1.4 KiB
1.4 KiB
T115 — permission-middleware
Status:
done
Milestone:M1
Kind:feat
Est. change:~140 lines(target 100–200)
Goal
完成後系統應:Auth + Admin middleware;非 admin 擋 admin API;跨 uid 私有資源拒絕
Depends on
- T111
Inputs
- 讀取 / 依賴:
- AU-12~14 AD-13
- Spec:
docs/product/haixun-backend/spec.md(§9:AU-12 AU-13 AU-14 AD-13) - 對照:
docs/product/haixun-backend/fe-spec-alignment.md(UI MUST) - 後端根:
apps/backend - Remove(本 task 禁止實作): 舊靈感 list/viral/bookmark/spark/searchTrends;generateFromFormula;ScoutTopic CRUD;live 以 simulate/createMock 當完成;Insights 真管線(P2)。
Outputs
程式變更(預期路徑)
| 路徑 | 動作 | 說明 |
|---|---|---|
apps/backend/internal/**/middleware/** |
add/edit | Auth/Admin |
行為變更
- 權限失敗可讀
API / 契約(若有)
- —
測試交付(強制)
TestAU_12_MemberDeniedAdmin
Out of scope
- —
Acceptance
- Spec/UI MUST 覆蓋:
AU-12 AU-13 AU-14 AD-13 - 每個相關 §9 ID 有可 grep 的 case 名(
TestXX_01_…或完整覆蓋在里程碑 test task) - 未實作不回 102000+空 data
- 指令:
cd apps/backend && go test ./internal/.../middleware/... -count=1
Notes
—