feat: granular permissions, export backup, user/role management
- PermissionSeeder: 29 permissions with role mapping (admin/manager/staff) - Policies updated to use hasPermissionTo() instead of hasRole() - ExportBackup command: JSON per-table backup with chunk processing - UserResource: CRUD users with role assignment (admin only) - RoleResource: CRUD roles with permission assignment (admin only) - UserPolicy + RolePolicy: admin-only access control - ImportCskh: detailed skip logging with color in dry-run mode - Widgets: permission-based visibility checks - Tests: 8/8 pass (21 assertions)
This commit is contained in:
@@ -36,7 +36,7 @@ class EditFeedback extends EditRecord
|
||||
->label('Transfer Department')
|
||||
->icon('heroicon-o-arrows-right-left')
|
||||
->color('warning')
|
||||
->visible(fn (): bool => auth()->user()->hasRole(['admin', 'manager']))
|
||||
->visible(fn (): bool => auth()->user()->hasPermissionTo('transfer-department'))
|
||||
->form([
|
||||
Select::make('to_department_id')
|
||||
->label('Target Department')
|
||||
@@ -106,7 +106,7 @@ class EditFeedback extends EditRecord
|
||||
->label('Close Ticket')
|
||||
->icon('heroicon-o-check-circle')
|
||||
->color('success')
|
||||
->visible(fn (): bool => $this->getRecord()->status !== 'closed' && auth()->user()->hasRole(['admin', 'manager']))
|
||||
->visible(fn (): bool => $this->getRecord()->status !== 'closed' && auth()->user()->hasPermissionTo('close-ticket'))
|
||||
->requiresConfirmation()
|
||||
->modalHeading('Close Ticket')
|
||||
->modalDescription('Bạn có chắc muốn đóng phiếu này? Hành động này KHÔNG thể hoàn tác.')
|
||||
|
||||
Reference in New Issue
Block a user