From 35d3cae45db2db3a23a4d2b1b3af432b61304a0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20MARQUET?= Date: Sat, 25 Oct 2025 16:17:00 +0200 Subject: [PATCH] feat: extend user role access to include ADMIN for fetching users and route access --- app/admin/page.tsx | 66 ++++++++++++++++++++++-------------------- app/api/users/route.ts | 2 +- 2 files changed, 36 insertions(+), 32 deletions(-) diff --git a/app/admin/page.tsx b/app/admin/page.tsx index ae881c6..0626a69 100644 --- a/app/admin/page.tsx +++ b/app/admin/page.tsx @@ -110,7 +110,7 @@ export default function AdminPage() { }, [session, status, router]); useEffect(() => { - if (session?.user?.role === 'SUPER_ADMIN') { + if (session?.user?.role === 'SUPER_ADMIN' || session?.user?.role === 'ADMIN') { fetchUsers(); } }, [session]); @@ -508,37 +508,41 @@ export default function AdminPage() { {userMap[userId]?.name} {formatHours(total)} - {userMap[userId]?.role === 'SUPER_ADMIN' ? ( - 'Super Admin' + {isSuperAdmin ? ( + userMap[userId]?.role === 'SUPER_ADMIN' ? ( + 'Super Admin' + ) : ( + <> + + + + ) ) : ( - <> - - - + userMap[userId]?.role === 'SUPER_ADMIN' ? 'Gestionnaire' : userMap[userId]?.role === 'ADMIN' ? 'Bureau' : 'Membre' )} diff --git a/app/api/users/route.ts b/app/api/users/route.ts index 160a118..0fb41e7 100644 --- a/app/api/users/route.ts +++ b/app/api/users/route.ts @@ -7,7 +7,7 @@ export const dynamic = 'force-dynamic'; export async function GET(request: NextRequest) { const session = await getServerSession(authOptions); - if (!session || session.user.role !== 'SUPER_ADMIN') { + if (!session || (session.user.role !== 'ADMIN' && session.user.role !== 'SUPER_ADMIN')) { return NextResponse.json({ error: 'Accès refusé' }, { status: 403 }); }