|
1 | 1 | <?php |
2 | 2 |
|
3 | 3 | use WeDevs\PM\Core\Router\Router; |
4 | | -use WeDevs\PM\Core\Permissions\Authentic; |
5 | 4 |
|
6 | 5 | $wedevs_pm_router = Router::singleton(); |
7 | 6 |
|
| 7 | +// User listing endpoints - require list_users capability or PM manager role |
8 | 8 | $wedevs_pm_router->get( 'users', 'WeDevs/PM/User/Controllers/User_Controller@index' ) |
9 | | - ->permission(['WeDevs\PM\Core\Permissions\Authentic']); |
10 | | -$wedevs_pm_router->post( 'users', 'WeDevs/PM/User/Controllers/User_Controller@store' ) |
11 | | - ->permission(['WeDevs\PM\Core\Permissions\Authentic']); |
| 9 | + ->permission(['WeDevs\PM\Core\Permissions\List_Users']); |
12 | 10 | $wedevs_pm_router->get( 'users/{id}', 'WeDevs/PM/User/Controllers/User_Controller@show' ) |
13 | | - ->permission(['WeDevs\PM\Core\Permissions\Authentic']); |
14 | | - |
| 11 | + ->permission(['WeDevs\PM\Core\Permissions\List_Users']); |
15 | 12 | $wedevs_pm_router->get( 'users/search', 'WeDevs/PM/User/Controllers/User_Controller@search' ) |
16 | | - ->permission(['WeDevs\PM\Core\Permissions\Authentic']); |
| 13 | + ->permission(['WeDevs\PM\Core\Permissions\List_Users']); |
| 14 | +$wedevs_pm_router->get( 'user-all-projects', 'WeDevs/PM/User/Controllers/User_Controller@get_user_all_projects' ) |
| 15 | + ->permission(['WeDevs\PM\Core\Permissions\List_Users']); |
| 16 | + |
| 17 | +// User creation - require create_users capability |
| 18 | +$wedevs_pm_router->post( 'users', 'WeDevs/PM/User/Controllers/User_Controller@store' ) |
| 19 | + ->permission(['WeDevs\PM\Core\Permissions\Create_Users']); |
| 20 | + |
17 | 21 | //$wedevs_pm_router->put( 'users/{user_id}/roles', 'WeDevs/PM/User/Controllers/User_Controller@update_role' ) |
18 | 22 | // ->permission(['WeDevs\PM\Core\Permissions\Project_Manage_Capability']); |
19 | 23 |
|
| 24 | +// User meta update - already checks manage_options in controller |
20 | 25 | $wedevs_pm_router->post( 'save_users_map_name', 'WeDevs/PM/User/Controllers/User_Controller@save_users_map_name' ) |
21 | 26 | ->permission(['WeDevs\PM\Core\Permissions\Authentic']); |
22 | | - |
23 | | -$wedevs_pm_router->get( 'user-all-projects', 'WeDevs/PM/User/Controllers/User_Controller@get_user_all_projects' ) |
24 | | - ->permission(['WeDevs\PM\Core\Permissions\Authentic']); |
|
0 commit comments