Update dependencies to include TinyMCE and Quill, enhance Navigation component with a new Newsletter submenu, and implement role-based access control for CMS features. Refactor user role handling to support multiple roles and improve user management functionality across various API endpoints.

2025-12-19 09:51:28 +01:00
parent baf6c59c0d
commit 435e28fd55
69 changed files with 5034 additions and 276 deletions
--- a/server/api/galerie/upload.post.js
+++ b/server/api/galerie/upload.post.js
@@ -2,7 +2,7 @@ import multer from 'multer'
 import fs from 'fs/promises'
 import path from 'path'
 import sharp from 'sharp'
-import { getUserFromToken, verifyToken } from '../../utils/auth.js'
+import { getUserFromToken, verifyToken, hasAnyRole } from '../../utils/auth.js'
 import { randomUUID } from 'crypto'

 // Handle both dev and production paths
@@ -90,7 +90,7 @@ export default defineEventHandler(async (event) => {
    }

    const user = await getUserFromToken(token)
-    if (!user || (user.role !== 'admin' && user.role !== 'vorstand')) {
+    if (!user || !hasAnyRole(user, 'admin', 'vorstand')) {
      throw createError({
        statusCode: 403,
        statusMessage: 'Keine Berechtigung zum Hochladen von Bildern'