torsten/harheimertc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update role-based access control for user management in CMS

Browse Source 
This commit modifies the navigation and CMS user management components to allow access for both 'admin' and 'vorstand' roles. The changes include updating the conditional rendering logic in the Navigation and index.vue files, as well as adjusting the API endpoint to reflect the new role permissions, enhancing the flexibility of user access within the CMS.
This commit is contained in:
Torsten Schulz (local)
2026-02-06 10:35:13 +01:00
parent 57b32debeb
commit 2d974214ab
3 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
server/api/cms/users/list.get.js
View File

@@ -5,7 +5,8 @@ export default defineEventHandler(async (event) => {
const token = getCookie(event, 'auth_token')
const currentUser = await getUserFromToken(token)
if (!currentUser || !hasAnyRole(currentUser, 'admin')) {
// Seite darf von Admin ODER Vorstand genutzt werden
if (!currentUser || !hasAnyRole(currentUser, 'admin', 'vorstand')) {
throw createError({
statusCode: 403,
message: 'Zugriff verweigert'