Update role-based access control for user management in CMS

This commit modifies the navigation and CMS user management components to allow access for both 'admin' and 'vorstand' roles. The changes include updating the conditional rendering logic in the Navigation and index.vue files, as well as adjusting the API endpoint to reflect the new role permissions, enhancing the flexibility of user access within the CMS.

components/Navigation.vue

@@ -850,6 +850,7 @@
                   Mitgliedschaftsanträge
                 </NuxtLink>
                 <NuxtLink
+                  v-if="getAuthStore()?.hasAnyRole('admin', 'vorstand')"
                   to="/cms/benutzer"
                   class="block px-4 py-2 text-sm text-yellow-300 hover:text-white hover:bg-primary-700/50 rounded-lg transition-colors"
                   @click="isMobileMenuOpen = false"

pages/cms/index.vue

@@ -225,9 +225,9 @@
           </p>
         </NuxtLink>
 
-        <!-- Benutzerverwaltung (nur für Admin) -->
+        <!-- Benutzerverwaltung (Admin ODER Vorstand) -->
         <NuxtLink
-          v-if="authStore.hasRole('admin')"
+          v-if="authStore.hasAnyRole('admin', 'vorstand')"
           to="/cms/benutzer"
           class="bg-white p-6 rounded-xl shadow-lg border border-gray-100 hover:shadow-xl transition-all group"
         >

server/api/cms/users/list.get.js

@@ -5,7 +5,8 @@ export default defineEventHandler(async (event) => {
     const token = getCookie(event, 'auth_token')
     const currentUser = await getUserFromToken(token)
 
-    if (!currentUser || !hasAnyRole(currentUser, 'admin')) {
+    // Seite darf von Admin ODER Vorstand genutzt werden
+    if (!currentUser || !hasAnyRole(currentUser, 'admin', 'vorstand')) {
       throw createError({
         statusCode: 403,
         message: 'Zugriff verweigert'