torsten/harheimertc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update dependencies to include TinyMCE and Quill, enhance Navigation component with a new Newsletter submenu, and implement role-based access control for CMS features. Refactor user role handling to support multiple roles and improve user management functionality across various API endpoints.

Browse Source
This commit is contained in:
Torsten Schulz (local)
2025-12-19 09:51:28 +01:00
parent baf6c59c0d
commit 435e28fd55
69 changed files with 5034 additions and 276 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/api/cms/satzung-upload.post.js
View File

@@ -3,7 +3,7 @@ import fs from 'fs/promises'
import path from 'path'
import { exec } from 'child_process'
import { promisify } from 'util'
import { getUserFromToken } from '../../utils/auth.js'
import { getUserFromToken, hasAnyRole } from '../../utils/auth.js'
const execAsync = promisify(exec)
@@ -62,7 +62,7 @@ export default defineEventHandler(async (event) => {
})
}
if (currentUser.role !== 'admin' && currentUser.role !== 'vorstand') {
if (!hasAnyRole(currentUser, 'admin', 'vorstand')) {
throw createError({
statusCode: 403,
statusMessage: 'Keine Berechtigung'

4
server/api/cms/save-csv.post.js
View File

@@ -1,6 +1,6 @@
import fs from 'fs/promises'
import path from 'path'
import { getUserFromToken } from '../../utils/auth.js'
import { getUserFromToken, hasAnyRole } from '../../utils/auth.js'
export default defineEventHandler(async (event) => {
try {
@@ -14,7 +14,7 @@ export default defineEventHandler(async (event) => {
})
}
if (currentUser.role !== 'admin' && currentUser.role !== 'vorstand') {
if (!hasAnyRole(currentUser, 'admin', 'vorstand')) {
throw createError({
statusCode: 403,
statusMessage: 'Keine Berechtigung'

4
server/api/cms/upload-spielplan-pdf.post.js
View File

@@ -1,7 +1,7 @@
import multer from 'multer'
import fs from 'fs/promises'
import path from 'path'
import { getUserFromToken } from '../../utils/auth.js'
import { getUserFromToken, hasAnyRole } from '../../utils/auth.js'
// Multer-Konfiguration für PDF-Uploads
const storage = multer.diskStorage({
@@ -57,7 +57,7 @@ export default defineEventHandler(async (event) => {
})
}
if (currentUser.role !== 'admin' && currentUser.role !== 'vorstand') {
if (!hasAnyRole(currentUser, 'admin', 'vorstand')) {
throw createError({
statusCode: 403,
statusMessage: 'Keine Berechtigung'

18
server/api/cms/users/approve.post.js
View File

@@ -1,4 +1,4 @@
import { getUserFromToken, readUsers, writeUsers } from '../../../utils/auth.js'
import { getUserFromToken, readUsers, writeUsers, hasAnyRole, migrateUserRoles } from '../../../utils/auth.js'
import nodemailer from 'nodemailer'
export default defineEventHandler(async (event) => {
@@ -6,7 +6,7 @@ export default defineEventHandler(async (event) => {
const token = getCookie(event, 'auth_token')
const currentUser = await getUserFromToken(token)
if (!currentUser || (currentUser.role !== 'admin' && currentUser.role !== 'vorstand')) {
if (!currentUser || !hasAnyRole(currentUser, 'admin')) {
throw createError({
statusCode: 403,
message: 'Zugriff verweigert'
@@ -14,7 +14,7 @@ export default defineEventHandler(async (event) => {
}
const body = await readBody(event)
const { userId, role } = body
const { userId, roles } = body
const users = await readUsers()
const user = users.find(u => u.id === userId)
@@ -26,9 +26,17 @@ export default defineEventHandler(async (event) => {
})
}
// Activate user and set role
// Migriere Benutzer falls nötig
migrateUserRoles(user)
// Activate user and set roles
user.active = true
user.role = role || 'mitglied'
if (Array.isArray(roles) && roles.length > 0) {
user.roles = roles
} else {
// Fallback: einzelne Rolle als Array
user.roles = roles ? [roles] : ['mitglied']
}
const updatedUsers = users.map(u => u.id === userId ? user : u)
await writeUsers(updatedUsers)

4
server/api/cms/users/deactivate.post.js
View File

@@ -1,11 +1,11 @@
import { getUserFromToken, readUsers, writeUsers } from '../../../utils/auth.js'
import { getUserFromToken, readUsers, writeUsers, hasAnyRole } from '../../../utils/auth.js'
export default defineEventHandler(async (event) => {
try {
const token = getCookie(event, 'auth_token')
const currentUser = await getUserFromToken(token)
if (!currentUser || (currentUser.role !== 'admin' && currentUser.role !== 'vorstand')) {
if (!currentUser || !hasAnyRole(currentUser, 'admin')) {
throw createError({
statusCode: 403,
message: 'Zugriff verweigert'

29
server/api/cms/users/list.get.js
View File

@@ -1,11 +1,11 @@
import { getUserFromToken, readUsers } from '../../../utils/auth.js'
import { getUserFromToken, readUsers, hasAnyRole, migrateUserRoles } from '../../../utils/auth.js'
export default defineEventHandler(async (event) => {
try {
const token = getCookie(event, 'auth_token')
const currentUser = await getUserFromToken(token)
if (!currentUser || (currentUser.role !== 'admin' && currentUser.role !== 'vorstand')) {
if (!currentUser || !hasAnyRole(currentUser, 'admin')) {
throw createError({
statusCode: 403,
message: 'Zugriff verweigert'
@@ -15,16 +15,21 @@ export default defineEventHandler(async (event) => {
const users = await readUsers()
// Return users without passwords
const safeUsers = users.map(u => ({
id: u.id,
email: u.email,
name: u.name,
role: u.role,
phone: u.phone || '',
active: u.active,
created: u.created,
lastLogin: u.lastLogin
}))
const safeUsers = users.map(u => {
const migrated = migrateUserRoles({ ...u })
const roles = Array.isArray(migrated.roles) ? migrated.roles : (migrated.role ? [migrated.role] : ['mitglied'])
return {
id: u.id,
email: u.email,
name: u.name,
roles: roles,
role: roles[0] || 'mitglied', // Rückwärtskompatibilität
phone: u.phone || '',
active: u.active,
created: u.created,
lastLogin: u.lastLogin
}
})
return {
users: safeUsers

4
server/api/cms/users/reject.post.js
View File

@@ -1,11 +1,11 @@
import { getUserFromToken, readUsers, writeUsers } from '../../../utils/auth.js'
import { getUserFromToken, readUsers, writeUsers, hasAnyRole } from '../../../utils/auth.js'
export default defineEventHandler(async (event) => {
try {
const token = getCookie(event, 'auth_token')
const currentUser = await getUserFromToken(token)
if (!currentUser || (currentUser.role !== 'admin' && currentUser.role !== 'vorstand')) {
if (!currentUser || !hasAnyRole(currentUser, 'admin')) {
throw createError({
statusCode: 403,
message: 'Zugriff verweigert'

19
server/api/cms/users/update-role.post.js
View File

@@ -1,11 +1,11 @@
import { getUserFromToken, readUsers, writeUsers } from '../../../utils/auth.js'
import { getUserFromToken, readUsers, writeUsers, hasAnyRole, migrateUserRoles } from '../../../utils/auth.js'
export default defineEventHandler(async (event) => {
try {
const token = getCookie(event, 'auth_token')
const currentUser = await getUserFromToken(token)
if (!currentUser || (currentUser.role !== 'admin' && currentUser.role !== 'vorstand')) {
if (!currentUser || !hasAnyRole(currentUser, 'admin')) {
throw createError({
statusCode: 403,
message: 'Zugriff verweigert'
@@ -13,12 +13,15 @@ export default defineEventHandler(async (event) => {
}
const body = await readBody(event)
const { userId, role } = body
const { userId, roles } = body
if (!['mitglied', 'vorstand', 'admin'].includes(role)) {
const validRoles = ['mitglied', 'vorstand', 'admin', 'newsletter']
const rolesArray = Array.isArray(roles) ? roles : (roles ? [roles] : ['mitglied'])
if (!rolesArray.every(r => validRoles.includes(r))) {
throw createError({
statusCode: 400,
message: 'Ungültige Rolle'
message: 'Ungültige Rolle(n)'
})
}
@@ -32,7 +35,11 @@ export default defineEventHandler(async (event) => {
})
}
user.role = role
// Migriere Benutzer falls nötig
migrateUserRoles(user)
// Setze Rollen
user.roles = rolesArray
const updatedUsers = users.map(u => u.id === userId ? user : u)
await writeUsers(updatedUsers)