Add server ownership, team access, role-based UI, and default admin role

- New migration 002_server_access.sql: created_by column + server_user table
- Server model: ownership, permission checks, team management methods
- Routes: /team routes, RoleMiddleware on /servers/create and /admin
- ServerController: permission checks via server_user, team CRUD methods
- TerminalController: server access checks
- DashboardController: filter servers by accessible ones
- ApiController: server access checks
- Views: team.php, team_server.php, sidebar Team link, hide actions by role
- Default user role changed from operator to admin on registration
- Admin user form defaults to admin role
This commit is contained in:
2026-06-07 06:49:12 -04:00
parent 9e11f767e7
commit 5f5de248c6
16 changed files with 813 additions and 71 deletions

View File

@@ -76,6 +76,11 @@ class ApiController
$filters = [];
if ($search) $filters['search'] = $search;
$accessibleIds = $serverModel->getAccessibleServerIds((int) $user['id']);
if (!empty($accessibleIds)) {
$filters['accessible_ids'] = $accessibleIds;
}
$servers = $serverModel->getAll($page, $perPage, $filters);
$this->view->json([
@@ -101,6 +106,10 @@ class ApiController
$this->view->json(['error' => 'Server not found'], 404);
}
if (!$serverModel->canView($id, (int) $user['id'])) {
$this->view->json(['error' => 'Server not found'], 404);
}
$monitoringService = new MonitoringService();
$metrics = $monitoringService->getLatestMetrics($id);
@@ -154,6 +163,10 @@ class ApiController
$this->view->json(['error' => 'Server not found'], 404);
}
if (!$serverModel->canManage($id, (int) $user['id'])) {
$this->view->json(['error' => 'Forbidden'], 403);
}
$serverModel->update($id, $input);
$this->view->json([
@@ -173,6 +186,10 @@ class ApiController
$this->view->json(['error' => 'Server not found'], 404);
}
if (!$serverModel->canManage($id, (int) $user['id'])) {
$this->view->json(['error' => 'Forbidden'], 403);
}
$serverModel->delete($id);
$this->view->json([
@@ -185,6 +202,11 @@ class ApiController
{
$user = $this->authenticateRequest();
$serverModel = new Server();
if (!$serverModel->canView($id, (int) $user['id'])) {
$this->view->json(['error' => 'Server not found'], 404);
}
$monitoringService = new MonitoringService();
$hours = (int) ($_GET['hours'] ?? 24);
@@ -202,6 +224,11 @@ class ApiController
{
$user = $this->authenticateRequest();
$serverModel = new Server();
if (!$serverModel->canView($id, (int) $user['id'])) {
$this->view->json(['error' => 'Server not found'], 404);
}
$input = json_decode(file_get_contents('php://input'), true) ?? $_POST;
$command = $input['command'] ?? '';