65cb3008ee
Some checks failed
CI / secret-scan (push) Successful in 8s
CI / static-tests (push) Successful in 28s
CI / static-tests (pull_request) Successful in 27s
CI / auto-merge (push) Has been skipped
CI / php-lint (push) Successful in 18s
CI / secret-scan (pull_request) Successful in 9s
CI / php-lint (pull_request) Successful in 18s
CI / auto-merge (pull_request) Failing after 4s
AdminController : base des pages back-office. guard(permission?) applique RG-6/RG-T02 (302 vers
/login si session absente/expiree/inactive) puis RG-T03 (403 si permission manquante), sinon renvoie
la GuardResult ; adminView() rend dans le shell admin en injectant identite + permissions + jeton CSRF.
Controller gagne un hook layoutName() (defaut inchange). DashboardController -> GET /admin/dashboard
(landing authentifie ; KPI reels = chunk stats). UserDirectory : nom + libelle de role pour la topbar.
Vues admin/{layout,dashboard,forbidden} : navigation conditionnee aux permissions, logout en POST CSRF,
sorties echappees (RG-T15), assets en chemins absolus. Premier cablage de SessionGuard sur une page.
127 tests (dont 403 garde, echappement XSS), PHPStan L6.
|
||
|---|---|---|
| .. | ||
| Admin | ||
| Auth | ||
| Core | ||
| ConfigTest.php | ||
| RouterTest.php | ||