Add server ownership, team access, role-based UI, and default admin role

- New migration 002_server_access.sql: created_by column + server_user table
- Server model: ownership, permission checks, team management methods
- Routes: /team routes, RoleMiddleware on /servers/create and /admin
- ServerController: permission checks via server_user, team CRUD methods
- TerminalController: server access checks
- DashboardController: filter servers by accessible ones
- ApiController: server access checks
- Views: team.php, team_server.php, sidebar Team link, hide actions by role
- Default user role changed from operator to admin on registration
- Admin user form defaults to admin role
This commit is contained in:
2026-06-07 06:49:12 -04:00
parent 9e11f767e7
commit 5f5de248c6
16 changed files with 813 additions and 71 deletions

View File

@@ -32,6 +32,11 @@ class TerminalController
$this->view->error(404);
}
$userId = (int) Session::get('user_id');
if (!$this->serverModel->canView($id, $userId)) {
$this->view->error(404);
}
$commandHistory = new CommandHistory();
$history = $commandHistory->getByServer($id, 50);
@@ -50,6 +55,11 @@ class TerminalController
$this->view->json(['success' => false, 'message' => 'Server not found'], 404);
}
$userId = (int) Session::get('user_id');
if (!$this->serverModel->canView($id, $userId)) {
$this->view->json(['success' => false, 'message' => 'Forbidden'], 403);
}
$command = $_POST['command'] ?? '';
if (empty($command)) {