refactor: restructure permission handling and enhance Guard functionality

- Introduced a new `createGuard` function to streamline the creation of Guard instances with permissions and roles. - Updated tests in `authorize.spec.ts` to reflect changes in permission checks, ensuring they now return undefined for denied permissions. - Added new `Permission` and `Policy` classes to improve type safety and flexibility in permission management. - Refactored middleware and controller files to utilize the updated permission structure, including context handling for permissions. - Created a new `SystemController.spec.ts` file to test the integration of the new permission system within the SystemController. - Removed legacy permission handling from core security files, consolidating permission logic within the new structure.
2026-03-16 04:27:21 +00:00 · 2025-10-13 18:20:46 +02:00
parent b784e1c1c4
commit 2f88c2216c
26 changed files with 954 additions and 367 deletions
--- a/app/src/modules/server/AdminController.tsx
+++ b/app/src/modules/server/AdminController.tsx
@@ -116,6 +116,7 @@ export class AdminController extends Controller {
               onDenied: async (c) => {
                  addFlashMessage(c, "You not allowed to read the schema", "warning");
               },
+               context: (c) => ({}),
            }),
            async (c) => {
               const obj: AdminBkndWindowContext = {
@@ -147,9 +148,10 @@ export class AdminController extends Controller {
                  return c.redirect(authRoutes.success);
               }
            },
+            context: (c) => ({}),
         };
         const redirectRouteParams = [
-            permission(SystemPermissions.accessAdmin, options),
+            permission(SystemPermissions.accessAdmin, options as any),
            permission(SystemPermissions.schemaRead, options),
            async (c) => {
               return c.html(c.get("html")!);