gdc_cmod/app/Config/Routes.php

<?php

use CodeIgniter\Router\RouteCollection;

$routes->set404Override(function () {
    $response = service('response');
    $response->setStatusCode(404);
    echo view('errors/notfound');
});
$routes->get('/unauthorized', 'ErrorPage::unauthorized');


$routes->get('/', 'Home::index');
$routes->get('/login', 'AuthController::loginPage', ['filter' => 'guest']);
$routes->post('/login', 'AuthController::login', ['filter' => 'guest']);
$routes->get('/logout', 'AuthController::logout');
$routes->patch('/setPassword', 'AuthController::setPassword');

$routes->get('label/coll/(:any)', 'LabelController::coll/$1');
$routes->get('label/dispatch/(:any)/(:any)', 'LabelController::dispatch/$1/$2');
$routes->get('label/all/(:any)', 'LabelController::print_all/$1');


// --- API Group ---
$routes->group('api', function ($routes) {

    // Users Management - Only Superuser (0) and Admin (1)
    $routes->group('users', ['filter' => 'role:0,1'], function ($routes) {
        $routes->get('', 'UsersController::index');
        $routes->post('', 'UsersController::create');
        $routes->patch('(:any)', 'UsersController::update/$1');
        $routes->delete('(:any)', 'UsersController::delete/$1');
    });

    // Requests - All Roles (0,1,2,3,4)
    $routes->group('requests', ['filter' => 'role:0,1,2,3,4'], function ($routes) {
        $routes->get('', 'RequestsController::index');
        $routes->post('validate/(:any)', 'RequestsController::val/$1');
        $routes->delete('validate/(:any)', 'RequestsController::unval/$1');
    });

    // Validate API - Lab (2), Admin (1), Superuser (0)
    $routes->group('validate', ['filter' => 'role:0,1,2'], function ($routes) {
        $routes->get('unvalidated', 'ApiValidateController::unvalidated');
    });

    // Samples
    $routes->group('samples', function ($routes) {
        // Collect & Show - All Roles
        $routes->group('', ['filter' => 'role:0,1,2,3,4'], function ($routes) {
            $routes->post('collect/(:any)', 'SamplesController::collect/$1');
            $routes->get('(:any)', 'SamplesController::show/$1');
        });

        // Uncollect & Unreceive - Only Superuser (0) and Admin (1)
        $routes->group('', ['filter' => 'role:0,1'], function ($routes) {
            $routes->delete('collect/(:any)', 'SamplesController::uncollect/$1');
            $routes->delete('receive/(:any)', 'SamplesController::unreceive/$1');
        });
    });

});


// --- Page Routes ---

$routes->group('superuser', ['filter' => 'role:0'], function ($routes) {
    $routes->get('', 'Pages\SuperuserController::index');
    $routes->get('users', 'Pages\SuperuserController::users');
    $routes->get('validate', 'Pages\SuperuserController::validatePage');
});

$routes->group('admin', ['filter' => 'role:1'], function ($routes) {
    $routes->get('', 'Pages\AdminController::index');
    $routes->get('users', 'Pages\AdminController::users');
    $routes->get('validate', 'Pages\AdminController::validationPage');
});

$routes->group('lab', ['filter' => 'role:2'], function ($routes) {
    $routes->get('', 'Pages\LabController::index');
    $routes->get('validate', 'Pages\LabController::validationPage');
});

$routes->group('phlebo', ['filter' => 'role:3'], function ($routes) {
    $routes->get('', 'Pages\PhlebotomistController::index');
});

$routes->group('cs', ['filter' => 'role:4'], function ($routes) {
    $routes->get('', 'Pages\CsController::index');
});

$routes->get('/dummypage', 'Home::dummyPage');