akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity

feat: implement role-based access for settings route and add focus trap hook

Browse Source 
- Wrapped the Settings component in RequireRole to enforce access control for admin and user roles.
- Introduced a new custom hook `useFocusTrap` to manage focus within modal dialogs, enhancing accessibility.
- Applied the focus trap in InviteModal, PermissionsModal, and UserDetailModal to prevent focus from leaving the dialog.
- Updated PassthroughLanding to focus on the heading when the component mounts.
This commit is contained in:
GitHub Actions
2026-03-03 03:08:59 +00:00
parent a681d6aa30
commit 3f12ca05a3
7 changed files with 1105 additions and 447 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/internal/api/middleware/auth.go
View File

@@ -117,7 +117,7 @@ func RequireManagementAccess() gin.HandlerFunc {
return func(c *gin.Context) {
role := c.GetString("role")
if role == string(models.RolePassthrough) {
c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"error": "Forbidden"})
c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"error": "Pass-through users cannot access management features"})
return
}
c.Next()