Draco-Lunaris-Echo 88b190ac8d fix(security): restrict auth-config mutations to Admin role (#5) ...

Restrict manager-wide authentication configuration mutations (OIDC, SMTP, IP allowlist) to Admin role. Operators now receive 403 forbidden_role.

- New admin_required helper in settings.rs
- 4 gate changes: update_settings, discover_oidc, test_oidc, update_ip_whitelist
- 5 new AuditAction variants + migration 019
- SPA friendly error message on 403
- 3 admin_required unit tests pass (43/43)
- Full integration tests deferred to issue #15

Closes #5

2026-06-03 09:16:41 -05:00

..

src

fix(security): restrict auth-config mutations to Admin role (#5)

2026-06-03 09:16:41 -05:00

eslint.config.js

Fix all frontend ESLint errors

2026-04-27 21:20:25 +00:00

index.html

feat: Complete Azure SSO implementation (v0.1.3)

2026-05-12 17:01:20 +00:00

package-lock.json

fix(security): stop embedding JWT tokens in SSO callback redirect URL (#4) (#14)

2026-06-03 06:28:08 -05:00

package.json

fix(security): stop embedding JWT tokens in SSO callback redirect URL (#4) (#14)

2026-06-03 06:28:08 -05:00

tsconfig.json

feat(M1): Project scaffolding, DB schema, core infrastructure

2026-04-23 15:55:53 +00:00

tsconfig.node.json

feat(M1): Project scaffolding, DB schema, core infrastructure

2026-04-23 15:55:53 +00:00

vite.config.ts

fix: make version display dynamic from package.json instead of hardcoded

2026-05-12 23:49:14 +00:00

vitest.config.ts

fix(security): stop embedding JWT tokens in SSO callback redirect URL (#4) (#14)

2026-06-03 06:28:08 -05:00