From 12184c2f72d34705407e6023aaceee752f2f2e5d Mon Sep 17 00:00:00 2001
From: "Torsten Schulz (local)" <tsschulz@gmx.net>
Date: Wed, 4 Feb 2026 12:14:29 +0100
Subject: [PATCH] feat(store): normalize permissions data structure in
 loadPermissions action

- Updated the loadPermissions action to normalize the permissions data structure, ensuring default values for role, isOwner, and permissions.
- Enhanced resource permission checks by using a fallback for undefined permissions, improving robustness in access control logic.
---
 frontend/src/store.js | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/frontend/src/store.js b/frontend/src/store.js
index bb6534c..6352330 100644
--- a/frontend/src/store.js
+++ b/frontend/src/store.js
@@ -165,7 +165,13 @@ const store = createStore({
     async loadPermissions({ commit }, clubId) {
       try {
         const response = await apiClient.get(`/permissions/${clubId}`);
-        commit('setPermissions', { clubId, permissions: response.data });
+        const data = response.data || {};
+        const normalized = {
+          role: data.role ?? 'member',
+          isOwner: data.isOwner ?? false,
+          permissions: data.permissions ?? {}
+        };
+        commit('setPermissions', { clubId, permissions: normalized });
       } catch (error) {
         console.error('Error loading permissions:', error);
         // Set default permissions (read-only)
@@ -230,7 +236,8 @@ const store = createStore({
       if (!perms) return false;
       if (perms.isOwner) return true;
       if (resource === 'mytischtennis') return true; // MyTischtennis für alle
-      const resourcePerms = perms.permissions[resource];
+      const permissionsMap = perms.permissions || {};
+      const resourcePerms = permissionsMap[resource];
       if (!resourcePerms) return false;
       return resourcePerms[action] === true;
     },