security: expand and complete permissions matrix with granular, enterprise-ready permissions

2026-05-21 22:15:53 +07:00
parent 65804be1cb
commit 7965b34c85
44 changed files with 179 additions and 145 deletions
@@ -10,7 +10,7 @@ class ActivityLogController extends Controller
 {
    public function index(Request $request)
    {
-        $this->authorize('user.view');
+        abort_if(!auth()->user()->can('activity-logs.view'), 403, 'Unauthorized. Activity logs view permission required.');

        $search  = $request->input('search');
        $logName = $request->input('log_name');
@@ -58,7 +58,7 @@ class ActivityLogController extends Controller

    public function bulkDelete(Request $request)
    {
-        $this->authorize('user.delete');
+        abort_if(!auth()->user()->can('activity-logs.delete'), 403, 'Unauthorized. Activity logs delete permission required.');

        $ids = (array) $request->input('ids', []);