Oliver/loreal-global-kickoff
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
56 commits 1 branch 0 tags 190 KiB
Commit graph

2 commits

Author SHA1 Message Date
Vadym Samoilenko
53e9365c01 Add Azure AD SSO, RBAC (admin/user roles), and server-setup improvements 
- Enable SSO with Azure AD credentials (tenant + client ID + redirect_uri)
- Add JWTValidator.php: RS256 idToken validation via Azure JWKS with 1h cache
- Add auth.php: POST login handler sets auth cookie, GET logout clears it
- Add UserRoleManager.php: file-based role CRUD in data/user_roles.json
- Add admin.php: admin-only role management panel
- AuthMiddleware: add requireAdmin(), role in user array, fix MSAL redirect
- header.php: hide Activity Logs + Admin Panel tabs for non-admin users
- logs-viewer.php: protect with requireAdmin() instead of requireAuth()
- server-setup.sh: add composer check, data/ dir, PHP extension checks, SSO validation
- .gitignore: add data/ directory

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-02 20:34:50 +00:00
DJP
62f46b15b3 Add server setup script to fix production issues 
Created server-setup.sh to fix server environment:
- Creates logs/ directory with proper permissions
- Sets file permissions (755 for dirs, 644 for config, 600 for JWT)
- Tests ApplicationLogger functionality
- Provides instructions for installing PHP zip extension

Issues Found on Server:
1. logs/ directory missing (causing ApplicationLogger to fail)
2. PHP zip extension missing (needed for download-all-csv.php)
3. Vendor directory not writable (minor issue)

Run on server:
  chmod +x server-setup.sh
  ./server-setup.sh
  sudo apt-get install php-zip
  sudo systemctl restart apache2

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-18 11:22:59 -05:00