[WiP] feature: restrict access to sites by user roles#3425
[WiP] feature: restrict access to sites by user roles#3425robinboening wants to merge 1 commit intoAlchemyCMS:mainfrom
Conversation
This introduces role-based access control for Alchemy::Site objects. Sites can now define an accessible_by whitelist in config/alchemy/site_layouts.yml, limiting which user roles may access and edit content for each site. If accessible_by is not set, all roles retain access (backward compatible). Access checks integrate with CanCanCan and restrict site selection and page/content management accordingly.
robinboening
force-pushed
the
restrict_site_access
branch
from
67071d8 to
4954524
Compare
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #3425 +/- ##
=======================================
Coverage 97.13% 97.14%
=======================================
Files 279 279
Lines 7369 7387 +18
=======================================
+ Hits 7158 7176 +18
Misses 211 211 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
This pull request has not seen any activiy in a long time. |
|
This pull request has not seen any activiy in a long time. |
|
This pull request has not seen any activiy in a long time. |
1 participant
This introduces role-based access control for Alchemy::Site objects. Sites can now define an accessible_by whitelist in config/alchemy/site_layouts.yml, limiting which user roles may access and edit content for each site.
If accessible_by is not set, all roles retain access (backward compatible).
Access checks integrate with CanCanCan and restrict site selection and page/content management accordingly.
Checklist
P.S. this PR covers a very simple and first version of this feature. It's currently missing tests. Issue #3421 is the starting point of the discussion on this.