familienarchiv

marcel/familienarchiv

Fork 0

Commit Graph

Author	SHA1	Message	Date
Marcel	bbac351f03	test(e2e): add read-only user permissions journey Logs in as the seeded "reader" user (READ_ALL only) and asserts that all write controls are absent from every page. Refs #48 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-22 20:01:04 +01:00
Marcel	fa4bfb8e5c	feat(routes): add server-side WRITE_ALL guard on write-only routes Block direct URL navigation to /persons/new, /documents/new, /documents/:id/edit for users without WRITE_ALL permission. E2E tests verify admin user retains access to all write routes. Closes #17 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-20 09:47:52 +01:00

Author

SHA1

Message

Date

Marcel

bbac351f03

test(e2e): add read-only user permissions journey

Logs in as the seeded "reader" user (READ_ALL only) and asserts
that all write controls are absent from every page.

Refs #48
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-22 20:01:04 +01:00

Marcel

fa4bfb8e5c

feat(routes): add server-side WRITE_ALL guard on write-only routes

Block direct URL navigation to /persons/new, /documents/new,
/documents/:id/edit for users without WRITE_ALL permission.
E2E tests verify admin user retains access to all write routes.

Closes #17
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-20 09:47:52 +01:00

2 Commits