admin/e-ticket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enforce sub-account permissions on events and tickets routes

Browse Source 
- SubAccountPermissionSubscriber: checks events/tickets permissions for sub-accounts
- Blocks access with redirect + flash error if permission missing
- Hide events/subaccounts/payouts tabs for sub-accounts without permission
- 5 tests: non-sub-account, blocked events, allowed events, blocked tickets

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Serreau Jovann
2026-03-22 22:05:16 +01:00
parent 6db0566f69
commit 94ebe09181
4 changed files with 252 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
TASK_CHECKUP.md
View File

@@ -28,7 +28,7 @@
- [x] Admin : liste de toutes les commandes avec filtres (recherche, statut, KPIs)
- [x] Admin : pouvoir suspendre/réactiver un organisateur (badge, bouton toggle, redirect si suspendu, audit log)
- [x] Admin : pouvoir modifier l'offre/commission d'un orga existant
- [ ] Vérifier que les permissions des sous-comptes sont respectées (scanner, events, tickets)
- [x] Vérifier que les permissions des sous-comptes sont respectées (scanner, events, tickets)
- [x] Admin : logs des actions importantes (audit trail: commande, paiement, annulation, remboursement)
### UX & Pages