Refactor Permission Management to a Middleware-Based Solution

[JackHaeg]

Overview

The current VRMS permission system (accessLevel) relies on hardcoded values / string matching checks (e.g., is_admin), which limits flexibility and maintainability. To enhance scalability and streamline permission management, permissions should be refactored into a middleware-based solution. This will allow for centralized handling and easier updates across the application.

Action Items

• [ ] Research approaches for refactoring the current permission system into a middleware-based solution.
  • Ensure that the new implementation supports upcoming User Permission Search features, which are set to be merged in #1737.
• [ ] Design and document middleware architecture, including:
  • Permission validation workflows.
  • Integration points with existing authentication mechanisms.
• [ ] Create diagrams outlining the proposed middleware solution to illustrate system interactions and permission handling.

Resources/Instructions

• Review the related issue that uncovered this problem: #1802.
• Ensure alignment with existing authentication and authorization best practices.