Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update: 2026-05-04 01:33:55

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-04 01:33:55 +03:00
parent ad48142492
commit 90f2f6f6e3
6 changed files with 251 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/modules_app/users/create.php
View File

@@ -19,7 +19,7 @@ $data = input();
// 1. Role Authorization check (Prevent Role Escalation)
$allowedRoles = match($decoded['role']) {
'super_admin' => ['super_admin', 'admin', 'accountant', 'employee', 'viewer'],
'admin' => ['accountant', 'employee', 'viewer'],
'admin' => ['accountant', 'employee', 'viewer'], // Cannot create other admins
default => []
};