Lewati ke konten utama

Role Access Matrix

Definisi Role

Sumber: App\\Models\\User + AuthServiceProvider + middleware access:*.

Role	Kode	Deskripsi Singkat
Head Admin	`head_admin`	approval utama dan kontrol penuh
Project	`project`	owner akun project
SPV	`spv`	supervisor project
Logistic	`logistic`	pengelolaan supplier/logistik
Logistic Admin	`logistic_admin`	variasi akses logistik
Accounting	`accounting`	proses payment/tax
Accounting Admin	`accounting_admin`	accounting dengan hak tambahan
SPK	`spk`	pengelolaan modul SPK
PM	`pm`	role tersedia di Gate/model (pemakaian route spesifik terbatas)

Matrix Fungsional

Area	Head Admin	Project	SPV	Logistic/Logistic Admin	Accounting	SPK
Project master	CRUD	-	-	-	-	-
Employee master	CRUD	-	-	-	-	-
Supplier master	CRUD	-	-	CRUD	-	CRUD (akses route supplier mencakup spk)
SPB create/update	approve/delete	create/update	read/list	download/list	-	-
PO create/update	approve/cancel/delete	status update	status update	create/download/mark supplier	read	-
Pembayaran PO	approve/verify	-	-	-	update/check/submit	-
Payment Split	approve/paid	-	-	-	update/verify/paid	-
SPK contract	approve/reject/finish	list/detail (tergantung access project)	-	-	list/detail/accounting	create/update/payment
SPK payment	approve/reject/revision	-	-	-	edit/update/accounting	create/update/delete

Middleware Ringkasan

auth: wajib login web.
auth:sanctum: token API.
access:...: validasi role granular.
tmd-bsa: basic auth untuk endpoint docs API tertentu.

Edge Cases

Role accounting_admin dianggap valid pada beberapa akses accounting (lihat middleware).
User role project akan di-logout otomatis jika project terkait sudah soft-deleted.

Catatan Verifikasi

Status: Partial
Scope: Pemakaian role pm di endpoint production belum dominan pada hasil audit route.
Action: Validasi akses nyata berdasarkan policy bisnis + log penggunaan endpoint.

Definisi Role
Matrix Fungsional
Middleware Ringkasan
Edge Cases
Catatan Verifikasi