fix(SEC-29): Rollen-Trennung Admins/Auditoren, domain_auditor Rolle

- superadmin + domain_admin haben keinen Mail-Zugriff mehr (requireMailAccess) - Neue Rolle domain_auditor: alle Tenant-Mails, kein Admin-Zugriff - auditor + user: nur eigene Mails - ZIP-Export: kein separates Attachment-Entpacken mehr, nur EML - roleLevel() um domain_auditor (Level 3) erweitert Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-31 01:09:19 +02:00
parent e0f6a818eb
commit 64433aa847
5 changed files with 47 additions and 48 deletions
@@ -12,11 +12,12 @@ import (
 )

 const (
-	RoleUser        = "user"
-	RoleAdmin       = "admin"
-	RoleAuditor     = "auditor"
-	RoleDomainAdmin = "domain_admin"
-	RoleSuperAdmin  = "superadmin"
+	RoleUser         = "user"
+	RoleAdmin        = "admin" // legacy, maps to domain_admin
+	RoleAuditor      = "auditor"
+	RoleDomainAdmin  = "domain_admin"
+	RoleDomainAuditor = "domain_auditor"
+	RoleSuperAdmin   = "superadmin"

 	bcryptCost = 12
 )