MALIO-DEV/Ferme
4
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases 80 Wiki Activity

feat : durcissement des accès admin (DELETE Reception/Shipment + middleware Nuxt)

Browse Source 
- DELETE Reception et Shipment passent de ROLE_USER à ROLE_ADMIN (alignement avec l'UI qui cachait déjà les boutons aux non-admin)
- Middleware Nuxt global qui redirige les non-admin de /admin/* vers / (et vers /login si pas authentifié)
- Aucun impact sur l'API /api/carriers qui reste lisible par tous (utilisée dans les formulaires de réception/expédition)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Autin
2026-04-28 12:09:57 +02:00
parent d566e5d9f7
commit d60272b87e
3 changed files with 29 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/Entity/Reception.php
View File

@@ -61,6 +61,7 @@ use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
),
new Delete(
requirements: ['id' => '\d+'],
security: "is_granted('ROLE_ADMIN')",
),
new Get(
uriTemplate: '/receptions/weigh',

1
src/Entity/Shipment.php
View File

@@ -61,6 +61,7 @@ use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
),
new Delete(
requirements: ['id' => '\d+'],
security: "is_granted('ROLE_ADMIN')",
),
new Get(
uriTemplate: '/shipments/weigh',