fcarra/Condopay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Enhance admin access and UI for privileged users

Browse Source 
Grant 'poweruser' role access to administrative settings and sections. Update UI to reflect elevated privileges and adjust default tab navigation for these users. Modify server-side access control to include 'poweruser' alongside 'admin' for privileged routes.
This commit is contained in:
frakarr
2025-12-07 23:30:06 +01:00
parent 80d658a536
commit 0f82df517b
2 changed files with 97 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
server/server.js
View File

@@ -89,11 +89,12 @@ const authenticateToken = (req, res, next) => {
};
const requireAdmin = (req, res, next) => {
if (req.user && req.user.role === 'admin') {
// Allow both 'admin' and 'poweruser' to access administrative routes
if (req.user && (req.user.role === 'admin' || req.user.role === 'poweruser')) {
next();
} else {
console.warn(`Access denied for user ${req.user?.email} with role ${req.user?.role}`);
res.status(403).json({ message: 'Access denied: Admins only' });
res.status(403).json({ message: 'Access denied: Privileged users only' });
}
};