hide admin elements in navbar when not permitted

2025-06-02 10:03:59 -07:00
parent 937ab7d5c4
commit 17ebd471e8
2 changed files with 51 additions and 29 deletions
--- a/apps/hub/app/_components/Nav.tsx
+++ b/apps/hub/app/_components/Nav.tsx
@@ -8,8 +8,15 @@ import {
 } from "@radix-ui/react-icons";
 import Link from "next/link";
 import { WarningAlert } from "./ui/PageAlert";
 import { getServerSession } from "api/auth/[...nextauth]/auth";
 import { Error } from "./Error";
-export const VerticalNav = () => {
+export const VerticalNav = async () => {
 	const session = await getServerSession();
 	if (!session?.user) return <Error statusCode={401} title="Benutzer nicht authentifiziert!" />;
 	const viewAdminMenu = session.user.permissions.some((p) => {
 		return p.startsWith("ADMIN");
 	});
 	return (
 		<ul className="menu w-64 bg-base-300 p-3 rounded-lg shadow-md font-semibold">
 			<li>
@@ -35,34 +42,48 @@ export const VerticalNav = () => {
 					Einstellungen
 				</Link>
 			</li>
-			<li>
+			{viewAdminMenu && (
-				<details open>
+				<li>
-					<summary>
+					<details open>
-						<LockClosedIcon />
+						<summary>
-						Admin
+							<LockClosedIcon />
-					</summary>
+							Admin
-					<ul>
+						</summary>
-						<li>
+						<ul>
-							<Link href="/admin/user">Benutzer</Link>
+							{session.user.permissions.includes("ADMIN_USER") && (
-						</li>
+								<li>
-						<li>
+									<Link href="/admin/user">Benutzer</Link>
-							<Link href="/admin/station">Stationen</Link>
+								</li>
-						</li>
+							)}
-						<li>
+							{session.user.permissions.includes("ADMIN_STATION") && (
-							<Link href="/admin/keyword">Stichworte</Link>
+								<li>
-						</li>
+									<Link href="/admin/station">Stationen</Link>
-						<li>
+								</li>
-							<Link href="/admin/event">Events</Link>
+							)}
-						</li>
+							{session.user.permissions.includes("ADMIN_KEYWORD") && (
-						<li>
+								<li>
-							<Link href="/admin/message">Service Nachrichten</Link>
+									<Link href="/admin/keyword">Stichworte</Link>
-						</li>
+								</li>
-						<li>
+							)}
-							<Link href="/admin/report">Reports</Link>
+							{session.user.permissions.includes("ADMIN_EVENT") && (
-						</li>
+								<li>
-					</ul>
+									<Link href="/admin/event">Events</Link>
-				</details>
+								</li>
-			</li>
+							)}
 							{session.user.permissions.includes("ADMIN_MESSAGE") && (
 								<li>
 									<Link href="/admin/message">Service Nachrichten</Link>
 								</li>
 							)}
 							{session.user.permissions.includes("ADMIN_USER") && (
 								<li>
 									<Link href="/admin/report">Reports</Link>
 								</li>
 							)}
 						</ul>
 					</details>
 				</li>
 			)}
 		</ul>
 	);
 };
--- a/packages/database/prisma/schema/user.prisma
+++ b/packages/database/prisma/schema/user.prisma
@@ -14,6 +14,7 @@ enum PERMISSION {
    AUDIO_ADMIN
    ADMIN_STATION
    ADMIN_KEYWORD
    ADMIN_MESSAGE
    AUDIO
    PILOT
    DISPO