Add server ownership, team access, role-based UI, and default admin role

- New migration 002_server_access.sql: created_by column + server_user table
- Server model: ownership, permission checks, team management methods
- Routes: /team routes, RoleMiddleware on /servers/create and /admin
- ServerController: permission checks via server_user, team CRUD methods
- TerminalController: server access checks
- DashboardController: filter servers by accessible ones
- ApiController: server access checks
- Views: team.php, team_server.php, sidebar Team link, hide actions by role
- Default user role changed from operator to admin on registration
- Admin user form defaults to admin role
This commit is contained in:
2026-06-07 06:49:12 -04:00
parent 9e11f767e7
commit 5f5de248c6
16 changed files with 813 additions and 71 deletions

View File

@@ -31,8 +31,8 @@ $router->get('/profile', [AuthController::class, 'profile'], [AuthMiddleware::cl
$router->post('/profile', [AuthController::class, 'updateProfile'], [AuthMiddleware::class, CSRFMiddleware::class]);
$router->get('/servers', [ServerController::class, 'index'], [AuthMiddleware::class]);
$router->get('/servers/create', [ServerController::class, 'create'], [AuthMiddleware::class]);
$router->post('/servers/create', [ServerController::class, 'store'], [AuthMiddleware::class, CSRFMiddleware::class]);
$router->get('/servers/create', [ServerController::class, 'create'], [AuthMiddleware::class, RoleMiddleware::class]);
$router->post('/servers/create', [ServerController::class, 'store'], [AuthMiddleware::class, CSRFMiddleware::class, RoleMiddleware::class]);
$router->get('/servers/:id', [ServerController::class, 'show'], [AuthMiddleware::class]);
$router->get('/servers/:id/edit', [ServerController::class, 'edit'], [AuthMiddleware::class]);
$router->post('/servers/:id/edit', [ServerController::class, 'update'], [AuthMiddleware::class, CSRFMiddleware::class]);
@@ -65,12 +65,18 @@ $router->get('/servers/:id/logs', [ServerController::class, 'logs'], [AuthMiddle
$router->get('/servers/:id/metrics', [ServerController::class, 'metrics'], [AuthMiddleware::class]);
$router->get('/sidebar/servers', [ServerController::class, 'sidebarServers'], [AuthMiddleware::class]);
$router->get('/team', [ServerController::class, 'team'], [AuthMiddleware::class]);
$router->get('/team/:id', [ServerController::class, 'teamServer'], [AuthMiddleware::class]);
$router->post('/team/:id/add-user', [ServerController::class, 'addTeamUser'], [AuthMiddleware::class, CSRFMiddleware::class]);
$router->post('/team/:id/remove-user', [ServerController::class, 'removeTeamUser'], [AuthMiddleware::class, CSRFMiddleware::class]);
$router->post('/team/:id/update-role', [ServerController::class, 'updateTeamUserRole'], [AuthMiddleware::class, CSRFMiddleware::class]);
$router->get('/terminal/:id', [TerminalController::class, 'index'], [AuthMiddleware::class]);
$router->post('/terminal/:id/execute', [TerminalController::class, 'execute'], [AuthMiddleware::class, CSRFMiddleware::class]);
$router->get('/terminal/:id/history', [TerminalController::class, 'history'], [AuthMiddleware::class]);
$router->post('/terminal/:id/clear-history', [TerminalController::class, 'clearHistory'], [AuthMiddleware::class, CSRFMiddleware::class]);
$router->group(['prefix' => 'admin', 'middleware' => [AuthMiddleware::class]], function (ServerManager\Core\Router $router) {
$router->group(['prefix' => 'admin', 'middleware' => [AuthMiddleware::class, RoleMiddleware::class]], function (ServerManager\Core\Router $router) {
$router->get('/users', [AdminController::class, 'users']);
$router->post('/users/create', [AdminController::class, 'createUser'], [CSRFMiddleware::class]);
$router->post('/users/:id/update', [AdminController::class, 'updateUser'], [CSRFMiddleware::class]);