From e079fe4827675039fdaf2585967cb0aaf4990701 Mon Sep 17 00:00:00 2001
From: "Torsten Schulz (local)" <tsschulz@gmx.net>
Date: Wed, 4 Feb 2026 13:19:42 +0100
Subject: [PATCH] feat(club): improve club access logic and refactor API calls

- Added methods to retrieve club ID and check access permissions based on user roles and permissions.
- Refactored API calls in loadClub, loadOpenRequests, and requestAccess methods to utilize the new club ID retrieval logic.
- Enhanced error handling in loadClub to manage access denial more effectively.
---
 frontend/src/views/ClubView.vue | 27 +++++++++++++++++++++------
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/frontend/src/views/ClubView.vue b/frontend/src/views/ClubView.vue
index 4e8c3555..bcc85120 100644
--- a/frontend/src/views/ClubView.vue
+++ b/frontend/src/views/ClubView.vue
@@ -110,19 +110,33 @@ export default {
             this.confirmDialog.isOpen = false;
         },
         
+        getClubId() {
+            return this.currentClub || this.$route.params.clubId;
+        },
+        canAccessClub() {
+            return this.isClubOwner || this.userRole === 'admin'
+                || this.hasPermission('members', 'read')
+                || this.hasPermission('diary', 'read')
+                || this.hasPermission('statistics', 'read')
+                || this.hasPermission('tournaments', 'read')
+                || this.hasPermission('schedule', 'read');
+        },
         async loadClub() {
             try {
-                const response = await apiClient.get(`/clubs/${this.currentClub}`);
-                this.club = response.data;
-                this.accessAllowed = true;
+                const clubId = this.getClubId();
+                const response = await apiClient.get(`/clubs/${clubId}`);
+                this.club = response.data || { name: '' };
+                this.accessAllowed = this.canAccessClub();
             } catch (error) {
+                this.accessAllowed = false;
                 const message = safeErrorMessage(error, this.$t('club.accessDenied'));
                 await this.showInfo(this.$t('messages.error'), message, '', 'error');
             }
         },
         async loadOpenRequests() {
             try {
-                const response = await apiClient.get(`/clubmembers/notapproved/${this.currentClub}`);
+                const clubId = this.getClubId();
+                const response = await apiClient.get(`/clubmembers/notapproved/${clubId}`);
                 this.openRequests = response.data;
             } catch (error) {
                 this.showInfo(this.$t('messages.error'), this.$t('club.errorLoadingRequests'), '', 'error');
@@ -130,7 +144,8 @@ export default {
         }, 
         async requestAccess() {
             try {
-                const response = await apiClient.get(`/clubs/request/${this.currentClub}`);
+                const clubId = this.getClubId();
+                const response = await apiClient.get(`/clubs/request/${clubId}`);
                 if (response.status === 200) {
                     await this.showInfo(this.$t('messages.info'), this.$t('club.accessRequested'), '', 'info');
                 }
@@ -155,7 +170,7 @@ export default {
         }
     },
     computed: {
-        ...mapGetters(['isAuthenticated', 'currentClub', 'clubs']),
+        ...mapGetters(['isAuthenticated', 'currentClub', 'clubs', 'hasPermission', 'isClubOwner', 'userRole']),
         displayedMembers() {
             const members = Array.isArray(this.club.members) ? this.club.members : [];
             const onlyActive = members.filter(m => m && (m.active === true));