Add RBAC support with roles, permissions, and session management. Implement middleware for authentication and CSRF protection. Enhance audit logging with additional fields. Update HTTP handlers and routes for new features.

internal/infra/zfs/zfs.go

@@ -4,7 +4,6 @@ import (
 	"context"
 	"fmt"
 	"strings"
-	"time"
 
 	"github.com/example/storage-appliance/internal/domain"
 	"github.com/example/storage-appliance/internal/infra/osexec"
@@ -100,6 +99,30 @@ func (a *Adapter) CreateDataset(ctx context.Context, name string, props map[stri
 	return nil
 }
 
+// CreateZVol creates a block device zvol with the given size and optional props
+func (a *Adapter) CreateZVol(ctx context.Context, name, size string, props map[string]string) error {
+	args := []string{"create", "-V", size, name}
+	for k, v := range props {
+		args = append([]string{"create", "-o", fmt.Sprintf("%s=%s", k, v)}, args...)
+	}
+	// Note: above building may produce repeated 'create' parts - keep simple: build args now
+	// We'll just construct a direct zfs create -V size -o prop=val name
+	args = []string{"create", "-V", size}
+	for k, v := range props {
+		args = append(args, "-o", fmt.Sprintf("%s=%s", k, v))
+	}
+	args = append(args, name)
+	out, stderr, code, err := osexec.ExecWithRunner(a.Runner, ctx, "zfs", args...)
+	_ = out
+	if err != nil {
+		return err
+	}
+	if code != 0 {
+		return fmt.Errorf("zfs create vol failed: %s", stderr)
+	}
+	return nil
+}
+
 func (a *Adapter) Snapshot(ctx context.Context, dataset, snapName string) error {
 	name := fmt.Sprintf("%s@%s", dataset, snapName)
 	_, stderr, code, err := osexec.ExecWithRunner(a.Runner, ctx, "zfs", "snapshot", name)