Füge Unterstützung für Kontaktanfragen hinzu, einschließlich neuer Routen und Berechtigungen für Trainer und Vorstand. Aktualisiere E-Mail-Versandlogik, um Anfragen an alle relevanten Empfänger weiterzuleiten.

2026-02-26 14:28:54 +01:00
parent ff8c1970df
commit 46c2c14ae8
15 changed files with 612 additions and 54 deletions
--- a/server/api/cms/contact-requests.get.js
+++ b/server/api/cms/contact-requests.get.js
@@ -0,0 +1,17 @@
+import { getUserFromToken, hasAnyRole } from '../../utils/auth.js'
+import { readContactRequests } from '../../utils/contact-requests.js'
+
+export default defineEventHandler(async (event) => {
+  const token = getCookie(event, 'auth_token')
+  const currentUser = token ? await getUserFromToken(token) : null
+
+  if (!currentUser || !hasAnyRole(currentUser, 'admin', 'vorstand', 'trainer')) {
+    throw createError({
+      statusCode: 403,
+      statusMessage: 'Zugriff verweigert'
+    })
+  }
+
+  const requests = await readContactRequests()
+  return requests
+})