feat: Plan 3 — Manajemen Pengguna (Admin User Management)
- Add AdminUserController: CRUD users, assign role, reset password,
self-delete guard (403 on own account)
- Add admin route group under role:administrator middleware
(GET/POST/PUT/DELETE /api/admin/users, PUT /api/admin/users/{id}/password)
- Add resources/views/admin/users.blade.php: DaisyUI table + 4 modals
(create, edit, reset password, delete confirm), stats grid, toast
- Add Admin nav link (administrator-only) to map and data navbars
- 9 new tests covering page access, API CRUD, self-delete guard, password reset
- Mark Plan 3 complete in missing_features.md; update README page list
- Save plan3 to docs/ for reference
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -1,5 +1,6 @@
|
||||
<?php
|
||||
|
||||
use App\Http\Controllers\AdminUserController;
|
||||
use App\Http\Controllers\AuthController;
|
||||
use App\Http\Controllers\IbadahController;
|
||||
use App\Http\Controllers\MiskinController;
|
||||
@@ -37,4 +38,17 @@ Route::middleware('auth')->group(function () {
|
||||
Route::delete('/miskin/{id}', [MiskinController::class, 'destroy']);
|
||||
});
|
||||
});
|
||||
|
||||
// Admin routes — hanya administrator
|
||||
Route::middleware('role:administrator')->group(function () {
|
||||
Route::get('/admin/users', fn() => view('admin.users'))->name('admin.users');
|
||||
|
||||
Route::prefix('api/admin')->group(function () {
|
||||
Route::get('/users', [AdminUserController::class, 'index']);
|
||||
Route::post('/users', [AdminUserController::class, 'store']);
|
||||
Route::put('/users/{id}', [AdminUserController::class, 'update']);
|
||||
Route::delete('/users/{id}', [AdminUserController::class, 'destroy']);
|
||||
Route::put('/users/{id}/password', [AdminUserController::class, 'resetPassword']);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user