hide admin elements in navbar when not permitted

2025-06-02 10:03:59 -07:00
parent 937ab7d5c4
commit 17ebd471e8
2 changed files with 51 additions and 29 deletions
--- a/apps/hub/app/_components/Nav.tsx
+++ b/apps/hub/app/_components/Nav.tsx
@@ -8,8 +8,15 @@ import {
 } from "@radix-ui/react-icons";
 import Link from "next/link";
 import { WarningAlert } from "./ui/PageAlert";
+import { getServerSession } from "api/auth/[...nextauth]/auth";
+import { Error } from "./Error";

-export const VerticalNav = () => {
+export const VerticalNav = async () => {
+	const session = await getServerSession();
+	if (!session?.user) return <Error statusCode={401} title="Benutzer nicht authentifiziert!" />;
+	const viewAdminMenu = session.user.permissions.some((p) => {
+		return p.startsWith("ADMIN");
+	});
 	return (
 		<ul className="menu w-64 bg-base-300 p-3 rounded-lg shadow-md font-semibold">
 			<li>
@@ -35,34 +42,48 @@ export const VerticalNav = () => {
 					Einstellungen
 				</Link>
 			</li>
-			<li>
-				<details open>
-					<summary>
-						<LockClosedIcon />
-						Admin
-					</summary>
-					<ul>
-						<li>
-							<Link href="/admin/user">Benutzer</Link>
-						</li>
-						<li>
-							<Link href="/admin/station">Stationen</Link>
-						</li>
-						<li>
-							<Link href="/admin/keyword">Stichworte</Link>
-						</li>
-						<li>
-							<Link href="/admin/event">Events</Link>
-						</li>
-						<li>
-							<Link href="/admin/message">Service Nachrichten</Link>
-						</li>
-						<li>
-							<Link href="/admin/report">Reports</Link>
-						</li>
-					</ul>
-				</details>
-			</li>
+			{viewAdminMenu && (
+				<li>
+					<details open>
+						<summary>
+							<LockClosedIcon />
+							Admin
+						</summary>
+						<ul>
+							{session.user.permissions.includes("ADMIN_USER") && (
+								<li>
+									<Link href="/admin/user">Benutzer</Link>
+								</li>
+							)}
+							{session.user.permissions.includes("ADMIN_STATION") && (
+								<li>
+									<Link href="/admin/station">Stationen</Link>
+								</li>
+							)}
+							{session.user.permissions.includes("ADMIN_KEYWORD") && (
+								<li>
+									<Link href="/admin/keyword">Stichworte</Link>
+								</li>
+							)}
+							{session.user.permissions.includes("ADMIN_EVENT") && (
+								<li>
+									<Link href="/admin/event">Events</Link>
+								</li>
+							)}
+							{session.user.permissions.includes("ADMIN_MESSAGE") && (
+								<li>
+									<Link href="/admin/message">Service Nachrichten</Link>
+								</li>
+							)}
+							{session.user.permissions.includes("ADMIN_USER") && (
+								<li>
+									<Link href="/admin/report">Reports</Link>
+								</li>
+							)}
+						</ul>
+					</details>
+				</li>
+			)}
 		</ul>
 	);
 };
--- a/packages/database/prisma/schema/user.prisma
+++ b/packages/database/prisma/schema/user.prisma
@@ -14,6 +14,7 @@ enum PERMISSION {
    AUDIO_ADMIN
    ADMIN_STATION
    ADMIN_KEYWORD
+    ADMIN_MESSAGE
    AUDIO
    PILOT
    DISPO