helpyourneighbour/issue_1234.md

Issue: Implement Role-Based Access Control (RBAC) for API Endpoints

Description

Implement role-based access control (RBAC) for the API endpoints to ensure that only users with the appropriate roles can access specific resources. This includes creating middleware to check user roles and applying it to relevant routes.

Acceptance Criteria

• Create a requireRole middleware function in backend/middleware/role.middleware.js
• Apply the middleware to existing API endpoints that require specific roles
• Add tests for the role-based access control functionality
• Update documentation to reflect the new RBAC implementation

Related Files

• backend/middleware/role.middleware.js
• backend/controllers/... (to be updated)
• backend/routes/... (to be updated)
• test/roles.test.js

Notes

This task builds upon the existing roles and permissions documentation in docs/roles-and-permissions.md.