init backend presensi

app/Filters/AdminOnlyFilter.php

@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Filters;
+
+use App\Modules\Auth\Entities\Role;
+use App\Modules\Auth\Services\AuthService;
+use CodeIgniter\HTTP\RequestInterface;
+use CodeIgniter\HTTP\ResponseInterface;
+
+/**
+ * Admin Only Filter
+ *
+ * Allows access only if user is logged in and has role ADMIN. Otherwise 401 or 403.
+ */
+class AdminOnlyFilter implements \CodeIgniter\Filters\FilterInterface
+{
+    public function before(RequestInterface $request, $arguments = null)
+    {
+        $authService = new AuthService();
+        $user       = $authService->currentUser();
+
+        if ($user === null) {
+            return service('response')
+                ->setStatusCode(401)
+                ->setJSON([
+                    'success' => false,
+                    'message' => 'Unauthorized',
+                    'data'    => null,
+                ]);
+        }
+
+        $roles   = $user['roles'] ?? [];
+        $codes   = array_column($roles, 'role_code');
+        if (!in_array(Role::CODE_ADMIN, $codes, true)) {
+            return service('response')
+                ->setStatusCode(403)
+                ->setJSON([
+                    'success' => false,
+                    'message' => 'Forbidden: Admin only',
+                    'data'    => null,
+                ]);
+        }
+
+        return null;
+    }
+
+    public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
+    {
+        return $response;
+    }
+}