Add server ownership, team access, role-based UI, and default admin role
- New migration 002_server_access.sql: created_by column + server_user table - Server model: ownership, permission checks, team management methods - Routes: /team routes, RoleMiddleware on /servers/create and /admin - ServerController: permission checks via server_user, team CRUD methods - TerminalController: server access checks - DashboardController: filter servers by accessible ones - ApiController: server access checks - Views: team.php, team_server.php, sidebar Team link, hide actions by role - Default user role changed from operator to admin on registration - Admin user form defaults to admin role
This commit is contained in:
@@ -76,6 +76,11 @@ class ApiController
|
||||
$filters = [];
|
||||
if ($search) $filters['search'] = $search;
|
||||
|
||||
$accessibleIds = $serverModel->getAccessibleServerIds((int) $user['id']);
|
||||
if (!empty($accessibleIds)) {
|
||||
$filters['accessible_ids'] = $accessibleIds;
|
||||
}
|
||||
|
||||
$servers = $serverModel->getAll($page, $perPage, $filters);
|
||||
|
||||
$this->view->json([
|
||||
@@ -101,6 +106,10 @@ class ApiController
|
||||
$this->view->json(['error' => 'Server not found'], 404);
|
||||
}
|
||||
|
||||
if (!$serverModel->canView($id, (int) $user['id'])) {
|
||||
$this->view->json(['error' => 'Server not found'], 404);
|
||||
}
|
||||
|
||||
$monitoringService = new MonitoringService();
|
||||
$metrics = $monitoringService->getLatestMetrics($id);
|
||||
|
||||
@@ -154,6 +163,10 @@ class ApiController
|
||||
$this->view->json(['error' => 'Server not found'], 404);
|
||||
}
|
||||
|
||||
if (!$serverModel->canManage($id, (int) $user['id'])) {
|
||||
$this->view->json(['error' => 'Forbidden'], 403);
|
||||
}
|
||||
|
||||
$serverModel->update($id, $input);
|
||||
|
||||
$this->view->json([
|
||||
@@ -173,6 +186,10 @@ class ApiController
|
||||
$this->view->json(['error' => 'Server not found'], 404);
|
||||
}
|
||||
|
||||
if (!$serverModel->canManage($id, (int) $user['id'])) {
|
||||
$this->view->json(['error' => 'Forbidden'], 403);
|
||||
}
|
||||
|
||||
$serverModel->delete($id);
|
||||
|
||||
$this->view->json([
|
||||
@@ -185,6 +202,11 @@ class ApiController
|
||||
{
|
||||
$user = $this->authenticateRequest();
|
||||
|
||||
$serverModel = new Server();
|
||||
if (!$serverModel->canView($id, (int) $user['id'])) {
|
||||
$this->view->json(['error' => 'Server not found'], 404);
|
||||
}
|
||||
|
||||
$monitoringService = new MonitoringService();
|
||||
|
||||
$hours = (int) ($_GET['hours'] ?? 24);
|
||||
@@ -202,6 +224,11 @@ class ApiController
|
||||
{
|
||||
$user = $this->authenticateRequest();
|
||||
|
||||
$serverModel = new Server();
|
||||
if (!$serverModel->canView($id, (int) $user['id'])) {
|
||||
$this->view->json(['error' => 'Server not found'], 404);
|
||||
}
|
||||
|
||||
$input = json_decode(file_get_contents('php://input'), true) ?? $_POST;
|
||||
$command = $input['command'] ?? '';
|
||||
|
||||
|
||||
Reference in New Issue
Block a user