Skip to content

feat(admin): add protected admin area shell and dashboard entry#36

Merged
ibourgeois merged 1 commit into
mainfrom
codex/11-admin-shell
Apr 10, 2026
Merged

feat(admin): add protected admin area shell and dashboard entry#36
ibourgeois merged 1 commit into
mainfrom
codex/11-admin-shell

Conversation

@ibourgeois
Copy link
Copy Markdown
Contributor

@ibourgeois ibourgeois commented Apr 10, 2026

Closes #11\n\nSummary:\n- Adds a protected admin dashboard route and dedicated admin landing page\n- Shows an admin toolbar entry only to admins\n- Reuses the shared shell and component set for the admin area\n- Extends Pest coverage for toolbar visibility and route protection\n\nValidation:\n- vendor/bin/pint --dirty --format agent\n- php artisan test --compact\n- npm run build

Copilot AI review requested due to automatic review settings April 10, 2026 10:24
@ibourgeois ibourgeois merged commit 2df8035 into main Apr 10, 2026
3 checks passed
@ibourgeois ibourgeois deleted the codex/11-admin-shell branch April 10, 2026 10:27
Copilot AI reviewed Apr 10, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds an initial admin-only area by introducing a protected admin dashboard route, wiring an “Admin” entry into the shared application toolbar for admins, and expanding RBAC feature coverage to assert both route protection and UI visibility.

Changes:

  • Added /admin as a protected route (auth + can:access-admin) rendering a new admin.dashboard view.
  • Updated the shared app-shell to optionally render an Admin toolbar entry for admin users.
  • Extended Pest feature tests to cover Admin toolbar visibility for admins vs non-admins.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
tests/Feature/Auth/RbacTest.php Adds feature test asserting the Admin toolbar entry is only visible to admins.
routes/web.php Switches /admin to render the new admin dashboard view behind authorization middleware.
resources/views/home.blade.php Removes the placeholder Admin item and enables the shell’s admin entry rendering.
resources/views/components/layouts/app-shell.blade.php Adds an optional Admin toolbar entry rendering block in the shared shell.
resources/views/admin/dashboard.blade.php Introduces the new admin dashboard page using the shared shell and components.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread resources/views/components/layouts/app-shell.blade.php
Comment on lines +95 to +101
@if ($showAdminEntry && auth()->user()?->isAn('admin'))
<x-app.toolbar-item
href="{{ route('admin.dashboard') }}"
label="Admin"
icon="heroicon-o-shield-check"
:current="request()->routeIs('admin.*')"
/>
Copy link

Copilot AI Apr 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The admin toolbar entry visibility duplicates the authorization logic by checking auth()->user()?->isAn('admin') directly. Since the route is protected with can:access-admin (and the Gate is defined), consider switching this to @can('access-admin') / auth()->user()?->can('access-admin') so UI visibility stays consistent with the actual authorization rules if they change later.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feat(admin): add protected admin area shell and dashboard entry

2 participants

@ibourgeois