Samir Boulahtit cb3bc3c118 feat: implement complete RBAC access control with tests ...

Add 4-layer access control stack (subscription → module → menu → permissions):
- P1: Wire requires_permission into menu sidebar filtering
- P2: Expose window.USER_PERMISSIONS for Alpine.js client-side gating
- P3: Add page-level permission guards on store routes
- P4: Role CRUD API endpoints and role editor UI
- P5: Audit trail for all role/permission changes

Includes unit tests (menu permission filtering, role CRUD service) and
integration tests (role API endpoints). All 404 core+tenancy tests pass.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-26 18:26:59 +01:00

..

locales

refactor: rename Wizamart to Orion across entire codebase

2026-02-14 16:46:56 +01:00

migrations

fix(lint): auto-fix ruff violations and tune lint rules

2026-02-12 23:10:42 +01:00

models

fix(lint): auto-fix ruff violations and tune lint rules

2026-02-12 23:10:42 +01:00

routes

feat: production routing support for subdomain and custom domain modes

2026-02-26 00:15:06 +01:00

schemas

refactor: remove backward compatibility code for pre-launch baseline

2026-02-13 21:58:59 +01:00

services

refactor: fix all 177 architecture validator warnings

2026-02-14 11:59:44 +01:00

static

fix: replace all native confirm() dialogs with styled modal macros

2026-02-19 16:56:25 +01:00

templates/cms

refactor: rename shopLayoutData to storefrontLayoutData

2026-02-24 19:06:45 +01:00

tests

refactor: fix all 177 architecture validator warnings

2026-02-14 11:59:44 +01:00

__init__.py

refactor: complete Company→Merchant, Vendor→Store terminology migration

2026-02-07 18:33:57 +01:00

config.py

feat: add module config and migrations auto-discovery infrastructure

2026-01-28 22:19:41 +01:00

definition.py

feat: implement complete RBAC access control with tests

2026-02-26 18:26:59 +01:00

exceptions.py

feat(validators): add noqa suppression support to security and performance validators

2026-02-14 22:56:56 +01:00