Enhance permission management by adding caching control and improving permission parsing

Implement middleware to disable caching for permission routes, ensuring up-to-date responses. Update permission parsing logic in the backend to handle JSON strings more robustly, preventing errors during permission retrieval. Enhance the frontend PermissionsView with improved UI elements for managing permissions, including reset functionality and better state representation for actions. Ensure that only explicitly set permissions are saved, optimizing data handling.
2025-10-17 11:55:43 +02:00
parent 56f0ce2f27
commit 48bbc8015b
3 changed files with 310 additions and 28 deletions
--- a/backend/routes/permissionRoutes.js
+++ b/backend/routes/permissionRoutes.js
@@ -5,6 +5,17 @@ import permissionController from '../controllers/permissionController.js';

 const router = express.Router();

+// Middleware to disable caching for permission routes
+const noCache = (req, res, next) => {
+  res.set('Cache-Control', 'no-store, no-cache, must-revalidate, private');
+  res.set('Pragma', 'no-cache');
+  res.set('Expires', '0');
+  next();
+};
+
+// Apply no-cache to all routes
+router.use(noCache);
+
 // Get available roles (no club context needed)
 router.get('/roles/available', authenticate, permissionController.getAvailableRoles);

--- a/backend/services/permissionService.js
+++ b/backend/services/permissionService.js
@@ -26,7 +26,7 @@ const ROLE_PERMISSIONS = {
    diary: { read: true, write: true, delete: true },
    members: { read: true, write: true, delete: false },
    teams: { read: true, write: true, delete: false },
-    schedule: { read: true, write: true, delete: false },
+    schedule: { read: true, write: false, delete: false },
    tournaments: { read: true, write: true, delete: false },
    statistics: { read: true, write: false },
    settings: { read: false, write: false },
@@ -266,15 +266,30 @@ class PermissionService {
      }]
    });

-    return userClubs.map(uc => ({
-      userId: uc.userId,
-      user: uc.user,
-      role: uc.role,
-      isOwner: uc.isOwner,
-      approved: uc.approved,
-      permissions: uc.permissions,
-      effectivePermissions: this.getEffectivePermissions(uc)
-    }));
+    return userClubs.map(uc => {
+      // Parse permissions JSON string to object
+      let parsedPermissions = null;
+      if (uc.permissions) {
+        try {
+          parsedPermissions = typeof uc.permissions === 'string' 
+            ? JSON.parse(uc.permissions) 
+            : uc.permissions;
+        } catch (err) {
+          console.error('Error parsing permissions JSON:', err);
+          parsedPermissions = null;
+        }
+      }
+
+      return {
+        userId: uc.userId,
+        user: uc.user,
+        role: uc.role,
+        isOwner: uc.isOwner,
+        approved: uc.approved,
+        permissions: parsedPermissions,
+        effectivePermissions: this.getEffectivePermissions(uc)
+      };
+    });
  }

  /**
@@ -286,7 +301,19 @@ class PermissionService {
    }

    const rolePermissions = ROLE_PERMISSIONS[userClub.role] || ROLE_PERMISSIONS.member;
-    const customPermissions = userClub.permissions || {};
+    
+    // Parse permissions JSON string to object
+    let customPermissions = {};
+    if (userClub.permissions) {
+      try {
+        customPermissions = typeof userClub.permissions === 'string' 
+          ? JSON.parse(userClub.permissions) 
+          : userClub.permissions;
+      } catch (err) {
+        console.error('Error parsing permissions JSON in getEffectivePermissions:', err);
+        customPermissions = {};
+      }
+    }
    
    return this.mergePermissions(rolePermissions, customPermissions);
  }