Merge pull request #373 from manoahLinks/role

Restrict dashboard access based on user role

Author: Solomonsolomonsolomon

land-registry-backend/src/middleware/roleGuard.ts

@@ -0,0 +1,16 @@
+import { Request, Response, NextFunction } from "express";
+
+/**
+ * Middleware to restrict access to routes based on user role.
+ * Usage: app.use('/dashboard/owner', roleGuard(['owner']), ...)
+ */
+export function roleGuard(allowedRoles: string[]) {
+  return (req: Request, res: Response, next: NextFunction) => {
+    // Assumes req.user is set by authentication middleware (e.g., JWT)
+    const userRole = req.user?.role;
+    if (!userRole || !allowedRoles.includes(userRole)) {
+      return res.status(403).json({ message: "Forbidden: Insufficient role" });
+    }
+    next();
+  };
+}