ahmido
210cf5ce8b
Implements 064-auth-structure (Auth Structure v1.0): Adds platform_users + PlatformUser identity (factory + seeder) for platform operators Introduces platform auth guard/provider in auth.php Adds a dedicated Filament v5 System panel at system using guard platform (custom login + dashboard) Enforces strict cross-scope isolation between /admin and system (deny-as-404) Adds platform capability gating (platform.access_system_panel, platform.use_break_glass) + gates in AuthServiceProvider Implements audited break-glass mode (enter/exit/expire), banner via render hook, feature flag + TTL config Removes legacy users.is_platform_superadmin runtime usage and adds an architecture test to prevent regressions Updates tenant membership pivot usage where needed (tenant_memberships) Testing: vendor/bin/sail artisan test --compact tests/Feature/Auth (28 passed) vendor/bin/sail bin pint --dirty Notes: Filament v5 / Livewire v4 compatible. Panel providers registered in providers.php. Destructive actions use ->action(...) + ->requiresConfirmation() where applicable. Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box> Reviewed-on: #77
27 lines
571 B
PHP
27 lines
571 B
PHP
<?php
|
|
|
|
namespace App\Support\Auth;
|
|
|
|
/**
|
|
* Platform Capability Registry
|
|
*
|
|
* These capabilities are used for platform operators authenticated via the
|
|
* `platform` guard (System panel).
|
|
*/
|
|
class PlatformCapabilities
|
|
{
|
|
public const ACCESS_SYSTEM_PANEL = 'platform.access_system_panel';
|
|
|
|
public const USE_BREAK_GLASS = 'platform.use_break_glass';
|
|
|
|
/**
|
|
* @return array<string>
|
|
*/
|
|
public static function all(): array
|
|
{
|
|
$reflection = new \ReflectionClass(self::class);
|
|
|
|
return array_values($reflection->getConstants());
|
|
}
|
|
}
|