feat: implement group-based access control (Admin, Standard_User, Leadership, Read_Only)

Browse Source

- Add user_group migration and created_by column migration
- Replace requireRole middleware with requireGroup
- Update all backend routes to use group-based authorization
- Add Standard_User conditional delete with ownership, state, and compliance checks
- Add cascade impact check for CVE deletes
- Update AuthContext with group-based permission helpers
- Update all frontend components for group-based rendering
- Update UserManagement UI with group dropdown, confirmation dialogs, self-demotion prevention

...

This commit is contained in:

jramos

2026-04-06 16:18:07 -06:00

parent 1ef57b0504

commit 73fd747576

19 changed files with 1171 additions and 149 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

0

.kiro/specs/group-based-access-control/design.md Normal file