Implement Role-Based Access Control (RBAC) Middleware

**Description:**  
Create an authorization middleware to restrict access by user role.

**Tasks:**
- [ ] Create `src/middlewares/authorize.js` that accepts allowed roles as arguments
- [ ] Return `403 Forbidden` if the authenticated user's role is not in the allowed list
- [ ] Apply to all admin-only routes

**Acceptance Criteria:**  
Non-admin users receive `403` when accessing admin routes.                    
---

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Implement Role-Based Access Control (RBAC) Middleware #377

Acceptance Criteria:
Non-admin users receive `403` when accessing admin routes.

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Uh oh!

Implement Role-Based Access Control (RBAC) Middleware #377

Description

Acceptance Criteria: Non-admin users receive 403 when accessing admin routes.

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions

Acceptance Criteria:
Non-admin users receive `403` when accessing admin routes.