:00

1 KiB
Raw Permalink Blame History

Issue: Implement Role-Based Access Control for API Endpoints

Description

The project has a defined roles and permissions model, but the implementation of role-based access control (RBAC) in the API endpoints is incomplete. We need to implement proper RBAC checks for all API endpoints to ensure that users can only access resources they are authorized to.

Acceptance Criteria

  • All API endpoints properly check user roles using the existing middleware
  • The requireRole middleware is correctly applied to protected routes
  • Integration tests verify role-based access control
  • Documentation is updated to reflect the implemented RBAC system

Tasks

  1. Review all existing API routes and identify which ones need role checks
  2. Apply the requireRole middleware to appropriate endpoints
  3. Add integration tests for role-based access control
  4. Update documentation if needed

Related Files

  • backend/middleware/role.middleware.js
  • backend/routes/ directory (all route files)
  • backend/test/roles.test.js (existing tests)