Update dependencies to include TinyMCE and Quill, enhance Navigation component with a new Newsletter submenu, and implement role-based access control for CMS features. Refactor user role handling to support multiple roles and improve user management functionality across various API endpoints.

server/api/cms/users/approve.post.js

@@ -1,4 +1,4 @@
-import { getUserFromToken, readUsers, writeUsers } from '../../../utils/auth.js'
+import { getUserFromToken, readUsers, writeUsers, hasAnyRole, migrateUserRoles } from '../../../utils/auth.js'
 import nodemailer from 'nodemailer'
 
 export default defineEventHandler(async (event) => {
@@ -6,7 +6,7 @@ export default defineEventHandler(async (event) => {
     const token = getCookie(event, 'auth_token')
     const currentUser = await getUserFromToken(token)
 
-    if (!currentUser || (currentUser.role !== 'admin' && currentUser.role !== 'vorstand')) {
+    if (!currentUser || !hasAnyRole(currentUser, 'admin')) {
       throw createError({
         statusCode: 403,
         message: 'Zugriff verweigert'
@@ -14,7 +14,7 @@ export default defineEventHandler(async (event) => {
     }
 
     const body = await readBody(event)
-    const { userId, role } = body
+    const { userId, roles } = body
 
     const users = await readUsers()
     const user = users.find(u => u.id === userId)
@@ -26,9 +26,17 @@ export default defineEventHandler(async (event) => {
       })
     }
 
-    // Activate user and set role
+    // Migriere Benutzer falls nötig
+    migrateUserRoles(user)
+
+    // Activate user and set roles
     user.active = true
-    user.role = role || 'mitglied'
+    if (Array.isArray(roles) && roles.length > 0) {
+      user.roles = roles
+    } else {
+      // Fallback: einzelne Rolle als Array
+      user.roles = roles ? [roles] : ['mitglied']
+    }
     
     const updatedUsers = users.map(u => u.id === userId ? user : u)
     await writeUsers(updatedUsers)