Implement opt-in guest access system allowing unauthenticated users to
view forum content with configurable permissions.
Features Added:
- Guest access toggle in admin settings for forum-wide control
- Guest role with configurable category-level permissions
(view/post/reply)
- Role type system (admin, moderator, default, guest, custom) for
enhanced access control
- Public page support in routing with automatic redirect to login when
disabled
- Public settings API endpoint for unauthenticated access to forum
metadata
- Guest role permissions UI in admin panel with clear capability
restrictions
- Database migration with automatic role type assignment and guest
role seeding
Security & Permission Improvements:
- Permission middleware now validates permissions on public pages
instead of skipping checks
- Admin/moderator roles have full access; guest/default roles
restricted from moderation
- Guest role cannot be assigned to authenticated users
Breaking Changes:
- Forum title/subtitle moved from system config to app config
(auto-migrated)
- Permission middleware behavior changed for PublicPage routes (now
checks permissions)
