donald/5why-analyzer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Implement role-based access control (RBAC) with 3-tier authorization

Browse Source 
- Add 3 user roles: user, admin, super_admin
- Restrict LLM config management to super_admin only
- Restrict audit logs and statistics to super_admin only
- Update AdminPage with role-based tab visibility
- Add complete 5 Why prompt from 5why-analyzer.jsx
- Add system documentation and authorization guide
- Add ErrorModal component and seed test users script

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
donald
2025-12-08 19:29:28 +08:00
parent 957003bc7c
commit 66cdcacce9
11 changed files with 1791 additions and 158 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
routes/admin.js
View File

@@ -219,7 +219,7 @@ router.get('/analyses', requireAdmin, asyncHandler(async (req, res) => {
* GET /api/admin/audit-logs
* 取得稽核日誌
*/
router.get('/audit-logs', requireAdmin, asyncHandler(async (req, res) => {
router.get('/audit-logs', requireSuperAdmin, asyncHandler(async (req, res) => {
const page = parseInt(req.query.page) || 1;
const limit = parseInt(req.query.limit) || 50;
const filters = {
@@ -243,7 +243,7 @@ router.get('/audit-logs', requireAdmin, asyncHandler(async (req, res) => {
* GET /api/admin/statistics
* 取得完整統計資料
*/
router.get('/statistics', requireAdmin, asyncHandler(async (req, res) => {
router.get('/statistics', requireSuperAdmin, asyncHandler(async (req, res) => {
const overallStats = await Analysis.getStatistics();
const users = await User.getAll(1, 1000);