Harden access control and restore customer admin pages

2026-03-13 08:52:04 +01:00
parent eb699666d9
commit c7362a553b
14 changed files with 307 additions and 79 deletions
--- a/frontend/src/App.tsx
+++ b/frontend/src/App.tsx
@@ -16,6 +16,7 @@ import UserManagementPage from "./pages/UserManagementPage";

 function ProtectedRoutes() {
  const { user, ready } = useSession();
+  const isAdmin = user?.role === "ADMIN";

  if (!ready) {
    return <div className="empty-state">Sitzung wird geladen ...</div>;
@@ -34,7 +35,7 @@ function ProtectedRoutes() {
        <Route path="/samples/:sampleId/anamnesis" element={<AnamnesisPage />} />
        <Route path="/samples/:sampleId/antibiogram" element={<AntibiogramPage />} />
        <Route path="/samples/:sampleId/therapy" element={<TherapyPage />} />
-        <Route path="/admin" element={<Navigate to="/admin/landwirte" replace />} />
+        <Route path="/admin" element={<Navigate to={isAdmin ? "/admin/landwirte" : "/admin/benutzer"} replace />} />
        <Route path="/admin/benutzer" element={<UserManagementPage />} />
        <Route path="/admin/landwirte" element={<AdministrationPage />} />
        <Route path="/admin/medikamente" element={<AdministrationPage />} />