Update dependencies to include TinyMCE and Quill, enhance Navigation component with a new Newsletter submenu, and implement role-based access control for CMS features. Refactor user role handling to support multiple roles and improve user management functionality across various API endpoints.

2025-12-19 09:51:28 +01:00
parent baf6c59c0d
commit 435e28fd55
69 changed files with 5034 additions and 276 deletions
--- a/server/api/config.put.js
+++ b/server/api/config.put.js
@@ -1,4 +1,4 @@
-import { verifyToken, getUserById } from '../utils/auth.js'
+import { verifyToken, getUserById, hasAnyRole } from '../utils/auth.js'
 import { promises as fs } from 'fs'
 import path from 'path'

@@ -33,7 +33,7 @@ export default defineEventHandler(async (event) => {
    const user = await getUserById(decoded.id)

    // Only admin and vorstand can edit config
-    if (!user || (user.role !== 'admin' && user.role !== 'vorstand')) {
+    if (!user || !hasAnyRole(user, 'admin', 'vorstand')) {
      throw createError({
        statusCode: 403,
        message: 'Keine Berechtigung zum Bearbeiten der Konfiguration.'