updated documentation folder

py_app/app/daily_mirror.py

@@ -26,10 +26,15 @@ def check_daily_mirror_access():
         flash('Please log in to access this page.')
         return redirect(url_for('main.login'))
         
-    # Check if user has admin+ access
+    # Superadmin has access to everything
     user_role = session.get('role', '')
-    if user_role not in ['superadmin', 'admin']:
-        flash('Access denied: Admin privileges required for Daily Mirror.')
+    if user_role == 'superadmin':
+        return None  # Access granted
+    
+    # Check if user has daily_mirror module access
+    user_modules = session.get('modules', [])
+    if 'daily_mirror' not in user_modules:
+        flash('Access denied: Daily Mirror module access required.')
         return redirect(url_for('main.dashboard'))
     
     return None  # Access granted
@@ -37,13 +42,19 @@ def check_daily_mirror_access():
 
 def check_daily_mirror_api_access():
     """Helper function to check API access for Daily Mirror"""
-    # Check if user is logged in and has admin+ access
+    # Check if user is logged in
     if 'user' not in session:
         return jsonify({'error': 'Authentication required'}), 401
         
+    # Superadmin has access to everything
     user_role = session.get('role', '')
-    if user_role not in ['superadmin', 'admin']:
-        return jsonify({'error': 'Admin privileges required'}), 403
+    if user_role == 'superadmin':
+        return None  # Access granted
+    
+    # Check if user has daily_mirror module access
+    user_modules = session.get('modules', [])
+    if 'daily_mirror' not in user_modules:
+        return jsonify({'error': 'Daily Mirror module access required'}), 403
     
     return None  # Access granted