Added admin permission check

2025-03-17 22:07:52 -07:00
parent 51d6363e95
commit 3e7391d255
5 changed files with 81 additions and 2 deletions
--- a/apps/hub/app/(app)/admin/event/layout.tsx
+++ b/apps/hub/app/(app)/admin/event/layout.tsx
@@ -0,0 +1,20 @@
+import { prisma } from "@repo/db";
+import { Error } from "_components/Error";
+import { getServerSession } from "api/auth/[...nextauth]/auth";
+
+export default async ({ children }: { children: React.ReactNode }) => {
+	const session = await getServerSession();
+
+	if (!session) return <Error title="Nicht eingeloggt" statusCode={401} />;
+
+	const user = await prisma.user.findUnique({
+		where: {
+			id: session.user.id,
+		},
+	});
+
+	if (!user?.permissions.includes("ADMIN_EVENT"))
+		return <Error title="Keine Berechtigung" statusCode={403} />;
+
+	return <>{children}</>;
+};
--- a/apps/hub/app/(app)/admin/station/layout.tsx
+++ b/apps/hub/app/(app)/admin/station/layout.tsx
@@ -0,0 +1,20 @@
+import { prisma } from "@repo/db";
+import { Error } from "_components/Error";
+import { getServerSession } from "api/auth/[...nextauth]/auth";
+
+export default async ({ children }: { children: React.ReactNode }) => {
+	const session = await getServerSession();
+
+	if (!session) return <Error title="Nicht eingeloggt" statusCode={401} />;
+
+	const user = await prisma.user.findUnique({
+		where: {
+			id: session.user.id,
+		},
+	});
+
+	if (!user?.permissions.includes("ADMIN_STATION"))
+		return <Error title="Keine Berechtigung" statusCode={403} />;
+
+	return <>{children}</>;
+};
--- a/apps/hub/app/(app)/admin/user/layout.tsx
+++ b/apps/hub/app/(app)/admin/user/layout.tsx
@@ -0,0 +1,20 @@
+import { prisma } from "@repo/db";
+import { Error } from "_components/Error";
+import { getServerSession } from "api/auth/[...nextauth]/auth";
+
+export default async ({ children }: { children: React.ReactNode }) => {
+	const session = await getServerSession();
+
+	if (!session) return <Error title="Nicht eingeloggt" statusCode={401} />;
+
+	const user = await prisma.user.findUnique({
+		where: {
+			id: session.user.id,
+		},
+	});
+
+	if (!user?.permissions.includes("ADMIN_USER"))
+		return <Error title="Keine Berechtigung" statusCode={403} />;
+
+	return <>{children}</>;
+};
--- a/apps/hub/app/_components/Error.tsx
+++ b/apps/hub/app/_components/Error.tsx
@@ -7,5 +7,23 @@ export const Error = ({
 	statusCode: number;
 	title: string;
 }) => {
-	return <Error statusCode={404} title="User not found" />;
+	return (
+		<div className="flex items-center justify-center ">
+			<div className="shadow-lg rounded-2xl p-8 text-center max-w-md w-full	">
+				<h1 className="text-6xl font-bold text-red-500">{statusCode}</h1>
+				<p className="text-xl font-semibold mt-4">
+					Oh nein! Ein Fehler ist aufgetreten.
+				</p>
+				<p className="text-gray-600 mt-2">
+					{title || "Ein unerwarteter Fehler ist aufgetreten."}
+				</p>
+				<button
+					onClick={() => window.location.reload()}
+					className="btn btn-dash my-2"
+				>
+					Refresh Page
+				</button>
+			</div>
+		</div>
+	);
 };
--- a/packages/database/prisma/schema/user.prisma
+++ b/packages/database/prisma/schema/user.prisma
@@ -11,8 +11,9 @@ enum BADGES {
 enum PERMISSION {
    ADMIN_EVENT
    ADMIN_USER
-    AUDIO
    AUDIO_ADMIN
+    ADMIN_STATION
+    AUDIO
    PILOT
    DISPO
 }